private async Task ChallengeWithRequestForRecaptcha(IOwinContext context, IOpenIdConnectRequest openIdConnectRequest, int numberOfFailedLogins) { var loginStatistics = context.Get <ILoginStatistics>(); await loginStatistics.IncrementFailedLoginsForUserAndIpAddress(openIdConnectRequest.GetUsername(), openIdConnectRequest.GetRemoteIpAddress()); await loginStatistics.IncrementChallengedLoginsForUserAndIpAddress(openIdConnectRequest.GetUsername(), openIdConnectRequest.GetRemoteIpAddress(), numberOfFailedLogins, _options.NumberOfAllowedLoginFailuresPerIpAddress); var httpChallenge = context.Get <IHttpRecaptchaChallenge>(); await httpChallenge.ReturnResponse(context, _options, openIdConnectRequest); }
public override async Task <PipelineState> DoInvoke(IOwinContext context, IOpenIdConnectRequest openIdConnectRequest, ILoginStatistics loginStatistics) { var numberOfFailedLogins = await loginStatistics.GetNumberOfFailedLoginsForIpAddress(openIdConnectRequest.GetRemoteIpAddress()); if (numberOfFailedLogins < _options.NumberOfAllowedLoginFailuresPerIpAddress) { await loginStatistics.IncrementUnchallengedLoginsForUserAndIpAddress(openIdConnectRequest.GetUsername(), openIdConnectRequest.GetRemoteIpAddress(), numberOfFailedLogins, _options.NumberOfAllowedLoginFailuresPerIpAddress); return(PipelineState.Continue); } return(PipelineState.Challenge); }
public static RecaptchaUserContext ToRecaptchaUserContext(this IOpenIdConnectRequest request) { if (request == null) { return(new RecaptchaUserContext()); } var device = request.GetDevice(); return(new RecaptchaUserContext { Username = request.GetUsername(), UserAgent = request.GetUserAgent(), Device = new RecaptchaUserDevice { Id = device?.DeviceId, Name = device?.DeviceName, Token = device?.DeviceToken, Type = device?.DeviceType }, IpAddress = request.GetRemoteIpAddress().ToString(), Tenant = request.GetTenant() }); }
private async Task Challenge(IOwinContext context, IOpenIdConnectRequest openIdConnectRequest, ILoginStatistics loginStatistics) { var numberOfFailedLogins = await loginStatistics.GetNumberOfFailedLoginsForIpAddress(openIdConnectRequest.GetRemoteIpAddress()); await ChallengeWithRequestForRecaptcha(context, openIdConnectRequest, numberOfFailedLogins); }
private static async Task SetLoginStatusForUser(IOwinContext context, IOpenIdConnectRequest openIdConnectRequest) { var loginStatistics = context.Get <ILoginStatistics>(); if (loginStatistics == null) { return; } if (IsSuccessStatusCode(context.Response.StatusCode)) { await loginStatistics.IncrementSuccessfulLoginsForUsernameAndIpAddress(openIdConnectRequest.GetUsername(), openIdConnectRequest.GetRemoteIpAddress()); } else { await loginStatistics.IncrementFailedLoginsForUserAndIpAddress(openIdConnectRequest.GetUsername(), openIdConnectRequest.GetRemoteIpAddress()); } }
private static async Task SetLoginStatusForExcludedUser(IOwinContext context, IOpenIdConnectRequest openIdConnectRequest) { var loginStatistics = context.Get <ILoginStatistics>(); if (loginStatistics == null) { return; } await loginStatistics.IncrementAttemptedLoginsForExcludedUsernameAndIpAddress(openIdConnectRequest.GetUsername(), openIdConnectRequest.GetRemoteIpAddress()); }
public static bool IsExcluded(this IOpenIdConnectRequestOptions options, IOpenIdConnectRequest openIdConnectRequest) { var username = openIdConnectRequest.GetUsername(); if (!string.IsNullOrEmpty(username) && options.ExcludedUsernameExpression != null && options.ExcludedUsernameExpression.IsMatch(username)) { return(true); } var tenant = openIdConnectRequest.GetTenant(); if (!string.IsNullOrEmpty(tenant) && options.ExcludedTenantExpression != null && options.ExcludedTenantExpression.IsMatch(tenant)) { return(true); } var osVersion = openIdConnectRequest.GetOsVersion(); if (!string.IsNullOrEmpty(osVersion) && options.ExcludedOsVersionExpression != null && options.ExcludedOsVersionExpression.IsMatch(osVersion)) { return(true); } var device = openIdConnectRequest.GetDevice(); if (!string.IsNullOrEmpty(device?.DeviceType) && options.ExcludedDeviceExpression != null && options.ExcludedDeviceExpression.IsMatch(device.DeviceType)) { return(true); } return(options.ExcludedSubnets.Any(excludedSubnet => excludedSubnet.Contains(openIdConnectRequest.GetRemoteIpAddress()))); }