/// <summary>
/// SetSharedUserData method implementation
/// </summary>
internal void SetSharedUserData(MFAUserList registrations)
{
if (usersFormView == null)
{
return;
}
WritableSharedDataItem shareddata = usersFormView.SharedUserData.GetItem("@adfsmfa_useredit" + seed);
if (shareddata == null)
{
return;
}
if (registrations == null)
{
registrations = (MFAUserList)this.ParentSheet.SelectionObject;
if (registrations == null)
{
registrations = new MFAUserList();
MFAUser reg = new MFAUser
{
Enabled = true
};
registrations.Add(reg);
}
}
shareddata.SetData(registrations);
}
/// <summary>
/// GetData method implmentation
/// </summary>
public MFAUserList GetUserControlData(MFAUserList lst)
{
MFAUser obj = ((MFAUserList)lst)[0];
((MFAUser)obj).UPN = this.UserName.Text;
((MFAUser)obj).MailAddress = this.Email.Text;
((MFAUser)obj).PhoneNumber = this.Phone.Text;
((MFAUser)obj).Enabled = this.cbEnabled.Checked;
((MFAUser)obj).PreferredMethod = (PreferredMethod)((int)this.CBMethod.SelectedValue);
return(lst);
}
/// <summary>
/// GetUser method implementation
/// </summary>
internal static MFAUserList GetUser(MFAUserList registrations)
{
EnsureService();
MFAUserList lst = new MFAUserList();
foreach(MFAUser reg in registrations)
{
MFAUser ret = ManagementService.GetUserRegistration(reg.UPN);
lst.Add(ret);
}
return lst;
}
/// <summary>
/// GetCodeWithExternalSystem method implementation for Azure MFA
/// </summary>
public AuthenticationResponseKind GetCodeWithExternalSystem(MFAUser reg, ExternalOTPProvider externalsys, CultureInfo culture, out int otp)
{
// Compute and send your TOTP code and return his value if everything goes right
if (true)
{
otp = 1230;
return(AuthenticationResponseKind.SmsOTP);
}
else
{
return(AuthenticationResponseKind.Error); // return error
}
}
/// <summary>
/// SetUserControlData method implementation
/// </summary>
public void SetUserControlData(MFAUserList lst, bool disablesync)
{
SyncDisabled = disablesync;
try
{
MFAUser obj = lst[0];
_upn = obj.UPN;
BuildKeysControl();
UpdateControlsEnabled();
}
finally
{
SyncDisabled = false;
}
}
/// <summary>
/// SetUserControlData method implmentation
/// </summary>
public void SetUserControlData(MFAUserList lst, bool disablesync)
{
SyncDisabled = disablesync;
try
{
MFAUser obj = lst[0];
_upn = obj.UPN;
_email = obj.MailAddress;
_secretkey = MMCService.GetEncodedUserKey(obj.UPN);
if (string.IsNullOrEmpty(_email))
{
this.EmailPrompt.Text = "Email : ";
_emailnotset = true;
}
else
{
this.EmailPrompt.Text = string.Format("Email : {0}", _email);
_emailnotset = false;
}
if (!string.IsNullOrEmpty(_secretkey))
{
this.DisplayKey.Text = _secretkey;
if (!string.IsNullOrEmpty(_upn))
{
this.qrCodeGraphic.Text = MMCService.GetQRCodeValue(_upn, this.DisplayKey.Text);
}
else
{
this.qrCodeGraphic.Text = string.Empty;
}
}
else
{
userPropertyPage.Dirty = true;
}
UpdateControlsEnabled();
}
catch (Exception)
{
this.DisplayKey.Text = string.Empty;
this.qrCodeGraphic.Text = string.Empty;
}
finally
{
SyncDisabled = false;
}
}
/// <summary>
/// SetData method implmentation
/// </summary>
public void SetUserControlData(MFAUserList lst, bool disablesync)
{
SyncDisabled = disablesync;
try
{
MFAUser obj = ((MFAUserList)lst)[0];
this.UserName.Text = ((MFAUser)obj).UPN;
this.Email.Text = ((MFAUser)obj).MailAddress;
this.Phone.Text = ((MFAUser)obj).PhoneNumber;
this.cbEnabled.Checked = ((MFAUser)obj).Enabled;
this.CBMethod.SelectedValue = (PreferredMethod)(((MFAUser)obj).PreferredMethod);
}
finally
{
SyncDisabled = false;
}
}
/// <summary>
/// GetSelectedUsers method implementation
/// </summary>
internal MFAUserList GetSelectedUsers()
{
MFAUserList result = new MFAUserList();
foreach (DataGridViewRow row in GridView.SelectedRows)
{
MFAUser reg = new MFAUser();
reg.ID = GridView.Rows[row.Index].Cells[1].Value.ToString();
if (reg.ID != Guid.Empty.ToString())
{
reg.UPN = GridView.Rows[row.Index].Cells[2].Value.ToString();
reg.MailAddress = GridView.Rows[row.Index].Cells[3].Value.ToString();
reg.PhoneNumber = GridView.Rows[row.Index].Cells[4].Value.ToString();
reg.PreferredMethod = (PreferredMethod)Enum.Parse(typeof(PreferredMethod), GridView.Rows[row.Index].Cells[5].Value.ToString());
reg.Enabled = (bool)bool.Parse(GridView.Rows[row.Index].Cells[6].Value.ToString());
result.Add(reg);
}
}
return(result);
}
/// <summary>
/// DisableMFAUser method implementation
/// </summary>
public override MFAUser DisableMFAUser(MFAUser reg)
{
if (!IsMFAUserRegistered(reg.UPN))
{
throw new Exception("The user " + reg.UPN + " cannot be updated ! \r User not found !");
}
try
{
reg.Enabled = false;
reg.IsRegistered = true;
List <MFAUser> _lst = _mfausers.GetData();
_lst.Where(s => s.UPN.ToLower().Equals(reg.UPN.ToLower())).ToList().ForEach(s =>
{ s.IsRegistered = reg.IsRegistered; s.Enabled = reg.Enabled; });
_mfausers.SetData(_lst);
}
catch (Exception ex)
{
DataLog.WriteEntry(ex.Message, System.Diagnostics.EventLogEntryType.Error, 5000);
throw new Exception(ex.Message);
}
return(reg);
}
/// <summary>
/// DeleteMFAUser method implementation
/// </summary>
public override bool DeleteMFAUser(MFAUser reg, bool dropkey = true)
{
if (!IsMFAUserRegistered(reg.UPN))
{
throw new Exception("The user " + reg.UPN + " cannot be deleted ! \r User not found !");
}
try
{
if (dropkey)
{
this.OnKeyDataEvent(reg.UPN, KeysDataManagerEventKind.Remove);
}
List <MFAUser> _lst = _mfausers.GetData();
_lst.RemoveAll(s => s.UPN.ToLower().Equals(reg.UPN.ToLower()));
_mfausers.SetData(_lst);
}
catch (Exception ex)
{
DataLog.WriteEntry(ex.Message, System.Diagnostics.EventLogEntryType.Error, 5000);
throw new Exception(ex.Message);
}
return(true);
}
/// <summary>
/// AddMFAUser method implementation
/// </summary>
public override MFAUser AddMFAUser(MFAUser reg, bool resetkey = false, bool canupdate = true, bool disableoninsert = false)
{
if (IsMFAUserRegistered(reg.UPN))
{
if (canupdate)
{
return(SetMFAUser(reg, resetkey, false));
}
else
{
return(GetMFAUser(reg.UPN));
}
}
try
{
MFAUser usr = GetMFAUser(reg.UPN);
if (disableoninsert) // disable change if not explicitely done
{
reg.Enabled = false;
}
reg.IsRegistered = true;
if (resetkey)
{
this.OnKeyDataEvent(reg.UPN, KeysDataManagerEventKind.add);
}
List <MFAUser> _lst = _mfausers.GetData();
_lst.Add(reg);
_mfausers.SetData(_lst);
}
catch (Exception ex)
{
DataLog.WriteEntry(ex.Message, System.Diagnostics.EventLogEntryType.Error, 5000);
throw new Exception(ex.Message);
}
return(GetMFAUser(reg.UPN));
}
/// <summary>
/// DoImport method implementation
/// </summary>
public override bool DoImport()
{
if (Config == null)
{
throw new ArgumentNullException("Config", "MFA Configuration must be passed to the import process !");
}
if (!File.Exists(FileName))
{
throw new ArgumentException("Invalid FileName for import process !", "FileName");
}
var xml = XDocument.Load(FileName);
var listen = InitializeTrace(FileName);
try
{
Trace.WriteLine("");
Trace.WriteLine(string.Format("Importing file : {0}", FileName));
Trace.Indent();
foreach (var row in xml.Root.Descendants("User"))
{
Trace.TraceInformation("Importing record N° {0}", (RecordsCount + 1).ToString());
try
{
MFAUser reg = new MFAUser();
if (row.Attribute("upn") != null)
{
reg.UPN = row.Attribute("upn").Value;
}
else
{
throw new InvalidDataException("upn must be provided !");
}
if (row.Attribute("email") != null)
{
reg.MailAddress = row.Attribute("email").Value;
}
else if (Config.MailProvider.Enabled)
{
throw new InvalidDataException("email must be provided !");
}
if (row.Attribute("mobile") != null)
{
reg.PhoneNumber = row.Attribute("mobile").Value;
}
else if (Config.ExternalProvider.Enabled)
{
throw new InvalidDataException("mobile must be provided !");
}
if (row.Attribute("method") != null)
{
reg.PreferredMethod = (PreferredMethod)Enum.Parse(typeof(PreferredMethod), row.Attribute("method").Value);
}
else
{
reg.PreferredMethod = PreferredMethod.Choose;
}
if (DisableAll)
{
reg.Enabled = false;
}
else if (row.Attribute("enabled") != null)
{
reg.Enabled = bool.Parse(row.Attribute("enabled").Value);
}
else
{
reg.Enabled = true;
}
RuntimeRepository.AddMFAUser(Config, reg, ForceNewKey, true, SendEmail);
Trace.TraceInformation("Record N° {0} imported for user : {1} !", (RecordsCount + 1).ToString(), reg.UPN);
}
catch (Exception ex)
{
ErrorsCount++;
Trace.TraceError("Error importing Record N° {0} \r\r {1}", (RecordsCount + 1).ToString(), ex.Message);
}
finally
{
RecordsCount++;
}
}
}
catch (Exception ex)
{
Trace.TraceError(ex.Message);
return(false);
}
finally
{
Trace.Unindent();
FinalizeTrace(listen);
}
return(true);
}
/// <summary>
/// DisableUserRegistration method implementation
/// </summary>
internal static MFAUser DisableUserRegistration(MFAUser reg)
{
EnsureService();
return(RuntimeRepository.DisableMFAUser(Config, reg));
}
/// <summary>
/// AddUserRegistration method implementation
/// </summary>
internal static MFAUser AddUserRegistration(MFAUser reg, bool resetkey = true, bool canupdate = true, bool email = false)
{
EnsureService();
return(RuntimeRepository.AddMFAUser(Config, reg, resetkey, canupdate, email));
}
/// <summary>
/// DeleteUserRegistration method implementation
/// </summary>
internal static bool DeleteUserRegistration(MFAUser reg, bool dropkey = true)
{
EnsureService();
return(RuntimeRepository.DeleteMFAUser(Config, reg, dropkey));
}
/// <summary>
/// CanApplyDataChanges method implementation
/// </summary>
private bool CanApplyDataChanges(MFAUser registration)
{
bool result = true;
if (registration.IsApplied)
{
return(result);
}
IExternalProvider prov1 = RuntimeAuthProvider.GetProviderInstance(PreferredMethod.Code);
if (prov1 != null)
{
if ((prov1.Enabled) && (prov1.IsRequired))
{
if (string.IsNullOrEmpty(registration.UPN))
{
MessageBoxParameters messageBoxParameters = new MessageBoxParameters
{
Text = res.PPAGEVALIDUSER,
Buttons = MessageBoxButtons.OK,
Icon = MessageBoxIcon.Error
};
ParentSheet.ShowDialog(messageBoxParameters);
ParentSheet.SetActivePage(0);
result = false;
}
else if (string.IsNullOrEmpty(MMCService.GetEncodedUserKey(registration.UPN)))
{
MessageBoxParameters messageBoxParameters = new MessageBoxParameters
{
Text = res.PPAGEVALIDKEY,
Buttons = MessageBoxButtons.OK,
Icon = MessageBoxIcon.Error
};
ParentSheet.ShowDialog(messageBoxParameters);
ParentSheet.SetActivePage(1);
result = false;
}
}
}
IExternalProvider prov2 = RuntimeAuthProvider.GetProviderInstance(PreferredMethod.Email);
if (prov2 != null)
{
if ((prov2.Enabled) && (prov2.IsRequired))
{
if (string.IsNullOrEmpty(registration.MailAddress))
{
MessageBoxParameters messageBoxParameters = new MessageBoxParameters
{
Text = res.PPAGEVALIDMAIL,
Buttons = MessageBoxButtons.YesNo,
Icon = MessageBoxIcon.Warning
};
if (ParentSheet.ShowDialog(messageBoxParameters) == DialogResult.Yes)
{
result = true;
}
else
{
result = false;
ParentSheet.SetActivePage(0);
}
}
else if (!MMCService.IsValidEmail(registration.MailAddress))
{
MessageBoxParameters messageBoxParameters = new MessageBoxParameters
{
Text = res.PPAGEINVALIDMAIL,
Buttons = MessageBoxButtons.OK,
Icon = MessageBoxIcon.Error
};
ParentSheet.ShowDialog(messageBoxParameters);
ParentSheet.SetActivePage(0);
result = false;
}
}
}
IExternalProvider prov3 = RuntimeAuthProvider.GetProviderInstance(PreferredMethod.External);
if (prov3 != null)
{
if ((prov3.Enabled) && (prov3.IsRequired))
{
if (string.IsNullOrEmpty(registration.PhoneNumber))
{
MessageBoxParameters messageBoxParameters = new MessageBoxParameters
{
Text = res.PPAGEVALIDPHONE,
Buttons = MessageBoxButtons.YesNo,
Icon = MessageBoxIcon.Warning
};
if (ParentSheet.ShowDialog(messageBoxParameters) == DialogResult.Yes)
{
result = true;
}
else
{
result = false;
ParentSheet.SetActivePage(0);
}
}
else if (!MMCService.IsValidPhone(registration.PhoneNumber))
{
MessageBoxParameters messageBoxParameters = new MessageBoxParameters
{
Text = res.PPAGEINVALIDPHONE,
Buttons = MessageBoxButtons.OK,
Icon = MessageBoxIcon.Error
};
ParentSheet.ShowDialog(messageBoxParameters);
ParentSheet.SetActivePage(0);
result = false;
}
}
}
return(result);
}
/// <summary>
/// SetUserRegistration method implementation
/// </summary>
internal static MFAUser SetUserRegistration(MFAUser reg, bool resetkey = false, bool caninsert = true, bool email = false)
{
EnsureService();
return(RuntimeRepository.SetMFAUser(Config, reg, resetkey, caninsert, email));
}
/// <summary>
/// GetUserControlData method implmentation
/// </summary>
public MFAUserList GetUserControlData(MFAUserList lst)
{
MFAUser obj = lst[0];
return(lst);
}
public abstract MFAUser AddMFAUser(MFAUser reg, bool resetkey = false, bool canupdate = true, bool disableoninsert = false);
/// <summary>
/// DoCleanUp() method implmentation
/// </summary>
public bool DoCleanUp()
{
char sep = Path.DirectorySeparatorChar;
string filename = Environment.GetFolderPath(Environment.SpecialFolder.ProgramFiles) + sep + "MFA" + sep + "adcleanup-" + DateTime.Now.ToFileTime().ToString() + ".log";
TraceListener listen = InitializeTrace(filename);
try
{
ADDSHost adht = Config.Hosts.ActiveDirectoryHost;
if (string.IsNullOrEmpty(Parameters.DomainName))
{
Parameters.DomainName = adht.DomainName;
}
if (string.IsNullOrEmpty(Parameters.UserName))
{
Parameters.UserName = adht.Account;
}
if (string.IsNullOrEmpty(Parameters.Password))
{
Parameters.Password = adht.Password;
}
DataRepositoryService client = null;
switch (Config.StoreMode)
{
case DataRepositoryKind.ADDS:
client = new ADDSDataRepositoryService(Config.Hosts.ActiveDirectoryHost, Config.DeliveryWindow);
break;
case DataRepositoryKind.SQL:
client = new SQLDataRepositoryService(Config.Hosts.SQLServerHost, Config.DeliveryWindow);
break;
case DataRepositoryKind.Custom:
client = CustomDataRepositoryActivator.CreateInstance(Config.Hosts.CustomStoreHost, Config.DeliveryWindow);
break;
}
Trace.WriteLine("");
Trace.WriteLine("Clean Up from AD");
Trace.Indent();
Trace.WriteLine("Query deleted users from AD");
List <string> lst = client.CleanMFAUsers(Parameters);
Trace.WriteLine(string.Format("Query returns {0} deleted user(s) from AD", lst.Count.ToString()));
DataRepositoryService client2 = null;
switch (Config.StoreMode)
{
case DataRepositoryKind.ADDS:
Trace.WriteLine("");
Trace.WriteLine("Clean Up ADDS Mode");
Trace.Indent();
client2 = new ADDSDataRepositoryService(Config.Hosts.ActiveDirectoryHost, Config.DeliveryWindow);
break;
case DataRepositoryKind.SQL:
Trace.WriteLine("");
Trace.WriteLine("Clean Up SQL Mode");
Trace.Indent();
client2 = new SQLDataRepositoryService(Config.Hosts.SQLServerHost, Config.DeliveryWindow);
break;
case DataRepositoryKind.Custom:
Trace.WriteLine("");
Trace.WriteLine("Clean Up Custom Store Mode");
Trace.Indent();
client2 = CustomDataRepositoryActivator.CreateInstance(Config.Hosts.CustomStoreHost, Config.DeliveryWindow);
break;
}
client2.OnKeyDataEvent += KeyDataEvent;
foreach (string del in lst)
{
MFAUser reg = client2.GetMFAUser(del);
if (reg != null)
{
try
{
if (reg.UPN.ToLower().Equals(del.ToLower()))
{
client2.DeleteMFAUser(reg);
Trace.TraceInformation(string.Format("User {0} Removed from MFA", reg.UPN));
RecordsCount++;
}
}
catch (Exception ex)
{
ErrorsCount++;
Trace.TraceError("Error Cleaning User {0} from MFA : {1}", reg.UPN, ex.Message);
}
}
}
Trace.Unindent();
Trace.WriteLine("");
Trace.WriteLine(string.Format("Cleaned {0} Deleted MFA User(s) from AD Source", RecordsCount));
}
catch (Exception ex)
{
Trace.Unindent();
Trace.TraceError(string.Format("Error Cleaning Up from AD : {0}", ex.Message));
Log.WriteEntry(string.Format("Error Cleaning Up from AD : {0}", ex.Message), EventLogEntryType.Error, 20000);
return(false);
}
finally
{
Trace.Unindent();
FinalizeTrace(listen);
}
return(true);
}
public abstract bool DeleteMFAUser(MFAUser reg, bool dropkey = true);
/// <summary>
/// DoImport() method implmentation
/// </summary>
public override bool DoImport()
{
char sep = Path.DirectorySeparatorChar;
string filename = Environment.GetFolderPath(Environment.SpecialFolder.ProgramFiles) + sep + "MFA" + sep + "adimport-" + DateTime.Now.ToFileTime().ToString() + ".log";
TraceListener listen = InitializeTrace(filename);
try
{
ADDSHost adht = Config.Hosts.ActiveDirectoryHost;
if (string.IsNullOrEmpty(DomainName))
{
DomainName = adht.DomainName;
}
if (string.IsNullOrEmpty(UserName))
{
UserName = adht.Account;
}
if (string.IsNullOrEmpty(Password))
{
Password = adht.Password;
}
DataRepositoryService client = null;
switch (Config.StoreMode)
{
case DataRepositoryKind.ADDS:
client = new ADDSDataRepositoryService(Config.Hosts.ActiveDirectoryHost, Config.DeliveryWindow);
break;
case DataRepositoryKind.SQL:
client = new SQLDataRepositoryService(Config.Hosts.SQLServerHost, Config.DeliveryWindow);
break;
case DataRepositoryKind.Custom:
client = CustomDataRepositoryActivator.CreateInstance(Config.Hosts.CustomStoreHost, Config.DeliveryWindow);
break;
}
Trace.WriteLine("");
Trace.WriteLine(string.Format("Importing for AD : {0}", LDAPPath));
Trace.Indent();
Trace.WriteLine("Querying users from AD");
MFAUserList lst = client.ImportMFAUsers(DomainName, UserName, Password, LDAPPath, CreatedSince, ModifiedSince, MailAttribute, PhoneAttribute, Method, Config.Hosts.ActiveDirectoryHost.UseSSL, DisableAll);
Trace.WriteLine(string.Format("Querying return {0} users from AD", lst.Count.ToString()));
DataRepositoryService client2 = null;
switch (Config.StoreMode)
{
case DataRepositoryKind.ADDS:
Trace.WriteLine("");
Trace.WriteLine("Importing ADDS Mode");
Trace.Indent();
client2 = new ADDSDataRepositoryService(Config.Hosts.ActiveDirectoryHost, Config.DeliveryWindow);
break;
case DataRepositoryKind.SQL:
Trace.WriteLine("");
Trace.WriteLine("Importing SQL Mode");
Trace.Indent();
client2 = new SQLDataRepositoryService(Config.Hosts.SQLServerHost, Config.DeliveryWindow);
break;
case DataRepositoryKind.Custom:
Trace.WriteLine("");
Trace.WriteLine("Importing Custom Store Mode");
Trace.Indent();
client2 = CustomDataRepositoryActivator.CreateInstance(Config.Hosts.CustomStoreHost, Config.DeliveryWindow);
break;
}
client2.OnKeyDataEvent += KeyDataEvent;
foreach (MFAUser reg in lst)
{
Trace.TraceInformation(string.Format("Importing user {0} from AD", reg.UPN));
try
{
MFAUser ext = client2.GetMFAUser(reg.UPN);
if (ext == null)
{
reg.PIN = Config.DefaultPin;
client2.AddMFAUser(reg, ForceNewKey, false);
Trace.TraceInformation(string.Format("User {0} Imported in MFA", reg.UPN));
if (!string.IsNullOrEmpty(reg.MailAddress))
{
if (SendEmail)
{
string qrcode = KeysManager.EncodedKey(reg.UPN);
CultureInfo info = null;
try
{
info = CultureInfo.CurrentUICulture;
}
catch
{
info = new CultureInfo(Config.DefaultCountryCode);
}
MailUtilities.SendKeyByEmail(reg.MailAddress, reg.UPN, qrcode, Config.MailProvider, Config, info);
Trace.TraceInformation(string.Format("Sending Sensitive mail for User {0} Imported in MFA", reg.UPN));
}
}
RecordsCount++;
}
}
catch (Exception ex)
{
ErrorsCount++;
Trace.TraceError("Error importing Record N° {0} \r\r {1}", (RecordsCount + 1).ToString(), ex.Message);
}
}
}
catch (Exception ex)
{
Trace.TraceError(string.Format("Error importing from AD \r\r {0}", ex.Message));
return(false);
}
finally
{
Trace.Unindent();
FinalizeTrace(listen);
}
return(true);
}
/// <summary>
/// GetCodeWithExternalSystem method implementation for Azure MFA
/// </summary>
public AuthenticationResponseKind GetCodeWithExternalSystem(MFAUser reg, ExternalOTPProvider externalsys, CultureInfo culture, out int otp)
{
throw new NotImplementedException();
}
/// <summary>
/// DoImportUser method implementation
/// </summary>
private void DoImportUser(DirectoryEntry DirEntry, MFAUniqueUserList users, UsersADDSRecord Parameters, bool disableall = false)
{
if (DirEntry.Properties["objectGUID"].Value != null)
{
MFAUser reg = new MFAUser();
try
{
reg.ID = new Guid((byte[])DirEntry.Properties["objectGUID"].Value).ToString();
if (DirEntry.Properties[ADDSClaimsUtilities.GetADDSUserAttribute()] != null)
{
if (DirEntry.Properties[ADDSClaimsUtilities.GetADDSUserAttribute()].Count > 0)
{
reg.UPN = DirEntry.Properties[ADDSClaimsUtilities.GetADDSUserAttribute()][0].ToString();
if (!string.IsNullOrEmpty(Parameters.MailAttribute))
{
if (DirEntry.Properties[Parameters.MailAttribute].Value != null)
{
reg.MailAddress = DirEntry.Properties[Parameters.MailAttribute].Value.ToString();
}
}
else
{
if (DirEntry.Properties["otherMailbox"].Value != null)
{
reg.MailAddress = DirEntry.Properties["otherMailbox"].Value.ToString();
}
else if (DirEntry.Properties["mail"].Value != null)
{
reg.MailAddress = DirEntry.Properties["mail"].Value.ToString();
}
}
if (!string.IsNullOrEmpty(Parameters.PhoneAttribute))
{
if (DirEntry.Properties[Parameters.PhoneAttribute].Value != null)
{
reg.PhoneNumber = DirEntry.Properties[Parameters.PhoneAttribute].Value.ToString();
}
}
else
{
if (DirEntry.Properties["mobile"].Value != null)
{
reg.PhoneNumber = DirEntry.Properties["mobile"].Value.ToString();
}
else if (DirEntry.Properties["otherMobile"].Value != null)
{
reg.PhoneNumber = DirEntry.Properties["otherMobile"].Value.ToString();
}
else if (DirEntry.Properties["telephoneNumber"].Value != null)
{
reg.PhoneNumber = DirEntry.Properties["telephoneNumber"].Value.ToString();
}
}
reg.PreferredMethod = Parameters.Method;
reg.OverrideMethod = string.Empty;
if (disableall)
{
reg.Enabled = false;
}
else if (DirEntry.Properties["userAccountControl"] != null)
{
int v = Convert.ToInt32(DirEntry.Properties["userAccountControl"].Value);
reg.Enabled = ((v & 2) == 0);
}
else
{
reg.Enabled = true;
}
users.AddOrUpdate(reg);
}
}
}
catch (Exception ex)
{
DataLog.WriteEntry("User ID : " + reg.ID + " Error : " + ex.Message, System.Diagnostics.EventLogEntryType.Error, 20104);
}
}
}
public abstract MFAUser DisableMFAUser(MFAUser reg);
public abstract MFAUser EnableMFAUser(MFAUser reg);
/// <summary>
/// SetMFAUser method implementation
/// </summary>
public override MFAUser SetMFAUser(MFAUser reg, bool resetkey = false, bool caninsert = true, bool disableoninsert = false)
{
if (!IsMFAUserRegistered(reg.UPN))
{
if (caninsert)
{
return(AddMFAUser(reg, resetkey, false));
}
else
{
return(GetMFAUser(reg.UPN));
}
}
try
{
MFAUser usr = GetMFAUser(reg.UPN);
if (!disableoninsert) // disable change if not explicitely done
{
if (reg.Enabled)
{
usr.Enabled = true;
}
else
{
usr.Enabled = false;
}
}
else
{
usr.Enabled = false;
}
usr.IsRegistered = true;
usr.MailAddress = reg.MailAddress;
usr.PhoneNumber = reg.PhoneNumber;
usr.PreferredMethod = reg.PreferredMethod;
usr.PIN = reg.PIN;
if (string.IsNullOrEmpty(reg.OverrideMethod))
{
usr.OverrideMethod = string.Empty;
}
else
{
usr.OverrideMethod = reg.OverrideMethod;
}
if (resetkey)
{
this.OnKeyDataEvent(reg.UPN, KeysDataManagerEventKind.add);
}
List <MFAUser> _lst = _mfausers.GetData();
_lst.Where(s => s.UPN.ToLower().Equals(reg.UPN.ToLower())).ToList().ForEach(s =>
{
s.Enabled = usr.Enabled;
s.MailAddress = usr.MailAddress;
s.PhoneNumber = usr.PhoneNumber;
s.PreferredMethod = usr.PreferredMethod;
s.OverrideMethod = usr.OverrideMethod;
s.PIN = usr.PIN;
});
_mfausers.SetData(_lst);
}
catch (Exception ex)
{
DataLog.WriteEntry(ex.Message, System.Diagnostics.EventLogEntryType.Error, 5000);
throw new Exception(ex.Message);
}
return(GetMFAUser(reg.UPN));
}
/// <summary>
/// ImportMFAUsers method implementation
/// </summary>
public virtual MFAUserList ImportMFAUsers(string domain, string username, string password, string ldappath, DateTime?created, DateTime?modified, string mailattribute, string phoneattribute, PreferredMethod meth, bool usessl, bool disableall = false)
{
if (!string.IsNullOrEmpty(ldappath))
{
ldappath = ldappath.Replace("ldap://", "");
ldappath = ldappath.Replace("ldaps://", "");
ldappath = ldappath.Replace("LDAP://", "");
ldappath = ldappath.Replace("LDAPS://", "");
}
MFAUserList registrations = new MFAUserList();
try
{
using (DirectoryEntry rootdir = ADDSUtils.GetDirectoryEntry(domain, username, password, ldappath, usessl))
{
string qryldap = string.Empty;
qryldap = "(&";
qryldap += "(objectCategory=user)(objectClass=user)" + ClaimsUtilities.BuildADDSUserFilter("*");
if (created.HasValue)
{
qryldap += "(whenCreated>=" + created.Value.ToString("yyyyMMddHHmmss.0Z") + ")";
}
if (modified.HasValue)
{
qryldap += "(whenChanged>=" + modified.Value.ToString("yyyyMMddHHmmss.0Z") + ")";
}
qryldap += ")";
using (DirectorySearcher dsusr = new DirectorySearcher(rootdir, qryldap))
{
dsusr.PropertiesToLoad.Clear();
dsusr.PropertiesToLoad.Add("objectGUID");
dsusr.PropertiesToLoad.Add("userPrincipalName");
dsusr.PropertiesToLoad.Add("sAMAccountName");
dsusr.PropertiesToLoad.Add("msDS-PrincipalName");
dsusr.PropertiesToLoad.Add("userAccountControl");
if (!string.IsNullOrEmpty(mailattribute))
{
dsusr.PropertiesToLoad.Add(mailattribute);
}
else
{
dsusr.PropertiesToLoad.Add("mail");
dsusr.PropertiesToLoad.Add("otherMailbox");
}
if (!string.IsNullOrEmpty(phoneattribute))
{
dsusr.PropertiesToLoad.Add(phoneattribute);
}
else
{
dsusr.PropertiesToLoad.Add("mobile");
dsusr.PropertiesToLoad.Add("otherMobile");
dsusr.PropertiesToLoad.Add("telephoneNumber");
}
dsusr.SizeLimit = 0; // _host.MaxRows;
SearchResultCollection src = dsusr.FindAll();
if (src != null)
{
foreach (SearchResult sr in src)
{
MFAUser reg = new MFAUser();
using (DirectoryEntry DirEntry = ADDSUtils.GetDirectoryEntry(domain, username, password, sr, usessl))
{
if (DirEntry.Properties["objectGUID"].Value != null)
{
reg.ID = new Guid((byte[])DirEntry.Properties["objectGUID"].Value).ToString();
if (sr.Properties[ClaimsUtilities.GetADDSUserAttribute()][0] != null)
{
reg.UPN = sr.Properties[ClaimsUtilities.GetADDSUserAttribute()][0].ToString();
if (!string.IsNullOrEmpty(mailattribute))
{
if (DirEntry.Properties[mailattribute].Value != null)
{
reg.MailAddress = DirEntry.Properties[mailattribute].Value.ToString();
}
}
else
{
if (DirEntry.Properties["otherMailbox"].Value != null)
{
reg.MailAddress = DirEntry.Properties["otherMailbox"].Value.ToString();
}
else if (DirEntry.Properties["mail"].Value != null)
{
reg.MailAddress = DirEntry.Properties["mail"].Value.ToString();
}
}
if (!string.IsNullOrEmpty(phoneattribute))
{
if (DirEntry.Properties[phoneattribute].Value != null)
{
reg.PhoneNumber = DirEntry.Properties[phoneattribute].Value.ToString();
}
}
else
{
if (DirEntry.Properties["mobile"].Value != null)
{
reg.PhoneNumber = DirEntry.Properties["mobile"].Value.ToString();
}
else if (DirEntry.Properties["otherMobile"].Value != null)
{
reg.PhoneNumber = DirEntry.Properties["otherMobile"].Value.ToString();
}
else if (DirEntry.Properties["telephoneNumber"].Value != null)
{
reg.PhoneNumber = DirEntry.Properties["telephoneNumber"].Value.ToString();
}
}
reg.PreferredMethod = meth;
reg.OverrideMethod = string.Empty;
if (disableall)
{
reg.Enabled = false;
}
else if (DirEntry.Properties["userAccountControl"] != null)
{
int v = Convert.ToInt32(DirEntry.Properties["userAccountControl"].Value);
reg.Enabled = ((v & 2) == 0);
}
else
{
reg.Enabled = true;
}
registrations.Add(reg);
}
}
};
}
}
}
}
}
catch (Exception ex)
{
DataLog.WriteEntry(ex.Message, System.Diagnostics.EventLogEntryType.Error, 5100);
throw new Exception(ex.Message);
}
return(registrations);
}
/// <summary>
/// DoImport method implementation
/// </summary>
public override bool DoImport()
{
if (Config == null)
{
throw new ArgumentNullException("Config", "MFA Configuration must be passed to the import process !");
}
if (!File.Exists(FileName))
{
throw new ArgumentException("Invalid FileName for import process !", "FileName");
}
var contents = File.ReadAllText(FileName).Split('\n');
var csv = from line in contents select line.Split(';').ToArray();
var header = csv.First(r => r.Length > 1 && r.Last().Trim().Length > 0);
int?[] ids = GetCSVHeadersId(header);
var listen = InitializeTrace(FileName);
try
{
Trace.WriteLine("");
Trace.WriteLine(string.Format("Importing file : {0}", FileName));
Trace.Indent();
foreach (var row in csv.Skip(1).TakeWhile(r => r.Length > 1 && r.Last().Trim().Length > 0))
{
Trace.TraceInformation("Importing record N° {0}", (RecordsCount + 1).ToString());
try
{
MFAUser reg = new MFAUser();
if ((ids[0].HasValue) && (!string.IsNullOrEmpty(row[ids[0].Value])))
{
reg.UPN = row[ids[0].Value];
}
else
{
throw new InvalidDataException("upn must be provided !");
}
if ((ids[1].HasValue) && (!string.IsNullOrEmpty(row[ids[1].Value])))
{
reg.MailAddress = row[ids[1].Value];
}
else if (Config.MailProvider.Enabled)
{
throw new InvalidDataException("email must be provided !");
}
if ((ids[2].HasValue) && (!string.IsNullOrEmpty(row[ids[2].Value])))
{
reg.PhoneNumber = row[ids[2].Value];
}
else if (Config.ExternalProvider.Enabled)
{
throw new InvalidDataException("mobile must be provided !");
}
if ((ids[3].HasValue) && (!string.IsNullOrEmpty(row[ids[3].Value])))
{
reg.PreferredMethod = (PreferredMethod)Enum.Parse(typeof(PreferredMethod), row[ids[3].Value]);
}
else
{
reg.PreferredMethod = PreferredMethod.Choose;
}
if (DisableAll)
{
reg.Enabled = false;
}
else if ((ids[4].HasValue) && (!string.IsNullOrEmpty(row[ids[4].Value])))
{
reg.Enabled = bool.Parse(row[ids[4].Value]);
}
else
{
reg.Enabled = true;
}
RuntimeRepository.AddMFAUser(Config, reg, ForceNewKey, true, SendEmail); // Can also Update
Trace.TraceInformation("Record N° {0} imported for user : {1} !", (RecordsCount + 1).ToString(), reg.UPN);
}
catch (Exception ex)
{
ErrorsCount++;
Trace.TraceError("Error importing Record N° {0} \r\r {1}", (RecordsCount + 1).ToString(), ex.Message);
}
finally
{
RecordsCount++;
}
}
}
catch (Exception ex)
{
Trace.TraceError(ex.Message);
return(false);
}
finally
{
Trace.Unindent();
FinalizeTrace(listen);
}
return(true);
}
public abstract MFAUser SetMFAUser(MFAUser reg, bool resetkey = false, bool caninsert = true, bool disableoninsert = false);