IlyaSobolev/DocSpace-client
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
710a3f62fa
DocSpace-client/common/ASC.Api.Core/Auth/ConfirmAuthHandler.cs

123 lines
5.2 KiB
C#
Raw Normal View History

Api: added confirm auth scheme
2019-09-10 12:42:15 +00:00
using System;
Auth: added additional roles
2019-09-23 15:36:22 +00:00
using System.Collections.Generic;
Api: added confirm auth scheme
2019-09-10 12:42:15 +00:00
using System.Net;
using System.Security.Authentication;
Auth: added additional roles
2019-09-23 15:36:22 +00:00
using System.Security.Claims;
Api: added confirm auth scheme
2019-09-10 12:42:15 +00:00
using System.Text.Encodings.Web;
using System.Threading.Tasks;
Auth: added additional roles
2019-09-23 15:36:22 +00:00
Api: added confirm auth scheme
2019-09-10 12:42:15 +00:00
using ASC.Core;
using ASC.Security.Cryptography;
using ASC.Web.Studio.Core;
using ASC.Web.Studio.Utility;
Auth: added additional roles
2019-09-23 15:36:22 +00:00
Api: added confirm auth scheme
2019-09-10 12:42:15 +00:00
using Microsoft.AspNetCore.Authentication;
Auth: added additional roles
2019-09-23 15:36:22 +00:00
using Microsoft.AspNetCore.WebUtilities;
Api: added confirm auth scheme
2019-09-10 12:42:15 +00:00
using Microsoft.Extensions.Logging;
using Microsoft.Extensions.Options;
namespace ASC.Api.Core.Auth
{
public class ConfirmAuthHandler : AuthenticationHandler<AuthenticationSchemeOptions>
{
public ConfirmAuthHandler(IOptionsMonitor<AuthenticationSchemeOptions> options, ILoggerFactory logger, UrlEncoder encoder, ISystemClock clock) : base(options, logger, encoder, clock)
{
}
DI: TenantManager
2019-09-17 12:42:32 +00:00
public ConfirmAuthHandler(
Merge branch 'master' into refactoring/di # Conflicts: # common/ASC.Common/ASC.Common.csproj # common/ASC.Core.Common/ASC.Core.Common.csproj # common/ASC.Core.Common/Context/Impl/UserManager.cs # products/ASC.People/Server/Controllers/PeopleController.cs
2019-09-25 15:56:28 +00:00
IOptionsMonitor<AuthenticationSchemeOptions> options,
ILoggerFactory logger,
UrlEncoder encoder,
ISystemClock clock,
DI: TenantManager
2019-09-17 12:42:32 +00:00
SecurityContext securityContext,
DI: configuration
2019-09-23 12:20:08 +00:00
EmailValidationKeyProvider emailValidationKeyProvider,
Merge branch 'master' into refactoring/di # Conflicts: # common/ASC.Common/ASC.Common.csproj # common/ASC.Core.Common/ASC.Core.Common.csproj # common/ASC.Core.Common/Context/Impl/UserManager.cs # products/ASC.People/Server/Controllers/PeopleController.cs
2019-09-25 15:56:28 +00:00
SetupInfo setupInfo,
TenantManager tenantManager,
UserManager userManager,
AuthManager authManager) :
DI: TenantManager
2019-09-17 12:42:32 +00:00
base(options, logger, encoder, clock)
ConfirmAuthHandler di
2019-09-10 13:31:03 +00:00
{
SecurityContext = securityContext;
DI: TenantManager
2019-09-17 12:42:32 +00:00
EmailValidationKeyProvider = emailValidationKeyProvider;
DI: configuration
2019-09-23 12:20:08 +00:00
SetupInfo = setupInfo;
Merge branch 'master' into refactoring/di # Conflicts: # common/ASC.Common/ASC.Common.csproj # common/ASC.Core.Common/ASC.Core.Common.csproj # common/ASC.Core.Common/Context/Impl/UserManager.cs # products/ASC.People/Server/Controllers/PeopleController.cs
2019-09-25 15:56:28 +00:00
TenantManager = tenantManager;
UserManager = userManager;
AuthManager = authManager;
ConfirmAuthHandler di
2019-09-10 13:31:03 +00:00
}
public SecurityContext SecurityContext { get; }
DI: TenantManager
2019-09-17 12:42:32 +00:00
public EmailValidationKeyProvider EmailValidationKeyProvider { get; }
DI: configuration
2019-09-23 12:20:08 +00:00
public SetupInfo SetupInfo { get; }
Merge branch 'master' into refactoring/di # Conflicts: # common/ASC.Common/ASC.Common.csproj # common/ASC.Core.Common/ASC.Core.Common.csproj # common/ASC.Core.Common/Context/Impl/UserManager.cs # products/ASC.People/Server/Controllers/PeopleController.cs
2019-09-25 15:56:28 +00:00
public TenantManager TenantManager { get; }
public UserManager UserManager { get; }
public AuthManager AuthManager { get; }
Api: added confirm auth scheme
2019-09-10 12:42:15 +00:00
protected override Task<AuthenticateResult> HandleAuthenticateAsync()
{
Auth: added additional roles
2019-09-23 15:36:22 +00:00
var Request = QueryHelpers.ParseQuery(Context.Request.Headers["confirm"]);
_ = Request.TryGetValue("type", out var type);
var _type = typeof(ConfirmType).TryParseEnum(type, ConfirmType.EmpInvite);
if (SecurityContext.IsAuthenticated && _type != ConfirmType.EmailChange)
Api: added confirm auth scheme
2019-09-10 12:42:15 +00:00
{
return Task.FromResult(AuthenticateResult.Success(new AuthenticationTicket(Context.User, new AuthenticationProperties(), Scheme.Name)));
}
_ = Request.TryGetValue("key", out var key);
_ = Request.TryGetValue("emplType", out var emplType);
_ = Request.TryGetValue("email", out var _email);
var validInterval = SetupInfo.ValidEmailKeyInterval;
EmailValidationKeyProvider.ValidationResult checkKeyResult;
switch (_type)
{
case ConfirmType.EmpInvite:
checkKeyResult = EmailValidationKeyProvider.ValidateEmailKey(_email + _type + emplType, key, validInterval);
break;
case ConfirmType.LinkInvite:
checkKeyResult = EmailValidationKeyProvider.ValidateEmailKey(_type + emplType, key, validInterval);
break;
Auth: added additional roles
2019-09-23 15:36:22 +00:00
case ConfirmType.EmailChange:
checkKeyResult = EmailValidationKeyProvider.ValidateEmailKey(_email + _type + SecurityContext.CurrentAccount.ID, key, validInterval);
break;
ConfirmAuth: PasswordChange
2019-09-24 12:27:13 +00:00
case ConfirmType.PasswordChange:
var userHash = Request.TryGetValue("p", out var p) && p == "1";
var hash = string.Empty;
if (userHash)
{
Merge branch 'master' into refactoring/di # Conflicts: # common/ASC.Common/ASC.Common.csproj # common/ASC.Core.Common/ASC.Core.Common.csproj # common/ASC.Core.Common/Context/Impl/UserManager.cs # products/ASC.People/Server/Controllers/PeopleController.cs
2019-09-25 15:56:28 +00:00
var tenantId = TenantManager.GetCurrentTenant().TenantId;
hash = AuthManager.GetUserPasswordHash(tenantId, UserManager.GetUserByEmail(_email).ID);
ConfirmAuth: PasswordChange
2019-09-24 12:27:13 +00:00
}
checkKeyResult = EmailValidationKeyProvider.ValidateEmailKey(_email + _type + (string.IsNullOrEmpty(hash) ? string.Empty : Hasher.Base64Hash(hash)), key, validInterval);
break;
Api: added confirm auth scheme
2019-09-10 12:42:15 +00:00
default:
checkKeyResult = EmailValidationKeyProvider.ValidateEmailKey(_email + _type, key, validInterval);
break;
}
ConfirmAuth: PasswordChange
2019-09-24 12:27:13 +00:00
var claims = new List<Claim>()
Auth: added additional roles
2019-09-23 15:36:22 +00:00
{
new Claim(ClaimTypes.Role, _type.ToString())
};
if (!SecurityContext.IsAuthenticated)
{
SecurityContext.AuthenticateMe(ASC.Core.Configuration.Constants.CoreSystem, claims);
}
else
{
SecurityContext.AuthenticateMe(SecurityContext.CurrentAccount, claims);
}
Api: added confirm auth scheme
2019-09-10 12:42:15 +00:00
var result = checkKeyResult switch
{
EmailValidationKeyProvider.ValidationResult.Ok => AuthenticateResult.Success(new AuthenticationTicket(Context.User, new AuthenticationProperties(), Scheme.Name)),
_ => AuthenticateResult.Fail(new AuthenticationException(HttpStatusCode.Unauthorized.ToString()))
};
return Task.FromResult(result);
}
}
}
Reference in New Issue Copy Permalink