public AuthenticatedUser(User user, Credential cred) { if (user == null) { throw new ArgumentNullException("user"); } if (cred == null) { throw new ArgumentNullException("cred"); } User = user; CredentialUsed = cred; }
private void SendCredentialChangeNotice(User user, Credential changed, string bodyTemplate, string subjectTemplate) { // What kind of credential is this? var credViewModel = AuthService.DescribeCredential(changed); string name = credViewModel.AuthUI == null ? credViewModel.TypeCaption : credViewModel.AuthUI.AccountNoun; string body = String.Format( CultureInfo.CurrentCulture, bodyTemplate, name); string subject = String.Format( CultureInfo.CurrentCulture, subjectTemplate, Config.GalleryOwner.DisplayName, name); SendSupportMessage(user, body, subject); }
public void SendCredentialAddedNotice(User user, Credential added) { SendCredentialChangeNotice( user, added, Strings.Emails_CredentialAdded_Body, Strings.Emails_CredentialAdded_Subject); }
public virtual AuthenticatedUser Authenticate(Credential credential) { if (credential.Type.StartsWith(CredentialTypes.Password.Prefix, StringComparison.OrdinalIgnoreCase)) { // Password credentials cannot be used this way. throw new ArgumentException(Strings.PasswordCredentialsCannotBeUsedHere, "credential"); } using (Trace.Activity("Authenticate Credential: " + credential.Type)) { var matched = FindMatchingCredential(credential); if (matched == null) { Trace.Information("No user matches credential of type: " + credential.Type); return null; } Trace.Verbose("Successfully authenticated '" + matched.User.Username + "' with '" + matched.Type + "' credential"); return new AuthenticatedUser(matched.User, matched); } }
private async Task<ActionResult> RemoveCredential(User user, Credential cred, string message) { // Count login credentials if (CountLoginCredentials(user) <= 1) { TempData["Message"] = Strings.CannotRemoveOnlyLoginCredential; } else if (cred != null) { await AuthService.RemoveCredential(user, cred); // Notify the user of the change MessageService.SendCredentialRemovedNotice(user, cred); TempData["Message"] = message; } return RedirectToAction("Account"); }
public static bool ValidatePasswordCredential(IEnumerable<Credential> creds, string password, out Credential matched) { matched = creds.FirstOrDefault(c => ValidatePasswordCredential(c, password)); return matched != null; }
public static bool ValidatePasswordCredential(Credential cred, string password) { Func<string, Credential, bool> validator; if (!_validators.TryGetValue(cred.Type, out validator)) { return false; } return validator(password, cred); }
private async Task ReplaceCredentialInternal(User user, Credential credential) { // Find the credentials we're replacing, if any var toRemove = user.Credentials .Where(cred => // If we're replacing a password credential, remove ALL password credentials (credential.Type.StartsWith(CredentialTypes.Password.Prefix, StringComparison.OrdinalIgnoreCase) && cred.Type.StartsWith(CredentialTypes.Password.Prefix, StringComparison.OrdinalIgnoreCase)) || cred.Type == credential.Type) .ToList(); foreach (var cred in toRemove) { user.Credentials.Remove(cred); Entities.DeleteOnCommit(cred); } if (toRemove.Any()) { await Auditing.SaveAuditRecord(new UserAuditRecord( user, UserAuditAction.RemovedCredential, toRemove)); } user.Credentials.Add(credential); await Auditing.SaveAuditRecord(new UserAuditRecord( user, UserAuditAction.AddedCredential, credential)); }
private Credential FindMatchingCredential(Credential credential) { var results = Entities .Set<Credential>() .Include(u => u.User) .Include(u => u.User.Roles) .Where(c => c.Type == credential.Type && c.Value == credential.Value) .ToList(); if (results.Count == 0) { return null; } else if (results.Count == 1) { return results[0]; } else { // Don't put the credential itself in trace, but do put the Key for lookup later. string message = String.Format( CultureInfo.CurrentCulture, Strings.MultipleMatchingCredentials, credential.Type, results.First().Key); Trace.Error(message); throw new InvalidOperationException(message); } }
public virtual CredentialViewModel DescribeCredential(Credential credential) { var kind = GetCredentialKind(credential.Type); Authenticator auther = null; if (kind == CredentialKind.External) { string providerName = credential.Type.Split('.')[1]; if (!Authenticators.TryGetValue(providerName, out auther)) { auther = null; } } return new CredentialViewModel() { Type = credential.Type, TypeCaption = FormatCredentialType(credential.Type), Identity = credential.Identity, Value = kind == CredentialKind.Token ? credential.Value : String.Empty, Kind = kind, AuthUI = auther == null ? null : auther.GetUI() }; }
public virtual async Task RemoveCredential(User user, Credential cred) { await Auditing.SaveAuditRecord(new UserAuditRecord(user, UserAuditAction.RemovedCredential, cred)); user.Credentials.Remove(cred); Entities.Credentials.Remove(cred); Entities.SaveChanges(); }
public virtual async Task AddCredential(User user, Credential credential) { await Auditing.SaveAuditRecord(new UserAuditRecord(user, UserAuditAction.AddedCredential, credential)); user.Credentials.Add(credential); Entities.SaveChanges(); }
public virtual async Task ReplaceCredential(User user, Credential credential) { await ReplaceCredentialInternal(user, credential); Entities.SaveChanges(); }
public virtual Task ReplaceCredential(string username, Credential credential) { var user = Entities .Users .Include(u => u.Credentials) .SingleOrDefault(u => u.Username == username); if (user == null) { throw new InvalidOperationException(Strings.UserNotFound); } return ReplaceCredential(user, credential); }
public virtual Task<AuthenticatedUser> Register(string username, string password, string emailAddress) { var hashedPassword = CryptographyService.GenerateSaltedHash(password, Constants.PBKDF2HashAlgorithmId); var passCred = new Credential(CredentialTypes.Password.Pbkdf2, hashedPassword); return Register(username, emailAddress, passCred); }
public virtual async Task<AuthenticatedUser> Register(string username, string emailAddress, Credential credential) { var existingUser = Entities.Users .FirstOrDefault(u => u.Username == username || u.EmailAddress == emailAddress); if (existingUser != null) { if (String.Equals(existingUser.Username, username, StringComparison.OrdinalIgnoreCase)) { throw new EntityException(Strings.UsernameNotAvailable, username); } else { throw new EntityException(Strings.EmailAddressBeingUsed, emailAddress); } } var apiKey = Guid.NewGuid(); var newUser = new User(username) { EmailAllowed = true, UnconfirmedEmailAddress = emailAddress, EmailConfirmationToken = CryptographyService.GenerateToken(), CreatedUtc = DateTime.UtcNow }; // Add a credential for the password and the API Key newUser.Credentials.Add(CredentialBuilder.CreateV1ApiKey(apiKey)); newUser.Credentials.Add(credential); if (!Config.ConfirmEmailAddresses) { newUser.ConfirmEmailAddress(); } // Write an audit record await Auditing.SaveAuditRecord(new UserAuditRecord(newUser, UserAuditAction.Registered)); Entities.Users.Add(newUser); Entities.SaveChanges(); return new AuthenticatedUser(newUser, credential); }