Exemplo n.º 1
0
        public static async Task <User> ConvertToDbUser(UserDto user, OperationMode operationMode,
                                                        ISqlSettingsRepository settingsRepository, int userId = 0)
        {
            var databaseUser = new User
            {
                Department          = user.Department,
                Enabled             = user.Enabled,
                ExpirePassword      = user.ExpirePassword,
                GroupMembership     = user.GroupMembership,
                Guest               = user.Guest,
                Image_ImageId       = user.Image_ImageId,
                Title               = user.Title,
                Login               = user.Login,
                Source              = user.Source,
                InstanceAdminRoleId = user.InstanceAdminRoleId,
                AllowFallback       = user.AllowFallback,
                DisplayName         = user.DisplayName,
                FirstName           = user.FirstName,
                LastName            = user.LastName,
                Email               = user.Email,
                UserSALT            = Guid.NewGuid(),
                Id             = userId,
                CurrentVersion = user.CurrentVersion
            };

            if (operationMode == OperationMode.Create)
            {
                var settings = await settingsRepository.GetUserManagementSettingsAsync();

                string decodedPassword;

                try
                {
                    decodedPassword = SystemEncryptions.Decode(user.Password);
                }
                catch (FormatException)
                {
                    throw new BadRequestException(ErrorMessages.IncorrectBase64FormatPasswordField, ErrorCodes.BadRequest);
                }

                if (string.IsNullOrWhiteSpace(decodedPassword) &&
                    (!user.AllowFallback.HasValue || !user.AllowFallback.Value) &&
                    settings.IsFederatedAuthenticationEnabled)
                {
                    databaseUser.Password = GeneratePassword();
                }
                else
                {
                    ValidatePassword(databaseUser, decodedPassword);
                    databaseUser.Password = HashingUtilities.GenerateSaltedHash(decodedPassword, databaseUser.UserSALT);
                }
            }

            return(databaseUser);
        }
Exemplo n.º 2
0
        public void GenerateSaltedHash_GuidSalt_CorrectResult()
        {
            // Arrange
            string plainText = "text to hash";
            Guid   salt      = new Guid("66666666666666666666666666666666");

            // Act
            string result = HashingUtilities.GenerateSaltedHash(plainText, salt);

            // Assert
            Assert.AreEqual("tkoaNHI1k9elu0cqa27l2QCb9ORRK+qNQzXSEt5Tslo=", result);
        }
Exemplo n.º 3
0
        public void GenerateSaltedHash_StringSalt_CorrectResult()
        {
            // Arrange
            string plainText = "plainText";
            string salt      = "salt";

            // Act
            string result = HashingUtilities.GenerateSaltedHash(plainText, salt);

            // Assert
            Assert.AreEqual("JHlkKopHjdRv7Q3nk2deN+q5TYgdKwff9Qr+zJii+7A=", result);
        }