/// <summary> /// Handles the click event of the btnGenerate control /// </summary> /// <param name="sender"></param> /// <param name="e"></param> protected void btnGenerate_Click(object sender, EventArgs e) { if (!Page.IsValid) { return; } pnlPhoneNumber.Visible = false; var smsAuthentication = new SMSAuthentication(); var success = smsAuthentication.SendSMSAuthentication(GetPhoneNumber()); if (success) { pnlCode.Visible = true; } else { lbResolve.Text = GetAttributeValue("ResolveMessage"); pnlResolve.Visible = true; if (!string.IsNullOrWhiteSpace(GetAttributeValue("ResolveNumberPage"))) { btnResolve.Visible = true; } } }
/// <summary> /// Handles the Click event for the btnLogin control /// </summary> /// <param name="sender"></param> /// <param name="e"></param> protected void btnLogin_Click(object sender, EventArgs e) { nbError.Visible = false; if (Page.IsValid) { RockContext rockContext = new RockContext(); var smsAuthentication = new SMSAuthentication(); string error; var person = smsAuthentication.GetNumberOwner(GetPhoneNumber(), rockContext, out error); if (person == null) { nbError.Text = error; nbError.Visible = true; return; } var userLoginService = new UserLoginService(rockContext); var userLogin = userLoginService.GetByUserName("SMS_" + person.Id.ToString()); if (userLogin != null && userLogin.EntityType != null) { if (smsAuthentication.Authenticate(userLogin, tbCode.Text)) { CheckUser(userLogin, Request.QueryString["returnurl"], true); return; } } } nbError.Text = "Sorry, the code you entered did not match the code we generated."; nbError.Visible = true; }
public static LoggedUser Authenticate2FA(string token, string id) { SMSAuthentication auth = new SMSAuthentication() { id = id, token = token }; return(Authenticate2FA(auth)); }
private System.Threading.Tasks.Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context) { if (!string.IsNullOrEmpty(context.UserName) && !string.IsNullOrEmpty(context.Password)) { var rockContext = new RockContext(); var userLoginService = new UserLoginService(rockContext); //Older Avalanche Clients use __PHONENUMBER__+1 prefix vs the newer SMS_ prefix //This makes sure we are using the new ROCK external sms authentication var userName = context.UserName.Replace("__PHONENUMBER__+1", "SMS_"); //SMS login does not use the phone number as the username. //Instead we need to change it to use the person's id. if (userName.StartsWith("SMS_")) { string error; var smsAuthentication = new SMSAuthentication(); var person = smsAuthentication.GetNumberOwner(userName.Split('_').Last(), rockContext, out error); if (person != null) { userName = string.Format("SMS_{0}", person.Id); } //If we cannot find a person, do nothing and just pass through the existing username } var userLogin = userLoginService.GetByUserName(userName); if (userLogin != null && userLogin.EntityType != null) { var component = AuthenticationContainer.GetComponent(userLogin.EntityType.Name); if (component != null && component.IsActive && (!component.RequiresRemoteAuthentication || component.TypeName == "Rock.Security.ExternalAuthentication.SMSAuthentication")) { if (component.Authenticate(userLogin, context.Password)) { if ((userLogin.IsConfirmed ?? true) && !(userLogin.IsLockedOut ?? false)) { OAuthContext oAuthContext = new OAuthContext(); ClientScopeService clientScopeService = new ClientScopeService(oAuthContext); AuthorizationService authorizationService = new AuthorizationService(oAuthContext); ClientService clientService = new ClientService(oAuthContext); var scopes = (context.Scope.FirstOrDefault() ?? "").Split(','); bool scopesApproved = false; Client OAuthClient = clientService.GetByApiKey(context.ClientId.AsGuid()); string[] authorizedScopes = authorizationService.Queryable().Where(a => a.Client.Id == OAuthClient.Id && a.UserLogin.UserName == userName && a.Active == true).Select(a => a.Scope.Identifier).ToArray <string>(); if (!clientScopeService.Queryable().Where(cs => cs.ClientId == OAuthClient.Id && cs.Active == true).Any() || (authorizedScopes != null && scopes.Where(s => !authorizedScopes.Select(a => a.ToLower()).Contains(s.ToLower())).Count() == 0)) { scopesApproved = true; } if (scopesApproved) { var identity = new ClaimsIdentity(new GenericIdentity(userName, OAuthDefaults.AuthenticationType)); //only allow claims that have been requested and the client has been authorized for foreach (var scope in scopes.Where(s => clientScopeService.Queryable().Where(cs => cs.ClientId == OAuthClient.Id && cs.Active == true).Select(cs => cs.Scope.Identifier.ToLower()).Contains(s.ToLower()))) { identity.AddClaim(new Claim("urn:oauth:scope", scope)); } UserLoginService.UpdateLastLogin(userName); context.Validated(identity); return(System.Threading.Tasks.Task.FromResult(0)); } else { context.Rejected(); context.SetError("Authentication Error", "All scopes are not authorized for this user."); } } if (!userLogin.IsConfirmed ?? true) { context.Rejected(); context.SetError("Authentication Error", "Account email is unconfirmed."); } if (userLogin.IsLockedOut ?? false) { context.Rejected(); context.SetError("Authentication Error", "Account is locked."); } } else { context.Rejected(); context.SetError("Authentication Error", "Invalid Username/Password."); } } else { context.Rejected(); context.SetError("Authentication Error", "Invalid Authentication Configuration."); } } else { context.Rejected(); context.SetError("Authentication Error", "Invalid Username/Password."); } } else { context.Rejected(); context.SetError("Authentication Error", "Invalid Username/Password."); } return(System.Threading.Tasks.Task.FromResult(0)); }
public static LoggedUser Authenticate2FA(SMSAuthentication auth) { var response = new TinderEndpoint.RestMethods(TinderAPI.Authenticate2FA).Post <LoggedUser>(auth); return(response); }