/// <summary>Updates the user authentication.</summary> /// /// <param name="existingUser">The existing user.</param> /// <param name="newUser"> The new user.</param> /// <param name="password"> The password.</param> /// /// <returns>An UserAuth.</returns> public UserAuth UpdateUserAuth(UserAuth existingUser, UserAuth newUser, string password) { ValidateNewUser(newUser, password); return(dbFactory.Run(db => { AssertNoExistingUser(db, newUser, existingUser); var hash = existingUser.PasswordHash; var salt = existingUser.Salt; if (password != null) { passwordHasher.GetHashAndSaltString(password, out hash, out salt); } // If either one changes the digest hash has to be recalculated var digestHash = existingUser.DigestHa1Hash; if (password != null || existingUser.UserName != newUser.UserName) { var digestHelper = new DigestAuthFunctions(); digestHash = digestHelper.CreateHa1(newUser.UserName, DigestAuthProvider.Realm, password); } newUser.Id = existingUser.Id; newUser.PasswordHash = hash; newUser.Salt = salt; newUser.DigestHa1Hash = digestHash; newUser.CreatedDate = existingUser.CreatedDate; newUser.ModifiedDate = DateTime.UtcNow; db.Save(newUser); return newUser; })); }
/// <summary>Executes the failed authentication action.</summary> /// /// <param name="session">The session.</param> /// <param name="httpReq">The HTTP request.</param> /// <param name="httpRes">The HTTP resource.</param> public override void OnFailedAuthentication(IAuthSession session, IHttpRequest httpReq, IHttpResponse httpRes) { var digestHelper = new DigestAuthFunctions(); httpRes.StatusCode = (int)HttpStatusCode.Unauthorized; httpRes.AddHeader(HttpHeaders.WwwAuthenticate, "{0} realm=\"{1}\", nonce=\"{2}\", qop=\"auth\"".Fmt(Provider, AuthRealm, digestHelper.GetNonce(httpReq.UserHostAddress, PrivateKey))); httpRes.EndRequest(); }
/// <summary>Updates the user authentication.</summary> /// /// <param name="existingUser">The existing user.</param> /// <param name="newUser"> The new user.</param> /// <param name="password"> The password.</param> /// /// <returns>An UserAuth.</returns> public UserAuth UpdateUserAuth(UserAuth existingUser, UserAuth newUser, string password) { ValidateNewUser(newUser, password); using (var redis = factory.GetClient()) { AssertNoExistingUser(redis, newUser, existingUser); if (existingUser.UserName != newUser.UserName && existingUser.UserName != null) { redis.RemoveEntryFromHash(IndexUserNameToUserId, existingUser.UserName); } if (existingUser.Email != newUser.Email && existingUser.Email != null) { redis.RemoveEntryFromHash(IndexEmailToUserId, existingUser.Email); } var hash = existingUser.PasswordHash; var salt = existingUser.Salt; if (password != null) { var saltedHash = new SaltedHash(); saltedHash.GetHashAndSaltString(password, out hash, out salt); } // If either one changes the digest hash has to be recalculated var digestHash = existingUser.DigestHa1Hash; if (password != null || existingUser.UserName != newUser.UserName) { var digestHelper = new DigestAuthFunctions(); digestHash = digestHelper.CreateHa1(newUser.UserName, DigestAuthProvider.Realm, password); } newUser.Id = existingUser.Id; newUser.PasswordHash = hash; newUser.Salt = salt; newUser.CreatedDate = existingUser.CreatedDate; newUser.ModifiedDate = DateTime.UtcNow; var userId = newUser.Id.ToString(CultureInfo.InvariantCulture); if (!newUser.UserName.IsNullOrEmpty()) { redis.SetEntryInHash(IndexUserNameToUserId, newUser.UserName, userId); } if (!newUser.Email.IsNullOrEmpty()) { redis.SetEntryInHash(IndexEmailToUserId, newUser.Email, userId); } redis.Store(newUser); return(newUser); } }
/// <summary>Attempts to authenticate from the given data.</summary> /// /// <param name="digestHeaders">The digest headers.</param> /// <param name="PrivateKey"> The private key.</param> /// <param name="NonceTimeOut"> The nonce time out.</param> /// <param name="sequence"> The sequence.</param> /// <param name="userAuth"> The user authentication.</param> /// /// <returns>true if it succeeds, false if it fails.</returns> public bool TryAuthenticate(Dictionary <string, string> digestHeaders, string PrivateKey, int NonceTimeOut, string sequence, out UserAuth userAuth) { userAuth = GetUserAuthByUserName(digestHeaders["username"]); if (userAuth == null) { return(false); } var digestHelper = new DigestAuthFunctions(); if (digestHelper.ValidateResponse(digestHeaders, PrivateKey, NonceTimeOut, userAuth.DigestHa1Hash, sequence)) { return(true); } userAuth = null; return(false); }
/// <summary>Creates user authentication.</summary> /// /// <param name="newUser"> The new user.</param> /// <param name="password">The password.</param> /// /// <returns>The new user authentication.</returns> public UserAuth CreateUserAuth(UserAuth newUser, string password) { ValidateNewUser(newUser, password); return(dbFactory.Run(db => { AssertNoExistingUser(db, newUser); string salt; string hash; passwordHasher.GetHashAndSaltString(password, out hash, out salt); var digestHelper = new DigestAuthFunctions(); newUser.DigestHa1Hash = digestHelper.CreateHa1(newUser.UserName, DigestAuthProvider.Realm, password); newUser.PasswordHash = hash; newUser.Salt = salt; newUser.CreatedDate = DateTime.UtcNow; newUser.ModifiedDate = newUser.CreatedDate; db.Insert(newUser); newUser = db.GetById <UserAuth>(db.GetLastInsertId()); return newUser; })); }
/// <summary>Creates user authentication.</summary> /// /// <param name="newUser"> The new user.</param> /// <param name="password">The password.</param> /// /// <returns>The new user authentication.</returns> public virtual UserAuth CreateUserAuth(UserAuth newUser, string password) { ValidateNewUser(newUser, password); using (var redis = factory.GetClient()) { AssertNoExistingUser(redis, newUser); var saltedHash = new SaltedHash(); string salt; string hash; saltedHash.GetHashAndSaltString(password, out hash, out salt); newUser.Id = redis.As <UserAuth>().GetNextSequence(); newUser.PasswordHash = hash; newUser.Salt = salt; var digestHelper = new DigestAuthFunctions(); newUser.DigestHa1Hash = digestHelper.CreateHa1(newUser.UserName, DigestAuthProvider.Realm, password); newUser.CreatedDate = DateTime.UtcNow; newUser.ModifiedDate = newUser.CreatedDate; var userId = newUser.Id.ToString(CultureInfo.InvariantCulture); if (!newUser.UserName.IsNullOrEmpty()) { redis.SetEntryInHash(IndexUserNameToUserId, newUser.UserName, userId); } if (!newUser.Email.IsNullOrEmpty()) { redis.SetEntryInHash(IndexEmailToUserId, newUser.Email, userId); } redis.Store(newUser); return(newUser); } }
/// <summary>Attempts to authenticate from the given data.</summary> /// /// <param name="digestHeaders">The digest headers.</param> /// <param name="PrivateKey"> The private key.</param> /// <param name="NonceTimeOut"> The nonce time out.</param> /// <param name="sequence"> The sequence.</param> /// <param name="userAuth"> The user authentication.</param> /// /// <returns>true if it succeeds, false if it fails.</returns> public bool TryAuthenticate (Dictionary<string, string> digestHeaders, string PrivateKey, int NonceTimeOut, string sequence, out UserAuth userAuth) { userAuth = GetUserAuthByUserName(digestHeaders["username"]); if (userAuth == null) return false; var digestHelper = new DigestAuthFunctions(); if (digestHelper.ValidateResponse(digestHeaders, PrivateKey, NonceTimeOut, userAuth.DigestHa1Hash,sequence)) { return true; } userAuth = null; return false; }
/// <summary>Updates the user authentication.</summary> /// /// <param name="existingUser">The existing user.</param> /// <param name="newUser"> The new user.</param> /// <param name="password"> The password.</param> /// /// <returns>An UserAuth.</returns> public UserAuth UpdateUserAuth(UserAuth existingUser, UserAuth newUser, string password) { ValidateNewUser(newUser, password); using (var redis = factory.GetClient()) { AssertNoExistingUser(redis, newUser, existingUser); if (existingUser.UserName != newUser.UserName && existingUser.UserName != null) { redis.RemoveEntryFromHash(IndexUserNameToUserId, existingUser.UserName); } if (existingUser.Email != newUser.Email && existingUser.Email != null) { redis.RemoveEntryFromHash(IndexEmailToUserId, existingUser.Email); } var hash = existingUser.PasswordHash; var salt = existingUser.Salt; if (password != null) { var saltedHash = new SaltedHash(); saltedHash.GetHashAndSaltString(password, out hash, out salt); } // If either one changes the digest hash has to be recalculated var digestHash = existingUser.DigestHa1Hash; if (password != null || existingUser.UserName != newUser.UserName) { var digestHelper = new DigestAuthFunctions(); digestHash = digestHelper.CreateHa1(newUser.UserName, DigestAuthProvider.Realm, password); } newUser.Id = existingUser.Id; newUser.PasswordHash = hash; newUser.Salt = salt; newUser.CreatedDate = existingUser.CreatedDate; newUser.ModifiedDate = DateTime.UtcNow; var userId = newUser.Id.ToString(CultureInfo.InvariantCulture); if (!newUser.UserName.IsNullOrEmpty()) redis.SetEntryInHash(IndexUserNameToUserId, newUser.UserName, userId); if (!newUser.Email.IsNullOrEmpty()) redis.SetEntryInHash(IndexEmailToUserId, newUser.Email, userId); redis.Store(newUser); return newUser; } }
/// <summary>Creates user authentication.</summary> /// /// <param name="newUser"> The new user.</param> /// <param name="password">The password.</param> /// /// <returns>The new user authentication.</returns> public virtual UserAuth CreateUserAuth(UserAuth newUser, string password) { ValidateNewUser(newUser, password); using (var redis = factory.GetClient()) { AssertNoExistingUser(redis, newUser); var saltedHash = new SaltedHash(); string salt; string hash; saltedHash.GetHashAndSaltString(password, out hash, out salt); newUser.Id = redis.As<UserAuth>().GetNextSequence(); newUser.PasswordHash = hash; newUser.Salt = salt; var digestHelper = new DigestAuthFunctions(); newUser.DigestHa1Hash = digestHelper.CreateHa1(newUser.UserName, DigestAuthProvider.Realm, password); newUser.CreatedDate = DateTime.UtcNow; newUser.ModifiedDate = newUser.CreatedDate; var userId = newUser.Id.ToString(CultureInfo.InvariantCulture); if (!newUser.UserName.IsNullOrEmpty()) redis.SetEntryInHash(IndexUserNameToUserId, newUser.UserName, userId); if (!newUser.Email.IsNullOrEmpty()) redis.SetEntryInHash(IndexEmailToUserId, newUser.Email, userId); redis.Store(newUser); return newUser; } }
/// <summary>Creates user authentication.</summary> /// /// <param name="newUser"> The new user.</param> /// <param name="password">The password.</param> /// /// <returns>The new user authentication.</returns> public UserAuth CreateUserAuth(UserAuth newUser, string password) { ValidateNewUser(newUser, password); return dbFactory.Run(db => { AssertNoExistingUser(db, newUser); string salt; string hash; passwordHasher.GetHashAndSaltString(password, out hash, out salt); var digestHelper = new DigestAuthFunctions(); newUser.DigestHa1Hash = digestHelper.CreateHa1(newUser.UserName, DigestAuthProvider.Realm, password); newUser.PasswordHash = hash; newUser.Salt = salt; newUser.CreatedDate = DateTime.UtcNow; newUser.ModifiedDate = newUser.CreatedDate; db.Insert(newUser); newUser = db.GetById<UserAuth>(db.GetLastInsertId()); return newUser; }); }
/// <summary>Updates the user authentication.</summary> /// /// <param name="existingUser">The existing user.</param> /// <param name="newUser"> The new user.</param> /// <param name="password"> The password.</param> /// /// <returns>An UserAuth.</returns> public UserAuth UpdateUserAuth(UserAuth existingUser, UserAuth newUser, string password) { ValidateNewUser(newUser, password); return dbFactory.Run(db => { AssertNoExistingUser(db, newUser, existingUser); var hash = existingUser.PasswordHash; var salt = existingUser.Salt; if (password != null) { passwordHasher.GetHashAndSaltString(password, out hash, out salt); } // If either one changes the digest hash has to be recalculated var digestHash = existingUser.DigestHa1Hash; if (password != null || existingUser.UserName != newUser.UserName) { var digestHelper = new DigestAuthFunctions(); digestHash = digestHelper.CreateHa1(newUser.UserName, DigestAuthProvider.Realm, password); } newUser.Id = existingUser.Id; newUser.PasswordHash = hash; newUser.Salt = salt; newUser.DigestHa1Hash = digestHash; newUser.CreatedDate = existingUser.CreatedDate; newUser.ModifiedDate = DateTime.UtcNow; db.Save(newUser); return newUser; }); }