private string SmsLoginUrl(AccountLinkControl accountLinkControl)
{
if (!StudioSmsNotificationSettings.IsVisibleSettings ||
!StudioSmsNotificationSettings.Enable)
{
return(string.Empty);
}
UserInfo user;
if (string.IsNullOrEmpty(HashId))
{
user = CoreContext.UserManager.GetUsers(TenantProvider.CurrentTenantID, Login, Hasher.Base64Hash(Password, HashAlg.SHA256));
}
else
{
Guid userId;
TryByHashId(accountLinkControl, HashId, out userId);
user = CoreContext.UserManager.GetUsers(userId);
}
if (user == null)
{
return(string.Empty);
}
var confirmType =
string.IsNullOrEmpty(user.MobilePhone) ||
user.MobilePhoneActivationStatus == MobilePhoneActivationStatus.NotActivated
? ConfirmType.PhoneActivation
: ConfirmType.PhoneAuth;
return(StudioNotifyService.GenerateConfirmUrl(user.Email, confirmType));
}
private static bool TryByHashId(AccountLinkControl accountLinkControl, string hashId, out Guid userId)
{
userId = Guid.Empty;
if (accountLinkControl == null || string.IsNullOrEmpty(hashId))
{
return(false);
}
var accountsStrId = accountLinkControl.GetLinker().GetLinkedObjectsByHashId(hashId);
userId = accountsStrId
.Select(x =>
{
try
{
return(new Guid(x));
}
catch
{
return(Guid.Empty);
}
})
.Where(x => x != Guid.Empty)
.FirstOrDefault(x => CoreContext.UserManager.UserExists(x));
return(true);
}
private string SmsLoginUrl(AccountLinkControl accountLinkControl)
{
if (!StudioSmsNotificationSettings.IsVisibleSettings ||
!StudioSmsNotificationSettings.Enable)
{
return(string.Empty);
}
UserInfo user;
if (string.IsNullOrEmpty(HashId))
{
user = CoreContext.UserManager.GetUsers(TenantProvider.CurrentTenantID, Login, Hasher.Base64Hash(Password, HashAlg.SHA256));
}
else
{
Guid userId;
TryByHashId(accountLinkControl, HashId, out userId);
user = CoreContext.UserManager.GetUsers(userId);
}
if (Constants.LostUser.Equals(user))
{
throw new InvalidCredentialException();
}
return(Studio.Confirm.SmsConfirmUrl(user));
}
private static bool TryByHashId(AccountLinkControl accountLinkControl, string hashId, out Guid userId)
{
userId = Guid.Empty;
if (accountLinkControl == null || string.IsNullOrEmpty(hashId))
{
return(false);
}
var linkedProfiles = accountLinkControl.GetLinker().GetLinkedObjectsByHashId(hashId);
var tmp = Guid.Empty;
if (linkedProfiles.Any(profileId => Guid.TryParse(profileId, out tmp) && CoreContext.UserManager.UserExists(tmp)))
{
userId = tmp;
}
return(true);
}
protected void Page_Load(object sender, EventArgs e)
{
Page.RegisterStyleControl(VirtualPathUtility.ToAbsolute("~/usercontrols/common/authorize/css/authorize.less"));
Login = "";
Password = "";
HashId = "";
//Account link control
AccountLinkControl accountLink = null;
if (SetupInfo.ThirdPartyAuthEnabled && AccountLinkControl.IsNotEmpty)
{
accountLink = (AccountLinkControl)LoadControl(AccountLinkControl.Location);
accountLink.Visible = true;
accountLink.ClientCallback = "authCallback";
accountLink.SettingsView = false;
signInPlaceholder.Controls.Add(accountLink);
}
//top panel
var master = Page.Master as BaseTemplate;
if (master != null)
{
master.TopStudioPanel.DisableProductNavigation = true;
master.TopStudioPanel.DisableSearch = true;
master.TopStudioPanel.DisableVideo = true;
}
Page.Title = HeaderStringHelper.GetPageTitle(Resource.Authorization);
pwdReminderHolder.Controls.Add(LoadControl(PwdTool.Location));
var msg = Request["m"];
if (!string.IsNullOrEmpty(msg))
{
ErrorMessage = msg;
}
if (IsPostBack && !SecurityContext.IsAuthenticated)
{
var tryByHash = false;
var smsLoginUrl = string.Empty;
try
{
if (!string.IsNullOrEmpty(Request["__EVENTARGUMENT"]) && Request["__EVENTTARGET"] == "signInLogin" && accountLink != null)
{
HashId = Request["__EVENTARGUMENT"];
}
if (!string.IsNullOrEmpty(Request["login"]))
{
Login = Request["login"].Trim();
}
else if (string.IsNullOrEmpty(HashId))
{
throw new InvalidCredentialException("login");
}
if (!string.IsNullOrEmpty(Request["pwd"]))
{
Password = Request["pwd"];
}
else if (string.IsNullOrEmpty(HashId))
{
throw new InvalidCredentialException("password");
}
var counter = (int)(cache.Get("loginsec/" + Login) ?? 0);
if (++counter % 5 == 0)
{
Thread.Sleep(TimeSpan.FromSeconds(10));
}
cache.Insert("loginsec/" + Login, counter, DateTime.UtcNow.Add(TimeSpan.FromMinutes(1)));
smsLoginUrl = SmsLoginUrl(accountLink);
if (string.IsNullOrEmpty(smsLoginUrl))
{
if (string.IsNullOrEmpty(HashId))
{
var cookiesKey = SecurityContext.AuthenticateMe(Login, Password);
CookiesManager.SetCookies(CookiesType.AuthKey, cookiesKey);
}
else
{
Guid userId;
tryByHash = TryByHashId(accountLink, HashId, out userId);
var cookiesKey = SecurityContext.AuthenticateMe(userId);
CookiesManager.SetCookies(CookiesType.AuthKey, cookiesKey);
}
}
}
catch (InvalidCredentialException)
{
Auth.ProcessLogout();
ErrorMessage = tryByHash ? Resource.LoginWithAccountNotFound : Resource.InvalidUsernameOrPassword;
return;
}
catch (System.Security.SecurityException)
{
Auth.ProcessLogout();
ErrorMessage = Resource.ErrorDisabledProfile;
return;
}
catch (Exception ex)
{
Auth.ProcessLogout();
ErrorMessage = ex.Message;
return;
}
if (!string.IsNullOrEmpty(smsLoginUrl))
{
Response.Redirect(smsLoginUrl);
}
var refererURL = (string)Session["refererURL"];
if (string.IsNullOrEmpty(refererURL))
{
Response.Redirect("~/");
}
else
{
Session["refererURL"] = null;
Response.Redirect(refererURL);
}
}
ProcessConfirmedEmailCondition();
}
protected void Page_Load(object sender, EventArgs e)
{
Page.RegisterStyleControl(VirtualPathUtility.ToAbsolute("~/usercontrols/common/authorize/css/authorize.less"));
Page.RegisterBodyScripts(ResolveUrl("~/usercontrols/common/authorize/js/authorize.js"));
Login = "";
Password = "";
HashId = "";
//Account link control
AccountLinkControl accountLink = null;
if (SetupInfo.ThirdPartyAuthEnabled && AccountLinkControl.IsNotEmpty)
{
accountLink = (AccountLinkControl)LoadControl(AccountLinkControl.Location);
accountLink.Visible = true;
accountLink.ClientCallback = "authCallback";
accountLink.SettingsView = false;
signInPlaceholder.Controls.Add(accountLink);
}
//top panel
var master = Page.Master as BaseTemplate;
if (master != null)
{
master.TopStudioPanel.DisableProductNavigation = true;
master.TopStudioPanel.DisableSearch = true;
}
Page.Title = HeaderStringHelper.GetPageTitle(Resource.Authorization);
pwdReminderHolder.Controls.Add(LoadControl(PwdTool.Location));
var msg = Request["m"];
var urlError = Request.QueryString["error"];
if (!string.IsNullOrEmpty(msg))
{
ErrorMessage = msg;
}
else if (urlError == "ipsecurity")
{
ErrorMessage = Resource.LoginFailIPSecurityMsg;
}
var thirdPartyProfile = Request.Url.GetProfile();
if ((IsPostBack || thirdPartyProfile != null) && !SecurityContext.IsAuthenticated)
{
var tryByHash = false;
var smsLoginUrl = string.Empty;
try
{
if (thirdPartyProfile != null)
{
if (string.IsNullOrEmpty(thirdPartyProfile.AuthorizationError))
{
HashId = thirdPartyProfile.HashId;
}
else
{
// ignore cancellation
if (thirdPartyProfile.AuthorizationError != "Canceled at provider")
{
ErrorMessage = thirdPartyProfile.AuthorizationError;
}
}
}
else
{
if (!string.IsNullOrEmpty(Request["__EVENTARGUMENT"]) && Request["__EVENTTARGET"] == "signInLogin" && accountLink != null)
{
HashId = ASC.Common.Utils.Signature.Read <string>(Request["__EVENTARGUMENT"]);
}
}
if (!string.IsNullOrEmpty(Request["login"]))
{
Login = Request["login"].Trim();
}
else if (string.IsNullOrEmpty(HashId))
{
throw new InvalidCredentialException("login");
}
if (!string.IsNullOrEmpty(Request["pwd"]))
{
Password = Request["pwd"];
}
else if (string.IsNullOrEmpty(HashId))
{
throw new InvalidCredentialException("password");
}
if (string.IsNullOrEmpty(HashId))
{
var counter = (int)(cache.Get("loginsec/" + Login) ?? 0);
if (++counter % 5 == 0)
{
Thread.Sleep(TimeSpan.FromSeconds(10));
}
cache.Insert("loginsec/" + Login, counter, DateTime.UtcNow.Add(TimeSpan.FromMinutes(1)));
}
if (!ActiveDirectoryUserImporter.TryLdapAuth(Login, Password))
{
smsLoginUrl = SmsLoginUrl(accountLink);
if (string.IsNullOrEmpty(smsLoginUrl))
{
var session = string.IsNullOrEmpty(Request["remember"]);
if (string.IsNullOrEmpty(HashId))
{
var cookiesKey = SecurityContext.AuthenticateMe(Login, Password);
CookiesManager.SetCookies(CookiesType.AuthKey, cookiesKey, session);
MessageService.Send(HttpContext.Current.Request, MessageAction.LoginSuccess);
}
else
{
Guid userId;
tryByHash = TryByHashId(accountLink, HashId, out userId);
var cookiesKey = SecurityContext.AuthenticateMe(userId);
CookiesManager.SetCookies(CookiesType.AuthKey, cookiesKey, session);
MessageService.Send(HttpContext.Current.Request, MessageAction.LoginSuccessViaSocialAccount);
}
}
}
}
catch (InvalidCredentialException)
{
Auth.ProcessLogout();
ErrorMessage = tryByHash ? Resource.LoginWithAccountNotFound : Resource.InvalidUsernameOrPassword;
var loginName = tryByHash && !string.IsNullOrWhiteSpace(HashId)
? HashId
: string.IsNullOrWhiteSpace(Login) ? AuditResource.EmailNotSpecified : Login;
var messageAction = tryByHash ? MessageAction.LoginFailSocialAccountNotFound : MessageAction.LoginFailInvalidCombination;
MessageService.Send(HttpContext.Current.Request, loginName, messageAction);
return;
}
catch (System.Security.SecurityException)
{
Auth.ProcessLogout();
ErrorMessage = Resource.ErrorDisabledProfile;
MessageService.Send(HttpContext.Current.Request, Login, MessageAction.LoginFailDisabledProfile);
return;
}
catch (IPSecurityException)
{
Auth.ProcessLogout();
ErrorMessage = Resource.ErrorIpSecurity;
MessageService.Send(HttpContext.Current.Request, Login, MessageAction.LoginFailIpSecurity);
return;
}
catch (Exception ex)
{
Auth.ProcessLogout();
ErrorMessage = ex.Message;
MessageService.Send(HttpContext.Current.Request, Login, MessageAction.LoginFail);
return;
}
if (!string.IsNullOrEmpty(smsLoginUrl))
{
Response.Redirect(smsLoginUrl);
}
var refererURL = (string)Session["refererURL"];
if (string.IsNullOrEmpty(refererURL))
{
Response.Redirect(CommonLinkUtility.GetDefault());
}
else
{
Session["refererURL"] = null;
Response.Redirect(refererURL);
}
}
ProcessConfirmedEmailCondition();
}
protected void Page_Load(object sender, EventArgs e)
{
_login = "";
_password = "";
//Account link control
AccountLinkControl accountLink = null;
if (SetupInfo.ThirdPartyAuthEnabled)
{
accountLink = (AccountLinkControl)LoadControl(AccountLinkControl.Location);
associateAccount.Visible = true;
associateAccount.Text = Resources.Resource.LoginWithAccount;
accountLink.ClientCallback = "authCallback";
accountLink.SettingsView = false;
signInPlaceholder.Controls.Add(accountLink);
}
((IStudioMaster)this.Master).DisabledSidePanel = true;
//top panel
if (this.Master is StudioTemplate)
{
((StudioTemplate)this.Master).TopNavigationPanel.DisableProductNavigation = true;
((StudioTemplate)this.Master).TopNavigationPanel.DisableSearch = true;
}
_tenantInfoSettings = SettingsManager.Instance.LoadSettings <TenantInfoSettings>(TenantProvider.CurrentTenantID);
this.Title = HeaderStringHelper.GetPageTitle(Resources.Resource.Authorization, null, null);
pwdReminderHolder.Controls.Add(LoadControl(PwdTool.Location));
pwdReminderHolder.Controls.Add(LoadControl(InviteEmployeeControl.Location));
_communitations.Controls.Add(LoadControl(AuthCommunications.Location));
var msg = Request["m"];
if (!string.IsNullOrEmpty(msg))
{
_loginMessage = "<div class='errorBox'>" + HttpUtility.HtmlEncode(msg) + "</div>";
}
if (this.IsPostBack && !SecurityContext.IsAuthenticated)
{
var uData = new UserTransferData();
if (!String.IsNullOrEmpty(Request["login"]))
{
_login = Request["login"];
uData.Login = _login;
}
if (!String.IsNullOrEmpty(Request["pwd"]))
{
_password = Request["pwd"];
uData.Password = _password;
}
bool isDemo = false;
if (!String.IsNullOrEmpty(Request["authtype"]))
{
isDemo = Request["authtype"] == "demo";
}
string hashId = string.Empty;
if (!string.IsNullOrEmpty(Request["__EVENTARGUMENT"]) && Request["__EVENTTARGET"] == "signInLogin" && accountLink != null)
{
//Login from open id
hashId = Request["__EVENTARGUMENT"];
uData.HashId = hashId;
}
if (isDemo)
{
SecurityContext.AuthenticateMe(ASC.Core.Configuration.Constants.Demo);
}
else
{
try
{
string cookiesKey = string.Empty;
if (!string.IsNullOrEmpty(hashId))
{
var accounts = accountLink.GetLinker().GetLinkedObjectsByHashId(hashId);
foreach (var account in accounts.Select(x =>
{
try
{
return(new Guid(x));
}
catch
{
return(Guid.Empty);
}
}))
{
if (CoreContext.UserManager.UserExists(account) && account != Guid.Empty)
{
var coreAcc = CoreContext.UserManager.GetUsers(account);
cookiesKey = SecurityContext.AuthenticateMe(coreAcc.Email, CoreContext.Authentication.GetUserPasswordHash(coreAcc.ID));
uData.UserId = coreAcc.ID;
ProcessSmsValidation(uData);
}
}
if (string.IsNullOrEmpty(cookiesKey))
{
_loginMessage = "<div class=\"errorBox\">" + HttpUtility.HtmlEncode(Resources.Resource.LoginWithAccountNotFound) + "</div>";
return;
}
}
else
{
cookiesKey = SecurityContext.AuthenticateMe(_login, _password);
uData.UserId = SecurityContext.CurrentAccount.ID;
ProcessSmsValidation(uData);
}
CookiesManager.SetCookies(CookiesType.AuthKey, cookiesKey);
}
catch (System.Security.SecurityException)
{
ProcessLogout();
_loginMessage = "<div class=\"errorBox\">" + HttpUtility.HtmlEncode(Resources.Resource.InvalidUsernameOrPassword) + "</div>";
return;
}
catch (Exception exception)
{
ProcessLogout();
_loginMessage = "<div class=\"errorBox\">" + HttpUtility.HtmlEncode(exception.Message) + "</div>";
return;
}
}
UserOnlineManager.Instance.RegistryOnlineUser(SecurityContext.CurrentAccount.ID);
WebItemManager.Instance.ItemGlobalHandlers.Login(SecurityContext.CurrentAccount.ID);
string refererURL = (string)Session["refererURL"];
if (String.IsNullOrEmpty(refererURL))
{
Response.Redirect("~/");
}
else
{
Session["refererURL"] = null;
Response.Redirect(refererURL);
}
return;
}
else if (SecurityContext.IsAuthenticated && base.IsLogout)
{
ProcessLogout();
Response.Redirect("~/auth.aspx");
}
ProcessConfirmedEmailCondition();
}