protected override string IsValidDynamicHelper(ref string fingerprintText,
ref string message)
{
var fingerprint = new Fingerprint(fingerprintText);
bool shouldRetry;
string host = fingerprint.Host;
string account = fingerprint.Account;
string password = fingerprint.Password;
string database = fingerprint.Resource;
if (LocalhostList.Contains(host))
{
return(nameof(ValidationState.Unknown));
}
string connString =
$"Server={host};Initial Catalog={database};User ID={account};Password={password};" +
"Trusted_Connection=False;Encrypt=True;Connection Timeout=30;";
// Validating ConnectionString with database.
string validation = ValidateConnectionString(ref message, host, connString, out shouldRetry);
if (validation != nameof(ValidationState.Unknown) || !shouldRetry)
{
return(validation);
}
connString =
$"Server={host};User ID={account};Password={password};" +
"Trusted_Connection=False;Encrypt=True;Connection Timeout=30;";
// Validating ConnectionString without database.
return(ValidateConnectionString(ref message, host, connString, out shouldRetry));
}
protected override string IsValidDynamicHelper(ref string fingerprintText,
ref string message)
{
var fingerprint = new Fingerprint(fingerprintText);
if (LocalhostList.Contains(fingerprint.Host))
{
return(nameof(ValidationState.Unknown));
}
var connectionStringBuilder = new StringBuilder();
connectionStringBuilder.Append($"Host={fingerprint.Host};Username={fingerprint.Account};Password={fingerprint.Password};Ssl Mode=Require;");
if (!string.IsNullOrWhiteSpace(fingerprint.Port))
{
connectionStringBuilder.Append($"Port={fingerprint.Port};");
}
if (!string.IsNullOrWhiteSpace(fingerprint.Resource))
{
connectionStringBuilder.Append($"Database={fingerprint.Resource};");
}
try
{
using var postgreSqlconnection = new NpgsqlConnection(connectionStringBuilder.ToString());
postgreSqlconnection.Open();
}
catch (Exception e)
{
if (e is PostgresException postgresException)
{
// Database does not exist, but the creds are valid
if (postgresException.SqlState == "3D000")
{
return(ReturnAuthorizedAccess(ref message, asset: fingerprint.Host));
}
// password authentication failed for user
if (postgresException.SqlState == "28P01")
{
return(ReturnUnauthorizedAccess(ref message, asset: fingerprint.Host));
}
}
return(ReturnUnhandledException(ref message, e, asset: fingerprint.Host));
}
return(ReturnAuthorizedAccess(ref message, asset: fingerprint.Host));
}
protected override string IsValidStaticHelper(ref string matchedPattern,
ref Dictionary <string, string> groups,
ref string failureLevel,
ref string fingerprintText,
ref string message)
{
matchedPattern = matchedPattern.Trim();
if (!groups.TryGetNonEmptyValue("host", out string host) ||
!groups.TryGetNonEmptyValue("database", out string database) ||
!groups.TryGetNonEmptyValue("account", out string account) ||
!groups.TryGetNonEmptyValue("password", out string password))
{
return(nameof(ValidationState.NoMatch));
}
if (LocalhostList.Contains(host))
{
host = "localhost";
}
// Other rules will handle these cases.
if (host.EndsWith("postgres.database.azure.com", StringComparison.OrdinalIgnoreCase) ||
host.EndsWith("mysql.database.azure.com", StringComparison.OrdinalIgnoreCase))
{
return(nameof(ValidationState.NoMatch));
}
if (database.Length > 128 ||
account.Length > 128 ||
password.Length > 128 ||
host.Length > 128)
{
return(nameof(ValidationState.NoMatch));
}
fingerprintText = new Fingerprint()
{
Host = host,
Resource = database,
Account = account,
Password = password,
}.ToString();
return(nameof(ValidationState.Unknown));
}
protected override string IsValidDynamicHelper(ref string fingerprintText,
ref string message)
{
var fingerprint = new Fingerprint(fingerprintText);
string host = fingerprint.Host;
string database = fingerprint.Resource;
string port = fingerprint.Port;
string account = fingerprint.Account;
string password = fingerprint.Password;
if (LocalhostList.Contains(host))
{
return(nameof(ValidationState.Unknown));
}
var connectionStringBuilder = new StringBuilder();
connectionStringBuilder.Append($"Server={host}; Database={database}; Uid={account}; Pwd={password}; SslMode=Preferred;");
if (!string.IsNullOrWhiteSpace(port))
{
connectionStringBuilder.Append($"Port={port}");
}
try
{
using var conn = new MySqlConnection(connectionStringBuilder.ToString());
conn.Open();
}
catch (Exception e)
{
if (e is MySqlException mysqlException)
{
if (mysqlException.ErrorCode == MySqlErrorCode.AccessDenied)
{
return(ReturnUnauthorizedAccess(ref message, asset: host));
}
}
return(ReturnUnhandledException(ref message, e, asset: host));
}
return(ReturnAuthorizedAccess(ref message, asset: host));
}
protected override string IsValidStaticHelper(ref string matchedPattern,
ref Dictionary <string, string> groups,
ref string failureLevel,
ref string fingerprintText,
ref string message)
{
string host = ParseExpression(RegexEngine, matchedPattern, HostRegex);
string account = ParseExpression(RegexEngine, matchedPattern, AccountRegex);
string password = ParseExpression(RegexEngine, matchedPattern, PasswordRegex);
string database = ParseExpression(RegexEngine, matchedPattern, DatabaseRegex);
string port = ParseExpression(RegexEngine, matchedPattern, PortRegex);
if (string.IsNullOrWhiteSpace(host) ||
string.IsNullOrWhiteSpace(database) ||
string.IsNullOrWhiteSpace(account) ||
string.IsNullOrWhiteSpace(password))
{
return(nameof(ValidationState.NoMatch));
}
if (LocalhostList.Contains(host))
{
host = "localhost";
}
// Other rules will handle these cases.
if (host.EndsWith("database.windows.net", StringComparison.OrdinalIgnoreCase) ||
host.EndsWith("postgres.database.azure.com", StringComparison.OrdinalIgnoreCase))
{
return(nameof(ValidationState.NoMatch));
}
fingerprintText = new Fingerprint()
{
Host = host.Replace("\"", string.Empty).Replace(",", ";"),
Resource = database,
Port = port,
Account = account,
Password = password,
}.ToString();
return(nameof(ValidationState.Unknown));
}
