public virtual IHttpActionResult RequestRefresh([FromBody] RefreshParams rp) { return(ExecuteValidatedAction(() => { // manually validating, as api is no longer wired up... ValidatorHelpers.ValidateAndThrow(rp, new RefreshParamsValidator()); // validate AuthClient and RefreshToken JwtConfig config = new JwtConfig(true, RequestLeftPart); AuthClient client = ValidateClient(rp); AuthToken rt = AuthService.RetrieveToken(rp.AuthUserId, rp.AuthClientId, rp.TokenIdentifier); AddNoCacheHeader(); if (client == null || rt == null || rt.AuthClientId != client.Id || !JsonWebToken.GrantNewAccess(config, rt.Token)) { return ImATeapot(); } // get user AuthUser user = AuthService.GetByIdForLogin(rt.AuthUserId); if (user == null) { return ImATeapot(); } CheckSetRoleManager(user); // make sure state is set in RoleManager ILoginResultDto loginResult = CreateTokenResult(user, client, config); // create new tokens, return result return loginResult != null ? (IHttpActionResult)Ok(loginResult) : ImATeapot(); })); }
public virtual IHttpActionResult ResetPassword([FromBody] ResetPasswordParams rpp) { return(ExecuteValidatedAction(() => { ValidatorHelpers.ValidateAndThrow(rpp, new ResetPasswordParamsValidator()); // validate client AuthClient client = ValidateClient(rpp); if (client == null) { return ImATeapot(); } // validate user AuthUser user = AuthService.ValidateReset(rpp.AuthUserId, rpp.ResetKey); if (user == null) { return BadRequest(); } // change password AuthService.UpdatePassword(user, rpp.Password); CheckSetRoleManager(user); // make sure state is set in RoleManager ILoginResultDto result = CreateTokenResult(user, client); // return token AuthService.MarkResetInvalid(rpp.AuthUserId); return result != null ? (IHttpActionResult)Ok(result) : ImATeapot(); })); }
private static void ValidatePasswordStrength(string password) { if (ValidatorHelpers.BeAStrongPassword(password)) { return; } var ex = new ValidationException(RegexPatterns.PasswordErrorMsg) { Source = "Password" }; throw ex; }
/// <summary> /// Updates a user's password. /// Call this from inherited controller so that you can /// apply custom attributes / routes with custom protection. /// </summary> protected IHttpActionResult _UpdatePassword([FromBody] UpdatePasswordParams upp) { return(ExecuteValidatedAction(() => { ValidatorHelpers.ValidateAndThrow(upp, new UpdatePasswordValidator()); var user = AuthService.ValidateLogin(upp.AuthUserId, upp.OldPassword); if (user == null) { return ImATeapot(); } AuthService.UpdatePassword(user, upp.Password); RoleManager.StampAuthUser(upp.AuthUserId); // require other tokens to refresh return Ok(); })); }
public virtual IHttpActionResult UpdateUsername(UpdateUsernameParams upp) { return(ExecuteValidatedAction(() => { ValidatorHelpers.ValidateAndThrow(upp, new UpdateUsernameValidator()); var user = AuthService.GetById(upp.AuthUserId); if (user == null) { return ImATeapot(); } user.Username = upp.Username; AuthService.Update(user); return Ok(); })); }
public virtual IHttpActionResult RequestToken([FromBody] LoginParams lp) { return(ExecuteValidatedAction(() => { ValidatorHelpers.ValidateAndThrow(lp, new LoginParamsValidator()); var client = ValidateClient(lp); if (client == null) { return ImATeapot(); } bool isDomainEmail = IsLoginDomainEmail(lp.Username); if (!isDomainEmail && lp.Password == null) { return ImATeapot(); } AddNoCacheHeader(); // check valid login var authUser = AuthService.ValidateLogin(lp.Username, lp.Password); if (authUser != null) { CheckSetRoleManager(authUser); // make sure state is set in RoleManager ILoginResultDto loginResult = CreateTokenResult(authUser, client); // issue the token return loginResult != null ? (IHttpActionResult)Ok(loginResult) : ImATeapot(); } // check valid email domain if (!isDomainEmail) { return ImATeapot(); } AuthService.SendDomainEmailAccess(lp.Username); return Ok(new DomainEmailLoginResult { Email = lp.Username, SentEmail = true }); })); }
public virtual IHttpActionResult GrantAdminDomainEmailAccess([FromBody] DomainEmailPasswordParams depp) { return(ExecuteValidatedAction(() => { ValidatorHelpers.ValidateAndThrow(depp, new DomainEmailPasswordParamsValidator()); AuthClient client = ValidateClient(depp); if (client == null) { return ImATeapot(); } AuthUser au = AuthService.ValidateDomainEmailLogin(depp.ResetKey); if (au == null) { return ImATeapot(); } CheckSetRoleManager(au); ILoginResultDto result = CreateTokenResult(au, client); // return token return result != null ? (IHttpActionResult)Ok(result) : ImATeapot(); })); }
private IField ReadFieldFromTable(DataRow dr, string elementName, SortedList <string, int> bitmapLows, SortedList <string, int> bitmapHighs) { FieldLength length; Enum.TryParse <FieldLength>((string)dr["FieldLength"], out length); FieldFormat format; Enum.TryParse <FieldFormat>((string)dr["FieldFormat"], out format); Messages.Core.Field.Empty empty; if (elementName != "Group" && Convert.ToBoolean(dr["Bitmap"])) { if (Convert.ToBoolean(dr["HexBitmap"])) { empty = new BitmapHex(Convert.ToInt32(dr["BitmapFirst"])); } else { empty = new Bitmap(Convert.ToInt32(dr["BitmapFirst"])); } bitmapLows.Add((string)dr[elementName], Convert.ToInt32(dr["BitmapStartRange"])); bitmapHighs.Add((string)dr[elementName], Convert.ToInt32(dr["BitmapEndRange"])); } else { empty = new Messages.Core.Field.Empty(); } empty.Configure((string)dr[elementName], Convert.ToInt32(dr["Size"]), Convert.ToInt32(dr["Number"]), length, format, FormatHelpers.GetFormatter((string)dr["Formatter"]), ValidatorHelpers.GetValidator((string)dr["Validator"]), ParserHelpers.GetParser((string)dr["Parser"])); return(empty); }
public void AddDefaultExpand <TProperty>(Expression <Func <T, TProperty> > exp) { _defaultExpands.Add(ValidatorHelpers.GetExpandString(exp.ToString())); }
public IField Configure(string Name, int Size, int Number, FieldLength Length, FieldFormat Format) { this.Init(Name, Size, Number, Length, Format, FormatHelpers.GetFormatter(Length), ValidatorHelpers.GetValidator(Format), ParserHelpers.GetParser(Length)); return(this); }
/// <summary> /// Wrapper to validate and throw for testing. /// </summary> /// <typeparam name="T"></typeparam> /// <param name="entity"></param> /// <param name="validator"></param> protected static void ValidateAndThrow <T>(T entity, IValidator <T> validator) { ValidatorHelpers.ValidateAndThrow(entity, validator); }