public void SendPasswordResetToken(SendPasswordResetTokenParameters parameters)
{
if (parameters == null)
{
throw new ClientException("It is not allowed to call this authentication service method with no parameters provided.");
}
_logger.Trace("SendPasswordResetToken " + parameters.UserName);
parameters.Validate();
const string logErrorFormat = "SendPasswordResetToken failed for {0}: {1}";
try
{
string passwordResetToken;
try
{
var tokenParameters = new GeneratePasswordResetTokenParameters
{
UserName = parameters.UserName,
TokenExpirationInMinutesFromNow = Int32.Parse(ConfigUtility.GetAppSetting("AspNetFormsAuth.SendPasswordResetToken.ExpirationInMinutes") ?? "1440")
};
passwordResetToken = GeneratePasswordResetTokenInternal(tokenParameters);
}
// Providing an error information to the client might be a security issue, because this method allows anonymous access.
catch (UserException ex)
{
_logger.Trace(logErrorFormat, parameters.UserName, ex);
return;
}
catch (ClientException ex)
{
_logger.Info(logErrorFormat, parameters.UserName, ex);
return;
}
// The plugin may choose it's own client error messages (UserException and ClientException will not be suppressed).
_sendPasswordResetTokenPlugin.Value.SendPasswordResetToken(parameters.UserName, parameters.AdditionalClientInfo, passwordResetToken);
}
catch (Exception ex)
{
if (ex is UserException || ex is ClientException)
{
ExceptionsUtility.Rethrow(ex);
}
// Don't return an internal error to the client. Log it and return a generic error message:
_logger.Error(logErrorFormat, parameters.UserName, ex);
throw new FrameworkException(FrameworkException.GetInternalServerErrorMessage(_localizer, ex));
}
}
public void SendPasswordResetToken(SendPasswordResetTokenParameters parameters)
{
if (parameters == null)
throw new ClientException("It is not allowed to call this authentication service method with no parameters provided.");
_logger.Trace("SendPasswordResetToken " + parameters.UserName);
parameters.Validate();
const string logErrorFormat = "SendPasswordResetToken failed for {0}: {1}";
try
{
string passwordResetToken;
try
{
var tokenParameters = new GeneratePasswordResetTokenParameters
{
UserName = parameters.UserName,
TokenExpirationInMinutesFromNow = Int32.Parse(ConfigUtility.GetAppSetting("AspNetFormsAuth.SendPasswordResetToken.ExpirationInMinutes") ?? "1440")
};
passwordResetToken = GeneratePasswordResetTokenInternal(tokenParameters);
}
// Providing an error information to the client might be a security issue, because this method allows anonymous access.
catch (UserException ex)
{
_logger.Trace(logErrorFormat, parameters.UserName, ex);
return;
}
catch (ClientException ex)
{
_logger.Info(logErrorFormat, parameters.UserName, ex);
return;
}
// The plugin may choose it's own client error messages (UserException and ClientException will not be suppressed).
_sendPasswordResetTokenPlugin.Value.SendPasswordResetToken(parameters.UserName, parameters.AdditionalClientInfo, passwordResetToken);
}
catch (Exception ex)
{
if (ex is UserException || ex is ClientException)
ExceptionsUtility.Rethrow(ex);
_logger.Error(logErrorFormat, parameters.UserName, ex);
throw new FrameworkException("Internal server error occurred. See RhetosServer.log for more information.");
}
}
public async Task SendPasswordResetToken([FromBody] SendPasswordResetTokenParameters parameters)
{
ValidateForEmptyParameters(parameters);
await _authenticationService.SendPasswordResetTokenAsync(parameters.UserName, parameters.AdditionalClientInfo);
}