/// <summary>Updates the user authentication.</summary>
///
/// <param name="existingUser">The existing user.</param>
/// <param name="newUser"> The new user.</param>
/// <param name="password"> The password.</param>
///
/// <returns>An UserAuth.</returns>
public UserAuth UpdateUserAuth(UserAuth existingUser, UserAuth newUser, string password)
{
ValidateNewUser(newUser, password);
return(dbFactory.Run(db => {
AssertNoExistingUser(db, newUser, existingUser);
var hash = existingUser.PasswordHash;
var salt = existingUser.Salt;
if (password != null)
{
passwordHasher.GetHashAndSaltString(password, out hash, out salt);
}
// If either one changes the digest hash has to be recalculated
var digestHash = existingUser.DigestHa1Hash;
if (password != null || existingUser.UserName != newUser.UserName)
{
var digestHelper = new DigestAuthFunctions();
digestHash = digestHelper.CreateHa1(newUser.UserName, DigestAuthProvider.Realm, password);
}
newUser.Id = existingUser.Id;
newUser.PasswordHash = hash;
newUser.Salt = salt;
newUser.DigestHa1Hash = digestHash;
newUser.CreatedDate = existingUser.CreatedDate;
newUser.ModifiedDate = DateTime.UtcNow;
db.Save(newUser);
return newUser;
}));
}
/// <summary>Executes the failed authentication action.</summary>
///
/// <param name="session">The session.</param>
/// <param name="httpReq">The HTTP request.</param>
/// <param name="httpRes">The HTTP resource.</param>
public override void OnFailedAuthentication(IAuthSession session, IHttpRequest httpReq, IHttpResponse httpRes)
{
var digestHelper = new DigestAuthFunctions();
httpRes.StatusCode = (int)HttpStatusCode.Unauthorized;
httpRes.AddHeader(HttpHeaders.WwwAuthenticate, "{0} realm=\"{1}\", nonce=\"{2}\", qop=\"auth\"".Fmt(Provider, AuthRealm, digestHelper.GetNonce(httpReq.UserHostAddress, PrivateKey)));
httpRes.EndRequest();
}
/// <summary>Updates the user authentication.</summary>
///
/// <param name="existingUser">The existing user.</param>
/// <param name="newUser"> The new user.</param>
/// <param name="password"> The password.</param>
///
/// <returns>An UserAuth.</returns>
public UserAuth UpdateUserAuth(UserAuth existingUser, UserAuth newUser, string password)
{
ValidateNewUser(newUser, password);
using (var redis = factory.GetClient())
{
AssertNoExistingUser(redis, newUser, existingUser);
if (existingUser.UserName != newUser.UserName && existingUser.UserName != null)
{
redis.RemoveEntryFromHash(IndexUserNameToUserId, existingUser.UserName);
}
if (existingUser.Email != newUser.Email && existingUser.Email != null)
{
redis.RemoveEntryFromHash(IndexEmailToUserId, existingUser.Email);
}
var hash = existingUser.PasswordHash;
var salt = existingUser.Salt;
if (password != null)
{
var saltedHash = new SaltedHash();
saltedHash.GetHashAndSaltString(password, out hash, out salt);
}
// If either one changes the digest hash has to be recalculated
var digestHash = existingUser.DigestHa1Hash;
if (password != null || existingUser.UserName != newUser.UserName)
{
var digestHelper = new DigestAuthFunctions();
digestHash = digestHelper.CreateHa1(newUser.UserName, DigestAuthProvider.Realm, password);
}
newUser.Id = existingUser.Id;
newUser.PasswordHash = hash;
newUser.Salt = salt;
newUser.CreatedDate = existingUser.CreatedDate;
newUser.ModifiedDate = DateTime.UtcNow;
var userId = newUser.Id.ToString(CultureInfo.InvariantCulture);
if (!newUser.UserName.IsNullOrEmpty())
{
redis.SetEntryInHash(IndexUserNameToUserId, newUser.UserName, userId);
}
if (!newUser.Email.IsNullOrEmpty())
{
redis.SetEntryInHash(IndexEmailToUserId, newUser.Email, userId);
}
redis.Store(newUser);
return(newUser);
}
}
/// <summary>Attempts to authenticate from the given data.</summary>
///
/// <param name="digestHeaders">The digest headers.</param>
/// <param name="PrivateKey"> The private key.</param>
/// <param name="NonceTimeOut"> The nonce time out.</param>
/// <param name="sequence"> The sequence.</param>
/// <param name="userAuth"> The user authentication.</param>
///
/// <returns>true if it succeeds, false if it fails.</returns>
public bool TryAuthenticate(Dictionary <string, string> digestHeaders, string PrivateKey, int NonceTimeOut, string sequence, out UserAuth userAuth)
{
userAuth = GetUserAuthByUserName(digestHeaders["username"]);
if (userAuth == null)
{
return(false);
}
var digestHelper = new DigestAuthFunctions();
if (digestHelper.ValidateResponse(digestHeaders, PrivateKey, NonceTimeOut, userAuth.DigestHa1Hash, sequence))
{
return(true);
}
userAuth = null;
return(false);
}
/// <summary>Creates user authentication.</summary>
///
/// <param name="newUser"> The new user.</param>
/// <param name="password">The password.</param>
///
/// <returns>The new user authentication.</returns>
public UserAuth CreateUserAuth(UserAuth newUser, string password)
{
ValidateNewUser(newUser, password);
return(dbFactory.Run(db => {
AssertNoExistingUser(db, newUser);
string salt;
string hash;
passwordHasher.GetHashAndSaltString(password, out hash, out salt);
var digestHelper = new DigestAuthFunctions();
newUser.DigestHa1Hash = digestHelper.CreateHa1(newUser.UserName, DigestAuthProvider.Realm, password);
newUser.PasswordHash = hash;
newUser.Salt = salt;
newUser.CreatedDate = DateTime.UtcNow;
newUser.ModifiedDate = newUser.CreatedDate;
db.Insert(newUser);
newUser = db.GetById <UserAuth>(db.GetLastInsertId());
return newUser;
}));
}
/// <summary>Creates user authentication.</summary>
///
/// <param name="newUser"> The new user.</param>
/// <param name="password">The password.</param>
///
/// <returns>The new user authentication.</returns>
public virtual UserAuth CreateUserAuth(UserAuth newUser, string password)
{
ValidateNewUser(newUser, password);
using (var redis = factory.GetClient())
{
AssertNoExistingUser(redis, newUser);
var saltedHash = new SaltedHash();
string salt;
string hash;
saltedHash.GetHashAndSaltString(password, out hash, out salt);
newUser.Id = redis.As <UserAuth>().GetNextSequence();
newUser.PasswordHash = hash;
newUser.Salt = salt;
var digestHelper = new DigestAuthFunctions();
newUser.DigestHa1Hash = digestHelper.CreateHa1(newUser.UserName, DigestAuthProvider.Realm, password);
newUser.CreatedDate = DateTime.UtcNow;
newUser.ModifiedDate = newUser.CreatedDate;
var userId = newUser.Id.ToString(CultureInfo.InvariantCulture);
if (!newUser.UserName.IsNullOrEmpty())
{
redis.SetEntryInHash(IndexUserNameToUserId, newUser.UserName, userId);
}
if (!newUser.Email.IsNullOrEmpty())
{
redis.SetEntryInHash(IndexEmailToUserId, newUser.Email, userId);
}
redis.Store(newUser);
return(newUser);
}
}
/// <summary>Attempts to authenticate from the given data.</summary>
///
/// <param name="digestHeaders">The digest headers.</param>
/// <param name="PrivateKey"> The private key.</param>
/// <param name="NonceTimeOut"> The nonce time out.</param>
/// <param name="sequence"> The sequence.</param>
/// <param name="userAuth"> The user authentication.</param>
///
/// <returns>true if it succeeds, false if it fails.</returns>
public bool TryAuthenticate (Dictionary<string, string> digestHeaders, string PrivateKey, int NonceTimeOut, string sequence, out UserAuth userAuth)
{
userAuth = GetUserAuthByUserName(digestHeaders["username"]);
if (userAuth == null) return false;
var digestHelper = new DigestAuthFunctions();
if (digestHelper.ValidateResponse(digestHeaders, PrivateKey, NonceTimeOut, userAuth.DigestHa1Hash,sequence))
{
return true;
}
userAuth = null;
return false;
}
/// <summary>Updates the user authentication.</summary>
///
/// <param name="existingUser">The existing user.</param>
/// <param name="newUser"> The new user.</param>
/// <param name="password"> The password.</param>
///
/// <returns>An UserAuth.</returns>
public UserAuth UpdateUserAuth(UserAuth existingUser, UserAuth newUser, string password)
{
ValidateNewUser(newUser, password);
using (var redis = factory.GetClient())
{
AssertNoExistingUser(redis, newUser, existingUser);
if (existingUser.UserName != newUser.UserName && existingUser.UserName != null)
{
redis.RemoveEntryFromHash(IndexUserNameToUserId, existingUser.UserName);
}
if (existingUser.Email != newUser.Email && existingUser.Email != null)
{
redis.RemoveEntryFromHash(IndexEmailToUserId, existingUser.Email);
}
var hash = existingUser.PasswordHash;
var salt = existingUser.Salt;
if (password != null)
{
var saltedHash = new SaltedHash();
saltedHash.GetHashAndSaltString(password, out hash, out salt);
}
// If either one changes the digest hash has to be recalculated
var digestHash = existingUser.DigestHa1Hash;
if (password != null || existingUser.UserName != newUser.UserName)
{
var digestHelper = new DigestAuthFunctions();
digestHash = digestHelper.CreateHa1(newUser.UserName, DigestAuthProvider.Realm, password);
}
newUser.Id = existingUser.Id;
newUser.PasswordHash = hash;
newUser.Salt = salt;
newUser.CreatedDate = existingUser.CreatedDate;
newUser.ModifiedDate = DateTime.UtcNow;
var userId = newUser.Id.ToString(CultureInfo.InvariantCulture);
if (!newUser.UserName.IsNullOrEmpty())
redis.SetEntryInHash(IndexUserNameToUserId, newUser.UserName, userId);
if (!newUser.Email.IsNullOrEmpty())
redis.SetEntryInHash(IndexEmailToUserId, newUser.Email, userId);
redis.Store(newUser);
return newUser;
}
}
/// <summary>Creates user authentication.</summary>
///
/// <param name="newUser"> The new user.</param>
/// <param name="password">The password.</param>
///
/// <returns>The new user authentication.</returns>
public virtual UserAuth CreateUserAuth(UserAuth newUser, string password)
{
ValidateNewUser(newUser, password);
using (var redis = factory.GetClient())
{
AssertNoExistingUser(redis, newUser);
var saltedHash = new SaltedHash();
string salt;
string hash;
saltedHash.GetHashAndSaltString(password, out hash, out salt);
newUser.Id = redis.As<UserAuth>().GetNextSequence();
newUser.PasswordHash = hash;
newUser.Salt = salt;
var digestHelper = new DigestAuthFunctions();
newUser.DigestHa1Hash = digestHelper.CreateHa1(newUser.UserName, DigestAuthProvider.Realm, password);
newUser.CreatedDate = DateTime.UtcNow;
newUser.ModifiedDate = newUser.CreatedDate;
var userId = newUser.Id.ToString(CultureInfo.InvariantCulture);
if (!newUser.UserName.IsNullOrEmpty())
redis.SetEntryInHash(IndexUserNameToUserId, newUser.UserName, userId);
if (!newUser.Email.IsNullOrEmpty())
redis.SetEntryInHash(IndexEmailToUserId, newUser.Email, userId);
redis.Store(newUser);
return newUser;
}
}
/// <summary>Creates user authentication.</summary>
///
/// <param name="newUser"> The new user.</param>
/// <param name="password">The password.</param>
///
/// <returns>The new user authentication.</returns>
public UserAuth CreateUserAuth(UserAuth newUser, string password)
{
ValidateNewUser(newUser, password);
return dbFactory.Run(db => {
AssertNoExistingUser(db, newUser);
string salt;
string hash;
passwordHasher.GetHashAndSaltString(password, out hash, out salt);
var digestHelper = new DigestAuthFunctions();
newUser.DigestHa1Hash = digestHelper.CreateHa1(newUser.UserName, DigestAuthProvider.Realm, password);
newUser.PasswordHash = hash;
newUser.Salt = salt;
newUser.CreatedDate = DateTime.UtcNow;
newUser.ModifiedDate = newUser.CreatedDate;
db.Insert(newUser);
newUser = db.GetById<UserAuth>(db.GetLastInsertId());
return newUser;
});
}
/// <summary>Updates the user authentication.</summary>
///
/// <param name="existingUser">The existing user.</param>
/// <param name="newUser"> The new user.</param>
/// <param name="password"> The password.</param>
///
/// <returns>An UserAuth.</returns>
public UserAuth UpdateUserAuth(UserAuth existingUser, UserAuth newUser, string password)
{
ValidateNewUser(newUser, password);
return dbFactory.Run(db => {
AssertNoExistingUser(db, newUser, existingUser);
var hash = existingUser.PasswordHash;
var salt = existingUser.Salt;
if (password != null)
{
passwordHasher.GetHashAndSaltString(password, out hash, out salt);
}
// If either one changes the digest hash has to be recalculated
var digestHash = existingUser.DigestHa1Hash;
if (password != null || existingUser.UserName != newUser.UserName)
{
var digestHelper = new DigestAuthFunctions();
digestHash = digestHelper.CreateHa1(newUser.UserName, DigestAuthProvider.Realm, password);
}
newUser.Id = existingUser.Id;
newUser.PasswordHash = hash;
newUser.Salt = salt;
newUser.DigestHa1Hash = digestHash;
newUser.CreatedDate = existingUser.CreatedDate;
newUser.ModifiedDate = DateTime.UtcNow;
db.Save(newUser);
return newUser;
});
}