Exemplo n.º 1
0
 public Startup(IConfiguration configuration)
 {
     Configuration         = configuration;
     JwtConfiguration      = Configuration.GetSection("Bearer").Get <JwtConfiguration>();
     PasswordConfiguration = Configuration.GetSection("Password").Get <PasswordConfiguration>();
     Jobs = Configuration.GetSection("Schedules").Get <Dictionary <string, JobConfiguration> >();
 }
Exemplo n.º 2
0
 public void AgencyPasswordPolicy_IsPasswordPolicyDisabled()
 {
     passwordConfiguration = new PasswordConfigurationNew();
     controllerInstance    = new AgencyPasswordPolicy(passwordConfiguration);
     passwordViolations    = controllerInstance.ValidatePotentialPassword(userName, "123");
     Assert.IsFalse(passwordViolations.Count > 0);
 }
Exemplo n.º 3
0
 public void AgencyPasswordPolicy_ValidateNullPassword()
 {
     passwordConfiguration = new PasswordConfigurationNew();
     controllerInstance    = new AgencyPasswordPolicy(passwordConfiguration);
     passwordViolations    = controllerInstance.ValidatePotentialPassword(userName, null);
     Assert.IsTrue(passwordViolations.Count > 0);
     Assert.AreEqual(PasswordCannotBeBlankViolation, passwordViolations[0]);
 }
Exemplo n.º 4
0
 public void AgencyPasswordPolicy_ValidateSameUserNameAndPassword()
 {
     passwordConfiguration = new PasswordConfigurationNew();
     passwordConfiguration.PasswordPolicy = true;
     controllerInstance = new AgencyPasswordPolicy(passwordConfiguration);
     passwordViolations = controllerInstance.ValidatePotentialPassword(userName, "tritech");
     Assert.IsTrue(passwordViolations.Count > 0);
     Assert.AreEqual(PasswordIsUsernameViolation, passwordViolations[0]);
 }
Exemplo n.º 5
0
 public void AgencyPasswordPolicy_IsAlphaDisabled()
 {
     passwordConfiguration = new PasswordConfigurationNew();
     passwordConfiguration.PasswordPolicy = true;
     passwordConfiguration.MaximumLength  = 15;
     controllerInstance = new AgencyPasswordPolicy(passwordConfiguration);
     passwordViolations = controllerInstance.ValidatePotentialPassword(userName, "123@");
     Assert.IsFalse(passwordViolations.Count > 0);
 }
Exemplo n.º 6
0
 public void AgencyPasswordPolicy_ValidatePasswordForDafaultMaxLength()
 {
     passwordConfiguration = new PasswordConfigurationNew();
     passwordConfiguration.PasswordPolicy = true;
     controllerInstance = new AgencyPasswordPolicy(passwordConfiguration);
     passwordViolations = controllerInstance.ValidatePotentialPassword(userName, "anc@123");
     Assert.IsTrue(passwordViolations.Count > 0);
     Assert.AreEqual(string.Format(PasswordTooLong, passwordConfiguration.MaximumLength), passwordViolations[0]);
 }
Exemplo n.º 7
0
        public void ClassLevelSetUp()
        {
            var jurisdiction = new Jurisdiction("ori", "agencyCode");
            var agency       = new AgencyDerived(jurisdiction, "name");
            var rmsSystem    = new RMSSystem(Guid.NewGuid(), "RMS Description");

            _user = rmsSystem.CreateUserAccount(agency, "New User", "1ab");
            _passwordConfiguration = PasswordConfiguration.Empty;
        }
Exemplo n.º 8
0
 public void AgencyPasswordPolicy_ValidatePasswordForAlpha()
 {
     passwordConfiguration = new PasswordConfigurationNew();
     passwordConfiguration.PasswordPolicy = true;
     passwordConfiguration.IsAlpha        = true;
     controllerInstance = new AgencyPasswordPolicy(passwordConfiguration);
     passwordViolations = controllerInstance.ValidatePotentialPassword(userName, "123");
     Assert.IsTrue(passwordViolations.Count > 0);
     Assert.AreEqual(PasswordRequiresAlpha, passwordViolations[0]);
 }
Exemplo n.º 9
0
 public RegisterUserCommandHandler(
     IDataUnitOfWork data,
     IHashingService hashingService,
     ITokenService tokenService,
     PasswordConfiguration configuration)
 {
     _data           = data;
     _hashingService = hashingService;
     _tokenService   = tokenService;
     _configuration  = configuration;
 }
Exemplo n.º 10
0
 public void AgencyPasswordPolicy_ValidatePasswordForNumericAndSymbols()
 {
     passwordConfiguration = new PasswordConfigurationNew();
     passwordConfiguration.PasswordPolicy = true;
     passwordConfiguration.IsNumeric      = true;
     passwordConfiguration.IsSymbol       = true;
     passwordConfiguration.MinimumLength  = 5;
     passwordConfiguration.MaximumLength  = 10;
     controllerInstance = new AgencyPasswordPolicy(passwordConfiguration);
     passwordViolations = controllerInstance.ValidatePotentialPassword(userName, "abc");
     Assert.IsTrue(passwordViolations.Count > 1);
 }
Exemplo n.º 11
0
        /// <summary>
        /// Get Agency Password Configuration Details
        /// </summary>
        /// <param name="agencyId"></param>
        /// <returns></returns>
        public PasswordConfiguration GetAgencyPasswordConfiguration(Guid agencyId)
        {
            var passwordConfiguration = new PasswordConfiguration();
            var agencyConfiguration   = FindAgencyConfiguration(agencyId);

            if (agencyConfiguration != null)
            {
                passwordConfiguration = agencyConfiguration.PasswordConfiguration.As <PasswordConfiguration>();
            }

            return(passwordConfiguration);
        }
Exemplo n.º 12
0
 public PasswordHistoryService(ILogger logger,
                               IMapper mapper,
                               IServiceProvider serviceProvider,
                               IPasswordHistoryDomainService passwordHistoryDomainService,
                               DefaultPasswordHasher <User> passwordHasher,
                               IUserDomainService userDomainService,
                               PasswordConfiguration passwordConfiguration) : base(logger, mapper, serviceProvider)
 {
     _passwordHistoryDomainService = passwordHistoryDomainService;
     _passwordHasher        = passwordHasher;
     _userDomainService     = userDomainService;
     _passwordConfiguration = passwordConfiguration;
 }
Exemplo n.º 13
0
        public void AgencyCommandService_UpdatePasswordConfiguration()
        {
            agencyId = Utils.GetAgencyData();
            var agencyCommandService = GetDependency <IAgencyCommandService>();

            Assert.IsInstanceOfType(agencyCommandService, typeof(IAgencyCommandService));
            agencyCommandService.UpdatePasswordConfiguration(agencyId, MockObjects.NewPasswordConfiguration);
            var agencyQueryService = GetDependency <IAgencyQueryService>();

            Assert.IsInstanceOfType(agencyQueryService, typeof(IAgencyQueryService));
            PasswordConfiguration updatedAgencyPasswordConfiguration = agencyQueryService.GetAgencyPasswordConfiguration(agencyId);

            Assert.IsNotNull(updatedAgencyPasswordConfiguration);
            Assert.IsTrue(Utils.ReflectiveEquals(MockObjects.NewPasswordConfiguration, updatedAgencyPasswordConfiguration));
        }
Exemplo n.º 14
0
        /// <summary>
        /// Update Password Configuration Changes
        /// </summary>
        /// <param name="agencyId"></param>
        /// <param name="passwordConfiguration"></param>
        public void UpdatePasswordConfiguration(Guid agencyId, PasswordConfiguration passwordConfiguration)
        {
            RequiresAgencyAdmin(agencyId);
            var agencyConfigurations =
                UnitOfWork.GetEntityQuery <AgencyConfiguration>()
                .FirstOrDefault(c => c.Agency.Id == agencyId);

            // Check Null
            if (agencyConfigurations == null)
            {
                return;
            }

            passwordConfiguration.MapInto(agencyConfigurations.PasswordConfiguration);
            UnitOfWork.Commit();
        }
Exemplo n.º 15
0
        public void AgencyPasswordPolicy_CheckPasswordDate()
        {
            UserNew userdetails = new UserNew();

            passwordConfiguration = new PasswordConfigurationNew();
            passwordConfiguration.PasswordPolicy = true;
            passwordConfiguration.MaximumLength  = 15;
            controllerInstance = new AgencyPasswordPolicy(passwordConfiguration);
            try
            {
                controllerInstance.IsPasswordExpired(userdetails);
                Assert.Fail();
            }
            catch (Exception exception)
            {
                Assert.IsNotNull(exception);
            }
        }
Exemplo n.º 16
0
        public void AgencyPasswordPolicy_ValidatePasswordForInvalidUser()
        {
            const string password = "******";

            passwordConfiguration = new PasswordConfigurationNew();
            passwordConfiguration.PasswordPolicy = true;
            passwordConfiguration.PasswordReuse  = 2;
            passwordConfiguration.MaximumLength  = 15;
            controllerInstance = new AgencyPasswordPolicy(passwordConfiguration);
            try
            {
                controllerInstance.ValidatePasswordChange(null, password);
                Assert.Fail();
            }
            catch (Exception exception)
            {
                Assert.IsNotNull(exception);
            }
        }
Exemplo n.º 17
0
        public void AgencyPasswordPolicy_ValidatePasswordForInvalidReuseCount()
        {
            DeveloperIdentity.GetDeveloperIdentity();
            const string password    = "******";
            Guid         userId      = Utils.CreateUser(password);
            UserNew      userdetails = new UserNew()
            {
                PasswordHistory = new Collection <PasswordHistory>()
                {
                    new PasswordHistory(new Password(new Guid(), userId, "abc")),
                    new PasswordHistory(new Password(new Guid(), userId, "xyz"))
                }
            };

            passwordConfiguration = new PasswordConfigurationNew();
            passwordConfiguration.PasswordPolicy = true;
            passwordConfiguration.PasswordReuse  = 5;
            passwordConfiguration.MaximumLength  = 15;
            controllerInstance = new AgencyPasswordPolicy(passwordConfiguration);
            passwordViolations = controllerInstance.ValidatePasswordChange(userdetails, password);
            Assert.IsFalse(passwordViolations.Count > 0);
        }
Exemplo n.º 18
0
 public UserService(ILogger logger, IMapper mapper,
                    IServiceProvider serviceProvider,
                    IUserDomainService userDomainService,
                    IAuthorizationStatusValidator authorizationStatusValidator,
                    ITokenProviderService tokenProviderService,
                    AuthApiUrlConfiguration authApiUrlConfiguration,
                    PasswordConfiguration passwordConfiguration,
                    IPasswordHistoryService passwordHistoryService,
                    IEmailService emailService,
                    IEmailTemplateProvider emailTemplateProvider,
                    EmailTemplatesConfiguration emailTemplatesConfiguration)
     : base(logger, mapper, serviceProvider)
 {
     _userDomainService            = userDomainService;
     _authorizationStatusValidator = authorizationStatusValidator;
     _tokenProviderService         = tokenProviderService;
     _authApiUrlConfiguration      = authApiUrlConfiguration;
     _passwordConfiguration        = passwordConfiguration;
     _passwordHistoryService       = passwordHistoryService;
     _emailService                = emailService;
     _emailTemplateProvider       = emailTemplateProvider;
     _emailTemplatesConfiguration = emailTemplatesConfiguration;
 }
Exemplo n.º 19
0
 public void Post(Guid agencyId, PasswordConfiguration passwordConfiguration)
 {
     _agencyCommandService.UpdatePasswordConfiguration(agencyId, passwordConfiguration);
 }
Exemplo n.º 20
0
 public PasswordGenerator(
     IGenericCodeGenerator genericCodeGenerator,
     PasswordConfiguration configuration
     ) : base(genericCodeGenerator, configuration)
 {
 }
Exemplo n.º 21
0
 public new bool CheckEquals(PasswordConfiguration other)
 {
     return(base.CheckEquals(other));
 }
Exemplo n.º 22
0
        // This method gets called by the runtime. Use this method to add services to the container.
        public void ConfigureServices(IServiceCollection services)
        {
            _logger.LogInformation("Registrando classes de Configuração...");

            #region [ Configurations ]
            services.Configure <PasswordConfiguration>(options => _configuration.GetSection(nameof(PasswordConfiguration)).Bind(options));
            services.Configure <TokenConfiguration>(options => _configuration.GetSection(nameof(TokenConfiguration)).Bind(options));
            #endregion

            _logger.LogInformation("Registrando Autenticação e Autorização...");

            #region [ Authentication ]
            services.AddIdentity <User, RoleStore>(options =>
            {
                var passwordConfiguration = new PasswordConfiguration();
                _configuration.GetSection(nameof(PasswordConfiguration)).Bind(passwordConfiguration);

                options.Lockout.AllowedForNewUsers      = passwordConfiguration.UserLockoutEnabled;
                options.Lockout.DefaultLockoutTimeSpan  = TimeSpan.FromMinutes(passwordConfiguration.LockoutTimeSpan);
                options.Lockout.MaxFailedAccessAttempts = passwordConfiguration.LockoutMaxFailedAccess;

                options.SignIn.RequireConfirmedEmail       = passwordConfiguration.RequireConfirmedEmail;
                options.SignIn.RequireConfirmedPhoneNumber = false;

                options.Password.RequireDigit           = passwordConfiguration.RequireDigit;
                options.Password.RequiredLength         = passwordConfiguration.RequiredLength;
                options.Password.RequireNonAlphanumeric = passwordConfiguration.RequireNonAlphanumeric;
                options.Password.RequireUppercase       = passwordConfiguration.RequireUppercase;
                options.Password.RequireLowercase       = passwordConfiguration.RequireLowercase;
            }).AddDefaultTokenProviders().AddErrorDescriber <AuthorizationIdentityErrorDescriber>();


            services.AddAuthentication(authOptions =>
            {
                authOptions.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
                authOptions.DefaultChallengeScheme    = JwtBearerDefaults.AuthenticationScheme;
            }).AddJwtBearer(bearerOptions =>
            {
                var tokenConfiguration = new TokenConfiguration();
                _configuration.GetSection(nameof(TokenConfiguration)).Bind(tokenConfiguration);

                var paramsValidation              = bearerOptions.TokenValidationParameters;
                paramsValidation.ValidateIssuer   = true;
                paramsValidation.ValidateAudience = true;
                // Valida a assinatura de um token recebido
                paramsValidation.ValidateIssuerSigningKey = true;
                // Verifica se um token recebido ainda é válido
                paramsValidation.ValidateLifetime = true;

                paramsValidation.IssuerSigningKey = tokenConfiguration.AccessKey;
                paramsValidation.ValidAudience    = tokenConfiguration.Audience;
                paramsValidation.ValidIssuer      = tokenConfiguration.Issuer;

                // Tempo de tolerância para a expiração de um token (utilizado
                // caso haja problemas de sincronismo de horário entre diferentes
                // computadores envolvidos no processo de comunicação)
                paramsValidation.ClockSkew = TimeSpan.Zero;

                bearerOptions.Events = new JwtBearerEvents
                {
                    OnMessageReceived = context =>
                    {
                        var accessToken = context.Request.Query["token"];

                        // If the request is for our hub...
                        var path = context.HttpContext.Request.Path;
                        if (!string.IsNullOrEmpty(accessToken) &&
                            (path.StartsWithSegments("/hubs/notifications")))
                        {
                            // Read the token out of the query string
                            context.Token = accessToken;
                        }
                        return(Task.CompletedTask);
                    }
                };
            });

            services.AddAuthorization(auth =>
            {
                auth.AddPolicy(JwtBearerDefaults.AuthenticationScheme, new AuthorizationPolicyBuilder()
                               .AddAuthenticationSchemes(JwtBearerDefaults.AuthenticationScheme‌​)
                               .RequireAuthenticatedUser().Build());
            });
            #endregion

            _logger.LogInformation("Registrando CORS ...");

            #region [ Cors ]

            services.AddCors(options =>
            {
                options.AddDefaultPolicy(builder =>
                {
                    //builder.WithOrigins(appConfiguration.Origins).AllowAnyMethod().AllowAnyHeader().AllowCredentials();
                    builder.AllowAnyOrigin().AllowAnyMethod().AllowAnyHeader().AllowCredentials();
                });
            });
            #endregion

            _logger.LogInformation("Registrando Swagger...");

            #region [ SWAGGER ]
            services.AddSwaggerGen(c =>
            {
                c.SwaggerDoc("v1", new OpenApiInfo
                {
                    Title       = "Base Api",
                    Version     = "v1",
                    Description = "Documentação da Base Api."
                });

                c.IncludeXmlComments(GetXmlCommentsPath());

                //c.DescribeAllEnumsAsStrings();



                c.AddSecurityDefinition("Bearer", new OpenApiSecurityScheme
                {
                    Description = "JWT Authorization header using the Bearer scheme. Example: \"Authorization: Bearer {token}\"",
                    Name        = "Authorization",
                    In          = ParameterLocation.Header,
                    Type        = SecuritySchemeType.ApiKey
                });

                c.AddSecurityRequirement(new OpenApiSecurityRequirement
                {
                    {
                        new OpenApiSecurityScheme
                        {
                            Reference = new OpenApiReference
                            {
                                Type = ReferenceType.SecurityScheme,
                                Id   = "Bearer"
                            },
                            Scheme = "oauth2",
                            Name   = "Bearer",
                            In     = ParameterLocation.Header,
                        },
                        new List <string>()
                    }
                });
            });

            #endregion

            services.AddControllers();
        }
Exemplo n.º 23
0
 public void SetPasswordConfiguration(PasswordConfiguration geoConfig)
 {
     this.PasswordConfiguration = geoConfig;
 }
Exemplo n.º 24
0
 public AgencyPasswordPolicy(PasswordConfiguration configuration)
 {
     _configuration = configuration;
 }