public void ShouldReturnInsecureWhenFirstProviderCannotVerify(PasswordResult second)
{
var first = PasswordResult.Unrecognised;
var result = GetAggregateResults(first, second);
Assert.AreEqual(PasswordResult.CorrectButInsecure, result);
}
public bool CreateUser(CreateUser createUserObject, ModelStateDictionary modelState)
{
if (_sendesContext.User.Find(createUserObject.Username) != null)
{
modelState.AddModelError("Username", "That username is already taken");
}
bool emailIsTaken = (from u in _sendesContext.User where u.Email == createUserObject.Email select u).Any();
if (emailIsTaken)
{
modelState.AddModelError("Email", "That email is already taken");
}
if (modelState.ErrorCount != 0)
{
return(false);
}
PasswordResult passwordResult = PasswordHasher.HashPassword(createUserObject.Password);
User user = new User {
UserName = createUserObject.Username,
Email = createUserObject.Email,
Password = passwordResult.HashedPassword,
Salt = passwordResult.SaltedText,
FirstName = "",
LastName = ""
};
_sendesContext.User.Add(user);
_sendesContext.SaveChanges();
return(true);
}
public void ShouldFailWhenNeitherProviderCanVerify(PasswordResult second)
{
var first = PasswordResult.Unrecognised;
var result = GetAggregateResults(first, second);
Assert.AreEqual(second, result);
}
public virtual Task <PasswordResult> ValidateAsync(string item)
{
if (item == null)
{
throw new ArgumentNullException(nameof(item));
}
List <string> stringList = new List <string>();
if (string.IsNullOrWhiteSpace(item) || item.Length < this.RequiredLength)
{
stringList.Add(string.Format((IFormatProvider)CultureInfo.CurrentCulture, "PasswordTooShort", (object)this.RequiredLength));
}
if (this.RequireNonLetterOrDigit && item.All <char>(new Func <char, bool>(this.IsLetterOrDigit)))
{
stringList.Add("PasswordRequireNonLetterOrDigit");
}
if (this.RequireDigit && item.All <char>((Func <char, bool>)(c => !this.IsDigit(c))))
{
stringList.Add("PasswordRequireDigit");
}
if (this.RequireLowercase && item.All <char>((Func <char, bool>)(c => !this.IsLower(c))))
{
stringList.Add("PasswordRequireLower");
}
if (this.RequireUppercase && item.All <char>((Func <char, bool>)(c => !this.IsUpper(c))))
{
stringList.Add("PasswordRequireUpper");
}
if (stringList.Count == 0)
{
return(Task.FromResult <PasswordResult>(PasswordResult.Success));
}
return(Task.FromResult <PasswordResult>(PasswordResult.Failed(string.Join(" ", (IEnumerable <string>)stringList))));
}
public async Task AddAsync(User entity)
{
PasswordResult passwordResult = PasswordHash.Encrypt(entity.userPassword);
entity.Password = passwordResult.Signature;
entity.Salt = passwordResult.Salt;
await Uow.RegisterNewAsync(entity);
await Uow.CommitAsync();
}
private PasswordResult GetAggregateResults(PasswordResult first, PasswordResult second)
{
Mock<IPasswordProvider> firstProvider = new Mock<IPasswordProvider>();
firstProvider.Setup(x => x.Verify(It.IsAny<string>(), It.IsAny<string>())).Returns(first);
Mock<IPasswordProvider> secondProvider = new Mock<IPasswordProvider>();
secondProvider.Setup(x => x.Verify(It.IsAny<string>(), It.IsAny<string>())).Returns(second);
var aggregate = new AggregatePasswordProvider(new IPasswordProvider[] {
firstProvider.Object, secondProvider.Object
});
return aggregate.Verify(null, null);
}
public void TestPasswordUsedBeforeFails()
{
// Arrange
IPasswordChecker passwordChecker = this.GetPasswordRuleValidator();
String username = "******";
String password = "******";
// Act
PasswordResult result = passwordChecker.ValidatePassword(username, password);
// Assert
Assert.False(result.ValidPassword);
}
public void TestPasswordWithoutLettersFails()
{
// Arrange
IPasswordChecker passwordChecker = this.GetPasswordRuleValidator();
String username = "******";
String password = "******";
// Act
PasswordResult result = passwordChecker.ValidatePassword(username, password);
// Assert
Assert.False(result.ValidPassword);
}
public void TestTooShortPasswordFails()
{
// Arrange
IPasswordChecker passwordChecker = this.GetPasswordRuleValidator();
String username = "******";
String password = "******";
// Act
PasswordResult result = passwordChecker.ValidatePassword(username, password);
// Assert
Assert.False(result.ValidPassword);
}
private PasswordResult GetAggregateResults(PasswordResult first, PasswordResult second)
{
Mock <IPasswordProvider> firstProvider = new Mock <IPasswordProvider>();
firstProvider.Setup(x => x.Verify(It.IsAny <string>(), It.IsAny <string>())).Returns(first);
Mock <IPasswordProvider> secondProvider = new Mock <IPasswordProvider>();
secondProvider.Setup(x => x.Verify(It.IsAny <string>(), It.IsAny <string>())).Returns(second);
var aggregate = new AggregatePasswordProvider(new IPasswordProvider[] {
firstProvider.Object, secondProvider.Object
});
return(aggregate.Verify(null, null));
}
public async Task UpdateAsync(AppUser entity)
{
var user = await Uow.Repository <AppUser>().FindByAsync(t => t.AppUserId == entity.AppUserId);
if (user != null)
{
PasswordResult result = PasswordHash.Encrypt(entity.userPassword);
entity.Password = result.Signature;
entity.Salt = result.Salt;
await Uow.RegisterDirtyAsync(entity);
await Uow.CommitAsync();
}
}
public void TestPasswordContainingUsernameIsInvalid()
{
// Arrange
String username = "******";
String password = "******";
SimplePasswordChecker passwordChecker = new SimplePasswordChecker();
// Act
PasswordResult results = passwordChecker.ValidatePassword(username, password);
// Assert
Assert.Equal(false, results.ValidPassword);
Assert.NotEmpty(results.Messages);
Assert.Contains <String>("Your username of mmouse may not be used as part of the password", results.Messages);
}
public void TestPasswordWithNoNumbersIsInvalid()
{
// Arrange
String username = "******";
String password = "******";
SimplePasswordChecker passwordChecker = new SimplePasswordChecker();
// Act
PasswordResult results = passwordChecker.ValidatePassword(username, password);
// Assert
Assert.Equal(false, results.ValidPassword);
Assert.NotEmpty(results.Messages);
Assert.Contains <String>("The password must contain at least one number", results.Messages);
}
public void TestPasswordShorterThanEightCharacters()
{
// Arrange
String username = "******";
String password = "******";
SimplePasswordChecker passwordChecker = new SimplePasswordChecker();
// Act
PasswordResult results = passwordChecker.ValidatePassword(username, password);
// Assert
Assert.Equal(false, results.ValidPassword);
Assert.NotEmpty(results.Messages);
Assert.Contains <String>("The password must be 8 characters in length or greater", results.Messages);
}
public void TestEmptyStringPasswordIsInvalid()
{
// Arrange
String username = "******";
String password = String.Empty;
SimplePasswordChecker passwordChecker = new SimplePasswordChecker();
// Act
PasswordResult results = passwordChecker.ValidatePassword(username, password);
// Assert
Assert.Equal(false, results.ValidPassword);
Assert.NotEmpty(results.Messages);
Assert.Contains <String>("A password value must be provided", results.Messages);
}
public void TestPreviouslyUsedPasswordIsInvalid()
{
// Arrange
String username = "******";
String password = "******";
SimplePasswordChecker passwordChecker = new SimplePasswordChecker();
// Act
PasswordResult results = passwordChecker.ValidatePassword(username, password);
// Assert
Assert.Equal(false, results.ValidPassword);
Assert.NotEmpty(results.Messages);
Assert.Contains <String>("You have entered a password that you have used before. Please enter a new password", results.Messages);
}
public async Task UpdateAsync(Authentication entity)
{
User user;
user = await Uow.Repository <User>().FindByKeyAsync(entity.UserId);
//user.FirstName = "Rutva";
PasswordResult passwordResult = PasswordHash.Encrypt(entity.userPassword);
user.Password = passwordResult.Signature;
user.Salt = passwordResult.Salt;
await Uow.RegisterDirtyAsync(user);
await Uow.CommitAsync();
}
public async Task AddAsync(ChangePassword entity)
{
User user = Uow.Repository <User>().SingleOrDefault(t => t.UserId == entity.UserId);
bool password = PasswordHash.VerifySignature(entity.OldPassword.ToString(), user.Password, user.Salt);
if (password)
{
PasswordResult passwordResult = PasswordHash.Encrypt(entity.NewPassword);
user.Password = passwordResult.Signature;
user.Salt = passwordResult.Salt;
await this.UpdateAsync(user);
}
//await Uow.RegisterNewAsync(entity);
//await Uow.CommitAsync();
}
public async Task AddAsync(LInkedInUserAuth entity)
{
PasswordResult passwordResult = PasswordHash.Encrypt(entity.Password);
LinkedInUser linkedInUser = new LinkedInUser();
linkedInUser.Password = passwordResult.Signature;
linkedInUser.Salt = passwordResult.Salt;
linkedInUser.LIFirstName = entity.LIFirstName;
linkedInUser.LILastName = entity.LILastName;
linkedInUser.LIRegistrationDate = entity.LIRegistrationDate;
linkedInUser.IsActive = entity.IsActive;
linkedInUser.LIMobileNumber = entity.LIMobileNumber;
linkedInUser.LIEmailId = entity.LIEmailId;
await Uow.RegisterNewAsync(linkedInUser);
await Uow.CommitAsync();
}
public async Task <PasswordResult> ValidateAsync(string password, CancellationToken ct)
{
if (string.IsNullOrWhiteSpace(password))
{
return(PasswordResult.Fail(ElwarkExceptionCodes.PasswordEmpty));
}
if (password.Length < _options.RequiredLength)
{
return(PasswordResult.Fail(ElwarkExceptionCodes.PasswordTooShort));
}
if (_options.RequireNonAlphanumeric && password.All(IsLetterOrDigit))
{
return(PasswordResult.Fail(ElwarkExceptionCodes.PasswordRequiresNonAlphanumeric));
}
if (_options.RequireDigit && !password.Any(IsDigit))
{
return(PasswordResult.Fail(ElwarkExceptionCodes.PasswordRequiresDigit));
}
if (_options.RequireLowercase && !password.Any(IsLower))
{
return(PasswordResult.Fail(ElwarkExceptionCodes.PasswordRequiresLower));
}
if (_options.RequireUppercase && !password.Any(IsUpper))
{
return(PasswordResult.Fail(ElwarkExceptionCodes.PasswordRequiresUpper));
}
if (_options.RequiredUniqueChars > 1 && password.Distinct().Count() <= _options.RequiredUniqueChars)
{
return(PasswordResult.Fail(ElwarkExceptionCodes.PasswordRequiresUniqueChars));
}
if (await _forbidden.IsPasswordForbidden(password, ct))
{
return(PasswordResult.Fail(ElwarkExceptionCodes.PasswordForbidden));
}
return(PasswordResult.Success());
}
public async Task <object> GetAsync(ChangePassword parameters)
{
User user = Uow.Repository <User>().SingleOrDefault(t => t.UserId == parameters.UserId);
bool password = PasswordHash.VerifySignature(parameters.OldPassword.ToString(), user.Password, user.Salt);
if (password)
{
PasswordResult passwordResult = PasswordHash.Encrypt(parameters.NewPassword);
user.Password = passwordResult.Signature;
user.Salt = passwordResult.Salt;
await this.UpdateAsync(user);
return(true);
}
else
{
return(false);
}
}
public async Task AddAsync(FacebookUserModel entity)
{
FacebookUser facebookUser = new FacebookUser();
PasswordResult passwordResult = PasswordHash.Encrypt(entity.Password);
facebookUser.FirstName = entity.FirstName;
facebookUser.LastName = entity.LastName;
facebookUser.Email = entity.Email;
facebookUser.MobileNo = entity.MobileNo;
facebookUser.GenderAO = entity.GenderAO;
facebookUser.LoginStatus = entity.LoginStatus;
facebookUser.DateOfBirth = entity.DateOfBirth;
facebookUser.CreatedDateTime = entity.CreatedDateTime;
facebookUser.Password = passwordResult.Signature;
facebookUser.Salt = passwordResult.Salt;
await Uow.RegisterNewAsync(facebookUser);
await Uow.CommitAsync();
}
public PasswordResult Analyze(string password, PasswordResult passwordResult = default)
{
// przydzielamy punkty
int point = 0;
foreach (var sign in password)
{
if (point < 20 && char.IsNumber(sign))
{
point += 2;
}
}
// jeżeli nie ma kolejnego successora to wyrzuć ostateczny wynik
if (Successor != null)
{
return(Successor.Analyze(password, passwordResult.AddPoints(point)));
}
// jeżeli jest successor to przekazujemy go dalej
return(passwordResult);
}
public async Task AddAsync(AppUser entity)
{
AppUser appuser = new AppUser();
PasswordResult passwordResult = PasswordHash.Encrypt(entity.userPassword);
appuser.FirstName = entity.FirstName;
appuser.LastName = entity.LastName;
appuser.UserName = entity.UserName;
appuser.MobileNumber = entity.MobileNumber;
appuser.EmailId = entity.EmailId;
appuser.BirthDate = entity.BirthDate;
appuser.Gender = entity.Gender;
appuser.CreatedDateTime = entity.CreatedDateTime;
appuser.UpdatedDateTime = entity.UpdatedDateTime;
appuser.RoleId = entity.RoleId;
appuser.Status = entity.Status;
appuser.Password = passwordResult.Signature;
appuser.Salt = passwordResult.Salt;
await Uow.RegisterNewAsync(appuser);
await Uow.CommitAsync();
}
public PasswordResult Analyze(string password, PasswordResult passwordResult = default)
{
// przydzielamy punkty
int point = 0;
if (point <= 30)
{
point = password.Length;
}
else
{
point = 30;
}
// jeżeli nie ma kolejnego successora to wyrzuć ostateczny wynik
if (Successor != null)
{
return(Successor.Analyze(password, passwordResult.AddPoints(point)));
}
// jeżeli jest successor to przekazujemy go dalej
return(passwordResult);
}
public PasswordException(PasswordResult result) : base()
{
}
public PasswordException(PasswordResult result, string message) : base(message)
{
}
public void ShouldFailWhenNeitherProviderCanVerify(PasswordResult second)
{
var first = PasswordResult.Unrecognised;
var result = GetAggregateResults(first, second);
Assert.AreEqual(second, result);
}
public void ShouldReturnInsecureWhenFirstProviderCannotVerify(PasswordResult second)
{
var first = PasswordResult.Unrecognised;
var result = GetAggregateResults(first, second);
Assert.AreEqual(PasswordResult.CorrectButInsecure, result);
}
public async Task AddAsync(EmployeeCreate entity)
{
PasswordResult passwordResult = PasswordHash.Encrypt(entity.employeePassword);
await DbContextManager.BeginTransactionAsync();
try
{
var spParameters = new SqlParameter[10];
spParameters[0] = new SqlParameter()
{
ParameterName = "FirstName", Value = entity.FirstName
};
spParameters[1] = new SqlParameter()
{
ParameterName = "LastName", Value = entity.LastName
};
spParameters[2] = new SqlParameter()
{
ParameterName = "Email", Value = entity.Email
};
spParameters[3] = new SqlParameter()
{
ParameterName = "MobileNumber", Value = entity.MobileNumber
};
spParameters[4] = new SqlParameter()
{
ParameterName = "Password", Value = passwordResult.Signature
};
spParameters[5] = new SqlParameter()
{
ParameterName = "Salt", Value = passwordResult.Salt
};
spParameters[6] = new SqlParameter()
{
ParameterName = "LoginBlocked", Value = entity.LoginBlocked
};
spParameters[7] = new SqlParameter()
{
ParameterName = "StatusId", Value = entity.StatusId
};
spParameters[8] = new SqlParameter()
{
ParameterName = "Salary", Value = entity.Salary
};
spParameters[9] = new SqlParameter()
{
ParameterName = "JoinDate", Value = entity.JoinDate
};
await DbContextManager.StoreProc <StoreProcResult>("[dbo].spEmployeeCreate", spParameters);
await DbContextManager.CommitAsync();
}
catch (Exception e)
{
Console.WriteLine(e);
DbContextManager.RollbackTransaction();
}
//User user = new User();
//user.StatusId = Status.Active;
//user.FirstName = entity.FirstName;
//user.LastName = entity.LastName;
//user.Email = entity.Email;
//user.MobileNumber = entity.MobileNumber;
//await Uow.RegisterNewAsync<User>(user);
//int UserId = await Uow.CommitAsync();
//Employee employee = new Employee();
//employee.UserId = UserId;
//employee.Salary = entity.Salary;
//employee.JoinDate = entity.JoinDate;
//await Uow.RegisterNewAsync<Employee>(employee);
//await Uow.CommitAsync();
}
public PasswordException(PasswordResult result, string message, Exception innerException) : base(message, innerException)
{
}
