Cleaned up config for Security settings

This commit is contained in:
Bjarke Berg
2020-03-12 14:36:25 +01:00
parent e27a05c3e8
commit cb0994a929
41 changed files with 228 additions and 176 deletions
+6 -4
View File
@@ -24,6 +24,9 @@ namespace Umbraco.Core.Configuration
public IKeepAliveSettings KeepAliveSettings { get; } = new KeepAliveSettings();
public IWebRoutingSettings WebRoutingSettings { get; } = new WebRoutingSettings();
public IRequestHandlerSettings RequestHandlerSettings { get; } = new RequestHandlerSettings();
public ISecuritySettings SecuritySettings { get; } = new SecuritySettings();
public IUserPasswordConfiguration UserPasswordConfigurationSettings { get; } = new UserPasswordConfigurationSettings();
public IMemberPasswordConfiguration MemberPasswordConfigurationSettings { get; } = new MemberPasswordConfigurationSettings();
public IUmbracoSettingsSection UmbracoSettings { get; }
@@ -36,10 +39,6 @@ namespace Umbraco.Core.Configuration
configs.Add<IUmbracoSettingsSection>("umbracoConfiguration/settings");
configs.Add<IHealthChecks>("umbracoConfiguration/HealthChecks");
// Password configuration is held within IUmbracoSettingsSection from umbracoConfiguration/settings but we'll add explicitly
// so it can be independently retrieved in classes that need it.
configs.AddPasswordConfigurations();
configs.Add(() => CoreDebug);
configs.Add(() => MachineKeyConfig);
configs.Add<IConnectionStrings>(() => new ConnectionStrings(ioHelper));
@@ -58,6 +57,9 @@ namespace Umbraco.Core.Configuration
configs.Add<IKeepAliveSettings>(() => KeepAliveSettings);
configs.Add<IWebRoutingSettings>(() => WebRoutingSettings);
configs.Add<IRequestHandlerSettings>(() => RequestHandlerSettings);
configs.Add<ISecuritySettings>(() => SecuritySettings);
configs.Add<IUserPasswordConfiguration>(() => UserPasswordConfigurationSettings);
configs.Add<IMemberPasswordConfiguration>(() => MemberPasswordConfigurationSettings);
configs.AddCoreConfigs(ioHelper);
return configs;
@@ -0,0 +1,16 @@
using Umbraco.Core.Configuration;
namespace Umbraco.Configuration.Implementations
{
internal class MemberPasswordConfigurationSettings : ConfigurationManagerConfigBase, IMemberPasswordConfiguration
{
public int RequiredLength => UmbracoSettingsSection.Security.UserPasswordConfiguration.RequiredLength;
public bool RequireNonLetterOrDigit => UmbracoSettingsSection.Security.UserPasswordConfiguration.RequireNonLetterOrDigit;
public bool RequireDigit => UmbracoSettingsSection.Security.UserPasswordConfiguration.RequireDigit;
public bool RequireLowercase=> UmbracoSettingsSection.Security.UserPasswordConfiguration.RequireLowercase;
public bool RequireUppercase=> UmbracoSettingsSection.Security.UserPasswordConfiguration.RequireUppercase;
public bool UseLegacyEncoding=> UmbracoSettingsSection.Security.UserPasswordConfiguration.UseLegacyEncoding;
public string HashAlgorithmType=> UmbracoSettingsSection.Security.UserPasswordConfiguration.HashAlgorithmType;
public int MaxFailedAccessAttemptsBeforeLockout => UmbracoSettingsSection.Security.UserPasswordConfiguration.MaxFailedAccessAttemptsBeforeLockout;
}
}
@@ -0,0 +1,14 @@
using Umbraco.Core.Configuration.UmbracoSettings;
namespace Umbraco.Configuration.Implementations
{
internal class SecuritySettings : ConfigurationManagerConfigBase, ISecuritySettings
{
public bool KeepUserLoggedIn => UmbracoSettingsSection.Security.KeepUserLoggedIn;
public bool HideDisabledUsersInBackoffice => UmbracoSettingsSection.Security.HideDisabledUsersInBackoffice;
public bool AllowPasswordReset => UmbracoSettingsSection.Security.AllowPasswordReset;
public string AuthCookieName => UmbracoSettingsSection.Security.AuthCookieName;
public string AuthCookieDomain => UmbracoSettingsSection.Security.AuthCookieDomain;
public bool UsernameIsEmail => UmbracoSettingsSection.Security.UsernameIsEmail;
}
}
@@ -0,0 +1,15 @@
using Umbraco.Core.Configuration;
namespace Umbraco.Configuration.Implementations
{
internal class UserPasswordConfigurationSettings : ConfigurationManagerConfigBase, IUserPasswordConfiguration
{
public int RequiredLength => UmbracoSettingsSection.Security.UserPasswordConfiguration.RequiredLength;
public bool RequireNonLetterOrDigit => UmbracoSettingsSection.Security.UserPasswordConfiguration.RequireNonLetterOrDigit;
public bool RequireDigit => UmbracoSettingsSection.Security.UserPasswordConfiguration.RequireDigit;
public bool RequireLowercase=> UmbracoSettingsSection.Security.UserPasswordConfiguration.RequireLowercase;
public bool RequireUppercase=> UmbracoSettingsSection.Security.UserPasswordConfiguration.RequireUppercase;
public bool UseLegacyEncoding=> UmbracoSettingsSection.Security.UserPasswordConfiguration.UseLegacyEncoding;
public string HashAlgorithmType=> UmbracoSettingsSection.Security.UserPasswordConfiguration.HashAlgorithmType;
public int MaxFailedAccessAttemptsBeforeLockout => UmbracoSettingsSection.Security.UserPasswordConfiguration.MaxFailedAccessAttemptsBeforeLockout;
}
}
@@ -1,6 +1,6 @@
namespace Umbraco.Core.Configuration.UmbracoSettings
{
internal class MemberPasswordConfigurationElement : PasswordConfigurationElement, IMemberPasswordConfigurationSection
internal class MemberPasswordConfigurationElement : PasswordConfigurationElement, IMemberPasswordConfiguration
{
}
}
@@ -2,7 +2,7 @@
namespace Umbraco.Core.Configuration.UmbracoSettings
{
internal class SecurityElement : UmbracoConfigurationElement, ISecuritySection
internal class SecurityElement : UmbracoConfigurationElement, ISecuritySettings
{
[ConfigurationProperty("keepUserLoggedIn")]
internal InnerTextConfigurationElement<bool> KeepUserLoggedIn => GetOptionalTextElement("keepUserLoggedIn", true);
@@ -38,14 +38,14 @@ namespace Umbraco.Core.Configuration.UmbracoSettings
[ConfigurationProperty("memberPasswordConfiguration")]
public MemberPasswordConfigurationElement MemberPasswordConfiguration => (MemberPasswordConfigurationElement)this["memberPasswordConfiguration"];
bool ISecuritySection.KeepUserLoggedIn => KeepUserLoggedIn;
bool ISecuritySettings.KeepUserLoggedIn => KeepUserLoggedIn;
bool ISecuritySection.HideDisabledUsersInBackoffice => HideDisabledUsersInBackoffice;
bool ISecuritySettings.HideDisabledUsersInBackoffice => HideDisabledUsersInBackoffice;
/// <summary>
/// Used to enable/disable the forgot password functionality on the back office login screen
/// </summary>
bool ISecuritySection.AllowPasswordReset => AllowPasswordReset;
bool ISecuritySettings.AllowPasswordReset => AllowPasswordReset;
/// <summary>
/// A boolean indicating that by default the email address will be the username
@@ -54,14 +54,10 @@ namespace Umbraco.Core.Configuration.UmbracoSettings
/// Even if this is true and the username is different from the email in the database, the username field will still be shown.
/// When this is false, the username and email fields will be shown in the user section.
/// </remarks>
bool ISecuritySection.UsernameIsEmail => UsernameIsEmail;
bool ISecuritySettings.UsernameIsEmail => UsernameIsEmail;
string ISecuritySection.AuthCookieName => AuthCookieName;
string ISecuritySettings.AuthCookieName => AuthCookieName;
string ISecuritySection.AuthCookieDomain => AuthCookieDomain;
IUserPasswordConfigurationSection ISecuritySection.UserPasswordConfiguration => UserPasswordConfiguration;
IMemberPasswordConfigurationSection ISecuritySection.MemberPasswordConfiguration => MemberPasswordConfiguration;
string ISecuritySettings.AuthCookieDomain => AuthCookieDomain;
}
}
@@ -26,7 +26,5 @@ namespace Umbraco.Core.Configuration.UmbracoSettings
internal KeepAliveElement KeepAlive => (KeepAliveElement)this["keepAlive"];
IContentSection IUmbracoSettingsSection.Content => Content;
ISecuritySection IUmbracoSettingsSection.Security => Security;
}
}
@@ -1,6 +1,6 @@
namespace Umbraco.Core.Configuration.UmbracoSettings
{
internal class UserPasswordConfigurationElement : PasswordConfigurationElement, IUserPasswordConfigurationSection
internal class UserPasswordConfigurationElement : PasswordConfigurationElement, IUserPasswordConfiguration
{
}
}
@@ -28,6 +28,15 @@ namespace Umbraco.Core
public static IUmbracoSettingsSection Settings(this Configs configs)
=> configs.GetConfig<IUmbracoSettingsSection>();
public static ISecuritySettings Security(this Configs configs)
=> configs.GetConfig<ISecuritySettings>();
public static IUserPasswordConfiguration UserPasswordConfiguration(this Configs configs)
=> configs.GetConfig<IUserPasswordConfiguration>();
public static IMemberPasswordConfiguration MemberPasswordConfiguration(this Configs configs)
=> configs.GetConfig<IMemberPasswordConfiguration>();
public static IRequestHandlerSettings RequestHandler(this Configs configs)
=> configs.GetConfig<IRequestHandlerSettings>();
@@ -43,24 +52,6 @@ namespace Umbraco.Core
public static ICoreDebug CoreDebug(this Configs configs)
=> configs.GetConfig<ICoreDebug>();
public static IUserPasswordConfiguration UserPasswordConfiguration(this Configs configs)
=> configs.GetConfig<IUserPasswordConfiguration>();
public static IMemberPasswordConfiguration MemberPasswordConfiguration(this Configs configs)
=> configs.GetConfig<IMemberPasswordConfiguration>();
public static void AddPasswordConfigurations(this Configs configs)
{
configs.Add<IUserPasswordConfiguration>(() =>
{
return new UserPasswordConfiguration(configs.Settings().Security.UserPasswordConfiguration);
});
configs.Add<IMemberPasswordConfiguration>(() =>
{
return new MemberPasswordConfiguration(configs.Settings().Security.MemberPasswordConfiguration);
});
}
public static void AddCoreConfigs(this Configs configs, IIOHelper ioHelper)
{
var configDir = new DirectoryInfo(ioHelper.MapPath(Constants.SystemDirectories.Config));
@@ -7,9 +7,9 @@ namespace Umbraco.Core.Configuration
/// </summary>
public class MemberPasswordConfiguration : PasswordConfiguration, IMemberPasswordConfiguration
{
public MemberPasswordConfiguration(IMemberPasswordConfigurationSection configSection)
: base(configSection)
{
public MemberPasswordConfiguration(IMemberPasswordConfiguration configSettings)
: base(configSettings)
{
}
}
}
@@ -5,21 +5,21 @@ namespace Umbraco.Core.Configuration
{
public abstract class PasswordConfiguration : IPasswordConfiguration
{
protected PasswordConfiguration(IPasswordConfigurationSection configSection)
protected PasswordConfiguration(IPasswordConfiguration configSettings)
{
if (configSection == null)
if (configSettings == null)
{
throw new ArgumentNullException(nameof(configSection));
throw new ArgumentNullException(nameof(configSettings));
}
RequiredLength = configSection.RequiredLength;
RequireNonLetterOrDigit = configSection.RequireNonLetterOrDigit;
RequireDigit = configSection.RequireDigit;
RequireLowercase = configSection.RequireLowercase;
RequireUppercase = configSection.RequireUppercase;
UseLegacyEncoding = configSection.UseLegacyEncoding;
HashAlgorithmType = configSection.HashAlgorithmType;
MaxFailedAccessAttemptsBeforeLockout = configSection.MaxFailedAccessAttemptsBeforeLockout;
RequiredLength = configSettings.RequiredLength;
RequireNonLetterOrDigit = configSettings.RequireNonLetterOrDigit;
RequireDigit = configSettings.RequireDigit;
RequireLowercase = configSettings.RequireLowercase;
RequireUppercase = configSettings.RequireUppercase;
UseLegacyEncoding = configSettings.UseLegacyEncoding;
HashAlgorithmType = configSettings.HashAlgorithmType;
MaxFailedAccessAttemptsBeforeLockout = configSettings.MaxFailedAccessAttemptsBeforeLockout;
}
public int RequiredLength { get; }
@@ -1,6 +0,0 @@
namespace Umbraco.Core.Configuration.UmbracoSettings
{
public interface IMemberPasswordConfigurationSection : IPasswordConfigurationSection
{
}
}
@@ -1,9 +1,9 @@
namespace Umbraco.Core.Configuration.UmbracoSettings
{
public interface ISecuritySection : IUmbracoConfigurationSection
public interface ISecuritySettings : IUmbracoConfigurationSection
{
bool KeepUserLoggedIn { get; }
bool HideDisabledUsersInBackoffice { get; }
/// <summary>
@@ -23,9 +23,5 @@
/// When this is false, the username and email fields will be shown in the user section.
/// </remarks>
bool UsernameIsEmail { get; }
IUserPasswordConfigurationSection UserPasswordConfiguration { get; }
IMemberPasswordConfigurationSection MemberPasswordConfiguration { get; }
}
}
@@ -5,7 +5,5 @@ namespace Umbraco.Core.Configuration.UmbracoSettings
public interface IUmbracoSettingsSection : IUmbracoConfigurationSection
{
IContentSection Content { get; }
ISecuritySection Security { get; }
}
}
@@ -1,6 +0,0 @@
namespace Umbraco.Core.Configuration.UmbracoSettings
{
public interface IUserPasswordConfigurationSection : IPasswordConfigurationSection
{
}
}
@@ -7,9 +7,9 @@ namespace Umbraco.Core.Configuration
/// </summary>
public class UserPasswordConfiguration : PasswordConfiguration, IUserPasswordConfiguration
{
public UserPasswordConfiguration(IUserPasswordConfigurationSection configSection)
: base(configSection)
{
public UserPasswordConfiguration(IUserPasswordConfiguration configSettings)
: base(configSettings)
{
}
}
}
@@ -15,7 +15,6 @@ namespace Umbraco.Core.Composing.CompositionExtensions
// register others
composition.RegisterUnique(factory => factory.GetInstance<IUmbracoSettingsSection>().Content);
composition.RegisterUnique(factory => factory.GetInstance<IUmbracoSettingsSection>().Security);
return composition;
}
@@ -33,7 +33,7 @@ namespace Umbraco.Web.Models.ContentEditing
if (UserGroups.Any() == false)
yield return new ValidationResult("A user must be assigned to at least one group", new[] { nameof(UserGroups) });
if (Current.Configs.Settings().Security.UsernameIsEmail == false && Username.IsNullOrWhiteSpace())
if (Current.Configs.Security().UsernameIsEmail == false && Username.IsNullOrWhiteSpace())
yield return new ValidationResult("A username cannot be empty", new[] { nameof(Username) });
}
}
@@ -9,127 +9,127 @@ namespace Umbraco.Tests.Configurations.UmbracoSettings
[Test]
public void KeepUserLoggedIn()
{
Assert.IsTrue(SettingsSection.Security.KeepUserLoggedIn == true);
Assert.IsTrue(SecuritySettings.KeepUserLoggedIn == true);
}
[Test]
public void HideDisabledUsersInBackoffice()
{
Assert.IsTrue(SettingsSection.Security.HideDisabledUsersInBackoffice == false);
Assert.IsTrue(SecuritySettings.HideDisabledUsersInBackoffice == false);
}
[Test]
public void AllowPasswordReset()
{
Assert.IsTrue(SettingsSection.Security.AllowPasswordReset == true);
Assert.IsTrue(SecuritySettings.AllowPasswordReset == true);
}
[Test]
public void AuthCookieDomain()
{
Assert.IsTrue(SettingsSection.Security.AuthCookieDomain == null);
Assert.IsTrue(SecuritySettings.AuthCookieDomain == null);
}
[Test]
public void AuthCookieName()
{
Assert.IsTrue(SettingsSection.Security.AuthCookieName == "UMB_UCONTEXT");
Assert.IsTrue(SecuritySettings.AuthCookieName == "UMB_UCONTEXT");
}
[Test]
public void UserPasswordConfiguration_RequiredLength()
{
Assert.IsTrue(SettingsSection.Security.UserPasswordConfiguration.RequiredLength == 12);
Assert.IsTrue(UserPasswordConfiguration.RequiredLength == 12);
}
[Test]
public void UserPasswordConfiguration_RequireNonLetterOrDigit()
{
Assert.IsTrue(SettingsSection.Security.UserPasswordConfiguration.RequireNonLetterOrDigit == false);
Assert.IsTrue(UserPasswordConfiguration.RequireNonLetterOrDigit == false);
}
[Test]
public void UserPasswordConfiguration_RequireDigit()
{
Assert.IsTrue(SettingsSection.Security.UserPasswordConfiguration.RequireDigit == false);
Assert.IsTrue(UserPasswordConfiguration.RequireDigit == false);
}
[Test]
public void UserPasswordConfiguration_RequireLowercase()
{
Assert.IsTrue(SettingsSection.Security.UserPasswordConfiguration.RequireLowercase == false);
Assert.IsTrue(UserPasswordConfiguration.RequireLowercase == false);
}
[Test]
public void UserPasswordConfiguration_RequireUppercase()
{
Assert.IsTrue(SettingsSection.Security.UserPasswordConfiguration.RequireUppercase == false);
Assert.IsTrue(UserPasswordConfiguration.RequireUppercase == false);
}
[Test]
public void UserPasswordConfiguration_UseLegacyEncoding()
{
Assert.IsTrue(SettingsSection.Security.UserPasswordConfiguration.UseLegacyEncoding == false);
Assert.IsTrue(UserPasswordConfiguration.UseLegacyEncoding == false);
}
[Test]
public void UserPasswordConfiguration_HashAlgorithmType()
{
Assert.IsTrue(SettingsSection.Security.UserPasswordConfiguration.HashAlgorithmType == "HMACSHA256");
Assert.IsTrue(UserPasswordConfiguration.HashAlgorithmType == "HMACSHA256");
}
[Test]
public void UserPasswordConfiguration_MaxFailedAccessAttemptsBeforeLockout()
{
Assert.IsTrue(SettingsSection.Security.UserPasswordConfiguration.MaxFailedAccessAttemptsBeforeLockout == 5);
Assert.IsTrue(UserPasswordConfiguration.MaxFailedAccessAttemptsBeforeLockout == 5);
}
[Test]
public void MemberPasswordConfiguration_RequiredLength()
{
Assert.IsTrue(SettingsSection.Security.MemberPasswordConfiguration.RequiredLength == 12);
Assert.IsTrue(MemberPasswordConfiguration.RequiredLength == 12);
}
[Test]
public void MemberPasswordConfiguration_RequireNonLetterOrDigit()
{
Assert.IsTrue(SettingsSection.Security.MemberPasswordConfiguration.RequireNonLetterOrDigit == false);
Assert.IsTrue(MemberPasswordConfiguration.RequireNonLetterOrDigit == false);
}
[Test]
public void MemberPasswordConfiguration_RequireDigit()
{
Assert.IsTrue(SettingsSection.Security.MemberPasswordConfiguration.RequireDigit == false);
Assert.IsTrue(MemberPasswordConfiguration.RequireDigit == false);
}
[Test]
public void MemberPasswordConfiguration_RequireLowercase()
{
Assert.IsTrue(SettingsSection.Security.MemberPasswordConfiguration.RequireLowercase == false);
Assert.IsTrue(MemberPasswordConfiguration.RequireLowercase == false);
}
[Test]
public void MemberPasswordConfiguration_RequireUppercase()
{
Assert.IsTrue(SettingsSection.Security.MemberPasswordConfiguration.RequireUppercase == false);
Assert.IsTrue(MemberPasswordConfiguration.RequireUppercase == false);
}
[Test]
public void MemberPasswordConfiguration_UseLegacyEncoding()
{
Assert.IsTrue(SettingsSection.Security.MemberPasswordConfiguration.UseLegacyEncoding == false);
Assert.IsTrue(MemberPasswordConfiguration.UseLegacyEncoding == false);
}
[Test]
public void MemberPasswordConfiguration_HashAlgorithmType()
{
Assert.IsTrue(SettingsSection.Security.MemberPasswordConfiguration.HashAlgorithmType == "HMACSHA256");
Assert.IsTrue(MemberPasswordConfiguration.HashAlgorithmType == "HMACSHA256");
}
[Test]
public void MemberPasswordConfiguration_MaxFailedAccessAttemptsBeforeLockout()
{
Assert.IsTrue(SettingsSection.Security.MemberPasswordConfiguration.MaxFailedAccessAttemptsBeforeLockout == 5);
Assert.IsTrue(MemberPasswordConfiguration.MaxFailedAccessAttemptsBeforeLockout == 5);
}
}
}
@@ -2,6 +2,7 @@
using System.Diagnostics;
using System.IO;
using NUnit.Framework;
using Umbraco.Core.Configuration;
using Umbraco.Core.Configuration.UmbracoSettings;
using Umbraco.Tests.TestHelpers;
@@ -38,5 +39,8 @@ namespace Umbraco.Tests.Configurations.UmbracoSettings
protected ILoggingSettings LoggingSettings => Settings.Logging;
protected IWebRoutingSettings WebRoutingSettings => Settings.WebRouting;
protected IRequestHandlerSettings RequestHandlerSettings => Settings.RequestHandler;
protected ISecuritySettings SecuritySettings => Settings.Security;
protected IUserPasswordConfiguration UserPasswordConfiguration => Settings.Security.UserPasswordConfiguration;
protected IMemberPasswordConfiguration MemberPasswordConfiguration => Settings.Security.MemberPasswordConfiguration;
}
}
@@ -45,18 +45,8 @@ namespace Umbraco.Tests.TestHelpers
var settings = new Mock<IUmbracoSettingsSection>();
var content = new Mock<IContentSection>();
var security = new Mock<ISecuritySection>();
var requestHandler = new Mock<IRequestHandlerSettings>();
var logging = new Mock<ILoggingSettings>();
var routing = new Mock<IWebRoutingSettings>();
var userPasswordConfig = new Mock<IUserPasswordConfigurationSection>();
var memberPasswordConfig = new Mock<IMemberPasswordConfigurationSection>();
security.Setup(x => x.UserPasswordConfiguration).Returns(userPasswordConfig.Object);
security.Setup(x => x.MemberPasswordConfiguration).Returns(memberPasswordConfig.Object);
settings.Setup(x => x.Content).Returns(content.Object);
settings.Setup(x => x.Security).Returns(security.Object);
//Now configure some defaults - the defaults in the config section classes do NOT pertain to the mocked data!!
settings.Setup(x => x.Content.ImageAutoFillProperties).Returns(ContentImagingElement.GetDefaultImageAutoFillProperties());
@@ -185,5 +175,26 @@ namespace Umbraco.Tests.TestHelpers
return mock.Object;
}
public static ISecuritySettings GenerateMockSecuritySettings()
{
var security = new Mock<ISecuritySettings>();
return security.Object;
}
public static IUserPasswordConfiguration GenerateMockUserPasswordConfiguration()
{
var mock = new Mock<IUserPasswordConfiguration>();
return mock.Object;
}
public static IMemberPasswordConfiguration GenerateMockMemberPasswordConfiguration()
{
var mock = new Mock<IMemberPasswordConfiguration>();
return mock.Object;
}
}
}
@@ -416,6 +416,9 @@ namespace Umbraco.Tests.Testing
Composition.Configs.Add(SettingsForTests.GetDefaultHostingSettings);
Composition.Configs.Add(SettingsForTests.GenerateMockRequestHandlerSettings);
Composition.Configs.Add(SettingsForTests.GenerateMockWebRoutingSettings);
Composition.Configs.Add(SettingsForTests.GenerateMockSecuritySettings);
Composition.Configs.Add(SettingsForTests.GenerateMockUserPasswordConfiguration);
Composition.Configs.Add(SettingsForTests.GenerateMockMemberPasswordConfiguration);
//Composition.Configs.Add<IUserPasswordConfiguration>(() => new DefaultUserPasswordConfig());
}
@@ -88,7 +88,7 @@ namespace Umbraco.Tests.Web.Controllers
Factory.GetInstance<IProfilingLogger>(),
Factory.GetInstance<IRuntimeState>(),
Factory.GetInstance<UmbracoMapper>(),
Factory.GetInstance<IUmbracoSettingsSection>(),
Factory.GetInstance<ISecuritySettings>(),
Factory.GetInstance<IIOHelper>(),
Factory.GetInstance<IPublishedUrlProvider>()
);
@@ -92,7 +92,8 @@ namespace Umbraco.Tests.Web.Controllers
Factory.GetInstance<IUmbracoSettingsSection>(),
Factory.GetInstance<IIOHelper>(),
Factory.GetInstance<IImageUrlGenerator>(),
Factory.GetInstance<IPublishedUrlProvider>()
Factory.GetInstance<IPublishedUrlProvider>(),
Factory.GetInstance<ISecuritySettings>()
);
return usersController;
@@ -164,7 +165,8 @@ namespace Umbraco.Tests.Web.Controllers
Factory.GetInstance<IUmbracoSettingsSection>(),
Factory.GetInstance<IIOHelper>(),
Factory.GetInstance<IImageUrlGenerator>(),
Factory.GetInstance<IPublishedUrlProvider>()
Factory.GetInstance<IPublishedUrlProvider>(),
Factory.GetInstance<ISecuritySettings>()
);
return usersController;
}
@@ -206,7 +208,8 @@ namespace Umbraco.Tests.Web.Controllers
Factory.GetInstance<IUmbracoSettingsSection>(),
Factory.GetInstance<IIOHelper>(),
Factory.GetInstance<IImageUrlGenerator>(),
Factory.GetInstance<IPublishedUrlProvider>()
Factory.GetInstance<IPublishedUrlProvider>(),
Factory.GetInstance<ISecuritySettings>()
);
return usersController;
}
@@ -283,7 +286,8 @@ namespace Umbraco.Tests.Web.Controllers
Factory.GetInstance<IUmbracoSettingsSection>(),
Factory.GetInstance<IIOHelper>(),
Factory.GetInstance<IImageUrlGenerator>(),
Factory.GetInstance<IPublishedUrlProvider>()
Factory.GetInstance<IPublishedUrlProvider>(),
Factory.GetInstance<ISecuritySettings>()
);
return usersController;
}
@@ -48,7 +48,7 @@
redirectUrl = Url.Action("AuthorizeUpgrade", "BackOffice")
});
}
@Html.BareMinimumServerVariablesScript(Url, externalLoginUrl, Model.Features, Model.GlobalSettings, Model.UmbracoVersion, Model.UmbracoSettingsSection, Model.IOHelper, Model.TreeCollection, Model.HttpContextAccessor, Model.HostingEnvironment, Model.RuntimeSettings)
@Html.BareMinimumServerVariablesScript(Url, externalLoginUrl, Model.Features, Model.GlobalSettings, Model.UmbracoVersion, Model.UmbracoSettingsSection, Model.IOHelper, Model.TreeCollection, Model.HttpContextAccessor, Model.HostingEnvironment, Model.RuntimeSettings, Model.SecuritySettings)
<script type="text/javascript">
document.angularReady = function (app) {
@@ -110,7 +110,7 @@
on-login="hideLoginScreen()">
</umb-login>
@Html.BareMinimumServerVariablesScript(Url, Url.Action("ExternalLogin", "BackOffice", new { area = ViewData.GetUmbracoPath() }), Model.Features, Model.GlobalSettings, Model.UmbracoVersion, Model.UmbracoSettingsSection, Model.IOHelper, Model.TreeCollection, Model.HttpContextAccessor, Model.HostingEnvironment, Model.RuntimeSettings)
@Html.BareMinimumServerVariablesScript(Url, Url.Action("ExternalLogin", "BackOffice", new { area = ViewData.GetUmbracoPath() }), Model.Features, Model.GlobalSettings, Model.UmbracoVersion, Model.UmbracoSettingsSection, Model.IOHelper, Model.TreeCollection, Model.HttpContextAccessor, Model.HostingEnvironment, Model.RuntimeSettings, Model.SecuritySettings)
<script>
@@ -45,7 +45,7 @@ namespace Umbraco.Web.Editors
private BackOfficeSignInManager _signInManager;
private readonly IUserPasswordConfiguration _passwordConfiguration;
private readonly IRuntimeState _runtimeState;
private readonly IUmbracoSettingsSection _umbracoSettingsSection;
private readonly ISecuritySettings _securitySettings;
private readonly IIOHelper _ioHelper;
public AuthenticationController(
@@ -58,14 +58,14 @@ namespace Umbraco.Web.Editors
IProfilingLogger logger,
IRuntimeState runtimeState,
UmbracoMapper umbracoMapper,
IUmbracoSettingsSection umbracoSettingsSection,
ISecuritySettings securitySettings,
IIOHelper ioHelper,
IPublishedUrlProvider publishedUrlProvider)
: base(globalSettings, umbracoContextAccessor, sqlContext, services, appCaches, logger, runtimeState, umbracoMapper, publishedUrlProvider)
{
_passwordConfiguration = passwordConfiguration ?? throw new ArgumentNullException(nameof(passwordConfiguration));
_runtimeState = runtimeState ?? throw new ArgumentNullException(nameof(runtimeState));
_umbracoSettingsSection = umbracoSettingsSection ?? throw new ArgumentNullException(nameof(umbracoSettingsSection));
_securitySettings = securitySettings ?? throw new ArgumentNullException(nameof(securitySettings));
_ioHelper = ioHelper ?? throw new ArgumentNullException(nameof(ioHelper));
}
@@ -310,7 +310,7 @@ namespace Umbraco.Web.Editors
{
// If this feature is switched off in configuration the UI will be amended to not make the request to reset password available.
// So this is just a server-side secondary check.
if (_umbracoSettingsSection.Security.AllowPasswordReset == false)
if (_securitySettings.AllowPasswordReset == false)
{
throw new HttpResponseException(HttpStatusCode.BadRequest);
}
@@ -54,6 +54,7 @@ namespace Umbraco.Web.Editors
private readonly IHostingEnvironment _hostingEnvironment;
private readonly IHttpContextAccessor _httpContextAccessor;
private readonly IRuntimeSettings _runtimeSettings;
private readonly ISecuritySettings _securitySettings;
public BackOfficeController(
IManifestParser manifestParser,
@@ -71,7 +72,8 @@ namespace Umbraco.Web.Editors
TreeCollection treeCollection,
IHostingEnvironment hostingEnvironment,
IHttpContextAccessor httpContextAccessor,
IRuntimeSettings settings)
IRuntimeSettings settings,
ISecuritySettings securitySettings)
: base(globalSettings, umbracoContextAccessor, services, appCaches, profilingLogger)
{
@@ -86,6 +88,7 @@ namespace Umbraco.Web.Editors
_hostingEnvironment = hostingEnvironment;
_httpContextAccessor = httpContextAccessor;
_runtimeSettings = settings;
_securitySettings = securitySettings;
}
protected BackOfficeSignInManager SignInManager => _signInManager ?? (_signInManager = OwinContext.GetBackOfficeSignInManager());
@@ -101,8 +104,8 @@ namespace Umbraco.Web.Editors
public async Task<ActionResult> Default()
{
return await RenderDefaultOrProcessExternalLoginAsync(
() => View(GlobalSettings.Path.EnsureEndsWith('/') + "Views/Default.cshtml", new BackOfficeModel(_features, GlobalSettings, _umbracoVersion, _umbracoSettingsSection,_ioHelper, _treeCollection, _httpContextAccessor, _hostingEnvironment, _runtimeSettings)),
() => View(GlobalSettings.Path.EnsureEndsWith('/') + "Views/Default.cshtml", new BackOfficeModel(_features, GlobalSettings, _umbracoVersion, _umbracoSettingsSection, _ioHelper, _treeCollection, _httpContextAccessor, _hostingEnvironment, _runtimeSettings)));
() => View(GlobalSettings.Path.EnsureEndsWith('/') + "Views/Default.cshtml", new BackOfficeModel(_features, GlobalSettings, _umbracoVersion, _umbracoSettingsSection,_ioHelper, _treeCollection, _httpContextAccessor, _hostingEnvironment, _runtimeSettings, _securitySettings)),
() => View(GlobalSettings.Path.EnsureEndsWith('/') + "Views/Default.cshtml", new BackOfficeModel(_features, GlobalSettings, _umbracoVersion, _umbracoSettingsSection, _ioHelper, _treeCollection, _httpContextAccessor, _hostingEnvironment, _runtimeSettings, _securitySettings)));
}
[HttpGet]
@@ -185,7 +188,7 @@ namespace Umbraco.Web.Editors
{
return await RenderDefaultOrProcessExternalLoginAsync(
//The default view to render when there is no external login info or errors
() => View(GlobalSettings.Path.EnsureEndsWith('/') + "Views/AuthorizeUpgrade.cshtml", new BackOfficeModel(_features, GlobalSettings, _umbracoVersion, _umbracoSettingsSection, _ioHelper, _treeCollection, _httpContextAccessor, _hostingEnvironment, _runtimeSettings)),
() => View(GlobalSettings.Path.EnsureEndsWith('/') + "Views/AuthorizeUpgrade.cshtml", new BackOfficeModel(_features, GlobalSettings, _umbracoVersion, _umbracoSettingsSection, _ioHelper, _treeCollection, _httpContextAccessor, _hostingEnvironment, _runtimeSettings, _securitySettings)),
//The ActionResult to perform if external login is successful
() => Redirect("/"));
}
@@ -292,7 +295,7 @@ namespace Umbraco.Web.Editors
[MinifyJavaScriptResult(Order = 1)]
public JavaScriptResult ServerVariables()
{
var serverVars = new BackOfficeServerVariables(Url, _runtimeState, _features, GlobalSettings, _umbracoVersion, _umbracoSettingsSection, _ioHelper, _treeCollection, _httpContextAccessor, _hostingEnvironment, _runtimeSettings);
var serverVars = new BackOfficeServerVariables(Url, _runtimeState, _features, GlobalSettings, _umbracoVersion, _umbracoSettingsSection, _ioHelper, _treeCollection, _httpContextAccessor, _hostingEnvironment, _runtimeSettings, _securitySettings);
//cache the result if debugging is disabled
var result = _hostingEnvironment.IsDebugMode
+6 -1
View File
@@ -10,7 +10,10 @@ namespace Umbraco.Web.Editors
public class BackOfficeModel
{
public BackOfficeModel(UmbracoFeatures features, IGlobalSettings globalSettings, IUmbracoVersion umbracoVersion, IUmbracoSettingsSection umbracoSettingsSection, IIOHelper ioHelper, TreeCollection treeCollection, IHttpContextAccessor httpContextAccessor, IHostingEnvironment hostingEnvironment, IRuntimeSettings runtimeSettings)
public BackOfficeModel(UmbracoFeatures features, IGlobalSettings globalSettings, IUmbracoVersion umbracoVersion,
IUmbracoSettingsSection umbracoSettingsSection, IIOHelper ioHelper, TreeCollection treeCollection,
IHttpContextAccessor httpContextAccessor, IHostingEnvironment hostingEnvironment,
IRuntimeSettings runtimeSettings, ISecuritySettings securitySettings)
{
Features = features;
GlobalSettings = globalSettings;
@@ -21,6 +24,7 @@ namespace Umbraco.Web.Editors
HttpContextAccessor = httpContextAccessor;
HostingEnvironment = hostingEnvironment;
RuntimeSettings = runtimeSettings;
SecuritySettings = securitySettings;
}
public UmbracoFeatures Features { get; }
@@ -32,5 +36,6 @@ namespace Umbraco.Web.Editors
public IHttpContextAccessor HttpContextAccessor { get; }
public IHostingEnvironment HostingEnvironment { get; }
public IRuntimeSettings RuntimeSettings { get; set; }
public ISecuritySettings SecuritySettings { get; set; }
}
}
@@ -14,8 +14,8 @@ namespace Umbraco.Web.Editors
private readonly UmbracoFeatures _features;
public IEnumerable<ILanguage> Languages { get; }
public BackOfficePreviewModel(UmbracoFeatures features, IGlobalSettings globalSettings, IUmbracoVersion umbracoVersion, IEnumerable<ILanguage> languages, IUmbracoSettingsSection umbracoSettingsSection, IIOHelper ioHelper, TreeCollection treeCollection, IHttpContextAccessor httpContextAccessor, IHostingEnvironment hostingEnvironment, IRuntimeSettings runtimeSettings)
: base(features, globalSettings, umbracoVersion, umbracoSettingsSection, ioHelper, treeCollection, httpContextAccessor, hostingEnvironment, runtimeSettings)
public BackOfficePreviewModel(UmbracoFeatures features, IGlobalSettings globalSettings, IUmbracoVersion umbracoVersion, IEnumerable<ILanguage> languages, IUmbracoSettingsSection umbracoSettingsSection, IIOHelper ioHelper, TreeCollection treeCollection, IHttpContextAccessor httpContextAccessor, IHostingEnvironment hostingEnvironment, IRuntimeSettings runtimeSettings, ISecuritySettings securitySettings)
: base(features, globalSettings, umbracoVersion, umbracoSettingsSection, ioHelper, treeCollection, httpContextAccessor, hostingEnvironment, runtimeSettings, securitySettings)
{
_features = features;
Languages = languages;
@@ -39,6 +39,7 @@ namespace Umbraco.Web.Editors
private readonly IHttpContextAccessor _httpContextAccessor;
private readonly IHostingEnvironment _hostingEnvironment;
private readonly IRuntimeSettings _settings;
private readonly ISecuritySettings _securitySettings;
internal BackOfficeServerVariables(
UrlHelper urlHelper,
@@ -51,7 +52,8 @@ namespace Umbraco.Web.Editors
TreeCollection treeCollection,
IHttpContextAccessor httpContextAccessor,
IHostingEnvironment hostingEnvironment,
IRuntimeSettings settings)
IRuntimeSettings settings,
ISecuritySettings securitySettings)
{
_urlHelper = urlHelper;
_runtimeState = runtimeState;
@@ -64,6 +66,7 @@ namespace Umbraco.Web.Editors
_httpContextAccessor = httpContextAccessor;
_hostingEnvironment = hostingEnvironment;
_settings = settings;
_securitySettings = securitySettings;
}
/// <summary>
@@ -360,10 +363,10 @@ namespace Umbraco.Web.Editors
"maxFileSize",
GetMaxRequestLength()
},
{"keepUserLoggedIn", _umbracoSettingsSection.Security.KeepUserLoggedIn},
{"usernameIsEmail", _umbracoSettingsSection.Security.UsernameIsEmail},
{"keepUserLoggedIn", _securitySettings.KeepUserLoggedIn},
{"usernameIsEmail", _securitySettings.UsernameIsEmail},
{"cssPath", _ioHelper.ResolveUrl(globalSettings.UmbracoCssPath).TrimEnd('/')},
{"allowPasswordReset", _umbracoSettingsSection.Security.AllowPasswordReset},
{"allowPasswordReset", _securitySettings.AllowPasswordReset},
{"loginBackgroundImage", _umbracoSettingsSection.Content.LoginBackgroundImage},
{"showUserInvite", EmailSender.CanSendRequiredEmail(globalSettings)},
{"canSendRequiredEmail", EmailSender.CanSendRequiredEmail(globalSettings)},
+5 -2
View File
@@ -37,6 +37,7 @@ namespace Umbraco.Web.Editors
private readonly IHostingEnvironment _hostingEnvironment;
private readonly ICookieManager _cookieManager;
private IRuntimeSettings _runtimeSettings;
private readonly ISecuritySettings _securitySettings;
public PreviewController(
UmbracoFeatures features,
@@ -51,7 +52,8 @@ namespace Umbraco.Web.Editors
IHttpContextAccessor httpContextAccessor,
IHostingEnvironment hostingEnvironment,
ICookieManager cookieManager,
IRuntimeSettings settings)
IRuntimeSettings settings,
ISecuritySettings securitySettings)
{
_features = features;
_globalSettings = globalSettings;
@@ -66,6 +68,7 @@ namespace Umbraco.Web.Editors
_hostingEnvironment = hostingEnvironment;
_cookieManager = cookieManager;
_runtimeSettings = settings;
_securitySettings = securitySettings;
}
[UmbracoAuthorize(redirectToUmbracoLogin: true)]
@@ -74,7 +77,7 @@ namespace Umbraco.Web.Editors
{
var availableLanguages = _localizationService.GetAllLanguages();
var model = new BackOfficePreviewModel(_features, _globalSettings, _umbracoVersion, availableLanguages, _umbracoSettingsSection, _ioHelper, _treeCollection, _httpContextAccessor, _hostingEnvironment, _runtimeSettings);
var model = new BackOfficePreviewModel(_features, _globalSettings, _umbracoVersion, availableLanguages, _umbracoSettingsSection, _ioHelper, _treeCollection, _httpContextAccessor, _hostingEnvironment, _runtimeSettings, _securitySettings);
if (model.PreviewExtendedHeaderView.IsNullOrWhiteSpace() == false)
{
+9 -6
View File
@@ -50,6 +50,7 @@ namespace Umbraco.Web.Editors
private readonly IIOHelper _ioHelper;
private readonly ISqlContext _sqlContext;
private readonly IImageUrlGenerator _imageUrlGenerator;
private readonly ISecuritySettings _securitySettings;
public UsersController(
IGlobalSettings globalSettings,
@@ -65,7 +66,8 @@ namespace Umbraco.Web.Editors
IUmbracoSettingsSection umbracoSettingsSection,
IIOHelper ioHelper,
IImageUrlGenerator imageUrlGenerator,
IPublishedUrlProvider publishedUrlProvider)
IPublishedUrlProvider publishedUrlProvider,
ISecuritySettings securitySettings)
: base(globalSettings, umbracoContextAccessor, sqlContext, services, appCaches, logger, runtimeState, shortStringHelper, umbracoMapper, publishedUrlProvider)
{
_mediaFileSystem = mediaFileSystem;
@@ -73,6 +75,7 @@ namespace Umbraco.Web.Editors
_ioHelper = ioHelper;
_sqlContext = sqlContext;
_imageUrlGenerator = imageUrlGenerator;
_securitySettings = securitySettings;
}
/// <summary>
@@ -230,7 +233,7 @@ namespace Umbraco.Web.Editors
// so to do that here, we'll need to check if this current user is an admin and if not we should exclude all user who are
// also admins
var hideDisabledUsers = _umbracoSettingsSection.Security.HideDisabledUsersInBackoffice;
var hideDisabledUsers = _securitySettings.HideDisabledUsersInBackoffice;
var excludeUserGroups = new string[0];
var isAdmin = Security.CurrentUser.IsAdmin();
if (isAdmin == false)
@@ -288,7 +291,7 @@ namespace Umbraco.Web.Editors
throw new HttpResponseException(Request.CreateErrorResponse(HttpStatusCode.BadRequest, ModelState));
}
if (_umbracoSettingsSection.Security.UsernameIsEmail)
if (_securitySettings.UsernameIsEmail)
{
//ensure they are the same if we're using it
userSave.Username = userSave.Email;
@@ -380,7 +383,7 @@ namespace Umbraco.Web.Editors
}
IUser user;
if (_umbracoSettingsSection.Security.UsernameIsEmail)
if (_securitySettings.UsernameIsEmail)
{
//ensure it's the same
userSave.Username = userSave.Email;
@@ -454,7 +457,7 @@ namespace Umbraco.Web.Editors
if (user != null && (extraCheck == null || extraCheck(user)))
{
ModelState.AddModelError(
_umbracoSettingsSection.Security.UsernameIsEmail ? "Email" : "Username",
_securitySettings.UsernameIsEmail ? "Email" : "Username",
"A user with the username already exists");
throw new HttpResponseException(Request.CreateErrorResponse(HttpStatusCode.BadRequest, ModelState));
}
@@ -574,7 +577,7 @@ namespace Umbraco.Web.Editors
// if the found user has their email for username, we want to keep this synced when changing the email.
// we have already cross-checked above that the email isn't colliding with anything, so we can safely assign it here.
if (_umbracoSettingsSection.Security.UsernameIsEmail && found.Username == found.Email && userSave.Username != userSave.Email)
if (_securitySettings.UsernameIsEmail && found.Username == found.Email && userSave.Username != userSave.Email)
{
userSave.Username = userSave.Email;
}
@@ -40,9 +40,9 @@ namespace Umbraco.Web
/// These are the bare minimal server variables that are required for the application to start without being authenticated,
/// we will load the rest of the server vars after the user is authenticated.
/// </remarks>
public static IHtmlString BareMinimumServerVariablesScript(this HtmlHelper html, UrlHelper uri, string externalLoginsUrl, UmbracoFeatures features, IGlobalSettings globalSettings, IUmbracoVersion umbracoVersion, IUmbracoSettingsSection umbracoSettingsSection, IIOHelper ioHelper, TreeCollection treeCollection, IHttpContextAccessor httpContextAccessor, IHostingEnvironment hostingEnvironment, IRuntimeSettings settings)
public static IHtmlString BareMinimumServerVariablesScript(this HtmlHelper html, UrlHelper uri, string externalLoginsUrl, UmbracoFeatures features, IGlobalSettings globalSettings, IUmbracoVersion umbracoVersion, IUmbracoSettingsSection umbracoSettingsSection, IIOHelper ioHelper, TreeCollection treeCollection, IHttpContextAccessor httpContextAccessor, IHostingEnvironment hostingEnvironment, IRuntimeSettings settings, ISecuritySettings securitySettings)
{
var serverVars = new BackOfficeServerVariables(uri, Current.RuntimeState, features, globalSettings, umbracoVersion, umbracoSettingsSection, ioHelper, treeCollection, httpContextAccessor, hostingEnvironment, settings);
var serverVars = new BackOfficeServerVariables(uri, Current.RuntimeState, features, globalSettings, umbracoVersion, umbracoSettingsSection, ioHelper, treeCollection, httpContextAccessor, hostingEnvironment, settings, securitySettings);
var minVars = serverVars.BareMinimumServerVariables();
var str = @"<script type=""text/javascript"">
@@ -32,18 +32,18 @@ namespace Umbraco.Web.Install.InstallSteps
private static HttpClient _httpClient;
private readonly IGlobalSettings _globalSettings;
private readonly IUserPasswordConfiguration _passwordConfiguration;
private readonly IUmbracoSettingsSection _umbracoSettingsSection;
private readonly ISecuritySettings _securitySettings;
private readonly IConnectionStrings _connectionStrings;
private readonly ICookieManager _cookieManager;
public NewInstallStep(IHttpContextAccessor httpContextAccessor, IUserService userService, DatabaseBuilder databaseBuilder, IGlobalSettings globalSettings, IUserPasswordConfiguration passwordConfiguration, IUmbracoSettingsSection umbracoSettingsSection, IConnectionStrings connectionStrings, ICookieManager cookieManager)
public NewInstallStep(IHttpContextAccessor httpContextAccessor, IUserService userService, DatabaseBuilder databaseBuilder, IGlobalSettings globalSettings, IUserPasswordConfiguration passwordConfiguration, ISecuritySettings securitySettings, IConnectionStrings connectionStrings, ICookieManager cookieManager)
{
_httpContextAccessor = httpContextAccessor ?? throw new ArgumentNullException(nameof(httpContextAccessor));
_userService = userService ?? throw new ArgumentNullException(nameof(userService));
_databaseBuilder = databaseBuilder ?? throw new ArgumentNullException(nameof(databaseBuilder));
_globalSettings = globalSettings ?? throw new ArgumentNullException(nameof(globalSettings));
_passwordConfiguration = passwordConfiguration ?? throw new ArgumentNullException(nameof(passwordConfiguration));
_umbracoSettingsSection = umbracoSettingsSection ?? throw new ArgumentNullException(nameof(umbracoSettingsSection));
_securitySettings = securitySettings ?? throw new ArgumentNullException(nameof(securitySettings));
_connectionStrings = connectionStrings ?? throw new ArgumentNullException(nameof(connectionStrings));
_cookieManager = cookieManager;
}
@@ -136,7 +136,7 @@ namespace Umbraco.Web.Install.InstallSteps
// In this one case when it's a brand new install and nothing has been configured, make sure the
// back office cookie is cleared so there's no old cookies lying around causing problems
_cookieManager.ExpireCookie(_umbracoSettingsSection.Security.AuthCookieName);
_cookieManager.ExpireCookie(_securitySettings.AuthCookieName);
return true;
}
@@ -142,7 +142,7 @@ namespace Umbraco.Web.Security
/// <param name="runtimeState"></param>
/// <param name="userService"></param>
/// <param name="globalSettings"></param>
/// <param name="securitySection"></param>
/// <param name="securitySettings"></param>
/// <returns></returns>
/// <remarks>
/// By default this will be configured to execute on PipelineStage.Authenticate
@@ -152,12 +152,12 @@ namespace Umbraco.Web.Security
IRuntimeState runtimeState,
IUserService userService,
IGlobalSettings globalSettings,
ISecuritySection securitySection,
ISecuritySettings securitySettings,
IIOHelper ioHelper,
IRequestCache requestCache,
IUmbracoSettingsSection umbracoSettingsSection)
{
return app.UseUmbracoBackOfficeCookieAuthentication(umbracoContextAccessor, runtimeState, userService, globalSettings, securitySection, ioHelper, requestCache, PipelineStage.Authenticate, umbracoSettingsSection);
return app.UseUmbracoBackOfficeCookieAuthentication(umbracoContextAccessor, runtimeState, userService, globalSettings, securitySettings, ioHelper, requestCache, PipelineStage.Authenticate);
}
/// <summary>
@@ -168,7 +168,7 @@ namespace Umbraco.Web.Security
/// <param name="runtimeState"></param>
/// <param name="userService"></param>
/// <param name="globalSettings"></param>
/// <param name="securitySection"></param>
/// <param name="securitySettings"></param>
/// <param name="ioHelper"></param>
/// <param name="stage">
/// Configurable pipeline stage
@@ -179,16 +179,15 @@ namespace Umbraco.Web.Security
IRuntimeState runtimeState,
IUserService userService,
IGlobalSettings globalSettings,
ISecuritySection securitySection,
ISecuritySettings securitySettings,
IIOHelper ioHelper,
IRequestCache requestCache,
PipelineStage stage,
IUmbracoSettingsSection umbracoSettingsSection)
PipelineStage stage)
{
//Create the default options and provider
var authOptions = app.CreateUmbracoCookieAuthOptions(umbracoContextAccessor, globalSettings, runtimeState, securitySection, ioHelper, requestCache);
var authOptions = app.CreateUmbracoCookieAuthOptions(umbracoContextAccessor, globalSettings, runtimeState, securitySettings, ioHelper, requestCache);
authOptions.Provider = new BackOfficeCookieAuthenticationProvider(userService, runtimeState, globalSettings, ioHelper, umbracoSettingsSection)
authOptions.Provider = new BackOfficeCookieAuthenticationProvider(userService, runtimeState, globalSettings, ioHelper, securitySettings)
{
// Enables the application to validate the security stamp when the user
// logs in. This is a security feature which is used when you
@@ -201,7 +200,7 @@ namespace Umbraco.Web.Security
};
return app.UseUmbracoBackOfficeCookieAuthentication(umbracoContextAccessor, runtimeState, globalSettings, securitySection, ioHelper, requestCache, authOptions, stage);
return app.UseUmbracoBackOfficeCookieAuthentication(umbracoContextAccessor, runtimeState, globalSettings, securitySettings, ioHelper, requestCache, authOptions, stage);
}
/// <summary>
@@ -211,7 +210,7 @@ namespace Umbraco.Web.Security
/// <param name="umbracoContextAccessor"></param>
/// <param name="runtimeState"></param>
/// <param name="globalSettings"></param>
/// <param name="securitySection"></param>
/// <param name="securitySettings"></param>
/// <param name="ioHelper"></param>
/// <param name="cookieOptions">Custom auth cookie options can be specified to have more control over the cookie authentication logic</param>
/// <param name="stage">
@@ -219,7 +218,7 @@ namespace Umbraco.Web.Security
/// </param>
/// <returns></returns>
public static IAppBuilder UseUmbracoBackOfficeCookieAuthentication(this IAppBuilder app, IUmbracoContextAccessor umbracoContextAccessor, IRuntimeState runtimeState, IGlobalSettings globalSettings,
ISecuritySection securitySection, IIOHelper ioHelper, IRequestCache requestCache, CookieAuthenticationOptions cookieOptions, PipelineStage stage)
ISecuritySettings securitySettings, IIOHelper ioHelper, IRequestCache requestCache, CookieAuthenticationOptions cookieOptions, PipelineStage stage)
{
if (app == null) throw new ArgumentNullException(nameof(app));
if (runtimeState == null) throw new ArgumentNullException(nameof(runtimeState));
@@ -235,7 +234,7 @@ namespace Umbraco.Web.Security
if (runtimeState.Level != RuntimeLevel.Upgrade && runtimeState.Level != RuntimeLevel.Run) return app;
var cookieAuthOptions = app.CreateUmbracoCookieAuthOptions(
umbracoContextAccessor, globalSettings, runtimeState, securitySection,
umbracoContextAccessor, globalSettings, runtimeState, securitySettings,
//This defines the explicit path read cookies from for this middleware
ioHelper, requestCache, new[] {$"{globalSettings.Path}/backoffice/UmbracoApi/Authentication/GetRemainingTimeoutSeconds"});
cookieAuthOptions.Provider = cookieOptions.Provider;
@@ -244,7 +243,7 @@ namespace Umbraco.Web.Security
app.Use<GetUserSecondsMiddleWare>(
cookieAuthOptions,
Current.Configs.Global(),
Current.Configs.Settings().Security,
Current.Configs.Security(),
app.CreateLogger<GetUserSecondsMiddleWare>());
//This is required so that we can read the auth ticket format outside of this pipeline
@@ -350,7 +349,7 @@ namespace Umbraco.Web.Security
CookiePath = "/",
CookieSecure = globalSettings.UseHttps ? CookieSecureOption.Always : CookieSecureOption.SameAsRequest,
CookieHttpOnly = true,
CookieDomain = Current.Configs.Settings().Security.AuthCookieDomain
CookieDomain = Current.Configs.Security().AuthCookieDomain
}, stage);
return app;
@@ -373,7 +372,7 @@ namespace Umbraco.Web.Security
/// <remarks>
/// By default this will be configured to execute on PipelineStage.PostAuthenticate
/// </remarks>
public static IAppBuilder UseUmbracoPreviewAuthentication(this IAppBuilder app, IUmbracoContextAccessor umbracoContextAccessor, IRuntimeState runtimeState, IGlobalSettings globalSettings, ISecuritySection securitySettings, IIOHelper ioHelper, IRequestCache requestCache)
public static IAppBuilder UseUmbracoPreviewAuthentication(this IAppBuilder app, IUmbracoContextAccessor umbracoContextAccessor, IRuntimeState runtimeState, IGlobalSettings globalSettings, ISecuritySettings securitySettings, IIOHelper ioHelper, IRequestCache requestCache)
{
return app.UseUmbracoPreviewAuthentication(umbracoContextAccessor, runtimeState, globalSettings, securitySettings, ioHelper, requestCache, PipelineStage.PostAuthenticate);
}
@@ -393,7 +392,7 @@ namespace Umbraco.Web.Security
/// This ensures that during a preview request that the back office use is also Authenticated and that the back office Identity
/// is added as a secondary identity to the current IPrincipal so it can be used to Authorize the previewed document.
/// </remarks>
public static IAppBuilder UseUmbracoPreviewAuthentication(this IAppBuilder app, IUmbracoContextAccessor umbracoContextAccessor, IRuntimeState runtimeState, IGlobalSettings globalSettings, ISecuritySection securitySettings, IIOHelper ioHelper, IRequestCache requestCache, PipelineStage stage)
public static IAppBuilder UseUmbracoPreviewAuthentication(this IAppBuilder app, IUmbracoContextAccessor umbracoContextAccessor, IRuntimeState runtimeState, IGlobalSettings globalSettings, ISecuritySettings securitySettings, IIOHelper ioHelper, IRequestCache requestCache, PipelineStage stage)
{
if (runtimeState.Level != RuntimeLevel.Run) return app;
@@ -428,7 +427,7 @@ namespace Umbraco.Web.Security
/// <returns></returns>
public static UmbracoBackOfficeCookieAuthOptions CreateUmbracoCookieAuthOptions(this IAppBuilder app,
IUmbracoContextAccessor umbracoContextAccessor,
IGlobalSettings globalSettings, IRuntimeState runtimeState, ISecuritySection securitySettings, IIOHelper ioHelper, IRequestCache requestCache, string[] explicitPaths = null)
IGlobalSettings globalSettings, IRuntimeState runtimeState, ISecuritySettings securitySettings, IIOHelper ioHelper, IRequestCache requestCache, string[] explicitPaths = null)
{
//this is how aspnet wires up the default AuthenticationTicket protector so we'll use the same code
var ticketDataFormat = new TicketDataFormat(
@@ -144,7 +144,7 @@ namespace Umbraco.Web.Security
public static void UmbracoLogout(this HttpContextBase http)
{
if (http == null) throw new ArgumentNullException("http");
Logout(http, Current.Configs.Settings().Security.AuthCookieName);
Logout(http, Current.Configs.Security().AuthCookieName);
}
/// <summary>
@@ -202,7 +202,7 @@ namespace Umbraco.Web.Security
public static AuthenticationTicket GetUmbracoAuthTicket(this HttpContextBase http)
{
if (http == null) throw new ArgumentNullException(nameof(http));
return GetAuthTicket(http, Current.Configs.Settings().Security.AuthCookieName);
return GetAuthTicket(http, Current.Configs.Security().AuthCookieName);
}
internal static AuthenticationTicket GetUmbracoAuthTicket(this HttpContext http)
@@ -214,7 +214,7 @@ namespace Umbraco.Web.Security
public static AuthenticationTicket GetUmbracoAuthTicket(this IOwinContext ctx)
{
if (ctx == null) throw new ArgumentNullException(nameof(ctx));
return GetAuthTicket(ctx, Current.Configs.Settings().Security.AuthCookieName);
return GetAuthTicket(ctx, Current.Configs.Security().AuthCookieName);
}
/// <summary>
@@ -20,15 +20,15 @@ namespace Umbraco.Web.Security
private readonly IRuntimeState _runtimeState;
private readonly IGlobalSettings _globalSettings;
private readonly IIOHelper _ioHelper;
private readonly IUmbracoSettingsSection _umbracoSettingsSection;
private readonly ISecuritySettings _securitySettings;
public BackOfficeCookieAuthenticationProvider(IUserService userService, IRuntimeState runtimeState, IGlobalSettings globalSettings, IIOHelper ioHelper, IUmbracoSettingsSection umbracoSettingsSection)
public BackOfficeCookieAuthenticationProvider(IUserService userService, IRuntimeState runtimeState, IGlobalSettings globalSettings, IIOHelper ioHelper, ISecuritySettings securitySettings)
{
_userService = userService;
_runtimeState = runtimeState;
_globalSettings = globalSettings;
_ioHelper = ioHelper;
_umbracoSettingsSection = umbracoSettingsSection;
_securitySettings = securitySettings;
}
public override void ResponseSignIn(CookieResponseSignInContext context)
@@ -72,7 +72,7 @@ namespace Umbraco.Web.Security
Expires = DateTime.Now.AddYears(-1),
Path = "/"
});
context.Response.Cookies.Append(_umbracoSettingsSection.Security.AuthCookieName, "", new CookieOptions
context.Response.Cookies.Append(_securitySettings.AuthCookieName, "", new CookieOptions
{
Expires = DateTime.Now.AddYears(-1),
Path = "/"
@@ -24,14 +24,14 @@ namespace Umbraco.Web.Security
{
private readonly UmbracoBackOfficeCookieAuthOptions _authOptions;
private readonly IGlobalSettings _globalSettings;
private readonly ISecuritySection _security;
private readonly ISecuritySettings _security;
private readonly ILogger _logger;
public GetUserSecondsMiddleWare(
OwinMiddleware next,
UmbracoBackOfficeCookieAuthOptions authOptions,
IGlobalSettings globalSettings,
ISecuritySection security,
ISecuritySettings security,
ILogger logger)
: base(next)
{
@@ -20,7 +20,7 @@ namespace Umbraco.Web.Security
public UmbracoBackOfficeCookieAuthOptions(
string[] explicitPaths,
IUmbracoContextAccessor umbracoContextAccessor,
ISecuritySection securitySection,
ISecuritySettings securitySettings,
IGlobalSettings globalSettings,
IRuntimeState runtimeState,
ISecureDataFormat<AuthenticationTicket> secureDataFormat,
@@ -33,8 +33,8 @@ namespace Umbraco.Web.Security
SlidingExpiration = true;
ExpireTimeSpan = TimeSpan.FromMinutes(LoginTimeoutMinutes);
CookieDomain = securitySection.AuthCookieDomain;
CookieName = securitySection.AuthCookieName;
CookieDomain = securitySettings.AuthCookieDomain;
CookieName = securitySettings.AuthCookieName;
CookieHttpOnly = true;
CookieSecure = globalSettings.UseHttps ? CookieSecureOption.Always : CookieSecureOption.SameAsRequest;
CookiePath = "/";
+3 -2
View File
@@ -29,6 +29,7 @@ namespace Umbraco.Web
protected IUmbracoContextAccessor UmbracoContextAccessor => Current.UmbracoContextAccessor;
protected IGlobalSettings GlobalSettings => Current.Configs.Global();
protected IUmbracoSettingsSection UmbracoSettings => Current.Configs.Settings();
protected ISecuritySettings SecuritySettings => Current.Configs.Security();
protected IUserPasswordConfiguration UserPasswordConfig => Current.Configs.UserPasswordConfiguration();
protected IRuntimeState RuntimeState => Current.RuntimeState;
protected ServiceContext Services => Current.Services;
@@ -104,9 +105,9 @@ namespace Umbraco.Web
// Ensure owin is configured for Umbraco back office authentication.
// Front-end OWIN cookie configuration must be declared after this code.
app
.UseUmbracoBackOfficeCookieAuthentication(UmbracoContextAccessor, RuntimeState, Services.UserService, GlobalSettings, UmbracoSettings.Security, IOHelper, RequestCache, PipelineStage.Authenticate, UmbracoSettings)
.UseUmbracoBackOfficeCookieAuthentication(UmbracoContextAccessor, RuntimeState, Services.UserService, GlobalSettings, SecuritySettings, IOHelper, RequestCache, PipelineStage.Authenticate)
.UseUmbracoBackOfficeExternalCookieAuthentication(UmbracoContextAccessor, RuntimeState, GlobalSettings, IOHelper, RequestCache, PipelineStage.Authenticate)
.UseUmbracoPreviewAuthentication(UmbracoContextAccessor, RuntimeState, GlobalSettings, UmbracoSettings.Security, IOHelper, RequestCache, PipelineStage.Authorize);
.UseUmbracoPreviewAuthentication(UmbracoContextAccessor, RuntimeState, GlobalSettings, SecuritySettings, IOHelper, RequestCache, PipelineStage.Authorize);
}
public static event EventHandler<OwinMiddlewareConfiguredEventArgs> MiddlewareConfigured;