public static AuthenticateResult CheckUser(User user, string username, GeneralSettingsApp generalSetting)
{
var authenticateResult = new AuthenticateResult
{
Username = username,
IsAuthenticated = false,
CheckUserIsOk = false
};
if (user == null)
{
authenticateResult.MessageCode = "alerts:error.user_not_found";
authenticateResult.MessageDescription = "User not found.";
}
else if (!user.Active)
{
authenticateResult.MessageCode = "alerts:error.user_disabled";
authenticateResult.MessageDescription = "The user is disabled.";
}
else if (!AuthenticationTypeEnabledForUser(user.AuthenticationType, generalSetting))
{
authenticateResult.MessageCode = "alerts:error.authentication_type_disabled";
authenticateResult.MessageDescription = "Authentication type disabled";
}
else
{
authenticateResult.CheckUserIsOk = true;
}
return(authenticateResult);
}
public JsonResult Set(GeneralSettingsApp setting)
{
var generalSettings = SettingHelper.ParseObjectToSettingDataBase(setting);
using (var context = new AppDbContext())
{
var settingDataBase = context.GeneralSettings.ToArray();
foreach (var item in generalSettings)
{
if (item.SettingName == "SMTPCredentialsPassword")
{
var actualPassword = SettingHelper.Get(true).SMTPCredentialsPassword;
if (!UserChangedSMTPCredentialsPassword(item.ValueString, actualPassword))
{
continue;
}
}
var settingItem = settingDataBase.Single(x => x.SettingName == item.SettingName);
settingItem.ValueBool = item.ValueBool;
settingItem.ValueInt = item.ValueInt;
settingItem.ValueString = item.ValueString;
}
context.SaveChanges();
}
SettingHelper.RefreshCache();
return(Json(setting, JsonRequestBehavior.AllowGet));
}
public void ParseObjectToSettingDataBaseTest()
{
var settings = new GeneralSettingsApp
{
PasswordRequiredMinimumLength = 3,
PasswordRequireDigit = false,
PasswordRequireLowercase = false,
PasswordRequireUppercase = false,
PasswordRequireNonLetterOrDigit = false,
PasswordHistoryLimit = 3,
AccessTokenExpireTimeSpanInMinutes = 30,
UserLockoutEnabledByDefault = true,
DefaultAccountLockoutTimeInMinutes = 2,
MaxFailedAccessAttemptsBeforeLockout = 4,
AuthenticateDataBase = true,
AuthenticateActiveDirectory = true,
ActiveDirectoryType = ActiveDirectoryType.Server,
ActiveDirectoryDomain = "itlab.local",
ActiveDirectoryDN = "dc=itlab,dc=local",
SMTPDeliveryMethod = System.Net.Mail.SmtpDeliveryMethod.SpecifiedPickupDirectory,
SMTPPickupDirectoryLocation = @"c:\temp\email"
};
var generalSettingsDataBase = SettingHelper.ParseObjectToSettingDataBase(settings);
foreach (var item in settings.GetType().GetProperties())
{
var settingItem = generalSettingsDataBase.Where(x => x.SettingName == item.Name).SingleOrDefault();
Assert.IsNotNull(settingItem);
}
}
public void AuthenticationTypeEnabledForUser_ActiveDirectoryDisabled()
{
var generalSeetings = new GeneralSettingsApp {
AuthenticateActiveDirectory = false
};
Assert.AreEqual(false, ApplicationOAuthProvider.AuthenticationTypeEnabledForUser(AuthenticationType.ActiveDirectory, generalSeetings));
}
public void AuthenticationTypeEnabledForUser_DataBaseDisabled()
{
var generalSeetings = new GeneralSettingsApp {
AuthenticateDataBase = false
};
Assert.AreEqual(false, ApplicationOAuthProvider.AuthenticationTypeEnabledForUser(AuthenticationType.DataBase, generalSeetings));
}
public void CheckUser_UserNotFound()
{
var generalSeetings = new GeneralSettingsApp();
var authenticateResult = ApplicationOAuthProvider.CheckUser(null, "user.test", generalSeetings);
Assert.AreEqual(false, authenticateResult.CheckUserIsOk);
Assert.AreEqual("alerts:error.user_not_found", authenticateResult.MessageCode);
}
public void CheckUser_UserDisabled()
{
User user = new User()
{
UserName = "******", Active = false
};
var generalSeetings = new GeneralSettingsApp();
var authenticateResult = ApplicationOAuthProvider.CheckUser(user, user.UserName, generalSeetings);
Assert.AreEqual(false, authenticateResult.CheckUserIsOk);
Assert.AreEqual("alerts:error.user_disabled", authenticateResult.MessageCode);
}
public void CheckUser_AuthenticateTypeActiveDirectoryEnabled()
{
User user = new User()
{
UserName = "******", Active = true, AuthenticationType = AuthenticationType.ActiveDirectory
};
var generalSeetings = new GeneralSettingsApp()
{
AuthenticateActiveDirectory = true
};
var authenticateResult = ApplicationOAuthProvider.CheckUser(user, user.UserName, generalSeetings);
Assert.AreEqual(true, authenticateResult.CheckUserIsOk);
}
public void CheckUser_AuthenticateTypeActiveDirectoryDisabled()
{
User user = new User()
{
UserName = "******", Active = true, AuthenticationType = AuthenticationType.ActiveDirectory
};
var generalSeetings = new GeneralSettingsApp()
{
AuthenticateActiveDirectory = false
};
var authenticateResult = ApplicationOAuthProvider.CheckUser(user, user.UserName, generalSeetings);
Assert.AreEqual(false, authenticateResult.CheckUserIsOk);
Assert.AreEqual("alerts:error.authentication_type_disabled", authenticateResult.MessageCode);
}
private User ConfigUserTestPasswordExpire(int settingPasswordExpiresInDays, AuthenticationType authenticationType, DateTime creationDate, DateTime?lastPasswordChangeDate)
{
var settings = new GeneralSettingsApp
{
PasswordExpiresInDays = settingPasswordExpiresInDays
};
SettingHelper.AddInCache(settings);
var user = new User
{
AuthenticationType = authenticationType,
CreationDate = creationDate,
LastPasswordChangedDate = lastPasswordChangeDate
};
return(user);
}
private void SetGeneralSettings()
{
var settings = new GeneralSettingsApp
{
PasswordRequiredMinimumLength = 3,
PasswordRequireDigit = true,
PasswordRequireLowercase = false,
PasswordRequireUppercase = false,
PasswordRequireNonLetterOrDigit = false,
PasswordHistoryLimit = 3,
PasswordExpiresInDays = 365,
AccessTokenExpireTimeSpanInMinutes = 30,
UserLockoutEnabledByDefault = true,
DefaultAccountLockoutTimeInMinutes = 2,
MaxFailedAccessAttemptsBeforeLockout = 4,
AuthenticateDataBase = true,
AuthenticateActiveDirectory = false,
ActiveDirectoryType = ActiveDirectoryType.Server,
ActiveDirectoryDomain = "itlab.local",
ActiveDirectoryDN = "dc=itlab,dc=local",
SMTPDeliveryMethod = System.Net.Mail.SmtpDeliveryMethod.SpecifiedPickupDirectory,
SMTPPickupDirectoryLocation = @"c:\temp\ITLab.TreinamentoWebAPI\email",
SMTPDefaultFromAddress = "*****@*****.**",
LayoutSkin = "skin-grey",
UploadDirectoryTemp = @"c:\temp\ITLab.TreinamentoWebAPI\UploadFileTemp"
};
var generalSettings = SettingHelper.ParseObjectToSettingDataBase(settings);
foreach (var setting in generalSettings)
{
_context.GeneralSettings.Add(setting);
}
_context.SaveChanges();
}
public void CheckAuthenticatedInDataBase_UserPasswordNotExpired()
{
var signInStatus = Microsoft.AspNet.Identity.Owin.SignInStatus.Success;
var AuthenticateResult = new AuthenticateResult();
var settings = new GeneralSettingsApp
{
PasswordExpiresInDays = 2
};
SettingHelper.AddInCache(settings);
var user = new User()
{
AuthenticationType = AuthenticationType.DataBase,
LastPasswordChangedDate = DateTime.Now.Date.AddDays(-1)
};
var authenticateResult = ApplicationOAuthProvider.CheckAuthenticatedInDataBase(user, AuthenticateResult, signInStatus);
Assert.AreEqual(true, authenticateResult.IsAuthenticated);
}
public void CheckAuthenticatedInDataBase_UserPasswordExpired()
{
var signInStatus = Microsoft.AspNet.Identity.Owin.SignInStatus.Success;
var AuthenticateResult = new AuthenticateResult();
var settings = new GeneralSettingsApp {
PasswordExpiresInDays = 1
};
SettingHelper.AddInCache(settings);
var user = new User()
{
AuthenticationType = AuthenticationType.DataBase,
LastPasswordChangedDate = DateTime.Now.Date.AddDays(-(SettingHelper.Get().PasswordExpiresInDays + 1))
};
var authenticateResult = ApplicationOAuthProvider.CheckAuthenticatedInDataBase(user, AuthenticateResult, signInStatus);
Assert.AreEqual(false, authenticateResult.IsAuthenticated);
Assert.AreEqual("alerts:warning.user_password_expired", authenticateResult.MessageCode);
}
public static bool AuthenticationTypeEnabledForUser(AuthenticationType userAuthenticationType, GeneralSettingsApp generalSettings)
{
var result = (userAuthenticationType == AuthenticationType.DataBase && generalSettings.AuthenticateDataBase) || (userAuthenticationType == AuthenticationType.ActiveDirectory && generalSettings.AuthenticateActiveDirectory);
return(result);
}
private static void HashSensitiveInformation(GeneralSettingsApp settings)
{
settings.SMTPCredentialsPassword = settings.SMTPCredentialsPassword.GetHash();
}
