Exemplo n.º 1
0
        private static void ValidateRecaptcha(ProxyAuthRequestResult par, GuestChallengeModel model, HttpRequestBase request)
        {
            var     recapResponse = request.Form["g-recaptcha-response"];
            JObject args          = null;

            if (!String.IsNullOrEmpty(par.Arguments))
            {
                args = (JObject)JsonConvert.DeserializeObject(par.Arguments);
            }

            var useRecaptcha = false;

            if (args != null && args["UseRecaptcha"] != null && bool.TryParse(args["UseRecaptcha"].Value <string>(), out useRecaptcha) && useRecaptcha)
            {
                if (String.IsNullOrWhiteSpace(recapResponse))
                {
                    model.ShowRecaptcha = GoogleReCaptcha.CanAccess();
                }
                else
                {
                    var gr = new GoogleReCaptcha();
                    if (!gr.IsValid(recapResponse, request.UserHostAddress))
                    {
                        model.ErrorMessages.Add(Constants.i18n("invalidRecaptcha"));
                        model.ShowRecaptcha = GoogleReCaptcha.CanAccess();
                    }
                }
            }
        }
Exemplo n.º 2
0
        internal static GuestChallengeModel GetOrValidate(Guid reqId, Guid instanceId, HttpRequestBase request, ServiceBuilder svcBldr)
        {
            var model = new GuestChallengeModel();

            var client = svcBldr.SecurityV2();
            var sr     = client.GetProxyRequest(new GetProxyRequestArgs {
                DontGetToken = true, Id = reqId, InstanceId = instanceId
            });

            ExceptionsML.Check(sr.Error);
            var par = sr.Result;

            model.SubmitMessage = GetSubmitMessage(par.RequestType);
            //Temporary: Bug 13104  - Update Guest Downloads so they follow the same model as Form Links and Guest viewer links
            if (par.RequestType == ProxyAuthRequestType.DownloadFiles)
            {
                model.ProxyRequest = par;
                return(model);
            }

            ValidateRecaptcha(par, model, request);
            ValidatePasswordFillModelProxyRequest(par, model, request, svcBldr);
            return(model);
        }
Exemplo n.º 3
0
        private static void ValidatePasswordFillModelProxyRequest(ProxyAuthRequestResult par, GuestChallengeModel model, HttpRequestBase request, ServiceBuilder svcBldr)
        {
            var pass = request.Form["password"];
            var svc  = svcBldr.SecurityV2();

            if (par.HasPassword && !String.IsNullOrWhiteSpace(pass)) //Has a password and one has been provided by the user
            {
                var pwSR = svc.GetProxyRequest(new GetProxyRequestArgs {
                    Id = par.Id, InstanceId = par.InstanceId, Password = pass
                });
                if (pwSR.Error != null)
                {
                    model.ErrorMessages.Add(pwSR.Error.Message);
                    model.ShowPassword = true;
                }
                else
                {
                    model.ProxyRequest = pwSR.Result;
                }
            }
            else if (!par.HasPassword && !model.ShowRecaptcha) //Does not have a password and is not showing the recaptcha, get the full ProxyAuthRequest (decrements counts, returns a restricted token).
            {
                var prSR = svc.GetProxyRequest(new GetProxyRequestArgs {
                    Id = par.Id, InstanceId = par.InstanceId, Password = pass
                });
                if (prSR.Error != null)
                {
                    if (prSR.Error.Type == typeof(ProxyAuthRequestExpiredException).ToString())
                    {
                        switch (par.RequestType)
                        {
                        case ProxyAuthRequestType.DownloadFiles:
                            throw new Exception(Constants.i18n("downloadFilesProxyRequestExpired"));

                        case ProxyAuthRequestType.AccessViewer:
                            throw new Exception(Constants.i18n("accessViewerProxyRequestExpired"));

                        case ProxyAuthRequestType.CreateForm:
                            throw new Exception(Constants.i18n("createFormProxyRequestExpired"));

                        default:
                            ExceptionsML.Check(prSR.Error);
                            break;
                        }
                    }
                    ExceptionsML.Check(prSR.Error);
                }
                model.ProxyRequest = prSR.Result;
            }
            else //Has a password and it has not been filled out yet or is showing recaptcha
            {
                model.ProxyRequest = par;
                model.ShowPassword = par.HasPassword;
            }
        }