/// <summary> /// The dispose method /// </summary> public void Dispose() { // The profile api MUST be disposed of correctly, else we nick all the connections! if (_signInComponent != null) { _signInComponent.Dispose(); _signInComponent = null; } }
public void DebugIdentityUserID(string debugUserID) { #if DEBUG _debugIdentityUserID = debugUserID; if (_debugIdentityUserID.Length > 0) { _signInComponent = SignInComponentFactory.CreateSignInComponent(_debugIdentityUserID, SignInSystem.DebugIdentity); } #else _debugIdentityUserID = ""; #endif }
/// <summary> /// <param name="signInComponent"></param> /// <param name="ssoLoginName"></param> /// <param name="ssoEmail"></param> /// <param name="ssoFirstNames"></param> /// <param name="ssoLastName"></param> /// <param name="identityUserID"></param> /// <param name="ssoUserID"></param> /// <param name="ssoDisplayName"></param> /// </summary> private bool ReadUserSSODetails(IDnaIdentityWebServiceProxy signInComponent, out string ssoLoginName, out string ssoEmail, out string ssoFirstNames, out string ssoLastName, out string identityUserID, out int ssoUserID, out string ssoDisplayName) { ssoLoginName = signInComponent.LoginName; ssoDisplayName = string.Empty; if (signInComponent.DoesAttributeExistForService(InputContext.CurrentSite.SSOService, "displayname")) { ssoDisplayName = signInComponent.GetUserAttribute("displayname"); } ssoEmail = string.Empty; if (signInComponent.DoesAttributeExistForService(InputContext.CurrentSite.SSOService, "email")) { ssoEmail = signInComponent.GetUserAttribute("email"); } ssoFirstNames = string.Empty; if (signInComponent.DoesAttributeExistForService(InputContext.CurrentSite.SSOService, "firstname")) { ssoFirstNames = signInComponent.GetUserAttribute("firstname"); } ssoLastName = string.Empty; if (signInComponent.DoesAttributeExistForService(InputContext.CurrentSite.SSOService, "lastname")) { ssoLastName = signInComponent.GetUserAttribute("lastname"); } ssoUserID = 0; identityUserID = signInComponent.UserID; if (signInComponent.GetUserAttribute("legacy_user_id").Length > 0) { ssoUserID = Convert.ToInt32(signInComponent.GetUserAttribute("legacy_user_id")); } return true; }
/// <summary> /// Tries to find the userid dna id from their sign id /// </summary> /// <param name="signInComponent">The current signin component</param> /// <param name="overideSignInUserID">If this is greater than 0, then it is used instead of the signin objects userid</param> private void GetDnaUserIDFromSignInID(IDnaIdentityWebServiceProxy signInComponent, string overideSignInUserID) { // Get the DnaUserID associated with the SignInUserID string identityUserID = signInComponent.UserID; if (overideSignInUserID.Length > 0) { identityUserID = overideSignInUserID; } string databaseProc = "GetDnaUserIDFromIdentityUserID"; string signInIDName = "IdentityUserID"; // Now get the user id using (IDnaDataReader reader = InputContext.CreateDnaDataReader(databaseProc)) { reader.AddParameter(signInIDName, identityUserID); reader.Execute(); if (reader.HasRows && reader.Read()) { _userID = reader.GetInt32("DnaUserID"); } } }
/// <summary> /// Method that tries to login in the user with a cookie. /// Requires Profile API to be initialised. /// </summary> /// <param name="signInComponent">Initialised SignIn Component</param> /// <param name="autoLogIn">Indicates whether user login was performed.</param> /// <param name="migrated">Indicate whether the user is migrating. This happens when we can't find the identity userid, but we can the legacy sso id</param> private void TryLoginUser(ref IDnaIdentityWebServiceProxy signInComponent, ref bool autoLogIn, ref bool migrated) { autoLogIn = false; _userID = 0; // Check to see if they are logged in _userLoggedIn = signInComponent.IsUserLoggedIn; if (!_userLoggedIn) { try { // Try to log them into the service _userLoggedIn = signInComponent.LoginUser(); autoLogIn = _userLoggedIn; } catch (ProfileAPIException ex) { // Catch any Profile Exceptions, but don't throw as we can carry on without the user being logged in InputContext.Diagnostics.WriteWarningToLog("User", "Failed to log in user"); InputContext.Diagnostics.WriteExceptionToLog(ex); _userLoggedIn = false; } //catch (MySql.Data.MySqlClient.MySqlException ex) //{ // InputContext.Diagnostics.WriteWarningToLog("User", "Failed to log in user"); // InputContext.Diagnostics.WriteExceptionToLog(ex); // _userLoggedIn = false; //} } _loginName = signInComponent.LoginName; // Now get the userid if we logged them in ok if (_userLoggedIn) { GetDnaUserIDFromSignInID(signInComponent, ""); if (_userID == 0 && signInComponent.SignInSystemType == SignInSystem.Identity) { if (signInComponent.DoesAttributeExistForService(InputContext.CurrentSite.SSOService, "legacy_user_id")) { int legacyID = 0; if (int.TryParse(signInComponent.GetUserAttribute("legacy_user_id"), out legacyID)) { GetDnaUserIDFromSignInID(signInComponent, legacyID.ToString()); migrated = true; } } } } }
/// <summary> /// Initialises profile connection. /// </summary> /// <param name="cookie">Dna Cookie to login with</param> /// <param name="signInComponent">Initialised ProfileAPI</param> private bool InitialiseProfileAPI(DnaCookie cookie, ref IDnaIdentityWebServiceProxy signInComponent) { InputContext.Diagnostics.WriteTimedEventToLog("SSO", "Start"); DateTime timer = DateTime.Now; // Set the current user. If this returns false, it means the user was not signed in correctly string decodedCookie = cookie.Value; // Get a profile connection if (signInComponent.SignInSystemType == SignInSystem.Identity) { signInComponent.SetService(InputContext.CurrentSite.IdentityPolicy); } else { signInComponent.SetService(InputContext.CurrentSite.SSOService); } InputContext.Diagnostics.WriteTimedEventToLog("SSO","End"); // Check to see if the service was set ok before calling any user functions if (!signInComponent.IsServiceSet) { InputContext.Diagnostics.WriteToLog("---** SignIn **---", "Service not set!!!"); return false; } string secureCookie = ""; if (InputContext.GetCookie("IDENTITY-HTTPS") != null) { secureCookie = InputContext.GetCookie("IDENTITY-HTTPS").Value; } bool userSet = signInComponent.TrySecureSetUserViaCookies(decodedCookie, secureCookie) || signInComponent.IsUserSignedIn; InputContext.IsSecureRequest = signInComponent.IsSecureRequest; InputContext.Diagnostics.WriteToLog("---** InputContext.IsSecureRequest **---", InputContext.IsSecureRequest.ToString()); if (!userSet) { InputContext.Diagnostics.WriteToLog("---** SignIn **---", "Set user with cookie failed!!! - " + decodedCookie); if (secureCookie.Length > 0) { InputContext.Diagnostics.WriteToLog("---** SignIn **---", "Set user with secure cookie failed!!! - " + secureCookie); } InputContext.Diagnostics.WriteToLog("---** SignIn **---", "Timing Info: "+signInComponent.GetLastTimingInfo()); return false; } Statistics.AddIdentityCallDuration(TimeSpan.FromTicks(DateTime.Now.Ticks - timer.Ticks).Milliseconds); return true; }
/// <summary> /// Checks to see if the current users email is in the banned email list /// </summary> /// <param name="signInComponent">The Signin component for this request</param> /// <returns>True if they are, false if not</returns> /// <remarks>If there are any problems encounted within the method, then it defaults by returning true for safety reasons.</remarks> private bool IsEmailInBannedList(IDnaIdentityWebServiceProxy signInComponent) { // User should be logged in before calling this method if (!signInComponent.IsUserLoggedIn) { return true; } // Get the current users cookie DnaCookie cookie; if (signInComponent.SignInSystemType == SignInSystem.Identity) { cookie = InputContext.GetCookie("IDENTITY"); } else { cookie = InputContext.GetCookie("SSO2-UID"); } bool validCookie = (cookie != null && cookie.Value != null && cookie.Value.Length >= 64); // Check to see if the users cookie is in the banned cookie list if (validCookie) { // Lock the banned list while we check Monitor.Enter(_lock); try { foreach (string bannedCookie in AppContext.BannedCookies) { // If we find a match, then return true as they are banned if (cookie.Value.CompareTo(bannedCookie) == 0) { return true; } } } finally { Monitor.Exit(_lock); } } // Now check to see if their email is in the banned list in the database string ssoEmail = string.Empty; if (signInComponent.DoesAttributeExistForService(InputContext.CurrentSite.SSOService, "email")) { // Get the email for this current user ssoEmail = signInComponent.GetUserAttribute("email"); } else { // The service does not support emails, nothing to check. Return not banned return false; } // Make sure we have an email from SSO if (ssoEmail.Length == 0) { return true; } // Check it against the database using (IDnaDataReader reader = InputContext.CreateDnaDataReader("IsEmailInBannedList")) { // Add the email param, execute and then check the return value reader.AddParameter("Email", ssoEmail); reader.Execute(); // Check to make sure we got something back! if (!reader.HasRows || !reader.Read()) { return true; } // If they are banned and they have a valid cookie, add them to the banned list and return true if (reader.GetInt32("IsBanned") > 0) { // Add the users cookie to the banned cookie list, and then return if (validCookie) { // Lock the banned list while we add the cookie Monitor.Enter(_lock); try { AppContext.BannedCookies.Add(cookie.Value); } finally { Monitor.Exit(_lock); } } return true; } } // If we get here, then we're not banned return false; }
private void InitialiseFromConfig(string rootPath) { if (rootPath == null) { //Use the config frm the dnapages directory. rootPath = TestConfig.GetConfig().GetRipleyServerPath(); } if (_signInComponent == null) { if (_useIdentity) { string identityWebServiceConnetionDetails = GetConnectionDetails["IdentityURL"].ConnectionString; if (_debugUserDetails.Length == 0) { _signInComponent = new DnaIdentityWebServiceProxy.IdentityRestSignIn(identityWebServiceConnetionDetails, ""); Console.WriteLine("Using REAL Identity signin system"); } else { _signInComponent = new DnaIdentityWebServiceProxy.IdentityDebugSigninComponent(_debugUserDetails); Console.WriteLine("Using DEBUG Identity signin system"); } } else { throw new Exception("SSO Sign in is nologer supported! Please rewrite your test to use identity."); } } if (_dnaConfig == null) { _dnaConfig = new DnaConfig(rootPath); //_dnaConfig.Initialise(); string dir = System.Environment.CurrentDirectory + @"\logs\"; Directory.CreateDirectory(dir); DnaDiagnostics.Initialise(dir, "DNATestUtils"); DnaDiagnostics.WriteHeader("TEST-FullInputContext"); } ReaderCreator = new DnaDataReaderCreator(_dnaConfig.ConnectionString, _dnaDiagnostics); _siteList = new SiteList(ReaderCreator, dnaDiagnostics, CacheFactory.GetCacheManager(), null, null); Statistics.InitialiseIfEmpty(); ProfanityFilterTests.InitialiseProfanities(); }
private void SetupDebugUserSignin() { #if DEBUG Diagnostics.WriteTimedEventToLog("IDENTITY", "Started using debugging user cookie mode"); _signInComponent = new DnaIdentityWebServiceProxy.IdentityDebugSigninComponent(_debugUserID); HttpCookie idcookie = new HttpCookie("IDENTITY", _signInComponent.GetCookieValue); idcookie.Domain = ".bbc.co.uk"; idcookie.Path = "/"; Cookies.Add(idcookie); HttpCookie idsecurecookie = new HttpCookie("IDENTITY-HTTPS", _signInComponent.GetSecureCookieValue); idsecurecookie.Domain = ".bbc.co.uk"; idsecurecookie.Path = "/"; Cookies.Add(idsecurecookie); Diagnostics.WriteTimedEventToLog("IDENTITY", "Finished"); #endif }
/// <summary> /// This is the place where all the actual work is done /// Please add all new code here, and not in the main Page_Load method /// </summary> private void DoPageLoad() { Stopwatch requesttimer = new Stopwatch(); requesttimer.Start(); InitialiseRequest(); // Check to see which sign in method we need to create if (_debugUserID.Length > 0) { SetupDebugUserSignin(); } else if (CurrentSite.UseIdentitySignInSystem) { // Create a new Identity web service object string identityWebServiceConnetionDetails = GetConnectionDetails["IdentityURL"].ConnectionString; Diagnostics.WriteTimedEventToLog("IDENTITY", "Started with " + identityWebServiceConnetionDetails); string clientIPAddress = GetParamStringOrEmpty("__ip__", "Client IP Address"); _signInComponent = new DnaIdentityWebServiceProxy.IdentityRestSignIn(identityWebServiceConnetionDetails, clientIPAddress); _signInComponent.SetService(CurrentSite.IdentityPolicy); Diagnostics.WriteTimedEventToLog("IDENTITY", "Finished"); } else { // Create a new profileAPI signin object throw new NotSupportedException("The ProfileAPI is nolonger supported. Please set the site to use Identity as the Signin System."); } // If we have cached output available for this request, don't do any more work if (IsCachedOutputAvailable()) { return; } CheckForForbiddenUserAgents(UserAgent, BannedUserAgents); int curRequests = Interlocked.Increment(ref _currentRequestCount); try { if (curRequests > MaximumRequestCount && _dnapage.PageType.Equals("SERVERTOOBUSY") == false ) { AddServerBusy(); Server.Transfer("ServerTooBusyPage.aspx"); //_viewingUser = new User(this); //_page = new WholePage(this); //_page.InitialisePage("SERVERTOOBUSY"); //_page.AddTextTag(_page.RootElement.FirstChild, "REQUESTTYPE", PageType); //_skinSelector.Initialise(this, this); } InitialisePage(); // Intialise the page Statistics.AddRawRequest(); if (!IsDnaUserAllowed() && !_useDotNetRendering ) {//not logged in if (!_skinSelector.IsPureXml(this)) { _skinSelector.SkinName = "admin"; _skinSelector.SkinSet = "vanilla"; } _page = new WholePage(this); _page.InitialisePage("ERROR"); _page.AddErrorXml("Authorization", "You are not authorised to view this page.", _page.RootElement.FirstChild); } else if (!IsSecureAccessAllowed()) {//logged in but not secure if (!_skinSelector.IsPureXml(this)) { _skinSelector.SkinName = "admin"; _skinSelector.SkinSet = "vanilla"; } _page = new WholePage(this); _page.InitialisePage("ERROR"); _page.AddErrorXml("NotSecure", "You must access this page be secure methods.", _page.RootElement.FirstChild); } else { // Now call the add components _dnapage.OnPageLoad(); AddComponent(new SkinParams(this)); _page.ProcessRequest(); // Update any data source controls on the page _dnapage.UpdateDataSourceControls(); // Allow the page to do any post process request actions. _dnapage.OnPostProcessRequest(); } //Finish off other related BasePage stuff FinalisePage(); Statistics.AddRequestDuration((int)requesttimer.ElapsedMilliseconds); _page.AddTimeForPage(Diagnostics.ElapsedMilliseconds); _page.AddInside(_tracker, "H2G2"); } finally { Interlocked.Decrement(ref _currentRequestCount); } }
/// <summary> /// Default constructor for UserSecurity /// </summary> /// <param name="signInSystem">The signin component to use</param> public AuthenticateUser(SignInSystem signInSystem) { _signInSystem = signInSystem; string signinConnectionDetails = ConfigurationManager.ConnectionStrings["IdentityURL"].ConnectionString; _signInComponent = SignInComponentFactory.CreateSignInComponent(signinConnectionDetails, _signInSystem); }