Exemplo n.º 1
0
        public ILoginExtraFactor FindLoginExtraFactor(IEntitySession session, ExtraFactorTypes factorType, string factor)
        {
            var entFactor = session.EntitySet <ILoginExtraFactor>()
                            .FirstOrDefault(ef => ef.FactorType == factorType && ef.FactorValue == factor);

            VerifyExpirationSuspensionDates(entFactor.Login);
            return(entFactor);
        }
Exemplo n.º 2
0
 private string GetMediaType(ExtraFactorTypes factorType)
 {
     switch (factorType) {
     case ExtraFactorTypes.Email: return NotificationMediaTypes.Email;
     case ExtraFactorTypes.Phone: return NotificationMediaTypes.Sms;
     default: return null;
       }
 }
Exemplo n.º 3
0
        private string GetMediaType(ExtraFactorTypes factorType)
        {
            switch (factorType)
            {
            case ExtraFactorTypes.Email: return(NotificationMediaTypes.Email);

            case ExtraFactorTypes.Phone: return(NotificationMediaTypes.Sms);

            default: return(null);
            }
        }
Exemplo n.º 4
0
        public string FindLoginFactor(ILogin login, ExtraFactorTypes factorType)
        {
            var session = EntityHelper.GetSession(login);
            var factor  = session.EntitySet <ILoginExtraFactor>().Where(f => f.Login == login && f.FactorType == factorType).FirstOrDefault();

            if (factor == null)
            {
                return(null);
            }
            return(factor.FactorValue);
        }
Exemplo n.º 5
0
 public LoginExtraFactor AddFactor(ILogin login, ExtraFactorTypes type, string value)
 {
     var session = EntityHelper.GetSession(login);
       if (type == ExtraFactorTypes.GoogleAuthenticator)
     value = GoogleAuthenticator.GoogleAuthenticatorUtil.GenerateSecret();
       var factor = session.NewEntity<ILoginExtraFactor>();
       factor.Login = login;
       factor.FactorType = type;
       factor.Info = session.NewOrUpdate(factor.Info, value, _settings.EncryptionChannelName);
       factor.InfoHash = Util.StableHash(value);
       if (type == ExtraFactorTypes.GoogleAuthenticator)
     factor.SetVerified(App.TimeService.UtcNow);
       return ToModel(factor);
 }
Exemplo n.º 6
0
 protected virtual void SendPin(ILoginProcess process, ExtraFactorTypes factorType, string factor, string pin)
 {
     var session = EntityHelper.GetSession(process);
       string mediaType = GetMediaType(factorType);
       Util.CheckNotEmpty(mediaType, "Cannot send pin, unsupported factor type: {0}.", factorType);
       var notificationType = GetPinNotificationType(process.ProcessType);
       var userId = process.Login.UserId;
       var msg = new NotificationMessage() { Type = notificationType, MediaType = mediaType, Recipients = factor, MainRecipientUserId = userId, Culture = session.Context.UserCulture };
       msg.From = _settings.DefaultEmailFrom;
       msg.Parameters[LoginNotificationKeys.BackHitUrlBase] = _settings.BackHitUrlBase;
       msg.Parameters[LoginNotificationKeys.Pin] = pin;
       msg.Parameters[LoginNotificationKeys.ProcessToken] = process.Token;
       msg.Parameters[LoginNotificationKeys.UserName] = process.Login.UserName;
       _notificationService.Send(session.Context, msg);
 }
Exemplo n.º 7
0
        private bool FactorSetupCompleted(ILogin login, ExtraFactorTypes type)
        {
            switch (type)
            {
            case ExtraFactorTypes.SecretQuestions:
                return(login.SecretQuestionAnswers.Count >= _settings.MinQuestionsCount);

            case ExtraFactorTypes.Email:
            case ExtraFactorTypes.Phone:
                var factor = login.ExtraFactors.FirstOrDefault(f => f.FactorType == type && f.VerifiedOn != null);
                return(factor != null);

            default:
                return(false); //never happens
            }
        }
Exemplo n.º 8
0
        public ILoginExtraFactor FindLoginExtraFactor(OperationContext context, ExtraFactorTypes factorType, string factor)
        {
            //We search by hash first, then decrypt and compare value
            var hash        = Util.StableHash(factor);
            var session     = context.OpenSystemSession();
            var hashMatches = session.EntitySet <ILoginExtraFactor>().Where(ef => ef.FactorType == factorType && ef.FactorValueHash == hash).ToList();

            foreach (var match in hashMatches)
            {
                var recFactor = match.FactorValue;
                if (recFactor == factor)
                {
                    VerifyExpirationSuspensionDates(match.Login);
                    return(match);
                }
            }
            return(null);
        }
Exemplo n.º 9
0
        public LoginExtraFactor AddFactor(ILogin login, ExtraFactorTypes type, string value)
        {
            var session = EntityHelper.GetSession(login);

            if (type == ExtraFactorTypes.GoogleAuthenticator)
            {
                value = GoogleAuthenticator.GoogleAuthenticatorUtil.GenerateSecret();
            }
            var factor = session.NewEntity <ILoginExtraFactor>();

            factor.Login       = login;
            factor.FactorType  = type;
            factor.FactorValue = value;
            if (type == ExtraFactorTypes.GoogleAuthenticator)
            {
                factor.SetVerified(App.TimeService.UtcNow);
            }
            return(ToModel(factor));
        }
Exemplo n.º 10
0
        protected virtual void SendPin(ILoginProcess process, ExtraFactorTypes factorType, string factor, string pin)
        {
            var    session   = EntityHelper.GetSession(process);
            string mediaType = GetMediaType(factorType);

            Util.CheckNotEmpty(mediaType, "Cannot send pin, unsupported factor type: {0}.", factorType);
            var notificationType = GetPinNotificationType(process.ProcessType);
            var userId           = process.Login.UserId;
            var msg = new NotificationMessage()
            {
                Type = notificationType, MediaType = mediaType, Recipients = factor, MainRecipientUserId = userId, Culture = session.Context.UserCulture
            };

            msg.From = _settings.DefaultEmailFrom;
            msg.Parameters[LoginNotificationKeys.BackHitUrlBase] = _settings.BackHitUrlBase;
            msg.Parameters[LoginNotificationKeys.Pin]            = pin;
            msg.Parameters[LoginNotificationKeys.ProcessToken]   = process.Token;
            msg.Parameters[LoginNotificationKeys.UserName]       = process.Login.UserName;
            _notificationService.Send(session.Context, msg);
        }
Exemplo n.º 11
0
 public static bool HasExtraFactor(this ILogin login, ExtraFactorTypes factorType)
 {
     return login.ExtraFactors.Any(f => f.FactorType == factorType);
 }
Exemplo n.º 12
0
 public static bool IsSet(this ExtraFactorTypes factors, ExtraFactorTypes factor)
 {
     return (factors & factor) != 0;
 }
Exemplo n.º 13
0
 public void SendPinForMultiFactor(string token, ExtraFactorTypes factorType)
 {
     var process = GetActiveProcess(token);
       Context.ThrowIf(process.CurrentFactor != null, ClientFaultCodes.InvalidAction, "token", "Factor verification pending, the previous process step is not completed.");
       var pendingFactorTypes = process.PendingFactors;
       Context.ThrowIf(!pendingFactorTypes.IsSet(factorType), ClientFaultCodes.InvalidValue, "factortype", "Factor type is not pending in login process");
       var factor = process.Login.ExtraFactors.FirstOrDefault(f => f.FactorType == factorType);
       Context.ThrowIfNull(factor, ClientFaultCodes.ObjectNotFound, "factor",
     "Login factor (email or phone) not setup in user account; factor type: {0}", factorType);
       _processService.SendPin(process, factor);
 }
Exemplo n.º 14
0
 public ILoginExtraFactor FindLoginExtraFactor(OperationContext context, ExtraFactorTypes factorType, string factor)
 {
     //We search by hash first, then decrypt and compare value
       var hash = Util.StableHash(factor);
       var session = context.OpenSystemSession();
       var hashMatches = session.EntitySet<ILoginExtraFactor>().Where(ef => ef.FactorType == factorType && ef.InfoHash == hash).ToList();
       foreach(var match in hashMatches) {
     var recFactor = match.Info.DecryptString(_settings.EncryptionChannelName);
     if(recFactor == factor) {
       VerifyExpirationSuspensionDates(match.Login);
       return match;
     }
       }
       return null;
 }
Exemplo n.º 15
0
 public static bool IsSet(this ExtraFactorTypes factors, ExtraFactorTypes factor)
 {
     return((factors & factor) != 0);
 }
Exemplo n.º 16
0
 public ILoginExtraFactor FindLoginFactor(ILogin login, ExtraFactorTypes factorType)
 {
     return(login.ExtraFactors.FirstOrDefault(f => f.FactorType == factorType));
 }
Exemplo n.º 17
0
 private bool FactorSetupCompleted(ILogin login, ExtraFactorTypes type)
 {
     switch(type) {
     case ExtraFactorTypes.SecretQuestions:
       return login.SecretQuestionAnswers.Count >= _settings.MinQuestionsCount;
     case ExtraFactorTypes.Email:
     case ExtraFactorTypes.Phone:
       var factor = login.ExtraFactors.FirstOrDefault(f => f.FactorType == type && f.VerifiedOn != null);
       return factor != null;
     default:
       return false; //never happens
       }
 }
Exemplo n.º 18
0
 public string FindLoginFactor(ILogin login, ExtraFactorTypes factorType)
 {
     var session = EntityHelper.GetSession(login);
       var factor = session.EntitySet<ILoginExtraFactor>().Where(f => f.Login == login && f.FactorType == factorType).FirstOrDefault();
       if (factor == null)
     return null;
       var strFactor = factor.Info.DecryptString(_settings.EncryptionChannelName);
       return strFactor;
 }
Exemplo n.º 19
0
 public static bool HasExtraFactor(this ILogin login, ExtraFactorTypes factorType)
 {
     return(login.ExtraFactors.Any(f => f.FactorType == factorType));
 }