示例#1
0
        public async Task <bool> Execute(UpdateUserCredentialParameter updateUserCredentialParameter)
        {
            if (updateUserCredentialParameter == null)
            {
                throw new ArgumentNullException(nameof(updateUserCredentialParameter));
            }

            var credential = await _resourceOwnerCredentialRepository.GetUserCredential(updateUserCredentialParameter.UserId, updateUserCredentialParameter.CredentialType).ConfigureAwait(false);

            if (credential == null)
            {
                throw new NotFoundException();
            }

            var passwordSettings = await _credentialSettingsRepository.Get(updateUserCredentialParameter.CredentialType).ConfigureAwait(false);

            credential.Value = updateUserCredentialParameter.NewValue;
            credential.ExpirationDateTime = DateTime.UtcNow.AddSeconds(passwordSettings.ExpiresIn);
            await _resourceOwnerCredentialRepository.Update(credential).ConfigureAwait(false);

            return(true);
        }
示例#2
0
        public async Task <ResourceOwner> AuthenticateResourceOwnerAsync(string login, string credentialValue)
        {
            if (string.IsNullOrWhiteSpace(login))
            {
                throw new ArgumentNullException(nameof(login));
            }

            if (string.IsNullOrWhiteSpace(credentialValue))
            {
                throw new ArgumentNullException(nameof(credentialValue));
            }

            var resourceOwner = await GetResourceOwner(login).ConfigureAwait(false);

            if (resourceOwner == null)
            {
                throw new IdentityServerUserAccountDoesntExistException();
            }

            if (resourceOwner.IsBlocked)
            {
                throw new IdentityServerUserAccountBlockedException();
            }

            var passwordSettigns = await _passwordSettingsRepository.Get(Amr).ConfigureAwait(false);

            var currentDateTime   = DateTime.UtcNow;
            var minCurrentEndDate = currentDateTime.AddSeconds(-passwordSettigns.AuthenticationIntervalsInSeconds);
            var credential        = resourceOwner.Credentials.First(c => c.Type == Amr);

            if (credential.FirstAuthenticationFailureDateTime != null && credential.FirstAuthenticationFailureDateTime.Value.AddSeconds(passwordSettigns.AuthenticationIntervalsInSeconds) >= minCurrentEndDate && credential.NumberOfAttempts >= passwordSettigns.NumberOfAuthenticationAttempts)
            {
                throw new IdentityServerUserTooManyRetryException
                      {
                          RetryInSeconds = passwordSettigns.AuthenticationIntervalsInSeconds
                      };
            }

            if (credential.IsBlocked)
            {
                throw new IdentityServerCredentialBlockedException();
            }

            if (!await Authenticate(resourceOwner, credentialValue).ConfigureAwait(false))
            {
                if (passwordSettigns.IsBlockAccountPolicyEnabled)
                {
                    if (credential.FirstAuthenticationFailureDateTime == null || credential.FirstAuthenticationFailureDateTime.Value.AddSeconds(passwordSettigns.AuthenticationIntervalsInSeconds) < minCurrentEndDate)
                    {
                        credential.NumberOfAttempts = 1;
                        credential.FirstAuthenticationFailureDateTime = currentDateTime;
                    }
                    else
                    {
                        credential.NumberOfAttempts++;
                    }

                    await _resourceOwnerCredentialRepository.Update(credential).ConfigureAwait(false);
                }

                throw new IdentityServerUserPasswordInvalidException();
            }

            await Validate(resourceOwner).ConfigureAwait(false);

            return(resourceOwner);
        }