private string GetConfirmLink(string email, ConfirmType confirmType)
{
var validationKey = EmailValidationKeyProvider.GetEmailKey(email + confirmType.ToString());
return(CommonLinkUtility.GetFullAbsolutePath("~/confirm.aspx") +
string.Format("?type={0}&email={1}&key={2}", confirmType.ToString(), HttpUtility.UrlEncode(email), validationKey));
}
internal static string GenerateConfirmUrl(string email, ConfirmType confirmType)
{
var validationKey = EmailValidationKeyProvider.GetEmailKey(
email + confirmType.ToString().ToLower());
var inviteUrl = CommonLinkUtility.GetFullAbsolutePath(String.Format("~/confirm.aspx?type={2}&email={0}&key={1}",
HttpUtility.UrlEncode(email), validationKey,
confirmType.ToString().ToLower()));
return(inviteUrl);
}
private static string GenerateDnsChangeConfirmUrl(string email, string dnsName, string tenantAlias, ConfirmType confirmType)
{
var key = string.Join(string.Empty, new[] { email, confirmType.ToString(), dnsName, tenantAlias });
var validationKey = EmailValidationKeyProvider.GetEmailKey(key);
var sb = new StringBuilder();
sb.Append(CommonLinkUtility.GetFullAbsolutePath("~/confirm.aspx"));
sb.AppendFormat("?email={0}&key={1}&type={2}", HttpUtility.UrlEncode(email), validationKey, confirmType.ToString());
if (!string.IsNullOrEmpty(dnsName))
{
sb.AppendFormat("&dns={0}", dnsName);
}
if (!string.IsNullOrEmpty(tenantAlias))
{
sb.AppendFormat("&alias={0}", tenantAlias);
}
return(sb.ToString());
}
private bool CheckValidationKey()
{
var key = Request["key"] ?? "";
var emplType = Request["emplType"] ?? "";
var validInterval = SetupInfo.ValidEamilKeyInterval;
var authInterval = TimeSpan.FromHours(1);
EmailValidationKeyProvider.ValidationResult checkKeyResult;
switch (_type)
{
case ConfirmType.PortalContinue:
checkKeyResult = EmailValidationKeyProvider.ValidateEmailKey(_email + _type, key);
break;
case ConfirmType.PhoneActivation:
case ConfirmType.PhoneAuth:
checkKeyResult = EmailValidationKeyProvider.ValidateEmailKey(_email + _type, key, authInterval);
break;
case ConfirmType.Auth:
{
var first = Request["first"] ?? "";
var module = Request["module"];
checkKeyResult = EmailValidationKeyProvider.ValidateEmailKey(_email + _type + first + module, key, authInterval);
if (checkKeyResult == EmailValidationKeyProvider.ValidationResult.Ok)
{
var user = _email.Contains("@")
? CoreContext.UserManager.GetUserByEmail(_email)
: CoreContext.UserManager.GetUsers(new Guid(_email));
if (SecurityContext.IsAuthenticated && SecurityContext.CurrentAccount.ID != user.ID)
{
Auth.ProcessLogout();
}
if (!SecurityContext.IsAuthenticated)
{
if (StudioSmsNotificationSettings.IsVisibleSettings && StudioSmsNotificationSettings.Enable)
{
Response.Redirect(SmsConfirmUrl(user), true);
}
var authCookie = SecurityContext.AuthenticateMe(user.ID);
CookiesManager.SetCookies(CookiesType.AuthKey, authCookie);
MessageService.Send(HttpContext.Current.Request, MessageAction.LoginSuccess, user.DisplayUserName(false));
}
AuthRedirect(user, first.ToLower() == "true", module, Request[FilesLinkUtility.FileUri]);
}
}
break;
case ConfirmType.DnsChange:
{
var dnsChangeKey = string.Join(string.Empty, new[] { _email, _type.ToString(), Request["dns"], Request["alias"] });
checkKeyResult = EmailValidationKeyProvider.ValidateEmailKey(dnsChangeKey, key, validInterval);
}
break;
case ConfirmType.PortalOwnerChange:
{
Guid uid;
try
{
uid = new Guid(Request["uid"]);
}
catch
{
uid = Guid.Empty;
}
checkKeyResult = EmailValidationKeyProvider.ValidateEmailKey(_email + _type + uid, key, validInterval);
}
break;
case ConfirmType.EmpInvite:
checkKeyResult = EmailValidationKeyProvider.ValidateEmailKey(_email + _type + emplType, key, validInterval);
break;
case ConfirmType.LinkInvite:
checkKeyResult = EmailValidationKeyProvider.ValidateEmailKey(_type + emplType, key, validInterval);
break;
case ConfirmType.PasswordChange:
var userHash = !String.IsNullOrEmpty(Request["p"]) && Request["p"] == "1";
String hash = String.Empty;
if (userHash)
{
hash = CoreContext.Authentication.GetUserPasswordHash(CoreContext.UserManager.GetUserByEmail(_email).ID);
}
checkKeyResult = EmailValidationKeyProvider.ValidateEmailKey(_email + _type + (string.IsNullOrEmpty(hash) ? string.Empty : Hasher.Base64Hash(hash)), key, validInterval);
break;
default:
checkKeyResult = EmailValidationKeyProvider.ValidateEmailKey(_email + _type, key, validInterval);
break;
}
if (checkKeyResult == EmailValidationKeyProvider.ValidationResult.Expired)
{
ShowError(Resource.ErrorExpiredActivationLink);
return(false);
}
if (checkKeyResult == EmailValidationKeyProvider.ValidationResult.Invalid)
{
ShowError(_type == ConfirmType.LinkInvite
? Resource.ErrorInvalidActivationLink
: Resource.ErrorConfirmURLError);
return(false);
}
if (!string.IsNullOrEmpty(_email) && !_email.TestEmailRegex())
{
ShowError(Resource.ErrorNotCorrectEmail);
return(false);
}
return(true);
}
private string GetConfirmLink(string email, ConfirmType confirmType)
{
var validationKey = EmailValidationKeyProvider.GetEmailKey(email + confirmType.ToString());
return CommonLinkUtility.GetFullAbsolutePath("~/confirm.aspx") +
string.Format("?type={0}&email={1}&key={2}", confirmType.ToString(), HttpUtility.UrlEncode(email), validationKey);
}
private static string GenerateDnsChangeConfirmUrl(string email, string dnsName, string tenantAlias, ConfirmType confirmType)
{
var key = string.Join(string.Empty, new[] { email, confirmType.ToString(), dnsName, tenantAlias });
var validationKey = EmailValidationKeyProvider.GetEmailKey(key);
var sb = new StringBuilder();
sb.Append(CommonLinkUtility.GetFullAbsolutePath("~/confirm.aspx"));
sb.AppendFormat("?email={0}&key={1}&type={2}", HttpUtility.UrlEncode(email), validationKey, confirmType.ToString());
if (!string.IsNullOrEmpty(dnsName))
{
sb.AppendFormat("&dns={0}", dnsName);
}
if (!string.IsNullOrEmpty(tenantAlias))
{
sb.AppendFormat("&alias={0}", tenantAlias);
}
return sb.ToString();
}
private bool CheckValidationKey()
{
var key = Request["key"] ?? "";
var emplType = Request["emplType"] ?? "";
var social = Request["social"] ?? "";
var validInterval = SetupInfo.ValidEmailKeyInterval;
var authInterval = SetupInfo.ValidAuthKeyInterval;
EmailValidationKeyProvider.ValidationResult checkKeyResult;
switch (_type)
{
case ConfirmType.PortalContinue:
checkKeyResult = EmailValidationKeyProvider.ValidateEmailKey(_email + _type, key);
break;
case ConfirmType.PhoneActivation:
case ConfirmType.PhoneAuth:
case ConfirmType.TfaActivation:
case ConfirmType.TfaAuth:
checkKeyResult = EmailValidationKeyProvider.ValidateEmailKey(_email + _type, key, authInterval);
break;
case ConfirmType.Auth:
{
var first = Request["first"] ?? "";
var module = Request["module"] ?? "";
var smsConfirm = Request["sms"] ?? "";
checkKeyResult = EmailValidationKeyProvider.ValidateEmailKey(_email + _type + first + module + smsConfirm, key, authInterval);
if (checkKeyResult == EmailValidationKeyProvider.ValidationResult.Ok)
{
var user = _email.Contains("@")
? CoreContext.UserManager.GetUserByEmail(_email)
: CoreContext.UserManager.GetUsers(new Guid(_email));
if (SecurityContext.IsAuthenticated && SecurityContext.CurrentAccount.ID != user.ID)
{
Auth.ProcessLogout();
}
if (!SecurityContext.IsAuthenticated)
{
if (!CoreContext.UserManager.UserExists(user.ID) || user.Status != EmployeeStatus.Active)
{
ShowError(Auth.MessageKey.ErrorUserNotFound);
return(false);
}
if (StudioSmsNotificationSettings.IsVisibleAndAvailableSettings && StudioSmsNotificationSettings.Enable && smsConfirm.ToLower() != "true")
{
//todo: think about 'first' & 'module'
Response.Redirect(SmsConfirmUrl(user), true);
}
if (TfaAppAuthSettings.IsVisibleSettings && TfaAppAuthSettings.Enable)
{
//todo: think about 'first' & 'module'
Response.Redirect(TfaConfirmUrl(user), true);
}
var messageAction = social == "true" ? MessageAction.LoginSuccessViaSocialAccount : MessageAction.LoginSuccess;
CookiesManager.AuthenticateMeAndSetCookies(user.Tenant, user.ID, messageAction);
}
SetDefaultModule(module);
AuthRedirect(first.ToLower() == "true");
}
}
break;
case ConfirmType.DnsChange:
{
var dnsChangeKey = string.Join(string.Empty, new[] { _email, _type.ToString(), Request["dns"], Request["alias"] });
checkKeyResult = EmailValidationKeyProvider.ValidateEmailKey(dnsChangeKey, key, validInterval);
}
break;
case ConfirmType.PortalOwnerChange:
{
Guid uid;
try
{
uid = new Guid(Request["uid"]);
}
catch
{
uid = Guid.Empty;
}
checkKeyResult = EmailValidationKeyProvider.ValidateEmailKey(_email + _type + uid, key, validInterval);
}
break;
case ConfirmType.EmpInvite:
checkKeyResult = EmailValidationKeyProvider.ValidateEmailKey(_email + _type + emplType, key, validInterval);
break;
case ConfirmType.LinkInvite:
checkKeyResult = EmailValidationKeyProvider.ValidateEmailKey(_type + emplType, key, validInterval);
break;
case ConfirmType.EmailChange:
checkKeyResult = EmailValidationKeyProvider.ValidateEmailKey(_email + _type + SecurityContext.CurrentAccount.ID, key, validInterval);
break;
case ConfirmType.PasswordChange:
var userInfo = CoreContext.UserManager.GetUserByEmail(_email);
var auditEvent = AuditEventsRepository.GetByFilter(action: MessageAction.UserSentPasswordChangeInstructions, entry: EntryType.User, target: MessageTarget.Create(userInfo.ID).ToString(), limit: 1).FirstOrDefault();
var passwordStamp = CoreContext.Authentication.GetUserPasswordStamp(userInfo.ID);
string hash;
if (auditEvent != null)
{
var auditEventDate = TenantUtil.DateTimeToUtc(auditEvent.Date);
hash = (auditEventDate.CompareTo(passwordStamp) > 0 ? auditEventDate : passwordStamp).ToString("s");
}
else
{
hash = passwordStamp.ToString("s");
}
checkKeyResult = EmailValidationKeyProvider.ValidateEmailKey(_email + _type + hash, key, validInterval);
break;
default:
checkKeyResult = EmailValidationKeyProvider.ValidateEmailKey(_email + _type, key, validInterval);
break;
}
if (checkKeyResult == EmailValidationKeyProvider.ValidationResult.Expired)
{
ShowError(Auth.MessageKey.ErrorExpiredActivationLink);
return(false);
}
if (checkKeyResult == EmailValidationKeyProvider.ValidationResult.Invalid)
{
ShowError(_type == ConfirmType.LinkInvite
? Auth.MessageKey.ErrorInvalidActivationLink
: Auth.MessageKey.ErrorConfirmURLError);
return(false);
}
if (!string.IsNullOrEmpty(_email) && !_email.TestEmailRegex())
{
ShowError(Auth.MessageKey.ErrorNotCorrectEmail);
return(false);
}
return(true);
}
public static string GenerateConfirmUrl(string email, ConfirmType confirmType)
{
var validationKey = EmailValidationKeyProvider.GetEmailKey(email + confirmType.ToString());
return CommonLinkUtility.GetFullAbsolutePath(String.Format("~/confirm.aspx?type={2}&email={0}&key={1}", HttpUtility.UrlEncode(email), validationKey, confirmType.ToString()));
}
private bool CheckValidationKey()
{
var key = Request["key"] ?? "";
var emplType = Request["emplType"] ?? "";
var social = Request["social"] ?? "";
var validInterval = SetupInfo.ValidEmailKeyInterval;
var authInterval = SetupInfo.ValidAuthKeyInterval;
EmailValidationKeyProvider.ValidationResult checkKeyResult;
switch (_type)
{
case ConfirmType.PortalContinue:
checkKeyResult = EmailValidationKeyProvider.ValidateEmailKey(_email + _type, key);
break;
case ConfirmType.PhoneActivation:
case ConfirmType.PhoneAuth:
case ConfirmType.TfaActivation:
case ConfirmType.TfaAuth:
checkKeyResult = EmailValidationKeyProvider.ValidateEmailKey(_email + _type, key, authInterval);
break;
case ConfirmType.Auth:
{
var first = Request["first"] ?? "";
var module = Request["module"] ?? "";
var smsConfirm = Request["sms"] ?? "";
checkKeyResult = EmailValidationKeyProvider.ValidateEmailKey(_email + _type + first + module + smsConfirm, key, authInterval);
if (checkKeyResult == EmailValidationKeyProvider.ValidationResult.Ok)
{
var user = _email.Contains("@")
? CoreContext.UserManager.GetUserByEmail(_email)
: CoreContext.UserManager.GetUsers(new Guid(_email));
if (SecurityContext.IsAuthenticated && SecurityContext.CurrentAccount.ID != user.ID)
{
Auth.ProcessLogout();
}
if (!SecurityContext.IsAuthenticated)
{
if (!CoreContext.UserManager.UserExists(user.ID) || user.Status != EmployeeStatus.Active)
{
ShowError(Resource.ErrorUserNotFound);
return(false);
}
if (StudioSmsNotificationSettings.IsVisibleSettings && StudioSmsNotificationSettings.Enable && smsConfirm.ToLower() != "true")
{
//todo: think about 'first' & 'module'
Response.Redirect(SmsConfirmUrl(user), true);
}
if (TfaAppAuthSettings.IsVisibleSettings && TfaAppAuthSettings.Enable)
{
//todo: think about 'first' & 'module'
Response.Redirect(TfaConfirmUrl(user), true);
}
var authCookie = SecurityContext.AuthenticateMe(user.ID);
CookiesManager.SetCookies(CookiesType.AuthKey, authCookie);
var messageAction = social == "true" ? MessageAction.LoginSuccessViaSocialAccount : MessageAction.LoginSuccess;
MessageService.Send(HttpContext.Current.Request, messageAction);
}
SetDefaultModule(module);
AuthRedirect(first.ToLower() == "true");
}
}
break;
case ConfirmType.DnsChange:
{
var dnsChangeKey = string.Join(string.Empty, new[] { _email, _type.ToString(), Request["dns"], Request["alias"] });
checkKeyResult = EmailValidationKeyProvider.ValidateEmailKey(dnsChangeKey, key, validInterval);
}
break;
case ConfirmType.PortalOwnerChange:
{
Guid uid;
try
{
uid = new Guid(Request["uid"]);
}
catch
{
uid = Guid.Empty;
}
checkKeyResult = EmailValidationKeyProvider.ValidateEmailKey(_email + _type + uid, key, validInterval);
}
break;
case ConfirmType.EmpInvite:
checkKeyResult = EmailValidationKeyProvider.ValidateEmailKey(_email + _type + emplType, key, validInterval);
break;
case ConfirmType.LinkInvite:
checkKeyResult = EmailValidationKeyProvider.ValidateEmailKey(_type + emplType, key, validInterval);
break;
case ConfirmType.EmailChange:
checkKeyResult = EmailValidationKeyProvider.ValidateEmailKey(_email + _type + SecurityContext.CurrentAccount.ID, key, validInterval);
break;
case ConfirmType.PasswordChange:
var userHash = !String.IsNullOrEmpty(Request["p"]) && Request["p"] == "1";
var hash = String.Empty;
if (userHash)
{
hash = CoreContext.Authentication.GetUserPasswordHash(CoreContext.UserManager.GetUserByEmail(_email).ID);
}
checkKeyResult = EmailValidationKeyProvider.ValidateEmailKey(_email + _type + (string.IsNullOrEmpty(hash) ? string.Empty : Hasher.Base64Hash(hash)), key, validInterval);
break;
default:
checkKeyResult = EmailValidationKeyProvider.ValidateEmailKey(_email + _type, key, validInterval);
break;
}
if (checkKeyResult == EmailValidationKeyProvider.ValidationResult.Expired)
{
ShowError(Resource.ErrorExpiredActivationLink);
return(false);
}
if (checkKeyResult == EmailValidationKeyProvider.ValidationResult.Invalid)
{
ShowError(_type == ConfirmType.LinkInvite
? Resource.ErrorInvalidActivationLink
: Resource.ErrorConfirmURLError);
return(false);
}
if (!string.IsNullOrEmpty(_email) && !_email.TestEmailRegex())
{
ShowError(Resource.ErrorNotCorrectEmail);
return(false);
}
return(true);
}
