public async Task <CreateLocalAccountResult> CreateAsync(Guid identityId, string loginId, string password) { var passwordSalt = new byte[_options.NumberOfBytesInPasswordSalt]; var totpSecret = new byte[64]; CryptoRandom.GetBytes(passwordSalt); CryptoRandom.GetBytes(totpSecret); var localAccount = new LocalAccount { IdentityId = identityId, IterationCount = _options.IterationCount, PasswordSalt = passwordSalt, SharedTotpSecret = totpSecret, LoginId = loginId }; localAccount.PasswordHash = GetPasswordHash(password, localAccount); try { await _localAccountStorage.CreateAsync(localAccount); } catch (IdentityAlreadyExistException e) { _log.LogError(0, e, "Local account already exist"); return(CreateLocalAccountResult.AlreadyExist()); } return(CreateLocalAccountResult.Success(localAccount)); }
public async Task<CreateLocalAccountResult> CreateAsync(Guid identityId, string loginId, string password) { var bytes = new byte[_options.NumberOfBytesInPasswordSalt]; CryptoRandom.GetBytes(bytes); var localAccount = new LocalAccount { IdentityId = identityId, IterationCount = _options.IterationCount, PasswordSalt = bytes, LoginId = loginId, Created = DateTimeOffset.Now, Updated = DateTimeOffset.Now }; localAccount.PasswordHash = GetPasswordHash(password, localAccount); try { await _localAccountStorage.CreateAsync(localAccount); } catch (IdentityAlreadyExistException e) { _log.LogError(0, e, "Local account already exist"); return CreateLocalAccountResult.AlreadyExist(); } return CreateLocalAccountResult.Success(localAccount); }
private void ValidatePassword(LocalAccount localAccount, string password) { if (!localAccount.PasswordHash.SequenceEqual(GetPasswordHash(password, localAccount))) { InvalidPassword(localAccount); } }
public static CreateLocalAccountResult Success(LocalAccount localAccount) { return(new CreateLocalAccountResult(localAccount) { Succeeded = true }); }
public async Task CreateAsync(LocalAccount localAccount) { using (var connection = new SqlConnection(_identityOptions.ConnectionString)) { try { using (var command = new SqlCommand(_insertSql, connection)) { command.Parameters.Add(new SqlParameter("@Created", localAccount.Created)); command.Parameters.Add(new SqlParameter("@FailedLoginCount", localAccount.FailedLoginCount)); command.Parameters.Add(new SqlParameter("@IdentityId", localAccount.IdentityId)); command.Parameters.Add(new SqlParameter("@IsDisabled", localAccount.IsDisabled)); command.Parameters.Add(new SqlParameter("@IterationCount", localAccount.IterationCount)); command.Parameters.Add(new SqlParameter("@LoginId", localAccount.LoginId)); command.Parameters.Add(new SqlParameter("@PasswordHash", localAccount.PasswordHash)); command.Parameters.Add(new SqlParameter("@PasswordSalt", localAccount.PasswordSalt)); command.Parameters.Add(new SqlParameter("@Updated", localAccount.Updated)); connection.Open(); localAccount.Id = (int)await command.ExecuteScalarAsync(); } } catch (SqlException ex) { // 2601 - Violation in unique index // 2627 - Violation in unique constraint if (ex.Number == 2601 || ex.Number == 2627) { throw new LocalAccountAlreadyExistException($"Identity {localAccount.LoginId} already exist for user {localAccount.IdentityId}", ex); } throw; } } }
private async Task ValidatePassword(LocalAccount localAccount, string password) { if (!localAccount.PasswordHash.SequenceEqual(GetPasswordHash(password, localAccount))) { await InvalidPassword(localAccount); } }
private void InvalidPassword(LocalAccount localAccount) { localAccount.FailedLoginCount++; localAccount.Updated = DateTimeOffset.Now; _log.LogWarning("Invalid password for local account {0} with iteration count {1}", localAccount.IdentityId, localAccount.IterationCount); _localAccountStorage.UpdateFailedLoginCountAsync(localAccount); throw new UnauthorizedAccessException("Invalid password"); }
public async Task UpdateFailedLoginCountAsync(LocalAccount localAccount) { using (var connection = new SqlConnection(_identityOptions.ConnectionString)) { using (var command = new SqlCommand(_updateFailedLoginCount, connection)) { command.Parameters.Add(new SqlParameter("@FailedLoginCount", localAccount.FailedLoginCount)); command.Parameters.Add(new SqlParameter("@Updated", localAccount.Updated)); command.Parameters.Add(new SqlParameter("@IdentityId", localAccount.IdentityId)); connection.Open(); var result = await command.ExecuteNonQueryAsync(); } } }
public async Task CreateAsync(LocalAccount localAccount) { localAccount.Created = DateTimeOffset.Now; localAccount.Updated = DateTimeOffset.Now; using (var connection = new SqlConnection(_identityOptions.ConnectionString)) { try { using (var command = new SqlCommand(_insertSql, connection)) { command.Parameters.Add(new SqlParameter("@Created", localAccount.Created)); command.Parameters.Add(new SqlParameter("@FailedLoginCount", localAccount.FailedLoginCount)); command.Parameters.Add(new SqlParameter("@IdentityId", localAccount.IdentityId)); command.Parameters.Add(new SqlParameter("@IsDisabled", localAccount.IsDisabled)); command.Parameters.Add(new SqlParameter("@IterationCount", localAccount.IterationCount)); command.Parameters.Add(new SqlParameter("@LoginId", localAccount.LoginId)); command.Parameters.Add(new SqlParameter("@PasswordHash", localAccount.PasswordHash)); command.Parameters.Add(new SqlParameter("@PasswordSalt", localAccount.PasswordSalt)); command.Parameters.Add(new SqlParameter("@Updated", localAccount.Updated)); command.Parameters.AddWithNullableValue("@SharedTotpSecret", localAccount.SharedTotpSecret); command.Parameters.AddWithNullableValue("@TwoFactorAppNotificationEnabled", localAccount.TwoFactorAppNotificationEnabled); command.Parameters.AddWithNullableValue("@TwoFactorEmailEnabled", localAccount.TwoFactorEmailEnabled); command.Parameters.AddWithNullableValue("@TwoFactorSmsEnabled", localAccount.TwoFactorSmsEnabled); command.Parameters.AddWithNullableValue("@TwoFactorTotpEnabled", localAccount.TwoFactorTotpEnabled); command.Parameters.AddWithNullableValue("@Deleted", localAccount.Deleted); await connection.OpenAsync(); localAccount.Id = (int)await command.ExecuteScalarAsync(); } } catch (SqlException ex) { // 2601 - Violation in unique index // 2627 - Violation in unique constraint if (ex.Number == 2601 || ex.Number == 2627) { throw new LocalAccountAlreadyExistException($"Identity {localAccount.LoginId} already exist for user {localAccount.IdentityId}", ex); } throw; } } }
private byte[] GetPasswordHash(string password, LocalAccount localAccount) { return _passwordHashGenerator.GetPasswordHash(localAccount.PasswordSalt, password, localAccount.IterationCount, _options.NumberOfBytesInPasswordHash); }
private void SetFailedLoginCountToZero(LocalAccount localAccount) { localAccount.FailedLoginCount = 0; localAccount.Updated = DateTimeOffset.Now; _localAccountStorage.UpdateFailedLoginCountAsync(localAccount); }
public CreateLocalAccountResult(LocalAccount localAccount) { LocalAccount = localAccount; }
public Task UpdateAsync(LocalAccount localAccount) { throw new NotImplementedException(); }
public Task DeleteAsync(LocalAccount localAccount) { localAccount.Deleted = DateTimeOffset.Now; return(UpdateAsync(localAccount)); }