webdav portal login + access token fix

2015-01-16 03:56:59 -08:00 · 2015-01-16 03:56:59 -08:00 · 213eaf0077
commit 213eaf0077
parent 1c3f10a30a
19 changed files with 1431 additions and 1181 deletions
--- a/WebsitePanel/Sources/WebsitePanel.WebDav.Core/Interfaces/Managers/IAccessTokenManager.cs
+++ b/WebsitePanel/Sources/WebsitePanel.WebDav.Core/Interfaces/Managers/IAccessTokenManager.cs
@ -0,0 +1,14 @@
+using System;
+using WebsitePanel.EnterpriseServer.Base.HostedSolution;
+using WebsitePanel.WebDav.Core.Security.Authentication.Principals;
+
+namespace WebsitePanel.WebDav.Core.Interfaces.Managers
+{
+    public interface IAccessTokenManager
+    {
+        WebDavAccessToken CreateToken(WspPrincipal principal, string filePath);
+        WebDavAccessToken GetToken(int id);
+        WebDavAccessToken GetToken(Guid guid);
+        void ClearExpiredTokens();
+    }
+}
--- a/WebsitePanel/Sources/WebsitePanel.WebDav.Core/Interfaces/Managers/IWebDavManager.cs
+++ b/WebsitePanel/Sources/WebsitePanel.WebDav.Core/Interfaces/Managers/IWebDavManager.cs
@ -10,8 +10,5 @@ namespace WebsitePanel.WebDav.Core.Interfaces.Managers
        byte[] GetFileBytes(string path);
        IResource GetResource(string path);
        string GetFileUrl(string path);
-
-        string CreateFileId(string path);
-        string FilePathFromId(string id);
    }
 }
--- a/WebsitePanel/Sources/WebsitePanel.WebDav.Core/Interfaces/Security/IAuthenticationService.cs
+++ b/WebsitePanel/Sources/WebsitePanel.WebDav.Core/Interfaces/Security/IAuthenticationService.cs
@ -4,6 +4,7 @@ using System.Linq;
 using System.Text;
 using System.Threading.Tasks;
 using System.Web.Security;
+using WebsitePanel.EnterpriseServer.Base.HostedSolution;
 using WebsitePanel.WebDav.Core.Security.Authentication.Principals;

 namespace WebsitePanel.WebDav.Core.Interfaces.Security
@ -11,9 +12,7 @@ namespace WebsitePanel.WebDav.Core.Interfaces.Security
    public interface IAuthenticationService
    {
        WspPrincipal LogIn(string login, string password);
-        WspPrincipal LogIn(string accessToken);
        void CreateAuthenticationTicket(WspPrincipal principal);
-        string CreateAccessToken(WspPrincipal principal);
        void LogOut();
    }
 }
--- a/WebsitePanel/Sources/WebsitePanel.WebDav.Core/Managers/AccessTokenManager.cs
+++ b/WebsitePanel/Sources/WebsitePanel.WebDav.Core/Managers/AccessTokenManager.cs
@ -0,0 +1,42 @@
+using System;
+using WebsitePanel.EnterpriseServer.Base.HostedSolution;
+using WebsitePanel.WebDav.Core.Interfaces.Managers;
+using WebsitePanel.WebDav.Core.Security.Authentication.Principals;
+using WebsitePanel.WebDav.Core.Wsp.Framework;
+
+namespace WebsitePanel.WebDav.Core.Managers
+{
+    public class AccessTokenManager : IAccessTokenManager
+    {
+        public WebDavAccessToken CreateToken(WspPrincipal principal, string filePath)
+        {
+            var token = new WebDavAccessToken();
+
+            token.AccessToken = Guid.NewGuid();
+            token.AccountId = principal.AccountId;
+            token.ItemId = principal.ItemId;
+            token.AuthData = principal.EncryptedPassword;
+            token.ExpirationDate = DateTime.Now.AddHours(3);
+            token.FilePath = filePath;
+
+            token.Id = WSP.Services.EnterpriseStorage.AddWebDavAccessToken(token);
+
+            return token;
+        }
+
+        public WebDavAccessToken GetToken(int id)
+        {
+            return WSP.Services.EnterpriseStorage.GetWebDavAccessTokenById(id);
+        }
+
+        public WebDavAccessToken GetToken(Guid guid)
+        {
+            return WSP.Services.EnterpriseStorage.GetWebDavAccessTokenByAccessToken(guid);
+        }
+
+        public void ClearExpiredTokens()
+        {
+            WSP.Services.EnterpriseStorage.DeleteExpiredWebDavAccessTokens();
+        }
+    }
+}
--- a/WebsitePanel/Sources/WebsitePanel.WebDav.Core/Managers/WebDavManager.cs
+++ b/WebsitePanel/Sources/WebsitePanel.WebDav.Core/Managers/WebDavManager.cs
@ -164,16 +164,6 @@ namespace WebsitePanel.WebDav.Core.Managers
            return rootFolders;
        }

-        public string CreateFileId(string path)
-        {
-            return _cryptography.Encrypt(path).Replace("/", "AAAAA");
-        }
-
-        public string FilePathFromId(string id)
-        {
-            return _cryptography.Decrypt(id.Replace("AAAAA", "/"));
-        }
-
        #region Helpers

        private byte[] ReadFully(Stream input)
--- a/WebsitePanel/Sources/WebsitePanel.WebDav.Core/Security/Authentication/FormsAuthenticationService.cs
+++ b/WebsitePanel/Sources/WebsitePanel.WebDav.Core/Security/Authentication/FormsAuthenticationService.cs
@ -4,6 +4,7 @@ using System.Threading;
 using System.Web;
 using System.Web.Script.Serialization;
 using System.Web.Security;
+using WebsitePanel.EnterpriseServer.Base.HostedSolution;
 using WebsitePanel.WebDav.Core.Config;
 using WebsitePanel.WebDav.Core.Interfaces.Security;
 using WebsitePanel.WebDav.Core.Security.Authentication.Principals;
@ -58,24 +59,6 @@ namespace WebsitePanel.WebDav.Core.Security.Authentication
            return principal;
        }

-        public WspPrincipal LogIn(string accessToken)
-        {
-            var token = _cryptography.Decrypt(accessToken.Replace("AAAAA", "/"));
-
-            var splitResult = token.Split(':');
-
-            var login = splitResult[0];
-            var password = _cryptography.Decrypt(splitResult[1]);
-            var expiration = DateTime.Parse(splitResult[2]);
-
-            if (expiration < DateTime.Today)
-            {
-                return null;
-            }
-
-            return LogIn(login, password);
-        }
-
        public void CreateAuthenticationTicket(WspPrincipal principal)
        {
            var serializer = new JavaScriptSerializer();
@ -96,13 +79,6 @@ namespace WebsitePanel.WebDav.Core.Security.Authentication
            HttpContext.Current.Response.Cookies.Add(cookie);
        }

-        public string CreateAccessToken(WspPrincipal principal)
-        {
-            var token = string.Format("{0}:{1}:{2}", principal.Login, principal.EncryptedPassword, DateTime.Now.ToShortDateString());
-
-            return _cryptography.Encrypt(token).Replace("/", "AAAAA");
-        }
-
        public void LogOut()
        {
            FormsAuthentication.SignOut();
--- a/WebsitePanel/Sources/WebsitePanel.WebDav.Core/Security/Authentication/Principals/WspPrincipal.cs
+++ b/WebsitePanel/Sources/WebsitePanel.WebDav.Core/Security/Authentication/Principals/WspPrincipal.cs
@ -12,7 +12,6 @@ namespace WebsitePanel.WebDav.Core.Security.Authentication.Principals
        public int ItemId { get; set; }

        public string Login { get; set; }
-        public string EncryptedPassword { get; set; }

        public string DisplayName { get; set; }

@ -27,6 +26,8 @@ namespace WebsitePanel.WebDav.Core.Security.Authentication.Principals
        [XmlIgnore, ScriptIgnore]
        public IIdentity Identity { get; private set; }

+        public string EncryptedPassword { get; set; }
+
        public WspPrincipal(string username)
        {
            Identity = new GenericIdentity(username);//new WindowsIdentity(username, "WindowsAuthentication");
--- a/WebsitePanel/Sources/WebsitePanel.WebDav.Core/WebsitePanel.WebDav.Core.csproj
+++ b/WebsitePanel/Sources/WebsitePanel.WebDav.Core/WebsitePanel.WebDav.Core.csproj
@ -127,6 +127,8 @@
    <Compile Include="IFolder.cs" />
    <Compile Include="IHierarchyItem.cs" />
    <Compile Include="IItemContent.cs" />
+    <Compile Include="Managers\AccessTokenManager.cs" />
+    <Compile Include="Interfaces\Managers\IAccessTokenManager.cs" />
    <Compile Include="Interfaces\Managers\IWebDavManager.cs" />
    <Compile Include="Interfaces\Owa\IWopiServer.cs" />
    <Compile Include="Interfaces\Security\IAuthenticationService.cs" />