|
public AdjustBlockingScoreForPastTyposTreatedAsFullFailures ( |
||
| simulator | ||
| account | The account that the client is currently trying to login to. | |
| whenUtc | System.DateTime | |
| correctPassword | string | The correct password for this account. (We can only know it because /// the client must have provided the correct one this loginAttempt.) |
| Результат | void | |
public void UpdateSimulatorState(Simulator simulator, SimIpHistory ipHistory)
{
IsRepeatFailure = !IsPasswordValid && (
(SimAccount == null)
? simulator._recentIncorrectPasswords.AddMember(UserNameOrAccountId + "\n" + Password)
: simulator._userAccountController.AddIncorrectPhaseTwoHash(SimAccount, Password, TimeOfAttemptUtc)
);
int passwordsHeightOnBinomialLadder = (IsPasswordValid || IsRepeatFailure)
? simulator._binomialLadderFilter.GetHeight(Password)
: simulator._binomialLadderFilter.Step(Password);
IsFrequentlyGuessedPassword = passwordsHeightOnBinomialLadder >=
simulator._experimentalConfiguration.BlockingOptions.BinomialLadderFrequencyThreshdold_T;
DeviceCookieHadPriorSuccessfulLoginForThisAccount = SimAccount != null &&
simulator._userAccountController.HasClientWithThisHashedCookieSuccessfullyLoggedInBefore(SimAccount, CookieProvidedByBrowser);
if (SimAccount != null && IsPasswordValid)
{
// Determine if any of the outcomes for login attempts from the client IP for this request were the result of typos,
// as this might impact our decision about whether or not to block this client IP in response to its past behaviors.
ipHistory.AdjustBlockingScoreForPastTyposTreatedAsFullFailures(simulator, SimAccount, TimeOfAttemptUtc,
Password);
simulator._userAccountController.RecordHashOfDeviceCookieUsedDuringSuccessfulLoginBackground(
SimAccount, CookieProvidedByBrowser, TimeOfAttemptUtc);
// Clear the count of consecutive failures
SimAccount.ConsecutiveIncorrectAttempts.SetValue(0, this.TimeOfAttemptUtc);
}
else if (SimAccount != null && !IsRepeatFailure)
{
// Add the the account's consecutive failure count
SimAccount.ConsecutiveIncorrectAttempts.AddInPlace(
simulator._experimentalConfiguration.BlockingOptions.BlockScoreHalfLife, 1d,
this.TimeOfAttemptUtc);
// Increase the max consecutive faiulre count if the current consecutive failure count exceeds it
if (SimAccount.ConsecutiveIncorrectAttempts.GetValue(
simulator._experimentalConfiguration.BlockingOptions.BlockScoreHalfLife)
>
SimAccount.MaxConsecutiveIncorrectAttempts.GetValue(
simulator._experimentalConfiguration.BlockingOptions.BlockScoreHalfLife))
SimAccount.MaxConsecutiveIncorrectAttempts.SetValue(SimAccount.ConsecutiveIncorrectAttempts);
}
if (!IsPasswordValid && !IsRepeatFailure && SimAccount != null)
{
// This attempt is a non-repeat failure and could be a typo. Store it in the ste of potential typos.
ipHistory.RecentPotentialTypos.Add(new SimLoginAttemptSummaryForTypoAnalysis()
{
WhenUtc = TimeOfAttemptUtc,
Password = Password,
UsernameOrAccountId = UserNameOrAccountId,
WasPasswordFrequent = IsFrequentlyGuessedPassword
});
}
DecayingDouble decayingOneFromThisInstant = new DecayingDouble(1, TimeOfAttemptUtc);
TimeSpan halfLife = simulator._experimentalConfiguration.BlockingOptions.BlockScoreHalfLife;
if (IsPasswordValid)
{
ipHistory.SuccessfulLogins.AddInPlace(halfLife, decayingOneFromThisInstant);
} else if (SimAccount == null)
{
if (IsRepeatFailure)
{
if (IsFrequentlyGuessedPassword)
ipHistory.RepeatAccountFailuresFrequentPassword.AddInPlace(halfLife, decayingOneFromThisInstant);
else
ipHistory.RepeatAccountFailuresInfrequentPassword.AddInPlace(halfLife, decayingOneFromThisInstant);
}
else
{
if (IsFrequentlyGuessedPassword)
ipHistory.AccountFailuresFrequentPassword.AddInPlace(halfLife, decayingOneFromThisInstant);
else
ipHistory.AccountFailuresInfrequentPassword.AddInPlace(halfLife, decayingOneFromThisInstant);
}
}
else
{
if (IsRepeatFailure)
{
if (IsFrequentlyGuessedPassword)
ipHistory.RepeatPasswordFailuresNoTypoFrequentPassword.AddInPlace(halfLife, decayingOneFromThisInstant);
else
ipHistory.RepeatPasswordFailuresNoTypoInfrequentPassword.AddInPlace(halfLife, decayingOneFromThisInstant);
}
else
{
if (IsFrequentlyGuessedPassword)
ipHistory.PasswordFailuresNoTypoFrequentPassword.AddInPlace(halfLife, decayingOneFromThisInstant);
else
ipHistory.PasswordFailuresNoTypoInfrequentPassword.AddInPlace(halfLife, decayingOneFromThisInstant);
}
}
}
public void UpdateSimulatorState(Simulator simulator, SimIpHistory ipHistory)
{
IsRepeatFailure = (SimAccount == null)
? simulator._recentIncorrectPasswords.AddMember(UserNameOrAccountId + "\n" + Password)
: simulator._userAccountController.AddIncorrectPhaseTwoHashAsync(SimAccount, Password, TimeOfAttemptUtc).Result;
int passwordsHeightOnBinomialLadder = IsPasswordValid
? simulator._binomialLadderFilter.GetHeight(Password)
: simulator._binomialLadderFilter.Step(Password);
IsFrequentlyGuessedPassword = passwordsHeightOnBinomialLadder + 1 >=
simulator._binomialLadderFilter.MaxHeight;
if (SimAccount != null)
{
DeviceCookieHadPriorSuccessfulLoginForThisAccount =
simulator._userAccountController.HasClientWithThisHashedCookieSuccessfullyLoggedInBeforeAsync(
SimAccount, CookieProvidedByBrowser).Result;
}
if (IsPasswordValid)
{
// Determine if any of the outcomes for login attempts from the client IP for this request were the result of typos,
// as this might impact our decision about whether or not to block this client IP in response to its past behaviors.
ipHistory.AdjustBlockingScoreForPastTyposTreatedAsFullFailures(simulator, SimAccount, TimeOfAttemptUtc,
Password);
if (SimAccount != null)
{
simulator._userAccountController.RecordHashOfDeviceCookieUsedDuringSuccessfulLoginBackground(
SimAccount, CookieProvidedByBrowser, TimeOfAttemptUtc);
}
}
if (!IsPasswordValid && !IsRepeatFailure && SimAccount != null)
{
ipHistory.RecentPotentialTypos.Add(new SimLoginAttemptSummaryForTypoAnalysis()
{
WhenUtc = TimeOfAttemptUtc,
Password = Password,
UsernameOrAccountId = UserNameOrAccountId,
WasPasswordFrequent = IsFrequentlyGuessedPassword
});
}
DecayingDouble decayingOneFromThisInstant = new DecayingDouble(1, TimeOfAttemptUtc);
TimeSpan halfLife = simulator._experimentalConfiguration.BlockingOptions.BlockScoreHalfLife;
if (IsPasswordValid)
{
ipHistory.SuccessfulLogins.AddInPlace(halfLife, decayingOneFromThisInstant);
}
else if (SimAccount == null)
{
if (IsRepeatFailure)
{
if (IsFrequentlyGuessedPassword)
{
ipHistory.RepeatAccountFailuresFrequentPassword.AddInPlace(halfLife, decayingOneFromThisInstant);
}
else
{
ipHistory.RepeatAccountFailuresInfrequentPassword.AddInPlace(halfLife, decayingOneFromThisInstant);
}
}
else
{
if (IsFrequentlyGuessedPassword)
{
ipHistory.AccountFailuresFrequentPassword.AddInPlace(halfLife, decayingOneFromThisInstant);
}
else
{
ipHistory.AccountFailuresInfrequentPassword.AddInPlace(halfLife, decayingOneFromThisInstant);
}
}
}
else
{
if (IsRepeatFailure)
{
if (IsFrequentlyGuessedPassword)
{
ipHistory.RepeatPasswordFailuresNoTypoFrequentPassword.AddInPlace(halfLife, decayingOneFromThisInstant);
}
else
{
ipHistory.RepeatPasswordFailuresNoTypoInfrequentPassword.AddInPlace(halfLife, decayingOneFromThisInstant);
}
}
else
{
if (IsFrequentlyGuessedPassword)
{
ipHistory.PasswordFailuresNoTypoFrequentPassword.AddInPlace(halfLife, decayingOneFromThisInstant);
}
else
{
ipHistory.PasswordFailuresNoTypoInfrequentPassword.AddInPlace(halfLife, decayingOneFromThisInstant);
}
}
}
}
public void UpdateSimulatorState(Simulator simulator, SimIpHistory ipHistory)
{
IsRepeatFailure = !IsPasswordValid && (
(SimAccount == null)
? simulator._recentIncorrectPasswords.AddMember(UserNameOrAccountId + "\n" + Password)
: simulator._userAccountController.AddIncorrectPhaseTwoHash(SimAccount, Password, TimeOfAttemptUtc)
);
int passwordsHeightOnBinomialLadder = (IsPasswordValid || IsRepeatFailure)
? simulator._binomialLadderFilter.GetHeight(Password)
: simulator._binomialLadderFilter.Step(Password);
IsFrequentlyGuessedPassword = passwordsHeightOnBinomialLadder >=
simulator._experimentalConfiguration.BlockingOptions.BinomialLadderFrequencyThreshdold_T;
DeviceCookieHadPriorSuccessfulLoginForThisAccount = SimAccount != null &&
simulator._userAccountController.HasClientWithThisHashedCookieSuccessfullyLoggedInBefore(SimAccount, CookieProvidedByBrowser);
if (SimAccount != null && IsPasswordValid)
{
// Determine if any of the outcomes for login attempts from the client IP for this request were the result of typos,
// as this might impact our decision about whether or not to block this client IP in response to its past behaviors.
ipHistory.AdjustBlockingScoreForPastTyposTreatedAsFullFailures(simulator, SimAccount, TimeOfAttemptUtc,
Password);
simulator._userAccountController.RecordHashOfDeviceCookieUsedDuringSuccessfulLoginBackground(
SimAccount, CookieProvidedByBrowser, TimeOfAttemptUtc);
// Clear the count of consecutive failures
SimAccount.ConsecutiveIncorrectAttempts.SetValue(0, this.TimeOfAttemptUtc);
}
else if (SimAccount != null && !IsRepeatFailure)
{
// Add the the account's consecutive failure count
SimAccount.ConsecutiveIncorrectAttempts.AddInPlace(
simulator._experimentalConfiguration.BlockingOptions.BlockScoreHalfLife, 1d,
this.TimeOfAttemptUtc);
// Increase the max consecutive faiulre count if the current consecutive failure count exceeds it
if (SimAccount.ConsecutiveIncorrectAttempts.GetValue(
simulator._experimentalConfiguration.BlockingOptions.BlockScoreHalfLife)
>
SimAccount.MaxConsecutiveIncorrectAttempts.GetValue(
simulator._experimentalConfiguration.BlockingOptions.BlockScoreHalfLife))
{
SimAccount.MaxConsecutiveIncorrectAttempts.SetValue(SimAccount.ConsecutiveIncorrectAttempts);
}
}
if (!IsPasswordValid && !IsRepeatFailure && SimAccount != null)
{
// This attempt is a non-repeat failure and could be a typo. Store it in the ste of potential typos.
ipHistory.RecentPotentialTypos.Add(new SimLoginAttemptSummaryForTypoAnalysis()
{
WhenUtc = TimeOfAttemptUtc,
Password = Password,
UsernameOrAccountId = UserNameOrAccountId,
WasPasswordFrequent = IsFrequentlyGuessedPassword
});
}
DecayingDouble decayingOneFromThisInstant = new DecayingDouble(1, TimeOfAttemptUtc);
TimeSpan halfLife = simulator._experimentalConfiguration.BlockingOptions.BlockScoreHalfLife;
if (IsPasswordValid)
{
ipHistory.SuccessfulLogins.AddInPlace(halfLife, decayingOneFromThisInstant);
}
else if (SimAccount == null)
{
if (IsRepeatFailure)
{
if (IsFrequentlyGuessedPassword)
{
ipHistory.RepeatAccountFailuresFrequentPassword.AddInPlace(halfLife, decayingOneFromThisInstant);
}
else
{
ipHistory.RepeatAccountFailuresInfrequentPassword.AddInPlace(halfLife, decayingOneFromThisInstant);
}
}
else
{
if (IsFrequentlyGuessedPassword)
{
ipHistory.AccountFailuresFrequentPassword.AddInPlace(halfLife, decayingOneFromThisInstant);
}
else
{
ipHistory.AccountFailuresInfrequentPassword.AddInPlace(halfLife, decayingOneFromThisInstant);
}
}
}
else
{
if (IsRepeatFailure)
{
if (IsFrequentlyGuessedPassword)
{
ipHistory.RepeatPasswordFailuresNoTypoFrequentPassword.AddInPlace(halfLife, decayingOneFromThisInstant);
}
else
{
ipHistory.RepeatPasswordFailuresNoTypoInfrequentPassword.AddInPlace(halfLife, decayingOneFromThisInstant);
}
}
else
{
if (IsFrequentlyGuessedPassword)
{
ipHistory.PasswordFailuresNoTypoFrequentPassword.AddInPlace(halfLife, decayingOneFromThisInstant);
}
else
{
ipHistory.PasswordFailuresNoTypoInfrequentPassword.AddInPlace(halfLife, decayingOneFromThisInstant);
}
}
}
}
