public Task <CredentialSetting> Execute(string credentialType)
{
if (string.IsNullOrWhiteSpace(credentialType))
{
throw new ArgumentNullException(nameof(credentialType));
}
return(_credentialSettingsRepository.Get(credentialType));
}
public async Task <bool> Execute(UpdateUserCredentialParameter updateUserCredentialParameter)
{
if (updateUserCredentialParameter == null)
{
throw new ArgumentNullException(nameof(updateUserCredentialParameter));
}
var credential = await _resourceOwnerCredentialRepository.GetUserCredential(updateUserCredentialParameter.UserId, updateUserCredentialParameter.CredentialType).ConfigureAwait(false);
if (credential == null)
{
throw new NotFoundException();
}
var passwordSettings = await _credentialSettingsRepository.Get(updateUserCredentialParameter.CredentialType).ConfigureAwait(false);
credential.Value = updateUserCredentialParameter.NewValue;
credential.ExpirationDateTime = DateTime.UtcNow.AddSeconds(passwordSettings.ExpiresIn);
await _resourceOwnerCredentialRepository.Update(credential).ConfigureAwait(false);
return(true);
}
public async Task <bool> Execute(IEnumerable <AddUserCredentialParameter> addUserCredentialParameterLst)
{
if (addUserCredentialParameterLst == null)
{
throw new ArgumentNullException(nameof(addUserCredentialParameterLst));
}
var credentialSettings = await _credentialSettingsRepository.Get(addUserCredentialParameterLst.Select(a => a.CredentialType)).ConfigureAwait(false);
if (credentialSettings.Count() != addUserCredentialParameterLst.Count())
{
throw new IdentityServerException(Errors.ErrorCodes.InvalidRequestCode, Errors.ErrorDescriptions.SomeCredentialsAreNotValid);
}
var resourceOwnerCredentials = new List <ResourceOwnerCredential>();
var currentDateTime = DateTime.UtcNow;
foreach (var addUserCredentialParameter in addUserCredentialParameterLst)
{
var credentialSetting = credentialSettings.First(c => c.CredentialType == addUserCredentialParameter.CredentialType);
resourceOwnerCredentials.Add(new ResourceOwnerCredential
{
UserId = addUserCredentialParameter.UserId,
ExpirationDateTime = currentDateTime.AddSeconds(credentialSetting.ExpiresIn),
FirstAuthenticationFailureDateTime = null,
IsBlocked = false,
Value = addUserCredentialParameter.Value,
Type = addUserCredentialParameter.CredentialType,
NumberOfAttempts = 0
});
}
await _resourceOwnerCredentialRepository.Add(resourceOwnerCredentials).ConfigureAwait(false);
return(true);
}
public async Task <ResourceOwner> AuthenticateResourceOwnerAsync(string login, string credentialValue)
{
if (string.IsNullOrWhiteSpace(login))
{
throw new ArgumentNullException(nameof(login));
}
if (string.IsNullOrWhiteSpace(credentialValue))
{
throw new ArgumentNullException(nameof(credentialValue));
}
var resourceOwner = await GetResourceOwner(login).ConfigureAwait(false);
if (resourceOwner == null)
{
throw new IdentityServerUserAccountDoesntExistException();
}
if (resourceOwner.IsBlocked)
{
throw new IdentityServerUserAccountBlockedException();
}
var passwordSettigns = await _passwordSettingsRepository.Get(Amr).ConfigureAwait(false);
var currentDateTime = DateTime.UtcNow;
var minCurrentEndDate = currentDateTime.AddSeconds(-passwordSettigns.AuthenticationIntervalsInSeconds);
var credential = resourceOwner.Credentials.First(c => c.Type == Amr);
if (credential.FirstAuthenticationFailureDateTime != null && credential.FirstAuthenticationFailureDateTime.Value.AddSeconds(passwordSettigns.AuthenticationIntervalsInSeconds) >= minCurrentEndDate && credential.NumberOfAttempts >= passwordSettigns.NumberOfAuthenticationAttempts)
{
throw new IdentityServerUserTooManyRetryException
{
RetryInSeconds = passwordSettigns.AuthenticationIntervalsInSeconds
};
}
if (credential.IsBlocked)
{
throw new IdentityServerCredentialBlockedException();
}
if (!await Authenticate(resourceOwner, credentialValue).ConfigureAwait(false))
{
if (passwordSettigns.IsBlockAccountPolicyEnabled)
{
if (credential.FirstAuthenticationFailureDateTime == null || credential.FirstAuthenticationFailureDateTime.Value.AddSeconds(passwordSettigns.AuthenticationIntervalsInSeconds) < minCurrentEndDate)
{
credential.NumberOfAttempts = 1;
credential.FirstAuthenticationFailureDateTime = currentDateTime;
}
else
{
credential.NumberOfAttempts++;
}
await _resourceOwnerCredentialRepository.Update(credential).ConfigureAwait(false);
}
throw new IdentityServerUserPasswordInvalidException();
}
await Validate(resourceOwner).ConfigureAwait(false);
return(resourceOwner);
}
