Esempio n. 1
0
        public void PasswordHash_Encode()
        {
            var hashes = new[]
            {
                PasswordHashProvider.EncodePassword("Password1", new TestPasswordSaltProvider("Salt1")),
                PasswordHashProvider.EncodePassword("Password1", new TestPasswordSaltProvider("Salt2")),
                PasswordHashProvider.EncodePassword("Password2", new TestPasswordSaltProvider("Salt1")),
                PasswordHashProvider.EncodePassword("Password2", new TestPasswordSaltProvider("Salt2")),

                PasswordHashProvider.EncodePassword("Password1", new TestPasswordSaltProvider("Salt1")),
                PasswordHashProvider.EncodePassword("Password1", new TestPasswordSaltProvider("Salt2")),
                PasswordHashProvider.EncodePassword("Password2", new TestPasswordSaltProvider("Salt1")),
                PasswordHashProvider.EncodePassword("Password2", new TestPasswordSaltProvider("Salt2")),
            };

            Assert.AreNotEqual(hashes[0], hashes[1]); // same password, different salt
            Assert.AreNotEqual(hashes[0], hashes[2]); // different password, same salt
            Assert.AreNotEqual(hashes[0], hashes[3]); // different password, different salt
            for (int i = 0; i < 4; i++)
            {
                Assert.AreNotEqual(hashes[i], hashes[i + 4]); // not equal even if created by same params.
            }
            Assert.IsTrue(PasswordHashProvider.CheckPassword("Password1", hashes[0], new TestPasswordSaltProvider("Salt1")));
            Assert.IsTrue(PasswordHashProvider.CheckPassword("Password1", hashes[1], new TestPasswordSaltProvider("Salt2")));
            Assert.IsTrue(PasswordHashProvider.CheckPassword("Password2", hashes[2], new TestPasswordSaltProvider("Salt1")));
            Assert.IsTrue(PasswordHashProvider.CheckPassword("Password2", hashes[3], new TestPasswordSaltProvider("Salt2")));
        }
Esempio n. 2
0
        public override void Save(NodeSaveSettings settings)
        {
            // Check uniqueness first
            if (Id == 0 || PropertyNamesForCheckUniqueness.Any(p => IsPropertyChanged(p)))
            {
                CheckUniqueUser();
            }

            if (_password != null)
            {
                this.PasswordHash = PasswordHashProvider.EncodePassword(_password, this);
            }

            Domain = GenerateDomain();

            var originalId = this.Id;

            // save current password to the list of old passwords
            this.SaveCurrentPassword();

            base.Save(settings);

            // AD Sync
            SynchUser(originalId);

            if (originalId == 0)
            {
                // set creator for performant self permission setting
                // creator of the user will always be the user itself. this way setting permissions to the creators group on /Root/IMS will be adequate for user permissions
                // if you need the original creator, use the auditlog
                Retrier.Retry(3, 200, typeof(Exception), () =>
                {
                    // need to clear this flag to avoid getting an 'Id <> 0' error during copying
                    this.CopyInProgress   = false;
                    this.CreatedBy        = this;
                    this.Owner            = this;
                    this.VersionCreatedBy = this;
                    this.DisableObserver(TypeResolver.GetType(NodeObserverNames.NOTIFICATION, false));
                    this.DisableObserver(TypeResolver.GetType(NodeObserverNames.WORKFLOWNOTIFICATION, false));

                    base.Save(SavingMode.KeepVersion);
                });

                // create profile
                if (IdentityManagement.UserProfilesEnabled)
                {
                    CreateProfile();
                }
            }
        }
Esempio n. 3
0
        public override void Save(NodeSaveSettings settings)
        {
            // Check uniqueness first
            CheckUniqueUser();
            if (base.IsPropertyChanged("CreationDate"))
            {
                if (_password != null)
                {
                    this.PasswordHash = PasswordHashProvider.EncodePassword(_password, this);
                }
            }

            Domain = GenerateDomain();

            var originalId = this.Id;

            // save current password to the list of old passwords
            this.SaveCurrentPassword();

            base.Save(settings);

            // AD Sync
            SynchUser(originalId);

            // set creator for performant self permission setting
            // creator of the user will always be the user itself. this way setting permissions to the creators group on /Root/IMS will be adequate for user permissions
            // if you need the original creator, use the auditlog
            if (originalId == 0)
            {
                //need to clear this flag to avoid getting an 'Id <> 0' error during copying
                this.CopyInProgress   = false;
                this.CreatedBy        = this;
                this.VersionCreatedBy = this;
                this.DisableObserver(TypeHandler.GetType(NodeObserverNames.NOTIFICATION));
                this.DisableObserver(TypeHandler.GetType(NodeObserverNames.WORKFLOWNOTIFICATION));

                base.Save(SavingMode.KeepVersion);
            }

            // create profiles
            if (originalId == 0 && Repository.UserProfilesEnabled)
            {
                CreateProfile();
            }
        }
Esempio n. 4
0
        public bool CheckPasswordMatch(string passwordInClearText)
        {
            var match = false;

            try
            {
                // Check with the configured provider.
                match = PasswordHashProvider.CheckPassword(passwordInClearText, this.PasswordHash, this);
            }
            catch (SaltParseException)
            {
                // Keep 'match = false' and do not do other thing.
            }

            // If the migration is not enabled, shorting: return with the result.
            if (!Configuration.Security.EnablePasswordHashMigration)
            {
                return(match);
            }

            // If password was matched the migration is not needed.
            if (match)
            {
                return(true);
            }

            // Not match and migration is enabled.

            // Check with the outdated provider
            if (!PasswordHashProvider.CheckPasswordForMigration(passwordInClearText, this.PasswordHash, this))
            {
                // If does not match, game over.
                return(false);
            }

            // Migration: generating a new hash with the configured provider and salt.
            this.PasswordHash = PasswordHashProvider.EncodePassword(passwordInClearText, this);

            using (new SystemAccount())
                Save(SavingMode.KeepVersion);

            return(true);
        }
Esempio n. 5
0
 public static string EncodePassword(string passwordInClearText, IPasswordSaltProvider saltProvider)
 {
     return(PasswordHashProvider.EncodePassword(passwordInClearText, saltProvider));
 }