public void GetUserNameReturnsName()
{
LoginRequest credentials = new LoginRequest(userName);
ActiveDirectoryAuthentication authentication = new ActiveDirectoryAuthentication();
string result = authentication.GetUserName(credentials);
Assert.AreEqual(userName, result);
}
public void TestMissingUserName()
{
//todo pass in a stub/mock ldap service so we can test
ActiveDirectoryAuthentication authentication = new ActiveDirectoryAuthentication("janedoe", null);
LoginRequest credentials = new LoginRequest();
bool isValid = authentication.Authenticate(credentials);
Assert.IsFalse(isValid);
}
public void GetSetAllProperties()
{
ActiveDirectoryAuthentication authentication = new ActiveDirectoryAuthentication();
authentication.UserName = userName;
Assert.AreEqual(userName, authentication.UserName, "UserName not correctly set");
Assert.AreEqual(userName, authentication.Identifier, "Identifier not correctly set");
authentication.DomainName = domainName;
Assert.AreEqual(domainName, authentication.DomainName, "DomainName not correctly set");
}
public void GetDisplayNameReturnsDisplayName()
{
string displayName = "John Doe";
LoginRequest credentials = new LoginRequest(userName);
ActiveDirectoryAuthentication authentication = new ActiveDirectoryAuthentication();
authentication.DomainName = domainName;
string result = authentication.GetDisplayName(credentials);
Assert.AreEqual(displayName, result);
}
public void TestValidUserName()
{
//todo pass in a stub/mock ldap service so we can test
ActiveDirectoryAuthentication authentication = new ActiveDirectoryAuthentication(userName, null);
authentication.DomainName = domainName;
LoginRequest credentials = new LoginRequest(userName);
bool isValid = authentication.Authenticate(credentials);
Assert.IsTrue(isValid);
}
public override Task <SignInStatus> PasswordSignInAsync(string userName, string password, bool isPersistent, bool shouldLockout)
{
if (ActiveDirectoryAuthentication.IsADAuthenticationEnabled())
{
if (ActiveDirectoryAuthentication.Authenticate(userName, password))
{
return(base.PasswordSignInAsync(userName, "bazooka", isPersistent, shouldLockout));
}
}
return(base.PasswordSignInAsync(userName, password, isPersistent, shouldLockout));
}
public async Task <ActionResult> Register(RegisterViewModel model)
{
if (ModelState.IsValid)
{
var user = new ApplicationUser {
UserName = model.UserName, Email = model.Email
};
if (db.Users.Count() == 0)
{
user.Administrator = true;
}
IdentityResult result;
if (ActiveDirectoryAuthentication.IsADAuthenticationEnabled())
{
if (!ActiveDirectoryAuthentication.Authenticate(model.UserName, model.Password))
{
ModelState.AddModelError("", "username or password not valid");
return(View(model));
}
else
{
result = await UserManager.CreateAsync(user, "bazooka");
}
}
else
{
result = await UserManager.CreateAsync(user, model.Password);
}
if (result.Succeeded)
{
await SignInManager.SignInAsync(user, isPersistent : false, rememberBrowser : false);
// For more information on how to enable account confirmation and password reset please visit http://go.microsoft.com/fwlink/?LinkID=320771
// Send an email with this link
// string code = await UserManager.GenerateEmailConfirmationTokenAsync(user.Id);
// var callbackUrl = Url.Action("ConfirmEmail", "Account", new { userId = user.Id, code = code }, protocol: Request.Url.Scheme);
// await UserManager.SendEmailAsync(user.Id, "Confirm your account", "Please confirm your account by clicking <a href=\"" + callbackUrl + "\">here</a>");
return(RedirectToAction("Index", "Home"));
}
AddErrors(result);
}
// If we got this far, something failed, redisplay form
return(View(model));
}
private static void ConfigSecurity(XafApplication application)
{
//if (application.Security != null)
// ((SecurityStrategy)winApplication.Security).CustomizeRequestProcessors +=
// (sender, e) => e.Processors.Add(typeof (BusinessLogicPermissionRequest<>), new BusinessLogicPermissionRequestProcessor(e.Permissions));
var authenticationModeString = ConfigurationManager.AppSettings["AuthenticationMode"];
var createUserAutomaticallyString = ConfigurationManager.AppSettings["CreateUserAutomatically"];
var createUserAutomatically = createUserAutomaticallyString.ToLower() == "true";
if (string.IsNullOrWhiteSpace(authenticationModeString))
{
throw new Exception("No AuthenticationMode specified at configuration. In app.config or web.config, there should be a 'AuthenticationMode' key in appSettings.");
}
AuthenticationBase authentication;
switch (authenticationModeString)
{
case "ActiveDirectory":
authentication = new ActiveDirectoryAuthentication()
{
CreateUserAutomatically = createUserAutomatically
};
break;
case "ADFS":
authentication = new AdfsAuthentication()
{
CreateUserAutomatically = createUserAutomatically
};
break;
case "Tralus":
authentication = new AuthenticationStandard <User, AuthenticationStandardLogonParameters>();
break;
case "None":
authentication = (TralusAuthenticationBase)null;
break;
default:
throw new Exception($"AuthenticationMode is not supported: '{authenticationModeString}'");
}
if (authentication != null)
{
application.Security = new TralusSecurityStrategy(authentication);
}
}
public static ApplicationUserManager Create(IdentityFactoryOptions <ApplicationUserManager> options, IOwinContext context)
{
var manager = new ApplicationUserManager(new UserStore <ApplicationUser>(context.Get <ApplicationDbContext>()));
// Configure validation logic for usernames
manager.UserValidator = new UserValidator <ApplicationUser>(manager)
{
AllowOnlyAlphanumericUserNames = false,
RequireUniqueEmail = true
};
var provider = new DpapiDataProtectionProvider("Sample");
manager.UserTokenProvider = new DataProtectorTokenProvider <ApplicationUser>(provider.Create("EmailConfirmation"));
if (ActiveDirectoryAuthentication.IsADAuthenticationEnabled())
{
// if AD authentication is enabled we defer to their password policy
manager.PasswordValidator = new PasswordValidator
{
RequiredLength = 2,
RequireNonLetterOrDigit = false,
RequireDigit = false,
RequireLowercase = false,
RequireUppercase = false,
};
}
else
{
manager.PasswordValidator = new PasswordValidator
{
RequiredLength = 6,
RequireNonLetterOrDigit = true,
RequireDigit = true,
RequireLowercase = true,
RequireUppercase = true,
};
}
// Configure user lockout defaults
manager.UserLockoutEnabledByDefault = true;
manager.DefaultAccountLockoutTimeSpan = TimeSpan.FromMinutes(5);
manager.MaxFailedAccessAttemptsBeforeLockout = 5;
return(manager);
}
private static void ConfigSecurity(XafApplication application)
{
//if (application.Security != null)
// ((SecurityStrategy)winApplication.Security).CustomizeRequestProcessors +=
// (sender, e) => e.Processors.Add(typeof (BusinessLogicPermissionRequest<>), new BusinessLogicPermissionRequestProcessor(e.Permissions));
var authenticationModeString = ConfigurationManager.AppSettings["AuthenticationMode"];
var createUserAutomaticallyString = ConfigurationManager.AppSettings["CreateUserAutomatically"];
if (string.IsNullOrWhiteSpace(authenticationModeString))
{
throw new Exception("No AuthenticationMode specified at configuration. In app.config or web.config, there should be a 'AuthenticationMode' key in appSettings.");
}
bool createUserAutomatically = false;
if (!string.IsNullOrWhiteSpace(createUserAutomaticallyString))
{
createUserAutomatically = createUserAutomaticallyString.ToLower() == "true";
}
TralusAuthenticationBase authentication;
switch (authenticationModeString)
{
case "ActiveDirectory":
authentication = new ActiveDirectoryAuthentication()
{
CreateUserAutomatically = createUserAutomatically
};
break;
default:
throw new Exception(string.Format("AuthenticationMode is not supported: '{0}'", authenticationModeString));
}
// ToDo: Select authentication method from config file.
application.Security = new TralusSecurityStrategy(authentication);
}
public ActionResult Login(LoginModel model, string returnUrl, bool?Suplantar)
{
List <SelectListItem> idiomas = new List <SelectListItem>();
List <DomainDto> lista = new List <DomainDto>();
idiomas.Add(
new SelectListItem {
Text = "Castellano", Value = "es-ES"
}
);
idiomas.Add(
new SelectListItem {
Text = "English", Value = "en-GB"
}
);
ViewBag.idiomas = idiomas;
if (!ModelState.IsValid)
{
ViewBag.Visible = false;
ViewBag.domains = GetListDomains().ToList()
.Select(t => new
{
id = t.Value,
text = t.Text
})
.ToList();
return(View(model));
}
if (model.Domain != 0)
{
lista.Add(_domainService.GetDomain(model.Domain));
}
else
{
_domainService.GetDomains().ToList().ForEach(d =>
{
var user = _usuarioService.Get(model.UserName, d.Path.Split('.')[0]);
if (user != null)
{
lista.Add(d);
}
});
}
var authenticationManager = HttpContext.GetOwinContext().Authentication;
var authService = new ActiveDirectoryAuthentication(authenticationManager);
var domain = _domainService.GetDomain(model.Domain);
if (lista.Count > 0 && lista.Count < 2)
{
var authenticationResult = authService.SignIn(model.UserName, model.Password, model.RememberMe, lista.First().AdIp, lista.First().Path, model.Idioma, Suplantar.HasValue);
if (authenticationResult.IsSuccess)
{
Session["Login"] = model;
Session["User"] = authenticationResult.user;
try
{
using (analyticsSoapClient acceso = new analyticsSoapClient("analyticsSoap12"))
{
//var person = _serviceEstructura.GetEmpleado(authenticationResult.user.personPK);
//acceso.newAccess("ExcelenziaV4", "Acceso", 0, authenticationResult.user.usuarioNT, authenticationResult.user.dominio, authenticationResult.user.personPK, person.projectPk, person.projectLbl, person.subprojectPk, person.subprojectLbl, person.servicesPk, person.serviceLbl, Environment.MachineName.ToString());
}
}
catch (Exception e)
{
}
return(RedirectToHome(returnUrl));
}
ModelState.AddModelError("", authenticationResult.ErrorMessage);
ViewBag.Visible = false;
ViewBag.domains = GetListDomains().ToList()
.Select(t => new
{
id = t.Value,
text = t.Text
})
.ToList();
}
else
{
ModelState.AddModelError(string.Empty, "Su usuario esta repetido en varias plataformas, por favor indique la correcta para iniciar sesion");
ModelState.AddModelError("DomainText", "Inserte una plataforma");
ViewBag.idiomas = idiomas;
ViewBag.domains = lista.ToList()
.Select(x => new SelectListItem
{
Value = x.Id.ToString(),
Text = x.Name
}).Select(t => new { id = t.Value, text = t.Text })
.ToList();
ViewBag.Visible = true;
return(View(model));
}
return(View(model));
}
public bool Post([FromBody] pdiValidacionDTO validacionpdi)
{
var domain = _domainService.GetDomain(validacionpdi.idDominio);
return(ActiveDirectoryAuthentication.CheckUser(validacionpdi.UserName, validacionpdi.password, false, domain.AdIp, domain.Path, validacionpdi.personPK));
}