예제 #1
0
//JAVA TO C# CONVERTER TODO TASK: Most Java annotations will not have direct .NET equivalent attributes:
//ORIGINAL LINE: @Test public void shouldCreateCorrectAuthenticationInfoFromCustomCacheable()
        public virtual void ShouldCreateCorrectAuthenticationInfoFromCustomCacheable()
        {
            SecureHasher hasher = mock(typeof(SecureHasher));

            when(hasher.Hash(any())).thenReturn(new SimpleHash("some-hash"));

            PluginAuthenticationInfo internalAuthInfo = PluginAuthenticationInfo.CreateCacheable(CustomCacheableAuthenticationInfo.of("thePrincipal", ignoredAuthToken => true), "theRealm", hasher);

            assertThat((IList <string>)internalAuthInfo.Principals.asList(), containsInAnyOrder("thePrincipal"));
        }
예제 #2
0
        private static IMember VerifyResetData(PasswordResetModel model)
        {
            try
            {
                var memberService = ApplicationContext.Current.Services.MemberService;
                var member        = memberService.GetByEmail(model.Email);
                if (member == null)
                {
                    LogHelper.Warn <ResetPasswordController>($"VerifyResetData - Can\'t find member in the MemberService {model.Email}");
                    return(null);
                }

                var expiryDateTimeString = member.GetValue <string>("passwordResetTokenExpiryDate");
                var datetimeParseSuccess = DateTime.TryParse(expiryDateTimeString, out var expiryDateTime);
                if (datetimeParseSuccess == false)
                {
                    LogHelper.Warn <ResetPasswordController>($"VerifyResetData - Could not parse date/time {expiryDateTimeString}");
                    return(null);
                }

                if (expiryDateTime < DateTime.Now)
                {
                    LogHelper.Warn <ResetPasswordController>($"VerifyResetData - Token expired at {expiryDateTime}, it is now {DateTime.Now}");
                    return(null);
                }

                var hashedToken = member.GetValue <string>("passwordResetToken");
                var verifyToken = SecureHasher.Verify(model.Token, hashedToken);

                if (verifyToken == false)
                {
                    LogHelper.Warn <ResetPasswordController>($"VerifyResetData - VerifyToken failed, token value recieved: {model.Token}, hashed token: {hashedToken}");
                }

                return(verifyToken ? member : null);
            }
            catch (Exception ex)
            {
                LogHelper.Error <ResetPasswordController>("Couldn't verify reset data", ex);
            }

            return(null);
        }
예제 #3
0
        public ActionResult ForgotPassword(LoginModel model)
        {
            if (string.IsNullOrWhiteSpace(model.Username))
            {
                return(CurrentUmbracoPage());
            }

            var memberService = Services.MemberService;
            int totalMembers;
            var members = memberService.FindByEmail(model.Username, 0, 100, out totalMembers);

            if (totalMembers > 1)
            {
                var duplicateMembers = new List <DuplicateMember>();
                foreach (var member in members)
                {
                    var totalKarma      = member.GetValue <int>("reputationTotal");
                    var duplicateMember = new DuplicateMember {
                        MemberId = member.Id, TotalKarma = totalKarma
                    };
                    duplicateMembers.Add(duplicateMember);
                }

                // rename username/email for each duplicate member
                // EXCEPT for the one with the highest karma (Skip(1))
                foreach (
                    var duplicateMember in
                    duplicateMembers.OrderByDescending(x => x.TotalKarma).ThenByDescending(x => x.MemberId).Skip(1))
                {
                    var member      = memberService.GetById(duplicateMember.MemberId);
                    var newUserName = member.Username.Replace("@", "@__" + member.Id);
                    member.Username = newUserName;
                    member.Email    = newUserName;
                    memberService.Save(member);
                }
            }

            var m = memberService.GetByEmail(model.Username);

            if (m == null)
            {
                // Don't add an error and reveal that someone with this email address exists on this site
                return(Redirect(CurrentPage.Url + "?success=true"));
            }

            // Automatically approve all members, as we don't have an approval process now
            // This is needed as we added new membership after upgrading so IsApproved is
            // currently empty. First time a member gets saved now (login also saves the member)
            // IsApproved would turn false (default value of bool) so we want to prevent that
            if (m.Properties.Contains(global::Umbraco.Core.Constants.Conventions.Member.IsApproved) && m.IsApproved == false)
            {
                m.IsApproved = true;
                memberService.Save(m, false);
            }

            var resetToken = Guid.NewGuid().ToString().Replace("-", string.Empty);
            var hashCode   = SecureHasher.Hash(resetToken);
            var expiryDate = DateTime.Now.AddDays(1).ToString("yyyy-MM-dd HH:mm:ss");

            m.SetValue("passwordResetToken", hashCode);
            m.SetValue("passwordResetTokenExpiryDate", expiryDate.ToString(CultureInfo.InvariantCulture));
            memberService.Save(m);

            var resetLink = "https://our.umbraco.org/member/reset-password/?token=" + resetToken + "&email=" + m.Email;

            var mail = "<p>Hi " + m.Name + "</p>";

            mail = mail + "<p>Someone requested a password reset for your account on https://our.umbraco.org</p>";
            mail = mail + "<p>If this wasn't you then you can ignore this email, otherwise, please click the following password reset link to continue:</p>";
            mail = mail + "<p>Please go to <a href=\"" + resetLink + "\">" + resetLink + "</a> to reset your password.</p>";
            mail = mail + "<br/><br/><p>All the best<br/> <em>The email robot</em></p>";

            using (var mailMessage = new MailMessage())
            {
                mailMessage.Subject    = "Password reset requested for our.umbraco.org";
                mailMessage.Body       = mail;
                mailMessage.IsBodyHtml = true;
                mailMessage.To.Add(new MailAddress(m.Email));
                mailMessage.From = new MailAddress("*****@*****.**");

                using (var smtpClient = new SmtpClient())
                    smtpClient.Send(mailMessage);
            }

            return(Redirect(CurrentPage.Url + "?success=true"));
        }
예제 #4
0
 public void GenerateHash1()
 {
     var hasher = new SecureHasher();
 }
예제 #5
0
 public static PluginAuthenticationInfo CreateCacheable(AuthenticationInfo authenticationInfo, string realmName, SecureHasher secureHasher)
 {
     if (authenticationInfo is CustomCacheableAuthenticationInfo)
     {
         CustomCacheableAuthenticationInfo info = ( CustomCacheableAuthenticationInfo )authenticationInfo;
         return(new PluginAuthenticationInfo(authenticationInfo.Principal(), realmName, info.CredentialsMatcher()));
     }
     else if (authenticationInfo is CacheableAuthenticationInfo)
     {
         sbyte[]    credentials       = (( CacheableAuthenticationInfo )authenticationInfo).credentials();
         SimpleHash hashedCredentials = secureHasher.Hash(credentials);
         return(PluginAuthenticationInfo.Create(authenticationInfo, hashedCredentials, realmName));
     }
     else
     {
         return(PluginAuthenticationInfo.Create(authenticationInfo, realmName));
     }
 }
예제 #6
0
 public static PluginAuthInfo CreateCacheable(AuthInfo authInfo, string realmName, SecureHasher secureHasher)
 {
     if (authInfo is CacheableAuthInfo)
     {
         sbyte[]    credentials       = (( CacheableAuthInfo )authInfo).credentials();
         SimpleHash hashedCredentials = secureHasher.Hash(credentials);
         return(new PluginAuthInfo(authInfo, hashedCredentials, realmName));
     }
     else
     {
         return(new PluginAuthInfo(authInfo.Principal(), realmName, new HashSet <>(authInfo.Roles())));
     }
 }