Exemplo n.º 1
0
        /// <summary>
        /// Handles the click event of the btnGenerate control
        /// </summary>
        /// <param name="sender"></param>
        /// <param name="e"></param>
        protected void btnGenerate_Click(object sender, EventArgs e)
        {
            if (!Page.IsValid)
            {
                return;
            }

            pnlPhoneNumber.Visible = false;

            var smsAuthentication = new SMSAuthentication();
            var success           = smsAuthentication.SendSMSAuthentication(GetPhoneNumber());

            if (success)
            {
                pnlCode.Visible = true;
            }
            else
            {
                lbResolve.Text     = GetAttributeValue("ResolveMessage");
                pnlResolve.Visible = true;
                if (!string.IsNullOrWhiteSpace(GetAttributeValue("ResolveNumberPage")))
                {
                    btnResolve.Visible = true;
                }
            }
        }
Exemplo n.º 2
0
        /// <summary>
        /// Handles the Click event for the btnLogin control
        /// </summary>
        /// <param name="sender"></param>
        /// <param name="e"></param>
        protected void btnLogin_Click(object sender, EventArgs e)
        {
            nbError.Visible = false;
            if (Page.IsValid)
            {
                RockContext rockContext       = new RockContext();
                var         smsAuthentication = new SMSAuthentication();
                string      error;
                var         person = smsAuthentication.GetNumberOwner(GetPhoneNumber(), rockContext, out error);
                if (person == null)
                {
                    nbError.Text    = error;
                    nbError.Visible = true;
                    return;
                }

                var userLoginService = new UserLoginService(rockContext);
                var userLogin        = userLoginService.GetByUserName("SMS_" + person.Id.ToString());
                if (userLogin != null && userLogin.EntityType != null)
                {
                    if (smsAuthentication.Authenticate(userLogin, tbCode.Text))
                    {
                        CheckUser(userLogin, Request.QueryString["returnurl"], true);
                        return;
                    }
                }
            }
            nbError.Text    = "Sorry, the code you entered did not match the code we generated.";
            nbError.Visible = true;
        }
Exemplo n.º 3
0
        public static LoggedUser Authenticate2FA(string token, string id)
        {
            SMSAuthentication auth = new SMSAuthentication()
            {
                id    = id,
                token = token
            };

            return(Authenticate2FA(auth));
        }
Exemplo n.º 4
0
        private System.Threading.Tasks.Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
        {
            if (!string.IsNullOrEmpty(context.UserName) && !string.IsNullOrEmpty(context.Password))
            {
                var rockContext      = new RockContext();
                var userLoginService = new UserLoginService(rockContext);
                //Older Avalanche Clients use __PHONENUMBER__+1 prefix vs the newer SMS_ prefix
                //This makes sure we are using the new ROCK external sms authentication
                var userName = context.UserName.Replace("__PHONENUMBER__+1", "SMS_");

                //SMS login does not use the phone number as the username.
                //Instead we need to change it to use the person's id.
                if (userName.StartsWith("SMS_"))
                {
                    string error;
                    var    smsAuthentication = new SMSAuthentication();
                    var    person            = smsAuthentication.GetNumberOwner(userName.Split('_').Last(), rockContext, out error);
                    if (person != null)
                    {
                        userName = string.Format("SMS_{0}", person.Id);
                    }
                    //If we cannot find a person, do nothing and just pass through the existing username
                }
                var userLogin = userLoginService.GetByUserName(userName);
                if (userLogin != null && userLogin.EntityType != null)
                {
                    var component = AuthenticationContainer.GetComponent(userLogin.EntityType.Name);
                    if (component != null && component.IsActive &&
                        (!component.RequiresRemoteAuthentication || component.TypeName == "Rock.Security.ExternalAuthentication.SMSAuthentication"))
                    {
                        if (component.Authenticate(userLogin, context.Password))
                        {
                            if ((userLogin.IsConfirmed ?? true) && !(userLogin.IsLockedOut ?? false))
                            {
                                OAuthContext         oAuthContext         = new OAuthContext();
                                ClientScopeService   clientScopeService   = new ClientScopeService(oAuthContext);
                                AuthorizationService authorizationService = new AuthorizationService(oAuthContext);
                                ClientService        clientService        = new ClientService(oAuthContext);

                                var scopes = (context.Scope.FirstOrDefault() ?? "").Split(',');

                                bool     scopesApproved   = false;
                                Client   OAuthClient      = clientService.GetByApiKey(context.ClientId.AsGuid());
                                string[] authorizedScopes = authorizationService.Queryable().Where(a => a.Client.Id == OAuthClient.Id && a.UserLogin.UserName == userName && a.Active == true).Select(a => a.Scope.Identifier).ToArray <string>();
                                if (!clientScopeService.Queryable().Where(cs => cs.ClientId == OAuthClient.Id && cs.Active == true).Any() ||
                                    (authorizedScopes != null && scopes.Where(s => !authorizedScopes.Select(a => a.ToLower()).Contains(s.ToLower())).Count() == 0))
                                {
                                    scopesApproved = true;
                                }

                                if (scopesApproved)
                                {
                                    var identity = new ClaimsIdentity(new GenericIdentity(userName, OAuthDefaults.AuthenticationType));

                                    //only allow claims that have been requested and the client has been authorized for
                                    foreach (var scope in scopes.Where(s => clientScopeService.Queryable().Where(cs => cs.ClientId == OAuthClient.Id && cs.Active == true).Select(cs => cs.Scope.Identifier.ToLower()).Contains(s.ToLower())))
                                    {
                                        identity.AddClaim(new Claim("urn:oauth:scope", scope));
                                    }
                                    UserLoginService.UpdateLastLogin(userName);
                                    context.Validated(identity);
                                    return(System.Threading.Tasks.Task.FromResult(0));
                                }
                                else
                                {
                                    context.Rejected();
                                    context.SetError("Authentication Error", "All scopes are not authorized for this user.");
                                }
                            }
                            if (!userLogin.IsConfirmed ?? true)
                            {
                                context.Rejected();
                                context.SetError("Authentication Error", "Account email is unconfirmed.");
                            }
                            if (userLogin.IsLockedOut ?? false)
                            {
                                context.Rejected();
                                context.SetError("Authentication Error", "Account is locked.");
                            }
                        }
                        else
                        {
                            context.Rejected();
                            context.SetError("Authentication Error", "Invalid Username/Password.");
                        }
                    }
                    else
                    {
                        context.Rejected();
                        context.SetError("Authentication Error", "Invalid Authentication Configuration.");
                    }
                }
                else
                {
                    context.Rejected();
                    context.SetError("Authentication Error", "Invalid Username/Password.");
                }
            }
            else
            {
                context.Rejected();
                context.SetError("Authentication Error", "Invalid Username/Password.");
            }

            return(System.Threading.Tasks.Task.FromResult(0));
        }
Exemplo n.º 5
0
        public static LoggedUser Authenticate2FA(SMSAuthentication auth)
        {
            var response = new TinderEndpoint.RestMethods(TinderAPI.Authenticate2FA).Post <LoggedUser>(auth);

            return(response);
        }