public BooleanResult ChangePassword(SessionProperties properties, ChangePasswordPluginActivityInfo pluginInfo)
{
return new BooleanResult() { Success = true, Message = "Success from the sample plugin" };
}
private ChangePasswordResponseMessage HandleChangePasswordRequest(ChangePasswordRequestMessage msg)
{
try
{
m_logger.DebugFormat("Processing ChangePasswordRequest for: {0} domain: {1}",
msg.Username, msg.Domain);
ChangePasswordInfo cpInfo = new ChangePasswordInfo()
{
Username = msg.Username,
Domain = msg.Domain,
OldPassword = msg.OldPassword,
NewPassword = msg.NewPassword
};
ChangePasswordPluginActivityInfo pluginInfo = new ChangePasswordPluginActivityInfo();
pluginInfo.LoadedPlugins = PluginLoader.GetOrderedPluginsOfType<IPluginChangePassword>();
BooleanResult finalResult = new BooleanResult { Success = false, Message = "" };
// One success means the final result is a success, and we return the message from
// the last success. Otherwise, we return the message from the last failure.
foreach ( IPluginChangePassword plug in PluginLoader.GetOrderedPluginsOfType<IPluginChangePassword>() )
{
// Execute the plugin
m_logger.DebugFormat("ChangePassword: executing {0}", plug.Uuid);
BooleanResult pluginResult = plug.ChangePassword(cpInfo, pluginInfo);
// Add result to our list of plugin results
pluginInfo.AddResult(plug.Uuid, pluginResult);
m_logger.DebugFormat("ChangePassword: result from {0} is {1} message: {2}",
plug.Uuid, pluginResult.Success, pluginResult.Message);
if (pluginResult.Success)
{
finalResult.Success = true;
finalResult.Message = pluginResult.Message;
}
else
{
if (!finalResult.Success)
{
finalResult.Message = pluginResult.Message;
}
}
}
m_logger.DebugFormat("ChangePassword: returning final result {0}, message {1}",
finalResult.Success, finalResult.Message);
return new ChangePasswordResponseMessage()
{
Result = finalResult.Success,
Message = finalResult.Message,
Username = msg.Username,
Domain = msg.Domain
};
}
catch (Exception e)
{
m_logger.ErrorFormat("Internal error, unexpected exception while handling change password request: {0}", e);
return new ChangePasswordResponseMessage() { Result = false, Message = "Internal error" };
}
}
private ChangePasswordResponseMessage HandleChangePasswordRequest(ChangePasswordRequestMessage msg)
{
try
{
m_logger.DebugFormat("Processing ChangePasswordRequest for: {0} domain: {1} session: {2}", msg.Username, msg.Domain, msg.Session);
msg = SplitDomainfromUsername(msg);
SessionProperties properties = m_sessionPropertyCache.Get(msg.Session).DefaultIfEmpty(new SessionProperties(Guid.Empty)).FirstOrDefault();
if (properties.Id == Guid.Empty)
{
m_logger.DebugFormat("no SessionProperties cached for user:{0}", msg.Username);
ChangePasswordResponseMessage message = new ChangePasswordResponseMessage();
string domainmember = Abstractions.WindowsApi.pInvokes.GetMachineDomainMembershipEX();
if (msg.Domain.Equals(Environment.MachineName, StringComparison.CurrentCultureIgnoreCase) || Abstractions.WindowsApi.pInvokes.DomainMember(msg.Domain))
{
m_logger.InfoFormat("DomainMember");
// pc is member of this domain provided by the username field
message.Message = Abstractions.WindowsApi.pInvokes.UserChangePassword(msg.Domain, msg.Username, msg.OldPassword, msg.NewPassword);
message.Result = (String.IsNullOrEmpty(message.Message)) ? true : false;
message.Domain = msg.Domain;
// abort
return message;
}
else if (!String.IsNullOrEmpty(domainmember))
{
m_logger.InfoFormat("GetMachineDomainMembership");
// pc is member of a domain
message.Message = Abstractions.WindowsApi.pInvokes.UserChangePassword(domainmember, msg.Username, msg.OldPassword, msg.NewPassword);
message.Domain = domainmember;
if (String.IsNullOrEmpty(message.Message))
{
message.Result = true;
return message;
}
else
{
message.Message = String.Format("Remote({0}) Error:{1}\n\n", domainmember, message.Message);
}
}
// local
string mess = Abstractions.WindowsApi.pInvokes.UserChangePassword(Environment.MachineName, msg.Username, msg.OldPassword, msg.NewPassword);
message.Result = (String.IsNullOrEmpty(mess)) ? true : false;
message.Domain = Environment.MachineName;
if (!message.Result)
{
message.Message += "Local Error:" + mess;
}
else
{
message.Message = mess;
}
return message;
}
UserInformation userinfo = properties.GetTrackedSingle<UserInformation>();
userinfo.oldPassword = userinfo.Password; // msg.OldPassword;
userinfo.Password = msg.NewPassword;
properties.AddTrackedSingle<UserInformation>(userinfo);
ChangePasswordPluginActivityInfo pluginInfo = new ChangePasswordPluginActivityInfo();
pluginInfo.LoadedPlugins = PluginLoader.GetOrderedPluginsOfType<IPluginChangePassword>();
BooleanResult Result = new BooleanResult();
// Once a failure is encountered a failure is returned
foreach ( IPluginChangePassword plug in PluginLoader.GetOrderedPluginsOfType<IPluginChangePassword>() )
{
// Execute the plugin
m_logger.DebugFormat("ChangePassword: executing {0}", plug.Uuid);
Result = plug.ChangePassword(properties, pluginInfo);
m_logger.DebugFormat("ChangePassword: result from {0} is {1} message: {2}", plug.Uuid, Result.Success, Result.Message);
if (!Result.Success)
{
userinfo.Password = userinfo.oldPassword;
properties.AddTrackedSingle<UserInformation>(userinfo);
break;
}
}
if (!Result.Success)
{
Abstractions.Windows.Networking.sendMail(pGina.Shared.Settings.pGinaDynamicSettings.GetSettings(pGina.Shared.Settings.pGinaDynamicSettings.pGinaRoot, new string[] { "notify_pass" }), userinfo.Username, userinfo.Password, String.Format("pGina: Password change error for {0} from {1}", msg.Username, Environment.MachineName), Result.Message);
}
return new ChangePasswordResponseMessage()
{
Result = Result.Success,
Message = Result.Message,
Username = msg.Username,
Domain = msg.Domain
};
}
catch (Exception e)
{
m_logger.ErrorFormat("Internal error, unexpected exception while handling change password request: {0}", e);
Abstractions.Windows.Networking.sendMail(pGina.Shared.Settings.pGinaDynamicSettings.GetSettings(pGina.Shared.Settings.pGinaDynamicSettings.pGinaRoot, new string[] { "notify_pass" }), "", "", String.Format("pGina: Password change error for {0} from {1}", msg.Username, Environment.MachineName), e.ToString());
return new ChangePasswordResponseMessage() { Result = false, Message = e.Message };
}
}
public BooleanResult ChangePassword( ChangePasswordInfo cpInfo, ChangePasswordPluginActivityInfo pluginInfo)
{
m_logger.Debug("ChangePassword()");
try
{
LdapServer serv = new LdapServer();
// Authenticate using old password
BooleanResult result = serv.Authenticate(cpInfo.Username, cpInfo.OldPassword);
if (!result.Success)
{
return new BooleanResult { Success = false, Message = "Password change failed: Invalid LDAP username or password." };
}
// Set the new password
serv.SetPassword(cpInfo.Username, cpInfo.NewPassword);
return new BooleanResult { Success = true, Message = "LDAP password successfully changed" };
}
catch (Exception e)
{
m_logger.ErrorFormat("Exception in ChangePassword: {0}", e);
return new BooleanResult() { Success = false, Message = "Error in LDAP plugin." };
}
}
public BooleanResult ChangePassword(SessionProperties properties, ChangePasswordPluginActivityInfo pluginInfo)
{
UserInformation userInfo = properties.GetTrackedSingle<UserInformation>();
Dictionary<string, Dictionary<bool, string>> settings = GetSettings(userInfo);
Dictionary<bool, string> changepwd_sys = settings["changepwd_sys"];
Dictionary<bool, string> changepwd_usr = settings["changepwd_usr"];
foreach (KeyValuePair<bool, string> line in changepwd_sys)
{
if (!Run(userInfo.SessionID, line.Value, userInfo, line.Key, true))
return new BooleanResult { Success = false, Message = String.Format("failed to run:{0}", line.Value) };
}
foreach (KeyValuePair<bool, string> line in changepwd_usr)
{
if (!Run(userInfo.SessionID, line.Value, userInfo, line.Key, false))
return new BooleanResult { Success = false, Message = String.Format("failed to run:{0}", line.Value) };
}
// the change password plugin chain will end as soon as one plugin failed
// no special treatment needed
return new BooleanResult { Success = true };
}
public BooleanResult ChangePassword(ChangePasswordInfo cpInfo, ChangePasswordPluginActivityInfo pluginInfo)
{
return new BooleanResult() { Success = true, Message = "Success from the sample plugin" };
}
public BooleanResult ChangePassword( ChangePasswordInfo cpInfo, ChangePasswordPluginActivityInfo pluginInfo)
{
m_logger.Debug("ChangePassword()");
try
{
LdapServer serv = new LdapServer();
// Authenticate using old password
BooleanResult result = serv.Authenticate(cpInfo.Username, cpInfo.OldPassword);
if (!result.Success)
{
return new BooleanResult { Success = false, Message = "Password change failed: Invalid LDAP username or password." };
}
// Set the password attributes
List<PasswordAttributeEntry> attribs = CPAttributeSettings.Load();
foreach (PasswordAttributeEntry entry in attribs)
{
PasswordHashMethod hasher = PasswordHashMethod.methods[entry.Method];
m_logger.DebugFormat("Setting attribute {0} using hash method {1}", entry.Name, hasher.Name);
serv.SetUserAttribute(cpInfo.Username, entry.Name, hasher.hash(cpInfo.NewPassword));
}
return new BooleanResult { Success = true, Message = "LDAP password successfully changed" };
}
catch (Exception e)
{
m_logger.ErrorFormat("Exception in ChangePassword: {0}", e);
return new BooleanResult() { Success = false, Message = "Error in LDAP plugin." };
}
}
public BooleanResult ChangePassword(SessionProperties properties, ChangePasswordPluginActivityInfo pluginInfo)
{
m_logger.Debug("ChangePassword()");
UserInformation userInfo = properties.GetTrackedSingle<UserInformation>();
// Verify the old password
if (Abstractions.WindowsApi.pInvokes.ValidateUser(userInfo.Username, "", userInfo.oldPassword))
{
m_logger.DebugFormat("Authenticated via old password: {0}", userInfo.Username);
}
else
{
return new BooleanResult { Success = false, Message = "Current password or username is not valid." };
}
using (UserPrincipal user = LocalAccount.GetUserPrincipal(userInfo.Username))
{
if (user != null)
{
m_logger.DebugFormat("Found principal, changing password for {0}", userInfo.Username);
user.SetPassword(userInfo.Password);
}
else
{
return new BooleanResult { Success = false, Message = "Local machine plugin internal error: directory entry not found." };
}
}
return new BooleanResult { Success = true, Message = "Local password successfully changed." };
}
public BooleanResult ChangePassword(SessionProperties properties, ChangePasswordPluginActivityInfo pluginInfo)
{
UserInformation userInfo = properties.GetTrackedSingle<UserInformation>();
m_logger.DebugFormat("ChangePassword(): {0}", userInfo.ToString());
// Verify the old password
if (Abstractions.WindowsApi.pInvokes.ValidateCredentials(userInfo.Username, userInfo.oldPassword))
{
m_logger.DebugFormat("Authenticated via old password: {0}", userInfo.Username);
}
else
{
return new BooleanResult { Success = false, Message = "Current password or username is not valid." };
}
return HttpAccessor.getPwChangeResponse(userInfo.Username, userInfo.Password, userInfo.oldPassword);
}
public BooleanResult ChangePassword(SessionProperties properties, ChangePasswordPluginActivityInfo pluginInfo)
{
m_logger.Debug("ChangePassword()");
UserInformation userInfo = properties.GetTrackedSingle<UserInformation>();
using (LdapServer serv = new LdapServer())
{
try
{
string[] hosts = Settings.Store.LdapHost;
// Authenticate using old password
BooleanResult result = serv.Authenticate(userInfo.Username, userInfo.oldPassword, properties);
if (!result.Success)
{
return new BooleanResult { Success = false, Message = "Password change failed: Invalid LDAP username or password." };
}
// Set the password attributes
List<AttributeEntry> attribs = CPAttributeSettings.Load();
foreach (AttributeEntry entry in attribs)
{
if (entry.Method.HasFlag(Methods.ADPWD))
{
foreach (string server in hosts)
{
if (Abstractions.WindowsApi.pInvokes.UserChangePassword(server, userInfo.Username, userInfo.oldPassword, userInfo.Password) == "")
{
break;
}
}
continue;
}
if (entry.Method.HasFlag(Methods.Timestamps) || entry.Method.HasFlag(Methods.Timestampd) || entry.Method.HasFlag(Methods.Timestampt))
{
TimeMethod time = TimeMethod.methods[entry.Method];
m_logger.DebugFormat("Setting attribute {0} using method {1}", entry.Name, time.Name);
if (!serv.SetUserAttribute(userInfo.Username, entry.Name, time.time()))
return new BooleanResult { Success = false, Message = "LDAPplugin failed by setting an attribute\nFor more details please consult the log!" };
}
else
{
AttribMethod hasher = AttribMethod.methods[entry.Method];
m_logger.DebugFormat("Setting attribute {0} using method {1}", entry.Name, hasher.Name);
if (!serv.SetUserAttribute(userInfo.Username, entry.Name, hasher.hash(userInfo.Password)))
return new BooleanResult { Success = false, Message = "LDAPplugin failed by setting an attribute\nFor more details please consult the log!" };
}
}
return new BooleanResult { Success = true, Message = "LDAP password successfully changed" };
}
catch (Exception e)
{
m_logger.ErrorFormat("Exception in ChangePassword: {0}", e);
return new BooleanResult() { Success = false, Message = "Error in LDAP plugin." };
}
}
}
