Unverified Commit 3fe0070c authored by Geovanni Perez's avatar Geovanni Perez Committed by GitHub

Clean up (#198)

* Update packages

* Code review
parent 4cd64e5b
......@@ -36,14 +36,12 @@
{
return new ApiErrorItem { ErrorCode = ApiErrorCode.ChangeNotPermitted };
}
// Check if password expired or must be changed
if (userPrincipal.LastPasswordSet == null)
{
PropertyValueCollection prop = null;
DirectoryEntry der = null;
der = (DirectoryEntry)userPrincipal.GetUnderlyingObject();
prop = der.Properties["pwdLastSet"];
var der = (DirectoryEntry)userPrincipal.GetUnderlyingObject();
var prop = der.Properties["pwdLastSet"];
if (prop != null)
{
......@@ -83,23 +81,8 @@
}
}
// Validate user credentials
if (principalContext.ValidateCredentials(username, currentPassword) == false)
{
if (!LogonUser(username, username.Split('@').Last(), currentPassword, LogonTypes.Network, LogonProviders.Default, out _))
{
var errorCode = System.Runtime.InteropServices.Marshal.GetLastWin32Error();
switch (errorCode)
{
case ERROR_PASSWORD_MUST_CHANGE:
case ERROR_PASSWORD_EXPIRED:
// Both of these means that the password CAN change and that we got the correct password
break;
default:
return new ApiErrorItem { ErrorCode = ApiErrorCode.InvalidCredentials };
}
}
}
if (ValidateUserCredentials(username, currentPassword, principalContext) == false)
return new ApiErrorItem {ErrorCode = ApiErrorCode.InvalidCredentials};
// Change the password via 2 different methods. Try SetPassword if ChangePassword fails.
try
......@@ -126,24 +109,29 @@
return null;
}
private PrincipalContext AcquirePrincipalContext()
private static bool ValidateUserCredentials(string username, string currentPassword, PrincipalContext principalContext)
{
PrincipalContext principalContext;
if (principalContext.ValidateCredentials(username, currentPassword))
return true;
if (_options.UseAutomaticContext)
{
principalContext = new PrincipalContext(ContextType.Domain);
}
else
{
principalContext = new PrincipalContext(
if (LogonUser(username, username.Split('@').Last(), currentPassword, LogonTypes.Network, LogonProviders.Default, out _))
return true;
var errorCode = System.Runtime.InteropServices.Marshal.GetLastWin32Error();
// Both of these means that the password CAN change and that we got the correct password
return errorCode == ERROR_PASSWORD_MUST_CHANGE || errorCode == ERROR_PASSWORD_EXPIRED;
}
private PrincipalContext AcquirePrincipalContext()
{
return _options.UseAutomaticContext
? new PrincipalContext(ContextType.Domain)
: new PrincipalContext(
ContextType.Domain,
$"{_options.LdapHostname}:{_options.LdapPort}",
_options.LdapUsername,
_options.LdapPassword);
}
return principalContext;
}
}
}
\ No newline at end of file
......@@ -5,9 +5,9 @@
</PropertyGroup>
<ItemGroup>
<PackageReference Include="Microsoft.Extensions.Options" Version="2.1.0-rc1-final" />
<PackageReference Include="System.DirectoryServices.AccountManagement" Version="4.5.0-rc1" />
<PackageReference Include="System.DirectoryServices" Version="4.5.0-rc1" />
<PackageReference Include="Microsoft.Extensions.Options" Version="2.1.1" />
<PackageReference Include="System.DirectoryServices.AccountManagement" Version="4.5.0" />
<PackageReference Include="System.DirectoryServices" Version="4.5.0" />
</ItemGroup>
<ItemGroup>
......
......@@ -4,8 +4,7 @@ namespace Unosquare.PassCore.Web.Controllers
using System.Net;
using System.Threading.Tasks;
using System;
using Helpers;
using Unosquare.PassCore.Common;
using Common;
using Microsoft.AspNetCore.Mvc;
using Microsoft.Extensions.Options;
using Models;
......@@ -34,6 +33,7 @@ namespace Unosquare.PassCore.Web.Controllers
/// <summary>
/// Returns the ClientSettings object as a JSON string
/// </summary>
/// <returns>A Json representation of the ClientSettings object.</returns>
[HttpGet]
public IActionResult Get()
{
......@@ -44,7 +44,7 @@ namespace Unosquare.PassCore.Web.Controllers
/// Given a POST request, processes and changes a User's password.
/// </summary>
/// <param name="model">The value.</param>
/// <returns></returns>
/// <returns>A task representing the async operation.</returns>
[HttpPost]
public async Task<IActionResult> Post([FromBody] ChangePasswordModel model)
{
......@@ -87,19 +87,13 @@ namespace Unosquare.PassCore.Web.Controllers
return BadRequest(result);
}
// Check for default domain: if none given, ensure EFLD can be used as an override.
var parts = model.Username.Split(new[] { '@' }, StringSplitOptions.RemoveEmptyEntries);
var domain = parts.Length > 1 ? parts[1] : _options.ClientSettings.DefaultDomain;
var currentUsername = GetUserName(model, result);
// Domain-determinance
if (string.IsNullOrEmpty(domain))
if (result.HasErrors)
{
result.Errors.Add(new ApiErrorItem { ErrorCode = ApiErrorCode.InvalidDomain });
return BadRequest(result);
}
var currentUsername = parts.Length > 1 ? model.Username : $"{model.Username}@{domain}";
var resultPasswordChange = _passwordChangeProvider.PerformPasswordChange(currentUsername, model.CurrentPassword, model.NewPassword);
if (resultPasswordChange != null)
......@@ -113,6 +107,21 @@ namespace Unosquare.PassCore.Web.Controllers
return Json(result);
}
private string GetUserName(ChangePasswordModel model, ApiResult result)
{
// Check for default domain: if none given, ensure EFLD can be used as an override.
var parts = model.Username.Split(new[] { '@' }, StringSplitOptions.RemoveEmptyEntries);
var domain = parts.Length > 1 ? parts[1] : _options.ClientSettings.DefaultDomain;
// Domain-determinance
if (string.IsNullOrEmpty(domain))
{
result.Errors.Add(new ApiErrorItem { ErrorCode = ApiErrorCode.InvalidDomain });
}
return parts.Length > 1 ? model.Username : $"{model.Username}@{domain}";
}
private async Task<bool> ValidateRecaptcha(string recaptchaResponse)
{
// skip validation if we don't enable recaptcha
......
......@@ -15,15 +15,15 @@
</PropertyGroup>
<ItemGroup>
<PackageReference Include="Microsoft.AspNetCore" Version="2.1.*" />
<PackageReference Include="Microsoft.AspNetCore.Mvc" Version="2.1.*" />
<PackageReference Include="Microsoft.AspNetCore.StaticFiles" Version="2.1.*" />
<PackageReference Include="Microsoft.Extensions.DependencyInjection" Version="2.1.*" />
<PackageReference Include="Microsoft.AspNetCore.Rewrite" Version="2.1.*" />
<PackageReference Include="StyleCop.Analyzers" Version="1.0.*">
<PackageReference Include="Microsoft.AspNetCore" Version="2.1.2" />
<PackageReference Include="Microsoft.AspNetCore.Mvc" Version="2.1.1" />
<PackageReference Include="Microsoft.AspNetCore.StaticFiles" Version="2.1.1" />
<PackageReference Include="Microsoft.Extensions.DependencyInjection" Version="2.1.1" />
<PackageReference Include="Microsoft.AspNetCore.Rewrite" Version="2.1.1" />
<PackageReference Include="StyleCop.Analyzers" Version="1.0.2">
<PrivateAssets>All</PrivateAssets>
</PackageReference>
<PackageReference Include="Newtonsoft.Json" Version="11.0.*" />
<PackageReference Include="Newtonsoft.Json" Version="11.0.2" />
</ItemGroup>
<ItemGroup>
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment