private string GetConfirmLink(string email, ConfirmType confirmType) { var validationKey = EmailValidationKeyProvider.GetEmailKey(email + confirmType.ToString()); return(CommonLinkUtility.GetFullAbsolutePath("~/confirm.aspx") + string.Format("?type={0}&email={1}&key={2}", confirmType.ToString(), HttpUtility.UrlEncode(email), validationKey)); }
internal static string GenerateConfirmUrl(string email, ConfirmType confirmType) { var validationKey = EmailValidationKeyProvider.GetEmailKey( email + confirmType.ToString().ToLower()); var inviteUrl = CommonLinkUtility.GetFullAbsolutePath(String.Format("~/confirm.aspx?type={2}&email={0}&key={1}", HttpUtility.UrlEncode(email), validationKey, confirmType.ToString().ToLower())); return(inviteUrl); }
private static string GenerateDnsChangeConfirmUrl(string email, string dnsName, string tenantAlias, ConfirmType confirmType) { var key = string.Join(string.Empty, new[] { email, confirmType.ToString(), dnsName, tenantAlias }); var validationKey = EmailValidationKeyProvider.GetEmailKey(key); var sb = new StringBuilder(); sb.Append(CommonLinkUtility.GetFullAbsolutePath("~/confirm.aspx")); sb.AppendFormat("?email={0}&key={1}&type={2}", HttpUtility.UrlEncode(email), validationKey, confirmType.ToString()); if (!string.IsNullOrEmpty(dnsName)) { sb.AppendFormat("&dns={0}", dnsName); } if (!string.IsNullOrEmpty(tenantAlias)) { sb.AppendFormat("&alias={0}", tenantAlias); } return(sb.ToString()); }
private bool CheckValidationKey() { var key = Request["key"] ?? ""; var emplType = Request["emplType"] ?? ""; var validInterval = SetupInfo.ValidEamilKeyInterval; var authInterval = TimeSpan.FromHours(1); EmailValidationKeyProvider.ValidationResult checkKeyResult; switch (_type) { case ConfirmType.PortalContinue: checkKeyResult = EmailValidationKeyProvider.ValidateEmailKey(_email + _type, key); break; case ConfirmType.PhoneActivation: case ConfirmType.PhoneAuth: checkKeyResult = EmailValidationKeyProvider.ValidateEmailKey(_email + _type, key, authInterval); break; case ConfirmType.Auth: { var first = Request["first"] ?? ""; var module = Request["module"]; checkKeyResult = EmailValidationKeyProvider.ValidateEmailKey(_email + _type + first + module, key, authInterval); if (checkKeyResult == EmailValidationKeyProvider.ValidationResult.Ok) { var user = _email.Contains("@") ? CoreContext.UserManager.GetUserByEmail(_email) : CoreContext.UserManager.GetUsers(new Guid(_email)); if (SecurityContext.IsAuthenticated && SecurityContext.CurrentAccount.ID != user.ID) { Auth.ProcessLogout(); } if (!SecurityContext.IsAuthenticated) { if (StudioSmsNotificationSettings.IsVisibleSettings && StudioSmsNotificationSettings.Enable) { Response.Redirect(SmsConfirmUrl(user), true); } var authCookie = SecurityContext.AuthenticateMe(user.ID); CookiesManager.SetCookies(CookiesType.AuthKey, authCookie); MessageService.Send(HttpContext.Current.Request, MessageAction.LoginSuccess, user.DisplayUserName(false)); } AuthRedirect(user, first.ToLower() == "true", module, Request[FilesLinkUtility.FileUri]); } } break; case ConfirmType.DnsChange: { var dnsChangeKey = string.Join(string.Empty, new[] { _email, _type.ToString(), Request["dns"], Request["alias"] }); checkKeyResult = EmailValidationKeyProvider.ValidateEmailKey(dnsChangeKey, key, validInterval); } break; case ConfirmType.PortalOwnerChange: { Guid uid; try { uid = new Guid(Request["uid"]); } catch { uid = Guid.Empty; } checkKeyResult = EmailValidationKeyProvider.ValidateEmailKey(_email + _type + uid, key, validInterval); } break; case ConfirmType.EmpInvite: checkKeyResult = EmailValidationKeyProvider.ValidateEmailKey(_email + _type + emplType, key, validInterval); break; case ConfirmType.LinkInvite: checkKeyResult = EmailValidationKeyProvider.ValidateEmailKey(_type + emplType, key, validInterval); break; case ConfirmType.PasswordChange: var userHash = !String.IsNullOrEmpty(Request["p"]) && Request["p"] == "1"; String hash = String.Empty; if (userHash) { hash = CoreContext.Authentication.GetUserPasswordHash(CoreContext.UserManager.GetUserByEmail(_email).ID); } checkKeyResult = EmailValidationKeyProvider.ValidateEmailKey(_email + _type + (string.IsNullOrEmpty(hash) ? string.Empty : Hasher.Base64Hash(hash)), key, validInterval); break; default: checkKeyResult = EmailValidationKeyProvider.ValidateEmailKey(_email + _type, key, validInterval); break; } if (checkKeyResult == EmailValidationKeyProvider.ValidationResult.Expired) { ShowError(Resource.ErrorExpiredActivationLink); return(false); } if (checkKeyResult == EmailValidationKeyProvider.ValidationResult.Invalid) { ShowError(_type == ConfirmType.LinkInvite ? Resource.ErrorInvalidActivationLink : Resource.ErrorConfirmURLError); return(false); } if (!string.IsNullOrEmpty(_email) && !_email.TestEmailRegex()) { ShowError(Resource.ErrorNotCorrectEmail); return(false); } return(true); }
private string GetConfirmLink(string email, ConfirmType confirmType) { var validationKey = EmailValidationKeyProvider.GetEmailKey(email + confirmType.ToString()); return CommonLinkUtility.GetFullAbsolutePath("~/confirm.aspx") + string.Format("?type={0}&email={1}&key={2}", confirmType.ToString(), HttpUtility.UrlEncode(email), validationKey); }
private static string GenerateDnsChangeConfirmUrl(string email, string dnsName, string tenantAlias, ConfirmType confirmType) { var key = string.Join(string.Empty, new[] { email, confirmType.ToString(), dnsName, tenantAlias }); var validationKey = EmailValidationKeyProvider.GetEmailKey(key); var sb = new StringBuilder(); sb.Append(CommonLinkUtility.GetFullAbsolutePath("~/confirm.aspx")); sb.AppendFormat("?email={0}&key={1}&type={2}", HttpUtility.UrlEncode(email), validationKey, confirmType.ToString()); if (!string.IsNullOrEmpty(dnsName)) { sb.AppendFormat("&dns={0}", dnsName); } if (!string.IsNullOrEmpty(tenantAlias)) { sb.AppendFormat("&alias={0}", tenantAlias); } return sb.ToString(); }
private bool CheckValidationKey() { var key = Request["key"] ?? ""; var emplType = Request["emplType"] ?? ""; var social = Request["social"] ?? ""; var validInterval = SetupInfo.ValidEmailKeyInterval; var authInterval = SetupInfo.ValidAuthKeyInterval; EmailValidationKeyProvider.ValidationResult checkKeyResult; switch (_type) { case ConfirmType.PortalContinue: checkKeyResult = EmailValidationKeyProvider.ValidateEmailKey(_email + _type, key); break; case ConfirmType.PhoneActivation: case ConfirmType.PhoneAuth: case ConfirmType.TfaActivation: case ConfirmType.TfaAuth: checkKeyResult = EmailValidationKeyProvider.ValidateEmailKey(_email + _type, key, authInterval); break; case ConfirmType.Auth: { var first = Request["first"] ?? ""; var module = Request["module"] ?? ""; var smsConfirm = Request["sms"] ?? ""; checkKeyResult = EmailValidationKeyProvider.ValidateEmailKey(_email + _type + first + module + smsConfirm, key, authInterval); if (checkKeyResult == EmailValidationKeyProvider.ValidationResult.Ok) { var user = _email.Contains("@") ? CoreContext.UserManager.GetUserByEmail(_email) : CoreContext.UserManager.GetUsers(new Guid(_email)); if (SecurityContext.IsAuthenticated && SecurityContext.CurrentAccount.ID != user.ID) { Auth.ProcessLogout(); } if (!SecurityContext.IsAuthenticated) { if (!CoreContext.UserManager.UserExists(user.ID) || user.Status != EmployeeStatus.Active) { ShowError(Auth.MessageKey.ErrorUserNotFound); return(false); } if (StudioSmsNotificationSettings.IsVisibleAndAvailableSettings && StudioSmsNotificationSettings.Enable && smsConfirm.ToLower() != "true") { //todo: think about 'first' & 'module' Response.Redirect(SmsConfirmUrl(user), true); } if (TfaAppAuthSettings.IsVisibleSettings && TfaAppAuthSettings.Enable) { //todo: think about 'first' & 'module' Response.Redirect(TfaConfirmUrl(user), true); } var messageAction = social == "true" ? MessageAction.LoginSuccessViaSocialAccount : MessageAction.LoginSuccess; CookiesManager.AuthenticateMeAndSetCookies(user.Tenant, user.ID, messageAction); } SetDefaultModule(module); AuthRedirect(first.ToLower() == "true"); } } break; case ConfirmType.DnsChange: { var dnsChangeKey = string.Join(string.Empty, new[] { _email, _type.ToString(), Request["dns"], Request["alias"] }); checkKeyResult = EmailValidationKeyProvider.ValidateEmailKey(dnsChangeKey, key, validInterval); } break; case ConfirmType.PortalOwnerChange: { Guid uid; try { uid = new Guid(Request["uid"]); } catch { uid = Guid.Empty; } checkKeyResult = EmailValidationKeyProvider.ValidateEmailKey(_email + _type + uid, key, validInterval); } break; case ConfirmType.EmpInvite: checkKeyResult = EmailValidationKeyProvider.ValidateEmailKey(_email + _type + emplType, key, validInterval); break; case ConfirmType.LinkInvite: checkKeyResult = EmailValidationKeyProvider.ValidateEmailKey(_type + emplType, key, validInterval); break; case ConfirmType.EmailChange: checkKeyResult = EmailValidationKeyProvider.ValidateEmailKey(_email + _type + SecurityContext.CurrentAccount.ID, key, validInterval); break; case ConfirmType.PasswordChange: var userInfo = CoreContext.UserManager.GetUserByEmail(_email); var auditEvent = AuditEventsRepository.GetByFilter(action: MessageAction.UserSentPasswordChangeInstructions, entry: EntryType.User, target: MessageTarget.Create(userInfo.ID).ToString(), limit: 1).FirstOrDefault(); var passwordStamp = CoreContext.Authentication.GetUserPasswordStamp(userInfo.ID); string hash; if (auditEvent != null) { var auditEventDate = TenantUtil.DateTimeToUtc(auditEvent.Date); hash = (auditEventDate.CompareTo(passwordStamp) > 0 ? auditEventDate : passwordStamp).ToString("s"); } else { hash = passwordStamp.ToString("s"); } checkKeyResult = EmailValidationKeyProvider.ValidateEmailKey(_email + _type + hash, key, validInterval); break; default: checkKeyResult = EmailValidationKeyProvider.ValidateEmailKey(_email + _type, key, validInterval); break; } if (checkKeyResult == EmailValidationKeyProvider.ValidationResult.Expired) { ShowError(Auth.MessageKey.ErrorExpiredActivationLink); return(false); } if (checkKeyResult == EmailValidationKeyProvider.ValidationResult.Invalid) { ShowError(_type == ConfirmType.LinkInvite ? Auth.MessageKey.ErrorInvalidActivationLink : Auth.MessageKey.ErrorConfirmURLError); return(false); } if (!string.IsNullOrEmpty(_email) && !_email.TestEmailRegex()) { ShowError(Auth.MessageKey.ErrorNotCorrectEmail); return(false); } return(true); }
public static string GenerateConfirmUrl(string email, ConfirmType confirmType) { var validationKey = EmailValidationKeyProvider.GetEmailKey(email + confirmType.ToString()); return CommonLinkUtility.GetFullAbsolutePath(String.Format("~/confirm.aspx?type={2}&email={0}&key={1}", HttpUtility.UrlEncode(email), validationKey, confirmType.ToString())); }
private bool CheckValidationKey() { var key = Request["key"] ?? ""; var emplType = Request["emplType"] ?? ""; var social = Request["social"] ?? ""; var validInterval = SetupInfo.ValidEmailKeyInterval; var authInterval = SetupInfo.ValidAuthKeyInterval; EmailValidationKeyProvider.ValidationResult checkKeyResult; switch (_type) { case ConfirmType.PortalContinue: checkKeyResult = EmailValidationKeyProvider.ValidateEmailKey(_email + _type, key); break; case ConfirmType.PhoneActivation: case ConfirmType.PhoneAuth: case ConfirmType.TfaActivation: case ConfirmType.TfaAuth: checkKeyResult = EmailValidationKeyProvider.ValidateEmailKey(_email + _type, key, authInterval); break; case ConfirmType.Auth: { var first = Request["first"] ?? ""; var module = Request["module"] ?? ""; var smsConfirm = Request["sms"] ?? ""; checkKeyResult = EmailValidationKeyProvider.ValidateEmailKey(_email + _type + first + module + smsConfirm, key, authInterval); if (checkKeyResult == EmailValidationKeyProvider.ValidationResult.Ok) { var user = _email.Contains("@") ? CoreContext.UserManager.GetUserByEmail(_email) : CoreContext.UserManager.GetUsers(new Guid(_email)); if (SecurityContext.IsAuthenticated && SecurityContext.CurrentAccount.ID != user.ID) { Auth.ProcessLogout(); } if (!SecurityContext.IsAuthenticated) { if (!CoreContext.UserManager.UserExists(user.ID) || user.Status != EmployeeStatus.Active) { ShowError(Resource.ErrorUserNotFound); return(false); } if (StudioSmsNotificationSettings.IsVisibleSettings && StudioSmsNotificationSettings.Enable && smsConfirm.ToLower() != "true") { //todo: think about 'first' & 'module' Response.Redirect(SmsConfirmUrl(user), true); } if (TfaAppAuthSettings.IsVisibleSettings && TfaAppAuthSettings.Enable) { //todo: think about 'first' & 'module' Response.Redirect(TfaConfirmUrl(user), true); } var authCookie = SecurityContext.AuthenticateMe(user.ID); CookiesManager.SetCookies(CookiesType.AuthKey, authCookie); var messageAction = social == "true" ? MessageAction.LoginSuccessViaSocialAccount : MessageAction.LoginSuccess; MessageService.Send(HttpContext.Current.Request, messageAction); } SetDefaultModule(module); AuthRedirect(first.ToLower() == "true"); } } break; case ConfirmType.DnsChange: { var dnsChangeKey = string.Join(string.Empty, new[] { _email, _type.ToString(), Request["dns"], Request["alias"] }); checkKeyResult = EmailValidationKeyProvider.ValidateEmailKey(dnsChangeKey, key, validInterval); } break; case ConfirmType.PortalOwnerChange: { Guid uid; try { uid = new Guid(Request["uid"]); } catch { uid = Guid.Empty; } checkKeyResult = EmailValidationKeyProvider.ValidateEmailKey(_email + _type + uid, key, validInterval); } break; case ConfirmType.EmpInvite: checkKeyResult = EmailValidationKeyProvider.ValidateEmailKey(_email + _type + emplType, key, validInterval); break; case ConfirmType.LinkInvite: checkKeyResult = EmailValidationKeyProvider.ValidateEmailKey(_type + emplType, key, validInterval); break; case ConfirmType.EmailChange: checkKeyResult = EmailValidationKeyProvider.ValidateEmailKey(_email + _type + SecurityContext.CurrentAccount.ID, key, validInterval); break; case ConfirmType.PasswordChange: var userHash = !String.IsNullOrEmpty(Request["p"]) && Request["p"] == "1"; var hash = String.Empty; if (userHash) { hash = CoreContext.Authentication.GetUserPasswordHash(CoreContext.UserManager.GetUserByEmail(_email).ID); } checkKeyResult = EmailValidationKeyProvider.ValidateEmailKey(_email + _type + (string.IsNullOrEmpty(hash) ? string.Empty : Hasher.Base64Hash(hash)), key, validInterval); break; default: checkKeyResult = EmailValidationKeyProvider.ValidateEmailKey(_email + _type, key, validInterval); break; } if (checkKeyResult == EmailValidationKeyProvider.ValidationResult.Expired) { ShowError(Resource.ErrorExpiredActivationLink); return(false); } if (checkKeyResult == EmailValidationKeyProvider.ValidationResult.Invalid) { ShowError(_type == ConfirmType.LinkInvite ? Resource.ErrorInvalidActivationLink : Resource.ErrorConfirmURLError); return(false); } if (!string.IsNullOrEmpty(_email) && !_email.TestEmailRegex()) { ShowError(Resource.ErrorNotCorrectEmail); return(false); } return(true); }