public bool ChangePass(Guid sid, string user, Guid token, string newPass) { if (!Guid.Empty.Equals(sid)) { if (resetTokens.ContainsKey(token)) { ModuleRuntimeSession sess = Session.Prov.Get(sid); if (sess != null) { IIdentityProvider idProv = IdentityManager.Instance.GetProvider(ctx); UserIdentityBase userId = idProv.Get(resetTokens[token].Token); if (userId != null && userId.UserState != UserState.Dead) { IAuthenticationProvider authProv = AuthenticationManager.Instance.GetProvider(ctx); if (authProv.AddCredential(userId, new UserPasswordCredential(user, newPass))) { resetTokens.Remove(token); sess.SetUserBinding(userId.Uid, sess.Binding); Session.Prov.Update(sess); return(true); } } } } } return(false); }
private void SignUp(HttpContext context, CancellationToken cancel) { string url = this.ActivateUrl; if (!string.IsNullOrEmpty(url)) { IQueryCollection qry = context.Request.Query; string ty = qry[type]; if (knownType.Equals(ty)) { string u = qry[user]; if (!string.IsNullOrEmpty(u)) { string p = qry[pass]; if (!string.IsNullOrEmpty(p)) { if (ValidUserEmail(u)) { IIdentityProvider idProv = IdentityManager.Instance.GetProvider(ctx); if (!idProv.Exists(u)) { IAuthenticationProvider authProv = AuthenticationManager.Instance.GetProvider(ctx); UserIdentityBase user = idProv.CreateUser(u); user.UserState = UserState.Pending; idProv.Update(user); UserPasswordCredential cred = new UserPasswordCredential(u, p); if (authProv.AddCredential(user, cred)) { Guid token = Authenticator.Instance.Reset(u, false); //create a reset token //notice we create a url with the token at the end, this COULD map to the REST api directly - but is expected instead not to //we instead expect this to be a simple page that makes the rest request and "looks pretty" to confirm and perhaps send the user then back to the signin page. if (url.EndsWith("?")) { url = url + token.ToString(); } else { url = url + "?" + token.ToString(); } if (SendEmail(u, url, false)) { RestUtils.Push(context.Response, JsonOpStatus.Ok); return; } else { idProv.Delete(user.Uid); authProv.DeleteCredential(user, cred); RestUtils.Push(context.Response, JsonOpStatus.Failed, "\"Couldn't send email\""); return; } } else { idProv.Delete(user.Uid); authProv.DeleteCredential(user, cred); RestUtils.Push(context.Response, JsonOpStatus.Failed, "\"Couldn't set credential\""); return; } } else { RestUtils.Push(context.Response, JsonOpStatus.Failed, "\"UserExists\""); return; } } else { RestUtils.Push(context.Response, JsonOpStatus.Failed, "\"InvalidEmail\""); return; } } } } } RestUtils.Push(context.Response, JsonOpStatus.Failed); }
static void DoWork(string[] args) { AuthenticationManager.Instance.Bootstrap(); Console.WriteLine("Authent state: " + AuthenticationManager.Instance.State); if (AuthenticationManager.Instance.State != Osrs.Runtime.RunState.Bootstrapped) { return; } AuthenticationManager.Instance.Initialize(); Console.WriteLine("Authent state: " + AuthenticationManager.Instance.State); if (AuthenticationManager.Instance.State != Osrs.Runtime.RunState.Initialized) { return; } AuthenticationManager.Instance.Start(); Console.WriteLine("Authent state: " + AuthenticationManager.Instance.State); if (AuthenticationManager.Instance.State != Osrs.Runtime.RunState.Running) { return; } LocalSystemUser u = new LocalSystemUser(SecurityUtils.AdminIdentity, "Admin", UserState.Active); UserSecurityContext ctx = new UserSecurityContext(u); string myUname = "*****@*****.**"; IIdentityProvider accts = IdentityManager.Instance.GetProvider(ctx); UserIdentityBase user = null; if (!accts.Exists(myUname)) { Console.WriteLine("Creating user account"); user = accts.CreateUser(myUname); } else { Console.WriteLine("Fetching user account"); IEnumerable <UserIdentityBase> users = accts.Get(myUname, UserType.Person); if (users != null) { foreach (UserIdentityBase cur in users) { user = cur; break; } } } if (user == null) { Console.WriteLine("Failed to get/create user"); return; } IAuthenticationProvider provider = AuthenticationManager.Instance.GetProvider(ctx); UserPasswordCredential cred = new UserPasswordCredential(myUname, "Hello World"); IUserIdentity u2 = provider.Authenticate(cred); if (u2 == null) { Console.WriteLine("Didn't authenticate -- adding credential"); if (!provider.AddCredential(user, cred)) { Console.WriteLine("Failed to add credential"); return; } u2 = provider.Authenticate(cred); if (u2 == null) { Console.WriteLine("Didn't authenticate -- giving up"); return; } else { Console.WriteLine("Authenticated second try"); } } else { Console.WriteLine("Authenticated first try"); } Console.WriteLine("Replacing credential with same (should fail)"); if (provider.ReplaceCredential(u2, cred, cred)) { Console.WriteLine("Replace credential succeeded -- a failing result"); return; } else { Console.WriteLine("Replace credential failed -- a successful result"); } UserPasswordCredential cred2 = new UserPasswordCredential(myUname, "Alabaster Barkers 123"); Console.WriteLine("Replacing credential with different (should succeed)"); if (provider.ReplaceCredential(u2, cred, cred2)) { Console.WriteLine("Replace credential succeeded -- a successful result"); } else { Console.WriteLine("Replace credential failed -- a failing result"); return; } u2 = provider.Authenticate(cred); if (u2 == null) { Console.WriteLine("Didn't authenticate with old credential -- successful"); u2 = provider.Authenticate(cred2); if (u2 != null) { Console.WriteLine("Authenticated with new credential -- successful"); return; } } Console.WriteLine("Password change didn't work out"); }