public bool DelData(Int32 ScreenId, bool bDeferError, LoginUsr LUser, UsrImpr LImpr, UsrCurr LCurr, DataSet ds, string dbConnectionString, string dbPassword, CurrPrj CPrj, CurrSrc CSrc, bool noTrans = false, int commandTimeOut = 1800) { using (Access3.AdminAccess dac = new Access3.AdminAccess(commandTimeOut)) { return(dac.DelData(ScreenId, bDeferError, LUser, LImpr, LCurr, ds, dbConnectionString, dbPassword, CPrj, CSrc, noTrans)); } }
public string CreateEncryptedLoginToken(LoginUsr usr, int defCompanyId, int defProjectId, byte defSystemId, UsrCurr curr, UsrImpr impr, string resources, string secret) { RintagiLoginToken loginToken = new RintagiLoginToken() { UsrId = usr.UsrId, LoginName = usr.LoginName, UsrName = usr.UsrName, UsrEmail = usr.UsrEmail, UsrGroup = impr.UsrGroups, RowAuthority = impr.RowAuthoritys, SystemId = curr.SystemId, CompanyId = curr.CompanyId, ProjectId = curr.ProjectId, DefSystemId = defSystemId, DefCompanyId = defCompanyId, DefProjectId = defProjectId, DbId = curr.DbId, Resources = resources, }; string json = Newtonsoft.Json.JsonConvert.SerializeObject(loginToken); SHA256CryptoServiceProvider hashsha256 = new SHA256CryptoServiceProvider(); string hash = BitConverter.ToString(hashsha256.ComputeHash(UTF8Encoding.UTF8.GetBytes(json))).Replace("-", ""); string encrypted = RO.Common3.Utils.ROEncryptString(hash.Left(32) + json, secret); return(encrypted); }
public bool UpdAdmRptWiz95(LoginUsr LUser, UsrCurr LCurr, DataSet ds, string dbConnectionString, string dbPassword) { using (Access3.WebAccess dac = new Access3.WebAccess()) { return(dac.UpdAdmRptWiz95(LUser, LCurr, ds, dbConnectionString, dbPassword)); } }
public bool UpdUsrPassword(Credential cr, LoginUsr LUser, bool RemoveLink) { using (LoginAccessBase dac = GetLoginAccess()) { return(dac.UpdUsrPassword(cr, LUser, RemoveLink)); } }
public string CreateLoginJWT(LoginUsr usr, int defCompanyId, int defProjectId, byte defSystemId, UsrCurr curr, UsrImpr impr, string resources, int validSeconds, string guidHandle) { Func <byte[], string> base64UrlEncode = (c) => Convert.ToBase64String(c).TrimEnd(new char[] { '=' }).Replace('_', '/').Replace('-', '+'); var utc0 = new DateTime(1970, 1, 1, 0, 0, 0, 0, DateTimeKind.Utc); var issueTime = DateTime.Now.ToUniversalTime(); var iat = (int)issueTime.Subtract(utc0).TotalSeconds; var exp = (int)issueTime.AddSeconds(validSeconds).Subtract(utc0).TotalSeconds; // Expiration time is up to 1 hour, but lets play on safe side var encryptionKey = GetSessionEncryptionKey(iat.ToString(), usr.UsrId.ToString()); var signingKey = GetSessionSigningKey(iat.ToString(), usr.UsrId.ToString()); RintagiLoginJWT token = new RintagiLoginJWT() { iat = iat, exp = exp, nbf = iat, loginToken = CreateEncryptedLoginToken(usr, defCompanyId, defProjectId, defSystemId, curr, impr, resources, encryptionKey), loginId = usr.UsrId.ToString(), handle = guidHandle }; string payLoad = Newtonsoft.Json.JsonConvert.SerializeObject(token); string header = "{\"typ\":\"JWT\",\"alg\":\"HS256\"}"; HMACSHA256 hmac = new HMACSHA256(System.Text.UTF8Encoding.UTF8.GetBytes(signingKey)); string content = base64UrlEncode(System.Text.UTF8Encoding.UTF8.GetBytes(header)) + "." + base64UrlEncode(System.Text.UTF8Encoding.UTF8.GetBytes(payLoad)); byte[] hash = hmac.ComputeHash(System.Text.UTF8Encoding.UTF8.GetBytes(content)); return(content + "." + base64UrlEncode(hash)); }
public bool DelData(Int32 ScreenId, bool bDeferError, LoginUsr LUser, UsrImpr LImpr, UsrCurr LCurr, DataSet ds, string dbConnectionString, string dbPassword, CurrPrj CPrj, CurrSrc CSrc) { using (Access3.AdminAccess dac = new Access3.AdminAccess()) { return(dac.DelData(ScreenId, bDeferError, LUser, LImpr, LCurr, ds, dbConnectionString, dbPassword, CPrj, CSrc)); } }
public bool UpdUsrPassword(Credential cr, LoginUsr LUser, bool RemoveLink) { using (Access3.LoginAccess dac = new Access3.LoginAccess()) { return(dac.UpdUsrPassword(cr, LUser, RemoveLink)); } }
public bool DelAdmRptWiz95(LoginUsr LUser, UsrCurr LCurr, DataSet ds, string dbConnectionString, string dbPassword) { using (WebAccessBase dac = GetWebAccess()) { return(dac.DelAdmRptWiz95(LUser, LCurr, ds, dbConnectionString, dbPassword)); } }
protected void Page_Load(object sender, EventArgs e) { LoginUsr = new LoginUsr(Context); LoginUsr.chkLogin(); if (Context.Request.QueryString["f"] != null) { lbSubTitle.Text = mnuDA.GenPageTitle(Context.Request.QueryString["f"].ToString()); } }
public LoginUsr GetLoginSecure(Credential cr) { if (da == null) { throw new System.ObjectDisposedException(GetType().FullName); } OleDbCommand cmd = new OleDbCommand("GetLoginSecure", new OleDbConnection(GetDesConnStr())); cmd.CommandType = CommandType.StoredProcedure; if (Config.DoubleByteDb) { cmd.Parameters.Add("@LoginName", OleDbType.VarWChar).Value = cr.LoginName; } else { cmd.Parameters.Add("@LoginName", OleDbType.VarChar).Value = cr.LoginName; } cmd.Parameters.Add("@UsrPassword", OleDbType.VarBinary).Value = cr.Password; cmd.Parameters.Add("@Provider", OleDbType.VarChar).Value = cr.Provider; cmd.Parameters.Add("@SelectedLoginName", OleDbType.VarChar).Value = cr.SelectedLoginName; da.SelectCommand = cmd; DataTable dt = new DataTable(); da.Fill(dt); if (dt.Rows.Count <= 0) { return(null); } else { DataRow dr = dt.Rows[0]; LoginUsr usr = new LoginUsr(dr[14].ToString() , Int32.Parse(dr[0].ToString()) , dr[1].ToString() , dr[2].ToString() , dr[3].ToString() , dr[4].ToString() , Int16.Parse(dr[5].ToString()) , dr[6].ToString() , byte.Parse(dr[7].ToString()) , Int16.Parse(dr[8].ToString()) , Int32.Parse(dr[9].ToString()) , Int16.Parse(dr[10].ToString()) , Int16.Parse(dr[11].ToString()) , dr[12].ToString() == "Y" ? true : false , dr[13] as DateTime? , dr[15].ToString() , dr[17].ToString() == "Y" ); return(usr); } }
public LoginUsr GetLoginLegacy(string LoginName, string Password) { if (da == null) { throw new System.ObjectDisposedException(GetType().FullName); } OleDbCommand cmd = new OleDbCommand("GetLoginLegacy", new OleDbConnection(GetDesConnStr())); cmd.CommandType = CommandType.StoredProcedure; if (Config.DoubleByteDb) { cmd.Parameters.Add("@LoginName", OleDbType.VarWChar).Value = LoginName; cmd.Parameters.Add("@Password", OleDbType.VarWChar).Value = Password; } else { cmd.Parameters.Add("@LoginName", OleDbType.VarChar).Value = LoginName; cmd.Parameters.Add("@Password", OleDbType.VarChar).Value = Password; } da.SelectCommand = cmd; DataTable dt = new DataTable(); da.Fill(dt); if (dt.Rows.Count <= 0) { return(null); } else { DataRow dr = dt.Rows[0]; LoginUsr usr = new LoginUsr(LoginName , Int32.Parse(dr[0].ToString()) , dr[1].ToString() , dr[2].ToString() , dr[3].ToString() , dr[4].ToString() , byte.Parse(dr[5].ToString()) , dr[6].ToString() , byte.Parse(dr[7].ToString()) , Int16.Parse(dr[8].ToString()) , Int16.Parse(dr[9].ToString()) , Int16.Parse(dr[10].ToString()) , Int16.Parse(dr[11].ToString()) , dr[12].ToString() == "Y" ? true : false , dr[13] as DateTime? , null , false ); return(usr); } }
protected void Page_Load(object sender, EventArgs e) { LoginUsr = new LoginUsr(Context); if (LoginUsr.UsrCde != "") { Response.Redirect("Default.aspx"); } if (!IsPostBack) { // '頁面首次載入實執行 lbTitle.Text = cfg.getAppSetting("WebName") + "管理登入"; lbSubTitle.Text = "";//"<a href=\"#\">首頁</a> > " + "<a href=\"#\">" + "管理者登入" + "</a>"; } }
public bool UpdUsrPassword(Credential cr, LoginUsr LUser, bool RemoveLink) { if (da == null) { throw new System.ObjectDisposedException(GetType().FullName); } OleDbConnection cn = new OleDbConnection(GetDesConnStr()); cn.Open(); OleDbCommand cmd = new OleDbCommand("UpdUsrPassword", cn); cmd.CommandType = CommandType.StoredProcedure; if (Config.DoubleByteDb) { cmd.Parameters.Add("@LoginName", OleDbType.VarWChar).Value = cr.LoginName; } else { cmd.Parameters.Add("@LoginName", OleDbType.VarChar).Value = cr.LoginName; } cmd.Parameters.Add("@UsrPassword", OleDbType.VarBinary).Value = cr.Password; cmd.Parameters.Add("@CurrUsrId", OleDbType.Integer).Value = LUser != null && (LUser.LoginName ?? "").ToLower() != "anonymous" ? LUser.UsrId : -1; cmd.Parameters.Add("@RemoveLink", OleDbType.Char).Value = RemoveLink ? "Y" : "N"; int rtn = Convert.ToInt32(cmd.ExecuteScalar()); cmd.Dispose(); cmd = null; cn.Close(); if (rtn == 0) { return(false); } else { return(true); } }
public static string MakeWebAuthnAttestationRequest(Fido2Configuration fido2Config, byte[] challenge, LoginUsr LUser, List <PublicKeyCredentialDescriptor> excludedCredentials) { string usrId = LUser.UsrId.ToString(); string usrIdB64 = System.Convert.ToBase64String(usrId.ToUtf8ByteArray()); Fido2User user = new Fido2User { DisplayName = LUser.UsrName, /* must be restricted to no more than than 64 for device like yubikey as it would fail without reason */ //Name = (Guid.NewGuid().ToString() + " " + DateTime.UtcNow.ToString("o")).Left(64), //Id= Guid.NewGuid().ToString().ToUtf8ByteArray() Name = LUser.LoginName, Id = usrIdB64.ToUtf8ByteArray() }; AuthenticatorSelection authenticatorSelection = new AuthenticatorSelection { RequireResidentKey = false, UserVerification = UserVerificationRequirement.Discouraged, // AuthenticatorAttachment = AuthenticatorAttachment.Platform, }; AttestationConveyancePreference attConveyancePreference = AttestationConveyancePreference.None; AuthenticationExtensionsClientInputs clientExtensions = new AuthenticationExtensionsClientInputs { Extensions = true, SimpleTransactionAuthorization = string.Format("you are registering to {0}", fido2Config.ServerName), Location = true, UserVerificationMethod = true, BiometricAuthenticatorPerformanceBounds = new AuthenticatorBiometricPerfBounds { FAR = float.MaxValue, FRR = float.MaxValue } }; var fido2 = new Fido2(fido2Config); // must do this for the verification to work var options = fido2.RequestNewCredential(user, excludedCredentials, authenticatorSelection, attConveyancePreference, clientExtensions); // the challenge is random byte but we need more info, replace it options.Challenge = challenge; var createRequest = Fido2NetLib.CredentialCreateOptions.Create(fido2Config , challenge, user, authenticatorSelection, attConveyancePreference , excludedCredentials != null && excludedCredentials.Count > 0 ? excludedCredentials : null , clientExtensions); string createRequestJson = options.ToJson(); return(createRequestJson); }
public LoginUsr GetLoginSecure(Credential cr) { if (da == null) { throw new System.ObjectDisposedException(GetType().FullName); } OleDbCommand cmd = new OleDbCommand("GetLoginSecure", new OleDbConnection(GetDesConnStr())); cmd.CommandType = CommandType.StoredProcedure; if (Config.DoubleByteDb) { cmd.Parameters.Add("@LoginName", OleDbType.VarWChar).Value = cr.LoginName; } else { cmd.Parameters.Add("@LoginName", OleDbType.VarChar).Value = cr.LoginName; } cmd.Parameters.Add("@UsrPassword", OleDbType.VarBinary).Value = cr.Password; cmd.Parameters.Add("@Provider", OleDbType.VarChar).Value = cr.Provider; cmd.Parameters.Add("@SelectedLoginName", OleDbType.VarChar).Value = cr.SelectedLoginName; da.SelectCommand = cmd; DataTable dt = new DataTable(); da.Fill(dt); if (dt.Rows.Count <= 0) { return(null); } else { DataRow dr = dt.Rows[0]; int usrId = Int32.Parse(dr[0].ToString()); int licensedCount = GetLicensedUserCount(); if (licensedCount > 0) { OleDbConnection cn = new OleDbConnection(GetDesConnStr()); DataTable dtUsr = new DataTable(); cn.Open(); cmd = new OleDbCommand("SET NOCOUNT ON SELECT TOP " + licensedCount.ToString() + " u.UsrId FROM dbo.Usr u WHERE u.Active = 'Y' ORDER BY u.UsrId ", cn); cmd.CommandType = CommandType.Text; cmd.CommandTimeout = 1800; try { da.SelectCommand = cmd; da.Fill(dtUsr); } catch { throw; } finally { cn.Close(); } if (dt.AsEnumerable().Where(drUsr => drUsr["UsrId"].ToString() == usrId.ToString()).Count() == 0) { throw new Exception(string.Format("Please get more user login licenses(current purchased license {0}) or decactivate some inactive users", licensedCount)); } } LoginUsr usr = new LoginUsr(dr[14].ToString() , Int32.Parse(dr[0].ToString()) , dr[1].ToString() , dr[2].ToString() , dr[3].ToString() , dr[4].ToString() , Int16.Parse(dr[5].ToString()) , dr[6].ToString() , byte.Parse(dr[7].ToString()) , Int16.Parse(dr[8].ToString()) , Int32.Parse(dr[9].ToString()) , Int16.Parse(dr[10].ToString()) , Int16.Parse(dr[11].ToString()) , dr[12].ToString() == "Y" ? true : false , dr[13] as DateTime? , dr[15].ToString() , dr[17].ToString() == "Y" ); return(usr); } }
protected void Page_Load(object sender, EventArgs e) { LoginUsr = new LoginUsr(Context); LoginUsr.LogOut(); }
public void UpdDbDoc(string DocId, string TblName, string DocName, string MimeType, long DocSize, byte[] dc, string dbConnectionString, string dbPassword, LoginUsr lu, string MasterId = null) { using (Access3.AdminAccess dac = new Access3.AdminAccess()) { dac.UpdDbDoc(DocId, TblName, DocName, MimeType, DocSize, dc, dbConnectionString, dbPassword, lu); } }
public SerializableDictionary <string, string> GetToken(string client_id, string scope, string grant_type, string code, string code_verifier, string redirect_url, string client_secret, string appPath, string appDomain, Func <string, string> getStoredToken, Func <LoginUsr, UsrCurr, UsrImpr, UsrPref, string, bool, bool> ValidateScope, bool reAuth = false) { Dictionary <string, object> scopeContext = Newtonsoft.Json.JsonConvert.DeserializeObject <Dictionary <string, object> >(scope); byte? systemId = null; int? companyId = null; int? projectId = null; short?cultureId = null; int access_token_validity = 5 * 60; // 20 minutes int refresh_token_validity = 60 * 60 * 24 * 14; // 14 days try { systemId = byte.Parse(scopeContext["SystemId"].ToString()); } catch { }; try { companyId = int.Parse(scopeContext["CompanyId"].ToString()); } catch { }; try { projectId = int.Parse(scopeContext["ProjectId"].ToString()); } catch { }; try { cultureId = short.Parse(scopeContext["ProjectId"].ToString()); } catch { }; //var context = HttpContext.Current; //string appPath = context.Request.ApplicationPath; //string domain = context.Request.Url.GetLeftPart(UriPartial.Authority); //HttpSessionState Session = HttpContext.Current.Session; //System.Web.Caching.Cache cache = HttpContext.Current.Cache; string storedToken; RintagiLoginJWT loginJWT = new Func <RintagiLoginJWT>(() => { if (grant_type == "authorization_code") { storedToken = getStoredToken(code); try { return(GetLoginUsrInfo(storedToken) ?? new RintagiLoginJWT()); } catch { }; } else if (grant_type == "refresh_token") { try { return(GetLoginUsrInfo(code) ?? new RintagiLoginJWT()); } catch { } } return(new RintagiLoginJWT()); })(); UsrCurr LCurr; UsrImpr LImpr; LoginUsr LUser; UsrPref LPref; var utc0 = new DateTime(1970, 1, 1, 0, 0, 0, 0, DateTimeKind.Utc); var currTime = DateTime.Now.ToUniversalTime().Subtract(utc0).TotalSeconds; var nbf = loginJWT.nbf - 20; // margin for multiple server clock skew(max 20s) var expiredOn = loginJWT.exp + 20; // margin for multiple server clock skew(max 20s) int remainingSeconds = expiredOn - (int)currTime; var currentHandle = loginJWT.handle; bool keepRefreshToken = remainingSeconds > 120 && !reAuth && grant_type == "refresh_token"; try { if (currTime > nbf && currTime < expiredOn && ValidateJWTHandle(currentHandle)) { string signingKey = GetSessionSigningKey(loginJWT.iat.ToString(), loginJWT.loginId.ToString()); string encryptionKey = GetSessionEncryptionKey(loginJWT.iat.ToString(), loginJWT.loginId.ToString()); RintagiLoginToken loginToken = DecryptLoginToken(loginJWT.loginToken, encryptionKey); LCurr = new UsrCurr(companyId ?? loginToken.CompanyId, projectId ?? loginToken.ProjectId, systemId ?? loginToken.SystemId, systemId ?? loginToken.SystemId); LImpr = null; LImpr = SetImpersonation(LImpr, loginToken.UsrId, systemId ?? loginToken.SystemId, companyId ?? loginToken.CompanyId, projectId ?? loginToken.ProjectId); LUser = new LoginUsr(); LUser.UsrId = loginToken.UsrId; LUser.LoginName = loginToken.LoginName; LUser.DefCompanyId = loginToken.DefCompanyId; LUser.DefProjectId = loginToken.DefProjectId; LUser.DefSystemId = loginToken.DefSystemId; LUser.UsrName = loginToken.UsrName; LUser.InternalUsr = "******"; LUser.CultureId = 1; LUser.HasPic = false; LPref = (new LoginSystem()).GetUsrPref(LUser.UsrId, LCurr.CompanyId, LCurr.ProjectId, LCurr.SystemId); string refreshTag = keepRefreshToken ? currentHandle : Guid.NewGuid().ToString().Replace("-", "").ToLower(); string loginTag = Guid.NewGuid().ToString().Replace("-", "").ToLower(); if (ValidateScope(LUser, LCurr, LImpr, LPref, currentHandle, true)) { string loginTokenJWT = CreateLoginJWT(LUser, loginToken.DefCompanyId, loginToken.DefProjectId, loginToken.DefSystemId, LCurr, LImpr, appPath, access_token_validity, loginTag); string refreshTokenJWT = CreateLoginJWT(LUser, loginToken.DefCompanyId, loginToken.DefProjectId, loginToken.DefSystemId, LCurr, LImpr, appPath, keepRefreshToken ? remainingSeconds : refresh_token_validity, refreshTag); string token_scope = string.Format("s{0}c{1}p{2}", LCurr.SystemId, LCurr.CompanyId, LCurr.ProjectId); var Token = new SerializableDictionary <string, string> { { "access_token", loginTokenJWT }, { "token_type", "Bearer" }, { "iat", currTime.ToString() }, { "expires_in", (access_token_validity - 1).ToString() }, { "scope", token_scope }, { "resources", appPath }, { "refresh_token", refreshTokenJWT }, }; return(Token); } else { return(new SerializableDictionary <string, string>() { { "error", "access_denied" }, { "message", "cannot issue token" }, }); } } } catch { } return(new SerializableDictionary <string, string>() { { "error", "invalid_token" }, { "message", "cannot issue token" }, }); }
public string AddDbDoc(string MasterId, string TblName, string DocName, string MimeType, long DocSize, byte[] dc, string dbConnectionString, string dbPassword, LoginUsr lu) { using (Access3.AdminAccess dac = new Access3.AdminAccess()) { return(dac.AddDbDoc(MasterId, TblName, DocName, MimeType, DocSize, dc, dbConnectionString, dbPassword, lu)); } }
public abstract bool UpdAdmRptWiz95(LoginUsr LUser, UsrCurr LCurr, DataSet ds, string dbConnectionString, string dbPassword);
public abstract bool UpdUsrPassword(Credential cr, LoginUsr LUser, bool RemoveLink);
public abstract void UpdDbDoc(string DocId, string TblName, string DocName, string MimeType, long DocSize, byte[] dc, string dbConnectionString, string dbPassword, LoginUsr lu);
public abstract bool UpdData(Int32 ScreenId, bool bDeferError, LoginUsr LUser, UsrImpr LImpr, UsrCurr LCurr, DataSet ds, string dbConnectionString, string dbPassword, CurrPrj CPrj, CurrSrc CSrc, bool noTrans = false);