public ConfirmEmailValidator(IQueryEntities entities)
{
CascadeMode = CascadeMode.StopOnFirstFailure;
EmailConfirmation confirmation = null;
RuleFor(p => p.SecretCode)
// secret cannot be empty
.NotEmpty()
.WithMessage(FailedBecauseSecretCodeWasEmpty)
// token must match a confirmation
.Must((o, p) => ValidateEmailConfirmation.TokenMatchesEntity(o.Token, entities, out confirmation))
.WithMessage(FailedBecauseOfInconsistentData)
// intent must match entity
.Must((o, p) => ValidateEmailConfirmation.IntentIsCorrect(confirmation, o.Intent))
.WithMessage(FailedBecauseOfInconsistentData)
;
RuleFor(p => p.SecretCode)
// secret must match entity
.Must(p => ValidateEmailConfirmation.SecretCodeIsCorrect(confirmation, p))
.When(p =>
!string.IsNullOrWhiteSpace(p.SecretCode) &&
confirmation != null &&
ValidateEmailConfirmation.IntentIsCorrect(confirmation, p.Intent))
.WithMessage(FailedBecauseSecretCodeWasIncorrect)
;
}
public RedeemEmailConfirmationValidator(IQueryEntities entities)
{
CascadeMode = CascadeMode.StopOnFirstFailure;
EmailConfirmation confirmation = null;
RuleFor(p => p.Token)
// token cannot be an empty guid
.NotEmpty()
.WithMessage(ValidateEmailConfirmation.FailedBecauseTokenWasEmpty,
p => p.Token)
// token must match a confirmation
.Must(p => ValidateEmailConfirmation.TokenMatchesEntity(p, entities, out confirmation))
.WithMessage(ValidateEmailConfirmation.FailedBecauseTokenMatchedNoEntity,
p => p.Token)
;
RuleFor(p => p.SecretCode)
// secret cannot be empty
.NotEmpty()
.WithMessage(ValidateEmailConfirmation.FailedBecauseSecretCodeWasEmpty)
;
// when confirmation is not null,
When(p => confirmation != null, () =>
{
RuleFor(p => p.Token)
// it cannot be expired
.Must(p => !confirmation.IsExpired)
.WithMessage(ValidateEmailConfirmation.FailedBecauseIsExpired,
p => confirmation.Token, p => confirmation.ExpiresOnUtc)
// it cannot be retired
.Must(p => !confirmation.IsRetired)
.WithMessage(ValidateEmailConfirmation.FailedBecauseIsRetired,
p => confirmation.Token, p => confirmation.RetiredOnUtc)
;
RuleFor(p => p.SecretCode)
// secret must match entity
.Must(p => ValidateEmailConfirmation.SecretCodeIsCorrect(confirmation, p))
.WithMessage(ValidateEmailConfirmation.FailedBecauseSecretCodeWasIncorrect,
p => p.SecretCode, p => confirmation.Token)
;
RuleFor(p => p.Intent)
// intent must match entity
.Must(p => ValidateEmailConfirmation.IntentIsCorrect(confirmation, p))
.WithMessage(ValidateEmailConfirmation.FailedBecauseIntentWasIncorrect,
p => p.Intent, p => confirmation.Token)
;
});
}
public ResetPasswordValidator(IQueryEntities entities, IStorePasswords passwords)
{
CascadeMode = CascadeMode.StopOnFirstFailure;
RuleFor(p => p.Token)
// cannot be empty guid
.NotEmpty()
.WithMessage(ValidateEmailConfirmation.FailedBecauseTokenWasEmpty,
p => p.Token)
// matches email confirmation entity
.Must(p => ValidateEmailConfirmation.TokenMatchesEntity(p, entities))
.WithMessage(ValidateEmailConfirmation.FailedBecauseTokenMatchedNoEntity,
p => p.Token)
;
RuleFor(p => p.Password)
// cannot be empty
.NotEmpty()
.WithMessage(FailedBecausePasswordWasEmpty)
// at least 6 characters long
.Length(passwords.MinimumPasswordLength, int.MaxValue)
.WithMessage(FailedBecausePasswordWasTooShort,
p => passwords.MinimumPasswordLength)
;
RuleFor(p => p.PasswordConfirmation)
// can never be empty
.NotEmpty()
.WithMessage(FailedBecausePasswordConfirmationWasEmpty)
;
RuleFor(p => p.PasswordConfirmation)
// equals password unless empty or password failed validation
.Equal(p => p.Password)
.Unless(p =>
string.IsNullOrWhiteSpace(p.PasswordConfirmation) ||
string.IsNullOrWhiteSpace(p.Password) ||
p.Password.Length < passwords.MinimumPasswordLength)
.WithMessage(FailedBecausePasswordConfirmationDidNotEqualPassword)
;
}
private bool ValidateToken(ActionExecutingContext filterContext)
{
// get the token
var token = GetToken(filterContext);
// get the confirmation
EmailConfirmation catchEntity;
var found = ValidateEmailConfirmation.TokenMatchesEntity
(token, Entities, out catchEntity);
EmailConfirmation = catchEntity;
// valid when matches an entity
if (token != Guid.Empty && found)
{
return(true);
}
filterContext.Result = new HttpNotFoundResult();
return(false);
}
public ResetPasswordValidator(IQueryEntities entities, IStorePasswords passwords)
{
CascadeMode = CascadeMode.StopOnFirstFailure;
EmailConfirmation confirmation = null;
RuleFor(p => p.Token)
// token cannot be an empty guid
.NotEmpty()
.WithMessage(ValidateEmailConfirmation.FailedBecauseTokenWasEmpty,
p => p.Token)
// token must match a confirmation
.Must(p => ValidateEmailConfirmation.TokenMatchesEntity(p, entities, out confirmation))
.WithMessage(ValidateEmailConfirmation.FailedBecauseTokenMatchedNoEntity,
p => p.Token)
;
RuleFor(p => p.Ticket)
// ticket cannot be empty
.NotEmpty()
.WithMessage(ValidateEmailConfirmation.FailedBecauseTicketWasEmpty)
;
RuleFor(p => p.Password)
// cannot be empty
.NotEmpty()
.WithMessage(ValidatePassword.FailedBecausePasswordWasEmpty)
// length must be between 6 and 100 characters
.Length(passwords.MinimumPasswordLength, int.MaxValue)
.WithMessage(ValidatePassword.FailedBecausePasswordWasTooShort(passwords.MinimumPasswordLength))
;
RuleFor(p => p.PasswordConfirmation)
// cannot be empty
.NotEmpty()
.WithMessage(ValidatePassword.FailedBecausePasswordConfirmationWasEmpty)
;
RuleFor(p => p.PasswordConfirmation)
// must match password unless password is invalid or password confirmation is empty
.Equal(p => p.Password)
.Unless(p =>
string.IsNullOrWhiteSpace(p.PasswordConfirmation) ||
string.IsNullOrWhiteSpace(p.Password) ||
p.Password.Length < passwords.MinimumPasswordLength)
.WithMessage(ValidatePassword.FailedBecausePasswordConfirmationDidNotEqualPassword)
;
// when confirmation is not null,
When(p => confirmation != null, () =>
{
RuleFor(p => p.Token)
// its intent must be to reset password
.Must(p => confirmation.Intent == EmailConfirmationIntent.ResetPassword)
.WithMessage(ValidateEmailConfirmation.FailedBecauseIntentWasIncorrect,
p => confirmation.Intent, p => confirmation.Token)
// it cannot be expired
.Must(p => !confirmation.IsExpired)
.WithMessage(ValidateEmailConfirmation.FailedBecauseIsExpired,
p => confirmation.Token, p => confirmation.ExpiresOnUtc)
// it cannot be retired
.Must(p => !confirmation.IsRetired)
.WithMessage(ValidateEmailConfirmation.FailedBecauseIsRetired,
p => confirmation.Token, p => confirmation.RetiredOnUtc)
// it must be redeemed
.Must(p => confirmation.IsRedeemed)
.WithMessage(ValidateEmailConfirmation.FailedBecauseIsNotRedeemed,
p => confirmation.Token)
// email address must be confirmed
.Must(p => ValidateEmailAddress.IsConfirmed(confirmation.EmailAddress))
.WithMessage(ValidateEmailAddress.FailedBecauseIsNotConfirmed,
p => confirmation.EmailAddress.Value)
// it must be attached to a user
.Must(p => ValidatePerson.UserIsNotNull(confirmation.EmailAddress.Person))
.WithMessage(ValidatePerson.FailedBecauseUserWasNull,
p => confirmation.EmailAddress.Person.DisplayName)
// user cannot have a saml account
.Must(p => ValidateUser.EduPersonTargetedIdIsEmpty(confirmation.EmailAddress.Person.User))
.WithMessage(ValidateUser.FailedBecauseEduPersonTargetedIdWasNotEmpty,
p => confirmation.EmailAddress.Person.User.Name)
// user name must match local member account
.Must(p => ValidateUser.NameMatchesLocalMember(confirmation.EmailAddress.Person.User.Name, passwords))
.WithMessage(ValidateUser.FailedBecauseNameMatchedNoLocalMember,
p => confirmation.EmailAddress.Person.User.Name)
;
RuleFor(p => p.Ticket)
// its ticket must match the command ticket
.Must(p => ValidateEmailConfirmation.TicketIsCorrect(confirmation, p))
.WithMessage(ValidateEmailConfirmation.FailedBecauseTicketWasIncorrect,
p => p.Ticket, p => p.Token)
;
});
}
