private LoginResultData UpdateToken(string renewalToken, PersistedToken ptoken, UserInfo userInfo) { var expiry = DateTime.UtcNow.AddMinutes(SessionTokenTtl); if (expiry > ptoken.RenewalExpiry) { // don't extend beyond renewal expiry and make sure it is marked in UTC expiry = new DateTime(ptoken.RenewalExpiry.Ticks, DateTimeKind.Utc); } ptoken.TokenExpiry = expiry; #pragma warning disable 618 // Obsolete var obsoletePortalSettings = PortalController.Instance.GetCurrentPortalSettings(); #pragma warning restore 618 // Obsolete IPortalSettings portalSettings = obsoletePortalSettings; IPortalAliasInfo portalAlias = obsoletePortalSettings.PortalAlias; var secret = ObtainSecret(ptoken.TokenId, portalSettings.GUID, userInfo.Membership.LastPasswordChangeDate); var jwt = CreateJwtToken(secret, portalAlias.HttpAlias, ptoken, userInfo.Roles); var accessToken = jwt.RawData; // save hash values in DB so no one with access can create JWT header from existing data ptoken.TokenHash = GetHashedStr(accessToken); this.DataProvider.UpdateToken(ptoken); return(new LoginResultData { UserId = userInfo.UserID, DisplayName = userInfo.DisplayName, AccessToken = accessToken, RenewalToken = renewalToken, }); }
public PortalAliasInfo(IPortalAliasInfo alias) { this.ThisAsInterface.HttpAlias = alias.HttpAlias; this.ThisAsInterface.PortalAliasId = alias.PortalAliasId; this.ThisAsInterface.PortalId = alias.PortalId; this.IsPrimary = alias.IsPrimary; this.Redirect = alias.Redirect; this.ThisAsInterface.BrowserType = alias.BrowserType; this.CultureCode = alias.CultureCode; this.Skin = alias.Skin; }
/// <inheritdoc /> void IPortalAliasService.DeletePortalAlias(IPortalAliasInfo portalAlias) { // Delete Alias DataProvider.Instance().DeletePortalAlias(portalAlias.PortalAliasId); // Log Event LogEvent(portalAlias, EventLogController.EventLogType.PORTALALIAS_DELETED); // clear portal alias cache ClearCache(false, portalAlias.PortalId); }
public string GetRouteName(string moduleFolderName, string routeName, IPortalAliasInfo portalAlias) { var alias = portalAlias.HttpAlias; string appPath = TestableGlobals.Instance.ApplicationPath; if (!string.IsNullOrEmpty(appPath)) { int i = alias.IndexOf(appPath, StringComparison.OrdinalIgnoreCase); if (i > 0) { alias = alias.Remove(i, appPath.Length); } } return(this.GetRouteName(moduleFolderName, routeName, CalcAliasPrefixCount(alias))); }
/// <inheritdoc/> string IPortalAliasService.GetPortalAliasByPortal(int portalId, string portalAlias) { string retValue = string.Empty; bool foundAlias = false; var portalAliasInfo = this.ThisAsInterface.GetPortalAlias(portalAlias, portalId); if (portalAliasInfo != null) { retValue = portalAliasInfo.HttpAlias; foundAlias = true; } if (!foundAlias) { // searching from longest to shortest alias ensures that the most specific portal is matched first // In some cases this method has been called with "portalaliases" that were not exactly the real portal alias // the startswith behaviour is preserved here to support those non-specific uses var controller = new PortalAliasController(); var portalAliases = controller.GetPortalAliasesInternal(); var portalAliasCollection = portalAliases.OrderByDescending(k => k.Key.Length); foreach (var currentAlias in portalAliasCollection) { // check if the alias key starts with the portal alias value passed in - we use // StartsWith because child portals are redirected to the parent portal domain name // eg. child = 'www.domain.com/child' and parent is 'www.domain.com' // this allows the parent domain name to resolve to the child alias ( the tabid still identifies the child portalid ) IPortalAliasInfo currentAliasInfo = currentAlias.Value; string httpAlias = currentAliasInfo.HttpAlias.ToLowerInvariant(); if (httpAlias.StartsWith(portalAlias.ToLowerInvariant()) && currentAliasInfo.PortalId == portalId) { retValue = currentAliasInfo.HttpAlias; break; } httpAlias = httpAlias.StartsWith("www.") ? httpAlias.Replace("www.", string.Empty) : string.Concat("www.", httpAlias); if (httpAlias.StartsWith(portalAlias.ToLowerInvariant()) && currentAliasInfo.PortalId == portalId) { retValue = currentAliasInfo.HttpAlias; break; } } } return(retValue); }
/// <inheritdoc /> void IPortalAliasService.UpdatePortalAlias(IPortalAliasInfo portalAlias) { // Update Alias DataProvider.Instance().UpdatePortalAliasInfo( portalAlias.PortalAliasId, portalAlias.PortalId, portalAlias.HttpAlias.ToLowerInvariant().Trim('/'), portalAlias.CultureCode, portalAlias.Skin, portalAlias.BrowserType.ToString(), portalAlias.IsPrimary, UserController.Instance.GetCurrentUserInfo().UserID); // Log Event LogEvent(portalAlias, EventLogController.EventLogType.PORTALALIAS_UPDATED); // clear portal alias cache ClearCache(false); }
public RouteValueDictionary GetAllRouteValues(IPortalAliasInfo portalAliasInfo, object routeValues) { var allRouteValues = new RouteValueDictionary(routeValues); var segments = portalAliasInfo.HttpAlias.Split('/'); if (segments.Length <= 1) { return(allRouteValues); } for (var i = 1; i < segments.Length; i++) { var key = "prefix" + (i - 1).ToString(CultureInfo.InvariantCulture); var value = segments[i]; allRouteValues.Add(key, value); } return(allRouteValues); }
/// <inheritdoc /> int IPortalAliasService.AddPortalAlias(IPortalAliasInfo portalAlias) { // Add Alias var dataProvider = DataProvider.Instance(); int Id = dataProvider.AddPortalAlias( portalAlias.PortalId, portalAlias.HttpAlias.ToLowerInvariant().Trim('/'), portalAlias.CultureCode, portalAlias.Skin, portalAlias.BrowserType.ToString(), portalAlias.IsPrimary, UserController.Instance.GetCurrentUserInfo().UserID); // Log Event LogEvent(portalAlias, EventLogController.EventLogType.PORTALALIAS_CREATED); // clear portal alias cache ClearCache(true); return(Id); }
/// <inheritdoc/> public LoginResultData LoginUser(HttpRequestMessage request, LoginData loginData) { if (!JwtAuthMessageHandler.IsEnabled) { Logger.Trace(this.SchemeType + " is not registered/enabled in web.config file"); return(EmptyWithError("disabled")); } #pragma warning disable 618 // Obsolete var obsoletePortalSettings = PortalController.Instance.GetCurrentPortalSettings(); #pragma warning restore 618 // Obsolete IPortalSettings portalSettings = obsoletePortalSettings; if (portalSettings == null) { Logger.Trace("portalSettings = null"); return(EmptyWithError("no-portal")); } IPortalAliasInfo portalAlias = obsoletePortalSettings.PortalAlias; var status = UserLoginStatus.LOGIN_FAILURE; var ipAddress = request.GetIPAddress() ?? string.Empty; var userInfo = UserController.ValidateUser( portalSettings.PortalId, loginData.Username, loginData.Password, "DNN", string.Empty, AuthScheme, ipAddress, ref status); if (userInfo == null) { Logger.Trace("user = null"); return(EmptyWithError("bad-credentials")); } var valid = status == UserLoginStatus.LOGIN_SUCCESS || status == UserLoginStatus.LOGIN_SUPERUSER || #pragma warning disable 618 // Obsolete status == UserLoginStatus.LOGIN_INSECUREADMINPASSWORD || status == UserLoginStatus.LOGIN_INSECUREHOSTPASSWORD; #pragma warning restore 618 // Obsolete if (!valid) { Logger.Trace("login status = " + status); return(EmptyWithError("bad-credentials")); } // save hash values in DB so no one with access can create JWT header from existing data var sessionId = NewSessionId; var now = DateTime.UtcNow; var renewalToken = EncodeBase64(Hasher.ComputeHash(Guid.NewGuid().ToByteArray())); var ptoken = new PersistedToken { TokenId = sessionId, UserId = userInfo.UserID, TokenExpiry = now.AddMinutes(SessionTokenTtl), RenewalExpiry = now.AddDays(RenewalTokenTtl), RenewalHash = GetHashedStr(renewalToken), }; var secret = ObtainSecret(sessionId, portalSettings.GUID, userInfo.Membership.LastPasswordChangeDate); var jwt = CreateJwtToken( secret, portalAlias.HttpAlias, ptoken, userInfo.Roles); var accessToken = jwt.RawData; ptoken.TokenHash = GetHashedStr(accessToken); this.DataProvider.AddToken(ptoken); return(new LoginResultData { UserId = userInfo.UserID, DisplayName = userInfo.DisplayName, AccessToken = accessToken, RenewalToken = renewalToken, }); }
private IPortalAliasInfo GetPortalAliasInternal(string httpAlias) { string strPortalAlias; // try the specified alias first IPortalAliasInfo portalAlias = this.GetPortalAliasLookupInternal(httpAlias.ToLowerInvariant()); // domain.com and www.domain.com should be synonymous if (portalAlias == null) { if (httpAlias.StartsWith("www.", StringComparison.InvariantCultureIgnoreCase)) { // try alias without the "www." prefix strPortalAlias = httpAlias.Replace("www.", string.Empty); } else // try the alias with the "www." prefix { strPortalAlias = string.Concat("www.", httpAlias); } // perform the lookup portalAlias = this.GetPortalAliasLookupInternal(strPortalAlias.ToLowerInvariant()); } // allow domain wildcards if (portalAlias == null) { // remove the domain prefix ( ie. anything.domain.com = domain.com ) if (httpAlias.IndexOf(".", StringComparison.Ordinal) != -1) { strPortalAlias = httpAlias.Substring(httpAlias.IndexOf(".", StringComparison.Ordinal) + 1); } else // be sure we have a clean string (without leftovers from preceding 'if' block) { strPortalAlias = httpAlias; } // try an explicit lookup using the wildcard entry ( ie. *.domain.com ) portalAlias = this.GetPortalAliasLookupInternal("*." + strPortalAlias.ToLowerInvariant()) ?? this.GetPortalAliasLookupInternal(strPortalAlias.ToLowerInvariant()); if (portalAlias == null) { // try a lookup using "www." + raw domain portalAlias = this.GetPortalAliasLookupInternal("www." + strPortalAlias.ToLowerInvariant()); } } if (portalAlias == null) { // check if this is a fresh install ( no alias values in collection ) var controller = new PortalAliasController(); var portalAliases = controller.GetPortalAliasesInternal(); if (portalAliases.Keys.Count == 0 || (portalAliases.Count == 1 && portalAliases.ContainsKey("_default"))) { // relate the PortalAlias to the default portal on a fresh database installation DataProvider.Instance().UpdatePortalAlias(httpAlias.ToLowerInvariant().Trim('/'), UserController.Instance.GetCurrentUserInfo().UserID); EventLogController.Instance.AddLog( "PortalAlias", httpAlias, PortalController.Instance.GetCurrentSettings(), UserController.Instance.GetCurrentUserInfo().UserID, EventLogController.EventLogType.PORTALALIAS_UPDATED); // clear the cachekey "GetPortalByAlias" otherwise portalalias "_default" stays in cache after first install DataCache.RemoveCache("GetPortalByAlias"); // try again portalAlias = this.GetPortalAliasLookupInternal(httpAlias.ToLowerInvariant()); } } return(portalAlias); }
private static void LogEvent(IPortalAliasInfo portalAlias, EventLogController.EventLogType logType) { int userId = UserController.Instance.GetCurrentUserInfo().UserID; EventLogController.Instance.AddLog(portalAlias, PortalController.Instance.GetCurrentSettings(), userId, string.Empty, logType); }