[Create(@"{code}", false, false)] //NOTE: this method doesn't requires auth!!! //NOTE: this method doesn't check payment!!!
public AuthenticationTokenData AuthenticateMe(string userName, string password, string provider, string accessToken, string code)
{
bool viaEmail;
var user = GetUser(userName, password, provider, accessToken, out viaEmail);
try
{
SmsManager.ValidateSmsCode(user, code);
var token = SecurityContext.AuthenticateMe(user.ID);
MessageService.Send(Request, MessageAction.LoginSuccessViaApiSms);
var tenant = CoreContext.TenantManager.GetCurrentTenant().TenantId;
var expires = TenantCookieSettings.GetExpiresTime(tenant);
return(new AuthenticationTokenData
{
Token = token,
Expires = new ApiDateTime(expires),
Sms = true,
PhoneNoise = SmsSender.BuildPhoneNoise(user.MobilePhone)
});
}
catch
{
MessageService.Send(Request, user.DisplayUserName(false), MessageAction.LoginFailViaApiSms, MessageTarget.Create(user.ID));
throw new AuthenticationException("User authentication failed");
}
finally
{
SecurityContext.Logout();
}
}
private void RequestCode(HttpContext context)
{
var token = GetToken(context.Request["code"]);
if (token == null)
{
Global.Logger.Error("BoxApp: token is null");
throw new SecurityException("Access token is null");
}
var boxUserId = context.Request["userId"];
if (SecurityContext.IsAuthenticated)
{
if (!CurrentUser(boxUserId))
{
Global.Logger.Debug("BoxApp: logout for " + boxUserId);
CookiesManager.ClearCookies(CookiesType.AuthKey);
SecurityContext.Logout();
}
}
if (!SecurityContext.IsAuthenticated)
{
bool isNew;
var userInfo = GetUserInfo(token, out isNew);
if (userInfo == null)
{
Global.Logger.Error("BoxApp: UserInfo is null");
throw new Exception("Profile is null");
}
var cookiesKey = SecurityContext.AuthenticateMe(userInfo.ID);
CookiesManager.SetCookies(CookiesType.AuthKey, cookiesKey);
MessageService.Send(HttpContext.Current.Request, MessageAction.LoginSuccessViaSocialApp);
if (isNew)
{
UserHelpTourHelper.IsNewUser = true;
PersonalSettings.IsNewUser = true;
PersonalSettings.IsNotActivated = true;
}
if (!string.IsNullOrEmpty(boxUserId) && !CurrentUser(boxUserId))
{
AddLinker(boxUserId);
}
}
Token.SaveToken(token);
var fileId = context.Request["id"];
context.Response.Redirect(FilesLinkUtility.GetFileWebEditorUrl(ThirdPartySelector.BuildAppFileId(AppAttr, fileId)), true);
}
[Create(@"", false, false)] //NOTE: this method doesn't requires auth!!! //NOTE: this method doesn't check payment!!!
public AuthenticationTokenData AuthenticateMe(string userName, string password, string provider, string accessToken)
{
bool viaEmail;
var user = GetUser(userName, password, provider, accessToken, out viaEmail);
if (!StudioSmsNotificationSettings.IsVisibleSettings || !StudioSmsNotificationSettings.Enable)
{
try
{
var token = SecurityContext.AuthenticateMe(user.ID);
MessageService.Send(Request, viaEmail ? MessageAction.LoginSuccessViaApi : MessageAction.LoginSuccessViaApiSocialAccount);
var tenant = CoreContext.TenantManager.GetCurrentTenant().TenantId;
var expires = TenantCookieSettings.GetExpiresTime(tenant);
return(new AuthenticationTokenData
{
Token = token,
Expires = new ApiDateTime(expires)
});
}
catch
{
MessageService.Send(Request, user.DisplayUserName(false), viaEmail ? MessageAction.LoginFailViaApi : MessageAction.LoginFailViaApiSocialAccount);
throw new AuthenticationException("User authentication failed");
}
finally
{
SecurityContext.Logout();
}
}
if (string.IsNullOrEmpty(user.MobilePhone) || user.MobilePhoneActivationStatus == MobilePhoneActivationStatus.NotActivated)
{
return new AuthenticationTokenData
{
Sms = true
}
}
;
SmsManager.PutAuthCode(user, false);
return(new AuthenticationTokenData
{
Sms = true,
PhoneNoise = SmsSender.BuildPhoneNoise(user.MobilePhone),
Expires = new ApiDateTime(DateTime.UtcNow.Add(SmsKeyStorage.StoreInterval))
});
}
private static UserInfo GetUserInfo(Token token, out bool isNew)
{
isNew = false;
if (token == null)
{
Global.Logger.Error("GoogleDriveApp: token is null");
throw new SecurityException("Access token is null");
}
LoginProfile loginProfile = null;
try
{
loginProfile = new GoogleLoginProvider().GetLoginProfile(token.ToString());
}
catch (Exception ex)
{
Global.Logger.Error("GoogleDriveApp: userinfo request", ex);
}
if (loginProfile == null)
{
Global.Logger.Error("Error in userinfo request");
return(null);
}
var userInfo = CoreContext.UserManager.GetUserByEmail(loginProfile.EMail);
if (Equals(userInfo, Constants.LostUser))
{
userInfo = LoginWithThirdParty.ProfileToUserInfo(loginProfile);
var cultureName = loginProfile.Locale;
if (string.IsNullOrEmpty(cultureName))
{
cultureName = Thread.CurrentThread.CurrentUICulture.Name;
}
var cultureInfo = SetupInfo.EnabledCultures.Find(c => String.Equals(c.Name, cultureName, StringComparison.InvariantCultureIgnoreCase));
if (cultureInfo != null)
{
userInfo.CultureName = cultureInfo.Name;
}
else
{
Global.Logger.DebugFormat("From google app new personal user '{0}' without culture {1}", userInfo.Email, cultureName);
}
try
{
SecurityContext.AuthenticateMe(ASC.Core.Configuration.Constants.CoreSystem);
userInfo = UserManagerWrapper.AddUser(userInfo, UserManagerWrapper.GeneratePassword());
}
finally
{
SecurityContext.Logout();
}
isNew = true;
Global.Logger.Debug("GoogleDriveApp: new user " + userInfo.ID);
}
return(userInfo);
}
private static void RequestCode(HttpContext context)
{
var state = context.Request["state"];
Global.Logger.Debug("GoogleDriveApp: state - " + state);
if (string.IsNullOrEmpty(state))
{
Global.Logger.Error("GoogleDriveApp: empty state");
throw new Exception("Empty state");
}
var token = GetToken(context.Request["code"]);
if (token == null)
{
Global.Logger.Error("GoogleDriveApp: token is null");
throw new SecurityException("Access token is null");
}
var stateJson = JObject.Parse(state);
var googleUserId = stateJson.Value <string>("userId");
if (SecurityContext.IsAuthenticated)
{
if (!CurrentUser(googleUserId))
{
Global.Logger.Debug("GoogleDriveApp: logout for " + googleUserId);
CookiesManager.ClearCookies(CookiesType.AuthKey);
SecurityContext.Logout();
}
}
if (!SecurityContext.IsAuthenticated)
{
bool isNew;
var userInfo = GetUserInfo(token, out isNew);
if (userInfo == null)
{
Global.Logger.Error("GoogleDriveApp: UserInfo is null");
throw new Exception("Profile is null");
}
var cookiesKey = SecurityContext.AuthenticateMe(userInfo.ID);
CookiesManager.SetCookies(CookiesType.AuthKey, cookiesKey);
MessageService.Send(HttpContext.Current.Request, MessageAction.LoginSuccessViaSocialAccount);
if (isNew)
{
UserHelpTourHelper.IsNewUser = true;
PersonalSettings.IsNewUser = true;
PersonalSettings.IsNotActivated = true;
}
if (!string.IsNullOrEmpty(googleUserId) && !CurrentUser(googleUserId))
{
AddLinker(googleUserId);
}
}
Token.SaveToken(token);
var action = stateJson.Value <string>("action");
switch (action)
{
case "create":
var folderId = stateJson.Value <string>("folderId");
context.Response.Redirect(App.Location + "?" + FilesLinkUtility.FolderId + "=" + HttpUtility.UrlEncode(folderId), true);
return;
case "open":
var idsArray = stateJson.Value <JArray>("ids") ?? stateJson.Value <JArray>("exportIds");
if (idsArray == null)
{
Global.Logger.Error("GoogleDriveApp: ids is empty");
throw new Exception("File id is null");
}
var fileId = idsArray.ToObject <List <string> >().FirstOrDefault();
var driveFile = GetDriveFile(fileId, token);
if (driveFile == null)
{
Global.Logger.Error("GoogleDriveApp: file is null");
throw new Exception("File not found");
}
var jsonFile = JObject.Parse(driveFile);
var ext = GetCorrectExt(jsonFile);
if (FileUtility.ExtsMustConvert.Contains(ext) ||
GoogleLoginProvider.GoogleDriveExt.Contains(ext))
{
Global.Logger.Debug("GoogleDriveApp: file must be converted");
if (FilesSettings.ConvertNotify)
{
context.Response.Redirect(App.Location + "?" + FilesLinkUtility.FileId + "=" + HttpUtility.UrlEncode(fileId), true);
return;
}
fileId = CreateConvertedFile(driveFile, token);
}
context.Response.Redirect(FilesLinkUtility.GetFileWebEditorUrl(ThirdPartySelector.BuildAppFileId(AppAttr, fileId)), true);
return;
}
Global.Logger.Error("GoogleDriveApp: Action not identified");
throw new Exception("Action not identified");
}
public void RunJob(DistributedTask _, CancellationToken cancellationToken)
{
try
{
CancellationToken = cancellationToken;
SetProgress(5, "Setup tenant");
CoreContext.TenantManager.SetCurrentTenant(CurrentTenant);
SetProgress(10, "Setup user");
SecurityContext.AuthenticateMe(CurrentUser); //Core.Configuration.Constants.CoreSystem);
SetProgress(15, "Find user data");
var currentUser = CoreContext.UserManager.GetUsers(SecurityContext.CurrentAccount.ID);
SetProgress(20, "Create mime message");
var toAddress = new MailboxAddress(currentUser.UserName, currentUser.Email);
var fromAddress = new MailboxAddress(SmtpSettings.SenderDisplayName, SmtpSettings.SenderAddress);
var mimeMessage = new MimeMessage
{
Subject = messageSubject
};
mimeMessage.From.Add(fromAddress);
mimeMessage.To.Add(toAddress);
var bodyBuilder = new BodyBuilder
{
TextBody = messageBody
};
mimeMessage.Body = bodyBuilder.ToMessageBody();
mimeMessage.Headers.Add("Auto-Submitted", "auto-generated");
using (var client = GetSmtpClient())
{
SetProgress(40, "Connect to host");
client.Connect(SmtpSettings.Host, SmtpSettings.Port.GetValueOrDefault(25),
SmtpSettings.EnableSSL ? SecureSocketOptions.Auto : SecureSocketOptions.None, cancellationToken);
if (SmtpSettings.EnableAuth)
{
SetProgress(60, "Authenticate");
client.Authenticate(SmtpSettings.CredentialsUserName,
SmtpSettings.CredentialsUserPassword, cancellationToken);
}
SetProgress(80, "Send test message");
client.Send(FormatOptions.Default, mimeMessage, cancellationToken);
}
}
catch (AuthorizingException authError)
{
Error = Resources.Resource.ErrorAccessDenied; // "No permissions to perform this action";
Logger.Error(Error, new SecurityException(Error, authError));
}
catch (AggregateException ae)
{
ae.Flatten().Handle(e => e is TaskCanceledException || e is OperationCanceledException);
}
catch (SocketException ex)
{
Error = ex.Message; //TODO: Add translates of ordinary cases
Logger.Error(ex.ToString());
}
catch (AuthenticationException ex)
{
Error = ex.Message; //TODO: Add translates of ordinary cases
Logger.Error(ex.ToString());
}
catch (Exception ex)
{
Error = ex.Message; //TODO: Add translates of ordinary cases
Logger.Error(ex.ToString());
}
finally
{
try
{
TaskInfo.SetProperty(FINISHED, true);
PublishTaskInfo();
SecurityContext.Logout();
}
catch (Exception ex)
{
Logger.ErrorFormat("LdapOperation finalization problem. {0}", ex);
}
}
}
public void RunJob(DistributedTask _, CancellationToken cancellationToken)
{
try
{
CancellationToken = cancellationToken;
CoreContext.TenantManager.SetCurrentTenant(CurrentTenant);
SecurityContext.AuthenticateMe(Core.Configuration.Constants.CoreSystem);
Thread.CurrentThread.CurrentCulture = CultureInfo.GetCultureInfo(_culture);
Thread.CurrentThread.CurrentUICulture = CultureInfo.GetCultureInfo(_culture);
Logger = LogManager.GetLogger("ASC");
if (LDAPSettings == null)
{
Error = Resource.LdapSettingsErrorCantGetLdapSettings;
Logger.Error("Can't save default LDAP settings.");
return;
}
switch (OperationType)
{
case LdapOperationType.Save:
case LdapOperationType.SaveTest:
Logger.InfoFormat("Start '{0}' operation",
Enum.GetName(typeof(LdapOperationType), OperationType));
SetProgress(1, Resource.LdapSettingsStatusCheckingLdapSettings);
Logger.Debug("PrepareSettings()");
PrepareSettings(LDAPSettings);
if (!string.IsNullOrEmpty(Error))
{
Logger.DebugFormat("PrepareSettings() Error: {0}", Error);
return;
}
Importer = new NovellLdapUserImporter(LDAPSettings, Resource);
if (LDAPSettings.EnableLdapAuthentication)
{
var ldapSettingsChecker = new NovellLdapSettingsChecker(Importer);
SetProgress(5, Resource.LdapSettingsStatusLoadingBaseInfo);
var result = ldapSettingsChecker.CheckSettings();
if (result != LdapSettingsStatus.Ok)
{
if (result == LdapSettingsStatus.CertificateRequest)
{
TaskInfo.SetProperty(CERT_REQUEST,
ldapSettingsChecker.CertificateConfirmRequest);
}
Error = GetError(result);
Logger.DebugFormat("ldapSettingsChecker.CheckSettings() Error: {0}", Error);
return;
}
}
break;
case LdapOperationType.Sync:
case LdapOperationType.SyncTest:
Logger.InfoFormat("Start '{0}' operation",
Enum.GetName(typeof(LdapOperationType), OperationType));
Importer = new NovellLdapUserImporter(LDAPSettings, Resource);
break;
default:
throw new ArgumentOutOfRangeException();
}
Do();
}
catch (AuthorizingException authError)
{
Error = Resource.ErrorAccessDenied;
Logger.Error(Error, new SecurityException(Error, authError));
}
catch (AggregateException ae)
{
ae.Flatten().Handle(e => e is TaskCanceledException || e is OperationCanceledException);
}
catch (TenantQuotaException e)
{
Error = Resource.LdapSettingsTenantQuotaSettled;
Logger.ErrorFormat("TenantQuotaException. {0}", e);
}
catch (FormatException e)
{
Error = Resource.LdapSettingsErrorCantCreateUsers;
Logger.ErrorFormat("FormatException error. {0}", e);
}
catch (Exception e)
{
Error = Resource.LdapSettingsInternalServerError;
Logger.ErrorFormat("Internal server error. {0}", e);
}
finally
{
try
{
TaskInfo.SetProperty(FINISHED, true);
PublishTaskInfo();
Dispose();
SecurityContext.Logout();
}
catch (Exception ex)
{
Logger.ErrorFormat("LdapOperation finalization problem. {0}", ex);
}
}
}
private static UserInfo GetUserInfo(Token token, out bool isNew)
{
isNew = false;
if (token == null)
{
Global.Logger.Error("BoxApp: token is null");
throw new SecurityException("Access token is null");
}
var resultResponse = string.Empty;
try
{
resultResponse = RequestHelper.PerformRequest(BoxUrlUserInfo,
headers: new Dictionary <string, string> {
{ "Authorization", "Bearer " + token }
});
Global.Logger.Debug("BoxApp: userinfo response - " + resultResponse);
}
catch (Exception ex)
{
Global.Logger.Error("BoxApp: userinfo request", ex);
}
var boxUserInfo = JObject.Parse(resultResponse);
if (boxUserInfo == null)
{
Global.Logger.Error("Error in userinfo request");
return(null);
}
var email = boxUserInfo.Value <string>("login");
var userInfo = CoreContext.UserManager.GetUserByEmail(email);
if (Equals(userInfo, Constants.LostUser))
{
userInfo = new UserInfo
{
FirstName = boxUserInfo.Value <string>("name"),
Email = email,
MobilePhone = boxUserInfo.Value <string>("phone"),
};
var cultureName = boxUserInfo.Value <string>("language");
if (string.IsNullOrEmpty(cultureName))
{
cultureName = Thread.CurrentThread.CurrentUICulture.TwoLetterISOLanguageName;
}
var cultureInfo = SetupInfo.EnabledCultures.Find(c => String.Equals(c.TwoLetterISOLanguageName, cultureName, StringComparison.InvariantCultureIgnoreCase));
if (cultureInfo != null)
{
userInfo.CultureName = cultureInfo.Name;
}
else
{
Global.Logger.DebugFormat("From box app new personal user '{0}' without culture {1}", userInfo.Email, cultureName);
}
if (string.IsNullOrEmpty(userInfo.FirstName))
{
userInfo.FirstName = FilesCommonResource.UnknownFirstName;
}
if (string.IsNullOrEmpty(userInfo.LastName))
{
userInfo.LastName = FilesCommonResource.UnknownLastName;
}
try
{
SecurityContext.AuthenticateMe(ASC.Core.Configuration.Constants.CoreSystem);
userInfo = UserManagerWrapper.AddUser(userInfo, UserManagerWrapper.GeneratePassword());
}
finally
{
SecurityContext.Logout();
}
isNew = true;
Global.Logger.Debug("BoxApp: new user " + userInfo.ID);
}
return(userInfo);
}
private static UserInfo GetUserInfo(Token token, out bool isNew)
{
isNew = false;
if (token == null)
{
Global.Logger.Error("GoogleDriveApp: token is null");
throw new SecurityException("Access token is null");
}
var resultResponse = RequestHelper.PerformRequest(GoogleUrlUserInfo.Replace("{access_token}", token.AccessToken));
Global.Logger.Debug("GoogleDriveApp: userinfo response - " + resultResponse);
var googleUserInfo = JObject.Parse(resultResponse);
if (googleUserInfo == null)
{
Global.Logger.Error("Error in userinfo request");
return(null);
}
var email = googleUserInfo.Value <string>("email");
var userInfo = CoreContext.UserManager.GetUserByEmail(email);
if (Equals(userInfo, Constants.LostUser))
{
userInfo = new UserInfo
{
Status = EmployeeStatus.Active,
FirstName = googleUserInfo.Value <string>("given_name"),
LastName = googleUserInfo.Value <string>("family_name"),
Email = email,
WorkFromDate = TenantUtil.DateTimeNow(),
};
var gender = googleUserInfo.Value <string>("gender");
if (!string.IsNullOrEmpty(gender))
{
userInfo.Sex = gender == "male";
}
var cultureName = googleUserInfo.Value <string>("locale") ?? CultureInfo.CurrentUICulture.Name;
var cultureInfo = SetupInfo.EnabledCultures.Find(c => String.Equals(c.TwoLetterISOLanguageName, cultureName, StringComparison.InvariantCultureIgnoreCase));
if (cultureInfo != null)
{
userInfo.CultureName = cultureInfo.Name;
}
if (string.IsNullOrEmpty(userInfo.FirstName))
{
userInfo.FirstName = FilesCommonResource.UnknownFirstName;
}
if (string.IsNullOrEmpty(userInfo.LastName))
{
userInfo.LastName = FilesCommonResource.UnknownLastName;
}
var pwd = UserManagerWrapper.GeneratePassword();
try
{
SecurityContext.AuthenticateMe(ASC.Core.Configuration.Constants.CoreSystem);
userInfo = UserManagerWrapper.AddUser(userInfo, pwd);
}
finally
{
SecurityContext.Logout();
}
isNew = true;
Global.Logger.Debug("GoogleDriveApp: new user " + userInfo.ID);
}
return(userInfo);
}
protected void Page_PreInit(object sender, EventArgs e)
{
if (MobileDetector.IsRequestMatchesMobile(Context))
{
Response.Redirect(CommonLinkUtility.GetFileWebViewerUrl(Request[UrlConstant.FileId]) +
(string.IsNullOrEmpty(Request[UrlConstant.DocUrlKey]) ? "" : "&" + UrlConstant.DocUrlKey + "=" + Request[UrlConstant.DocUrlKey]));
}
if (!FileUtility.EnableHtml5)
{
Server.Transfer("editor.aspx", true);
}
//check if cookie from this portal
if (SecurityContext.CurrentAccount is IUserAccount &&
((IUserAccount)SecurityContext.CurrentAccount).Tenant != CoreContext.TenantManager.GetCurrentTenant().TenantId)
{
SecurityContext.Logout();
Response.Redirect("~/");
}
var currentUser = CoreContext.UserManager.GetUsers(SecurityContext.CurrentAccount.ID);
if (currentUser == Constants.LostUser || currentUser.Status != EmployeeStatus.Active)
{
SecurityContext.Logout();
Response.Redirect("~/");
}
ProcessSecureFilter();
if (!SecurityContext.IsAuthenticated &&
DocumentUtils.ParseShareLink(Request[UrlConstant.DocUrlKey]) == null)
{
//for demo
if (SetupInfo.WorkMode == WorkMode.Promo)
{
if (AutoAuthByPromo())
{
UserOnlineManager.Instance.RegistryOnlineUser(SecurityContext.CurrentAccount.ID);
Response.Redirect("~/");
return;
}
}
var refererURL = Request.GetUrlRewriter().AbsoluteUri;
if (!ValidateRefererUrl(refererURL))
{
refererURL = (string)Session["refererURL"];
}
if (!AutoAuthByCookies() && !CoreContext.TenantManager.GetCurrentTenant().Public)
{
Session["refererURL"] = refererURL;
Response.Redirect("~/auth.aspx");
return;
}
}
if (SecurityContext.IsAuthenticated)
{
UserOnlineManager.Instance.RegistryOnlineUser(SecurityContext.CurrentAccount.ID);
}
CurrentSkin = WebSkin.GetUserSkin();
Theme = CurrentSkin.ASPTheme;
}
internal static void RequestCode(HttpContext context)
{
var state = context.Request["state"];
Global.Logger.Debug("GoogleDriveApp: state - " + state);
if (string.IsNullOrEmpty(state))
{
Global.Logger.Info("GoogleDriveApp: empty state");
throw new Exception("Empty state");
}
var token = GetToken(context.Request["code"]);
if (token == null)
{
Global.Logger.Info("GoogleDriveApp: token is null");
throw new SecurityException("Access token is null");
}
var stateJson = JObject.Parse(state);
if (SecurityContext.IsAuthenticated)
{
Global.Logger.Debug("GoogleDriveApp: is authenticated");
if (!CurrentUser(stateJson.Value <string>("userId")))
{
Global.Logger.Debug("GoogleDriveApp: logout");
CookiesManager.ClearCookies(CookiesType.AuthKey);
SecurityContext.Logout();
}
}
if (!SecurityContext.IsAuthenticated)
{
var userInfo = GetUserInfo(token);
if (userInfo == null)
{
Global.Logger.Error("GoogleDriveApp: UserInfo is null");
throw new Exception("Profile is null");
}
var cookiesKey = SecurityContext.AuthenticateMe(userInfo.ID);
CookiesManager.SetCookies(CookiesType.AuthKey, cookiesKey);
}
Token.SaveToken(token);
var action = stateJson.Value <string>("action");
switch (action)
{
case "create":
var folderId = stateJson.Value <string>("folderId");
context.Response.Redirect(App.Location + "?" + FilesLinkUtility.FolderId + "=" + folderId, true);
return;
case "open":
var idsArray = stateJson.Value <JArray>("ids") ?? stateJson.Value <JArray>("exportIds");
if (idsArray == null)
{
Global.Logger.Error("GoogleDriveApp: ids is empty");
throw new Exception("File id is null");
}
var fileId = idsArray.ToObject <List <string> >().FirstOrDefault();
var driveFile = GetDriveFile(fileId, token);
if (driveFile == null)
{
Global.Logger.Error("GoogleDriveApp: file is null");
throw new Exception("File not found");
}
var jsonFile = JObject.Parse(driveFile);
var ext = GetCorrectExt(jsonFile);
var mimeType = (jsonFile.Value <string>("mimeType") ?? "").ToLower();
if (FileUtility.ExtsMustConvert.Contains(ext) ||
GoogleMimeTypes.Keys.Contains(mimeType))
{
Global.Logger.Debug("GoogleDriveApp: file must be converted");
if (FilesSettings.ConvertNotify)
{
context.Response.Redirect(App.Location + "?" + FilesLinkUtility.FileId + "=" + fileId, true);
return;
}
fileId = CreateConvertedFile(driveFile, token);
}
context.Response.Redirect(FilesLinkUtility.GetFileWebEditorUrl(fileId) + "&" + FilesLinkUtility.Action + "=app", true);
return;
}
Global.Logger.Error("GoogleDriveApp: Action not identified");
throw new Exception("Action not identified");
}
protected void Page_PreInit(object sender, EventArgs e)
{
if (!FileUtility.EnableHtml5)
{
Server.Transfer("viewer.aspx", true);
}
//check if cookie from this portal
if (SecurityContext.CurrentAccount is IUserAccount &&
((IUserAccount)SecurityContext.CurrentAccount).Tenant != CoreContext.TenantManager.GetCurrentTenant().TenantId)
{
SecurityContext.Logout();
Response.Redirect("~/");
}
var currentUser = CoreContext.UserManager.GetUsers(SecurityContext.CurrentAccount.ID);
if (currentUser == Constants.LostUser || currentUser.Status != EmployeeStatus.Active)
{
SecurityContext.Logout();
Response.Redirect("~/");
}
ProcessSecureFilter();
if (!SecurityContext.IsAuthenticated &&
DocumentUtils.ParseShareLink(Request[UrlConstant.DocUrlKey]) == null)
{
//for demo
if (SetupInfo.WorkMode == WorkMode.Promo)
{
if (AutoAuthByPromo())
{
UserOnlineManager.Instance.RegistryOnlineUser(SecurityContext.CurrentAccount.ID);
Response.Redirect("~/");
return;
}
}
var refererURL = Request.GetUrlRewriter().AbsoluteUri;
if (!ValidateRefererUrl(refererURL))
{
refererURL = (string)Session["refererURL"];
}
if (!AutoAuthByCookies() && !CoreContext.TenantManager.GetCurrentTenant().Public)
{
Session["refererURL"] = refererURL;
Response.Redirect("~/auth.aspx");
return;
}
}
if (SecurityContext.IsAuthenticated)
{
UserOnlineManager.Instance.RegistryOnlineUser(SecurityContext.CurrentAccount.ID);
//try
//{
// StatisticManager.SaveUserVisit(TenantProvider.CurrentTenantID, SecurityContext.CurrentAccount.ID,
// (currentProduct == null ? Guid.Empty : currentProduct.ProductID));
//}
//catch (Exception exc)
//{
// Log.Error("failed save user visit", exc);
//}
}
CurrentSkin = WebSkin.GetUserSkin();
Theme = CurrentSkin.ASPTheme;
}
private static UserInfo GetUserInfo(Token token, out bool isNew)
{
isNew = false;
if (token == null)
{
Global.Logger.Error("GoogleDriveApp: token is null");
throw new SecurityException("Access token is null");
}
var resultResponse = string.Empty;
try
{
resultResponse = RequestHelper.PerformRequest(GoogleUrlUserInfo.Replace("{access_token}", HttpUtility.UrlEncode(token.ToString())));
Global.Logger.Debug("GoogleDriveApp: userinfo response - " + resultResponse);
}
catch (Exception ex)
{
Global.Logger.Error("GoogleDriveApp: userinfo request", ex);
}
var googleUserInfo = JObject.Parse(resultResponse);
if (googleUserInfo == null)
{
Global.Logger.Error("Error in userinfo request");
return(null);
}
var email = googleUserInfo.Value <string>("email");
var userInfo = CoreContext.UserManager.GetUserByEmail(email);
if (Equals(userInfo, Constants.LostUser))
{
userInfo = new UserInfo
{
FirstName = googleUserInfo.Value <string>("given_name"),
LastName = googleUserInfo.Value <string>("family_name"),
Email = email,
};
var gender = googleUserInfo.Value <string>("gender");
if (!string.IsNullOrEmpty(gender))
{
userInfo.Sex = gender == "male";
}
var cultureName = googleUserInfo.Value <string>("locale");
if (string.IsNullOrEmpty(cultureName))
{
cultureName = Thread.CurrentThread.CurrentUICulture.Name;
}
var cultureInfo = SetupInfo.EnabledCultures.Find(c => String.Equals(c.Name, cultureName, StringComparison.InvariantCultureIgnoreCase));
if (cultureInfo != null)
{
userInfo.CultureName = cultureInfo.Name;
}
else
{
Global.Logger.DebugFormat("From google app new personal user '{0}' without culture {1}", userInfo.Email, cultureName);
}
if (string.IsNullOrEmpty(userInfo.FirstName))
{
userInfo.FirstName = FilesCommonResource.UnknownFirstName;
}
if (string.IsNullOrEmpty(userInfo.LastName))
{
userInfo.LastName = FilesCommonResource.UnknownLastName;
}
var pwd = UserManagerWrapper.GeneratePassword();
try
{
SecurityContext.AuthenticateMe(ASC.Core.Configuration.Constants.CoreSystem);
userInfo = UserManagerWrapper.AddUser(userInfo, pwd);
}
finally
{
SecurityContext.Logout();
}
isNew = true;
Global.Logger.Debug("GoogleDriveApp: new user " + userInfo.ID);
}
return(userInfo);
}
[Create(@"register", false)] //NOTE: this method doesn't requires auth!!!
public string RegisterUserOnPersonal(string email, string lang, bool spam, bool analytics)
{
if (!CoreContext.Configuration.Personal)
{
throw new MethodAccessException("Method is only available on personal.onlyoffice.com");
}
try
{
if (CoreContext.Configuration.CustomMode)
{
lang = "ru-RU";
}
var cultureInfo = SetupInfo.EnabledCultures.Find(c => String.Equals(c.TwoLetterISOLanguageName, lang, StringComparison.InvariantCultureIgnoreCase));
if (cultureInfo != null)
{
Thread.CurrentThread.CurrentUICulture = cultureInfo;
}
email.ThrowIfNull(new ArgumentException(Resource.ErrorEmailEmpty, "email"));
if (!email.TestEmailRegex())
{
throw new ArgumentException(Resource.ErrorNotCorrectEmail, "email");
}
var newUserInfo = CoreContext.UserManager.GetUserByEmail(email);
if (CoreContext.UserManager.UserExists(newUserInfo.ID))
{
if (!SetupInfo.IsSecretEmail(email) || SecurityContext.IsAuthenticated)
{
throw new Exception(CustomNamingPeople.Substitute <Resource>("ErrorEmailAlreadyExists"));
}
try
{
SecurityContext.AuthenticateMe(Constants.CoreSystem);
CoreContext.UserManager.DeleteUser(newUserInfo.ID);
}
finally
{
SecurityContext.Logout();
}
}
if (!spam)
{
try
{
const string _databaseID = "com";
using (var db = DbManager.FromHttpContext(_databaseID))
{
db.ExecuteNonQuery(new SqlInsert("template_unsubscribe", false)
.InColumnValue("email", email.ToLowerInvariant())
.InColumnValue("reason", "personal")
);
LogManager.GetLogger("ASC.Web").Debug(String.Format("Write to template_unsubscribe {0}", email.ToLowerInvariant()));
}
}
catch (Exception ex)
{
LogManager.GetLogger("ASC.Web").Debug(String.Format("ERROR write to template_unsubscribe {0}, email:{1}", ex.Message, email.ToLowerInvariant()));
}
}
StudioNotifyService.Instance.SendInvitePersonal(email, String.Empty, analytics);
}
catch (Exception ex)
{
return(ex.Message);
}
return(string.Empty);
}
[Create(@"register", false)] //NOTE: This method doesn't require auth!!!
public string RegisterUserOnPersonal(string email, string lang, bool spam, string recaptchaResponse)
{
if (!CoreContext.Configuration.Personal)
{
throw new MethodAccessException("Method is only available on personal.onlyoffice.com");
}
try
{
if (CoreContext.Configuration.CustomMode)
{
lang = "ru-RU";
}
var cultureInfo = SetupInfo.GetPersonalCulture(lang).Value;
if (cultureInfo != null)
{
Thread.CurrentThread.CurrentUICulture = cultureInfo;
}
email.ThrowIfNull(new ArgumentException(Resource.ErrorEmailEmpty, "email"));
if (!email.TestEmailRegex())
{
throw new ArgumentException(Resource.ErrorNotCorrectEmail, "email");
}
if (!SetupInfo.IsSecretEmail(email) &&
!string.IsNullOrEmpty(SetupInfo.RecaptchaPublicKey) && !string.IsNullOrEmpty(SetupInfo.RecaptchaPrivateKey))
{
var ip = Request.Headers["X-Forwarded-For"] ?? Request.UserHostAddress;
if (String.IsNullOrEmpty(recaptchaResponse) ||
!Authorize.ValidateRecaptcha(recaptchaResponse, ip))
{
throw new Authorize.RecaptchaException(Resource.RecaptchaInvalid);
}
}
var newUserInfo = CoreContext.UserManager.GetUserByEmail(email);
if (CoreContext.UserManager.UserExists(newUserInfo.ID))
{
if (!SetupInfo.IsSecretEmail(email) || SecurityContext.IsAuthenticated)
{
throw new Exception(CustomNamingPeople.Substitute <Resource>("ErrorEmailAlreadyExists"));
}
try
{
SecurityContext.CurrentAccount = Constants.CoreSystem;
CoreContext.UserManager.DeleteUser(newUserInfo.ID);
}
finally
{
SecurityContext.Logout();
}
}
if (!spam)
{
try
{
const string _databaseID = "com";
using (var db = DbManager.FromHttpContext(_databaseID))
{
db.ExecuteNonQuery(new SqlInsert("template_unsubscribe", false)
.InColumnValue("email", email.ToLowerInvariant())
.InColumnValue("reason", "personal")
);
Log.Debug(String.Format("Write to template_unsubscribe {0}", email.ToLowerInvariant()));
}
}
catch (Exception ex)
{
Log.Debug(String.Format("ERROR write to template_unsubscribe {0}, email:{1}", ex.Message, email.ToLowerInvariant()));
}
}
StudioNotifyService.Instance.SendInvitePersonal(email);
}
catch (Exception ex)
{
return(ex.Message);
}
return(string.Empty);
}
[Create(@"{code}", false, false)] //NOTE: This method doesn't require auth!!! //NOTE: This method doesn't check payment!!!
public AuthenticationTokenData AuthenticateMe(string userName, string password, string provider, string accessToken, string code, string codeOAuth)
{
bool viaEmail;
var user = GetUser(userName, password, provider, accessToken, out viaEmail, codeOAuth);
var sms = false;
try
{
if (StudioSmsNotificationSettings.IsVisibleAndAvailableSettings && StudioSmsNotificationSettings.Enable)
{
sms = true;
SmsManager.ValidateSmsCode(user, code, true);
}
else if (TfaAppAuthSettings.IsVisibleSettings && TfaAppAuthSettings.Enable)
{
if (user.ValidateAuthCode(code, true, true))
{
MessageService.Send(Request, MessageAction.UserConnectedTfaApp, MessageTarget.Create(user.ID));
}
}
else
{
throw new SecurityException("Auth code is not available");
}
var token = CookiesManager.AuthenticateMeAndSetCookies(user.Tenant, user.ID, MessageAction.LoginSuccess);
var tenant = CoreContext.TenantManager.GetCurrentTenant().TenantId;
var expires = TenantCookieSettings.GetExpiresTime(tenant);
var result = new AuthenticationTokenData
{
Token = token,
Expires = new ApiDateTime(expires)
};
if (sms)
{
result.Sms = true;
result.PhoneNoise = SmsSender.BuildPhoneNoise(user.MobilePhone);
}
else
{
result.Tfa = true;
}
return(result);
}
catch
{
MessageService.Send(Request, user.DisplayUserName(false), sms
? MessageAction.LoginFailViaApiSms
: MessageAction.LoginFailViaApiTfa,
MessageTarget.Create(user.ID));
throw new AuthenticationException("User authentication failed");
}
finally
{
SecurityContext.Logout();
}
}
