public EventLogSession(string server, string domain, string user, SecureString password, SessionAuthentication logOnType)
{
this.renderContextHandleSystem = EventLogHandle.Zero;
this.renderContextHandleUser = EventLogHandle.Zero;
this.handle = EventLogHandle.Zero;
EventLogPermissionHolder.GetEventLogPermission().Demand();
if (server == null)
{
server = "localhost";
}
this.syncObject = new object();
this.server = server;
this.domain = domain;
this.user = user;
this.logOnType = logOnType;
Microsoft.Win32.UnsafeNativeMethods.EvtRpcLogin login = new Microsoft.Win32.UnsafeNativeMethods.EvtRpcLogin {
Server = this.server,
User = this.user,
Domain = this.domain,
Flags = (int) this.logOnType,
Password = CoTaskMemUnicodeSafeHandle.Zero
};
try
{
if (password != null)
{
login.Password.SetMemory(Marshal.SecureStringToCoTaskMemUnicode(password));
}
this.handle = NativeWrapper.EvtOpenSession(Microsoft.Win32.UnsafeNativeMethods.EvtLoginClass.EvtRpcLogin, ref login, 0, 0);
}
finally
{
login.Password.Close();
}
}
public void GetXmlTest()
{
SdkConfig config = new SdkConfig()
{
SessionId = "testsessionid..",
};
string expected = @"<?xml version=""1.0"" encoding=""utf-8""?>
<authentication>
<sessionid>testsessionid..</sessionid>
</authentication>";
Stream stream = new MemoryStream();
XmlWriterSettings xmlSettings = new XmlWriterSettings();
xmlSettings.Encoding = Encoding.UTF8;
xmlSettings.Indent = true;
xmlSettings.IndentChars = " ";
IaXmlWriter xml = new IaXmlWriter(stream, xmlSettings);
SessionAuthentication sessionAuth = new SessionAuthentication(config);
sessionAuth.WriteXml(ref xml);
xml.Flush();
stream.Position = 0;
StreamReader reader = new StreamReader(stream);
Diff xmlDiff = DiffBuilder.Compare(expected).WithTest(reader.ReadToEnd())
.WithDifferenceEvaluator(DifferenceEvaluators.Default)
.Build();
Assert.IsFalse(xmlDiff.HasDifferences(), xmlDiff.ToString());
}
public EventLogSession(string server, string domain, string user, SecureString password, SessionAuthentication logOnType)
{
if (server == null)
{
server = "localhost";
}
_syncObject = new object();
_server = server;
_domain = domain;
_user = user;
_logOnType = logOnType;
UnsafeNativeMethods.EvtRpcLogin erLogin = default;
erLogin.Server = _server;
erLogin.User = _user;
erLogin.Domain = _domain;
erLogin.Flags = (int)_logOnType;
erLogin.Password = CoTaskMemUnicodeSafeHandle.Zero;
try
{
if (password != null)
{
erLogin.Password.SetMemory(SecureStringMarshal.SecureStringToCoTaskMemUnicode(password));
}
// Open a session using the erLogin structure.
Handle = NativeWrapper.EvtOpenSession(UnsafeNativeMethods.EvtLoginClass.EvtRpcLogin, ref erLogin, 0, 0);
}
finally
{
erLogin.Password.Dispose();
}
}
public EventLogSession(string server, string domain, string user, SecureString password, SessionAuthentication logOnType)
{
EventLogPermissionHolder.GetEventLogPermission().Demand();
if (server == null)
{
server = "localhost";
}
syncObject = new object();
this.server = server;
this.domain = domain;
this.user = user;
this.logOnType = logOnType;
UnsafeNativeMethods.EvtRpcLogin erLogin = new UnsafeNativeMethods.EvtRpcLogin();
erLogin.Server = this.server;
erLogin.User = this.user;
erLogin.Domain = this.domain;
erLogin.Flags = (int)this.logOnType;
erLogin.Password = CoTaskMemUnicodeSafeHandle.Zero;
try {
if (password != null)
{
erLogin.Password.SetMemory(Marshal.SecureStringToCoTaskMemUnicode(password));
}
//open a session using the erLogin structure.
handle = NativeWrapper.EvtOpenSession(UnsafeNativeMethods.EvtLoginClass.EvtRpcLogin, ref erLogin, 0, 0);
}
finally {
erLogin.Password.Close();
}
}
public static void Query
(
string path
, string queryString = null
, Func <int, List <EventLogRecord>, bool>
onPagedProcessFunc = null
, int pageSize = 100
, string machine = "."
, PathType pathType = PathType.LogName
, string domain = "."
, string user = null
, string password = null
, SessionAuthentication logOnType = SessionAuthentication.Default
)
{
Query <EventLogRecord>
(
path
, (eventLogRecord) =>
{
return(eventLogRecord);
}
, queryString
, onPagedProcessFunc
, pageSize
, machine
, pathType
, domain
, user
, password
, logOnType
);
}
public EventLogSession(string server, string domain, string user, SecureString password, SessionAuthentication logOnType)
{
this.renderContextHandleSystem = EventLogHandle.Zero;
this.renderContextHandleUser = EventLogHandle.Zero;
this.handle = EventLogHandle.Zero;
EventLogPermissionHolder.GetEventLogPermission().Demand();
if (server == null)
{
server = "localhost";
}
this.syncObject = new object();
this.server = server;
this.domain = domain;
this.user = user;
this.logOnType = logOnType;
Microsoft.Win32.UnsafeNativeMethods.EvtRpcLogin login = new Microsoft.Win32.UnsafeNativeMethods.EvtRpcLogin {
Server = this.server,
User = this.user,
Domain = this.domain,
Flags = (int)this.logOnType,
Password = CoTaskMemUnicodeSafeHandle.Zero
};
try
{
if (password != null)
{
login.Password.SetMemory(Marshal.SecureStringToCoTaskMemUnicode(password));
}
this.handle = NativeWrapper.EvtOpenSession(Microsoft.Win32.UnsafeNativeMethods.EvtLoginClass.EvtRpcLogin, ref login, 0, 0);
}
finally
{
login.Password.Close();
}
}
public void InvalidSessionIdTest()
{
SdkConfig config = new SdkConfig()
{
SessionId = null,
};
SessionAuthentication sessionAuth = new SessionAuthentication(config);
}
public void WriteXmlTest()
{
string expected = @"<?xml version=""1.0"" encoding=""utf-8""?>
<authentication>
<sessionid>testsessionid..</sessionid>
</authentication>";
SessionAuthentication sessionAuth = new SessionAuthentication("testsessionid..");
this.CompareXml(expected, sessionAuth);
}
public static string QueryExportLogAndMessages
(
string path
, string query
, string exportFile
, string machine = "."
, PathType pathType = PathType.LogName
, string domain = "."
, string user = null
, string password = null
, SessionAuthentication logOnType
= SessionAuthentication.Kerberos
)
{
var r = string.Empty;
EventLogSession eventLogSession = null;
if
(
TryGetEventLogSession
(
machine
, domain
, user
, password
, out eventLogSession
, logOnType
)
)
{
//Console.WriteLine(exportFile);
eventLogSession
.ExportLogAndMessages
(
path
, pathType
, query
, exportFile
, false
, CultureInfo.CurrentCulture
);
}
r = exportFile;
return(r);
}
public EventLogSession(string server, string domain, string user, SecureString password, SessionAuthentication logOnType) {
EventLogPermissionHolder.GetEventLogPermission().Demand();
if (server == null)
server = "localhost";
syncObject = new object();
this.server = server;
this.domain = domain;
this.user = user;
this.logOnType = logOnType;
UnsafeNativeMethods.EvtRpcLogin erLogin = new UnsafeNativeMethods.EvtRpcLogin();
erLogin.Server = this.server;
erLogin.User = this.user;
erLogin.Domain = this.domain;
erLogin.Flags = (int)this.logOnType;
erLogin.Password = CoTaskMemUnicodeSafeHandle.Zero;
try {
if (password != null)
erLogin.Password.SetMemory(Marshal.SecureStringToCoTaskMemUnicode(password));
//open a session using the erLogin structure.
handle = NativeWrapper.EvtOpenSession(UnsafeNativeMethods.EvtLoginClass.EvtRpcLogin, ref erLogin, 0, 0);
}
finally {
erLogin.Password.Close();
}
}
public EventLogSession(string server, string domain, string user, System.Security.SecureString password, SessionAuthentication logOnType)
{
}
public static void Query <TEventLogRecordWrapper>
(
string path
, Func <EventLogRecord, TEventLogRecordWrapper> onFactoryProcessFunc
, string queryString = null
, Func <int, List <TEventLogRecordWrapper>, bool>
onPagedProcessFunc = null
, int pageSize = 100
, string machine = "."
, PathType pathType = PathType.LogName
, string domain = "."
, string user = null
, string password = null
, SessionAuthentication logOnType
= SessionAuthentication.Default
)
{
EventLogQuery query = null;
if (!IsNullOrEmptyOrWhiteSpace(queryString))
{
query = new EventLogQuery(path, pathType, queryString);
}
else
{
query = new EventLogQuery(path, pathType);
}
EventLogSession eventLogSession = null;
try
{
if
(
TryGetEventLogSession
(
machine
, domain
, user
, password
, out eventLogSession
, logOnType
)
)
{
query.Session = eventLogSession;
using (var reader = new EventLogReader(query))
{
EventRecord eventRecord = null;
int i = 1;
int page = 1;
List <TEventLogRecordWrapper> entries = null;
if (pageSize > 0)
{
entries = new List <TEventLogRecordWrapper>();
}
while (null != (eventRecord = reader.ReadEvent()))
{
if (pageSize >= 0)
{
var eventLogRecord = (EventLogRecord)eventRecord;
var entry = onFactoryProcessFunc(eventLogRecord);
entries.Add(entry);
if (i % pageSize == 0)
{
if (onPagedProcessFunc != null)
{
var r = onPagedProcessFunc
(
page
, entries
);
entries.Clear();
if (r)
{
break;
}
page++;
}
}
i++;
}
}
if (entries.Count > 0)
{
if (onPagedProcessFunc != null)
{
var r = onPagedProcessFunc(page, entries);
entries.Clear();
entries = null;
}
}
}
}
}
finally
{
if (eventLogSession != null)
{
eventLogSession.Dispose();
eventLogSession = null;
}
}
}
private static bool TryGetEventLogSession
(
string machine
, string domain
, string user
, string password
, out EventLogSession eventLogSession
, SessionAuthentication logOnType
)
{
var r = false;
if (machine != ".")
{
if
(
string.IsNullOrEmpty(password)
||
string.IsNullOrWhiteSpace(password)
||
string.IsNullOrEmpty(user)
||
string.IsNullOrWhiteSpace(user)
)
{
eventLogSession = new EventLogSession
(
machine
);
}
else
{
var securePassword
= password
.ToCharArray()
.Aggregate //<char, SecureString>
(
new SecureString()
, (x, y) =>
{
x.AppendChar(y);
return(x);
}
);
eventLogSession = new EventLogSession
(
machine
, domain
, user
, securePassword
, logOnType
);
}
}
else
{
eventLogSession = new EventLogSession();
}
r = true;
return(r);
}
public EventLogSession(string server, string domain, string user, SecureString password, SessionAuthentication logOnType)
{
if (server == null)
server = "localhost";
_syncObject = new object();
_server = server;
_domain = domain;
_user = user;
_logOnType = logOnType;
UnsafeNativeMethods.EvtRpcLogin erLogin = new UnsafeNativeMethods.EvtRpcLogin();
erLogin.Server = _server;
erLogin.User = _user;
erLogin.Domain = _domain;
erLogin.Flags = (int)_logOnType;
erLogin.Password = CoTaskMemUnicodeSafeHandle.Zero;
try
{
if (password != null)
erLogin.Password.SetMemory(SecureStringMarshal.SecureStringToCoTaskMemUnicode(password));
//open a session using the erLogin structure.
_handle = NativeWrapper.EvtOpenSession(UnsafeNativeMethods.EvtLoginClass.EvtRpcLogin, ref erLogin, 0, 0);
}
finally
{
erLogin.Password.Dispose();
}
}
public EventLogSession(string server, string domain, string user, SecureString password, SessionAuthentication logOnType)
{
throw new NotImplementedException();
}
/// <summary>
/// Verifica si el usuario puede autencarse correctamente con usuario y contraseña
/// </summary>
/// <param name="login">login de usuario</param>
/// <returns>modelo de autenticacion</returns>
public async Task <SessionAuthentication> AsyncAutenticateUser(Login login)
{
try
{
UserApp userApp;
PolicyView policy;
string pwDecode = string.Empty;
bool isAutenticate = false, valideNumberOfAttemps = false;
int stateInactiveUser = 0, stateLockedUser = 0, numberOfAttemps = 0;
var autenticate = new SessionAuthentication()
{
IsAuthenticate = false,
TypeAutentication = TypeAutentication.Default
};
userApp = await _userAppData.UserFindByUser(login.UserName);
if (null == userApp)
{
autenticate.TypeAutentication = TypeAutentication.NotFound;
return(autenticate);
}
policy = !userApp.PolicyId.HasValue ?
await _policyGlobalAppData.PolicyGetGlobal() :
await _policyGlobalAppData.PolicyFindById(userApp.PolicyId.Value);
pwDecode = login.Password.Base64Decode();
isAutenticate = userApp.UserPw == pwDecode.SHA1();
stateInactiveUser = await _parametersData.ValueFindByKey <int>("StateInactiveUser");
stateLockedUser = await _parametersData.ValueFindByKey <int>("StateLockedUser");
if (0 != stateInactiveUser && userApp.UserStateId == stateInactiveUser)
{
autenticate.TypeAutentication = TypeAutentication.Inactive;
return(autenticate);
}
if (0 != stateLockedUser && userApp.UserStateId == stateLockedUser)
{
autenticate.TypeAutentication = TypeAutentication.Locked;
return(autenticate);
}
if (!isAutenticate)
{
numberOfAttemps = policy.NumberOfAttemps;
valideNumberOfAttemps = 0 != numberOfAttemps;
userApp.UserNumberOfAttemps++;
userApp.UpdateDate = DateTime.Now;
if (valideNumberOfAttemps)
{
if (userApp.UserNumberOfAttemps >= numberOfAttemps)
{
autenticate.TypeAutentication = TypeAutentication.Locked;
userApp.UserStateId = stateLockedUser;
}
}
await _userAppData.UpdateAsync(userApp);
autenticate.TypeAutentication = TypeAutentication.NotFound;
}
else
{
if (policy.NumberOfDaysExpirePw > 0)
{
DateTime dateUserLastPasswordChange = userApp.UserLastPasswordChange.AddDays(policy.NumberOfDaysExpirePw.Value);
if (dateUserLastPasswordChange.Date >= DateTime.Now.Date)
{
autenticate.TypeAutentication = TypeAutentication.ChangePw;
}
}
if (autenticate.TypeAutentication == TypeAutentication.Default)
{
autenticate.TypeAutentication = TypeAutentication.Ok;
}
userApp.UserNumberOfAttemps = 0;
userApp.UserLastDateEntry = DateTime.Now;
userApp.PolicyId = !userApp.PolicyId.HasValue ? policy.PolicyId : userApp.PolicyId;
var sessionId = Guid.NewGuid();
using (var tran = new TransactionScope(TransactionScopeAsyncFlowOption.Enabled))
{
await _userAppData.UpdateAsync(userApp);
await _sessionData.InsertKeyAsync <Guid>(new CurrentSession()
{
Active = true,
CreationDate = DateTime.Now,
SessionId = sessionId,
UserId = userApp.UserId
});
tran.Complete();
}
autenticate.SessionId = sessionId;
autenticate.UserId = userApp.UserId;
autenticate.PolicyId = policy.PolicyId;
autenticate.IsAuthenticate = true;
}
return(autenticate);
}
catch (Exception)
{
throw;
}
}
public EventLogSession(string server, string domain, string user, System.Security.SecureString password, SessionAuthentication logOnType)
{
}
