Commit 1f0066c6 authored by Florian Hötzinger's avatar Florian Hötzinger Committed by Geovanni Perez

#40 support expired passwords or passwords set to change at next login (#190)

parent 16ac6700
......@@ -24,6 +24,7 @@ bld/
# Visual Studo cache/options directory
.vs/
.vscode/
# MSTest test Results
[Tt]est[Rr]esult*/
......
namespace Unosquare.PassCore.PasswordProvider
{
using System.DirectoryServices.AccountManagement;
using System.DirectoryServices;
using System;
using Microsoft.Extensions.Options;
using System.Linq;
......@@ -8,7 +9,7 @@
public partial class PasswordChangeProvider : IPasswordChangeProvider
{
private readonly PasswordChangeOptions _options;
private readonly PasswordChangeOptions _options;
public PasswordChangeProvider(IOptions<PasswordChangeOptions> options)
{
......@@ -35,6 +36,29 @@
{
return new ApiErrorItem { ErrorCode = ApiErrorCode.ChangeNotPermitted };
}
// Check if password expired or must be changed
if (userPrincipal.LastPasswordSet == null)
{
PropertyValueCollection prop = null;
DirectoryEntry der = null;
der = (DirectoryEntry)userPrincipal.GetUnderlyingObject();
prop = der.Properties["pwdLastSet"];
if (prop != null)
{
prop.Value = -1;
}
try
{
der.CommitChanges();
}
catch (Exception ex)
{
return new ApiErrorItem { ErrorCode = ApiErrorCode.Generic, Message=ex.Message };
}
}
// Verify user is not a member of an excluded group
if (_options.CheckRestrictedAdGroups)
......@@ -81,7 +105,7 @@
try
{
// Try by regular ChangePassword method
userPrincipal.ChangePassword(currentPassword,newPassword);
userPrincipal.ChangePassword(currentPassword, newPassword);
}
catch
{
......
......@@ -7,6 +7,7 @@
<ItemGroup>
<PackageReference Include="Microsoft.Extensions.Options" Version="2.1.0-rc1-final" />
<PackageReference Include="System.DirectoryServices.AccountManagement" Version="4.5.0-rc1" />
<PackageReference Include="System.DirectoryServices" Version="4.5.0-rc1" />
</ItemGroup>
<ItemGroup>
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment