From 0ed9d1bd91d96b44db419bfcf10483bb5b13fc3b Mon Sep 17 00:00:00 2001
From: Shannon <sdeminick@gmail.com>
Date: Thu, 28 May 2020 23:24:32 +1000
Subject: [PATCH] renames to LegacyPasswordSecurity

---
 ...sswordSecurity.cs => LegacyPasswordSecurity.cs} |  9 +++------
 .../Umbraco.Core/Security/PasswordSecurityTests.cs | 14 +++++++-------
 ...UmbracoBackOfficeServiceCollectionExtensions.cs |  2 +-
 .../Security/BackOfficePasswordHasher.cs           |  4 ++--
 src/Umbraco.Web/Editors/MemberController.cs        |  4 ++--
 .../Security/BackOfficeOwinUserManager.cs          |  2 +-
 .../Providers/MembersMembershipProvider.cs         |  6 +++---
 .../Security/UmbracoMembershipProviderBase.cs      |  2 +-
 .../Security/UserAwarePasswordHasher.cs            |  4 ++--
 9 files changed, 22 insertions(+), 25 deletions(-)
 rename src/Umbraco.Core/Security/{PasswordSecurity.cs => LegacyPasswordSecurity.cs} (95%)

diff --git a/src/Umbraco.Core/Security/PasswordSecurity.cs b/src/Umbraco.Core/Security/LegacyPasswordSecurity.cs
similarity index 95%
rename from src/Umbraco.Core/Security/PasswordSecurity.cs
rename to src/Umbraco.Core/Security/LegacyPasswordSecurity.cs
index 353f2afb0d..9b14c3ccba 100644
--- a/src/Umbraco.Core/Security/PasswordSecurity.cs
+++ b/src/Umbraco.Core/Security/LegacyPasswordSecurity.cs
@@ -7,13 +7,10 @@ namespace Umbraco.Core.Security
 {
 
     /// <summary>
-    /// Handles password hashing and formatting
+    /// Handles password hashing and formatting for legacy hashing algorithms
     /// </summary>
-    public class PasswordSecurity
+    public class LegacyPasswordSecurity
     {
-        // TODO: This class could/should be renamed since it's really purely about legacy hashing, we want to use the new hashing available
-        // to us but this is here for compatibility purposes.
-
         // TODO: This class no longer has the logic available to verify the old old old password format, we should
         // include this ability so that upgrades for very old versions/data can work and then auto-migrate to the new password format.
 
@@ -24,7 +21,7 @@ namespace Umbraco.Core.Security
         /// Constructor
         /// </summary>
         /// <param name="passwordConfiguration"></param>
-        public PasswordSecurity(IPasswordConfiguration passwordConfiguration)
+        public LegacyPasswordSecurity(IPasswordConfiguration passwordConfiguration)
         {
             _passwordConfiguration = passwordConfiguration;
             _generator = new PasswordGenerator(passwordConfiguration);
diff --git a/src/Umbraco.Tests.UnitTests/Umbraco.Core/Security/PasswordSecurityTests.cs b/src/Umbraco.Tests.UnitTests/Umbraco.Core/Security/PasswordSecurityTests.cs
index daf1f8e8e0..0ef6063910 100644
--- a/src/Umbraco.Tests.UnitTests/Umbraco.Core/Security/PasswordSecurityTests.cs
+++ b/src/Umbraco.Tests.UnitTests/Umbraco.Core/Security/PasswordSecurityTests.cs
@@ -14,7 +14,7 @@ namespace Umbraco.Tests.UnitTests.Umbraco.Core.Security
         [Test]
         public void Check_Password_Hashed_Non_KeyedHashAlgorithm()
         {
-            var passwordSecurity = new PasswordSecurity(Mock.Of<IPasswordConfiguration>(x => x.HashAlgorithmType == "SHA256"));
+            var passwordSecurity = new LegacyPasswordSecurity(Mock.Of<IPasswordConfiguration>(x => x.HashAlgorithmType == "SHA256"));
 
             string salt;
             var pass = "ThisIsAHashedPassword";
@@ -29,7 +29,7 @@ namespace Umbraco.Tests.UnitTests.Umbraco.Core.Security
         [Test]
         public void Check_Password_Hashed_KeyedHashAlgorithm()
         {
-            var passwordSecurity = new PasswordSecurity(Mock.Of<IPasswordConfiguration>(x => x.HashAlgorithmType == Constants.Security.AspNetUmbraco8PasswordHashAlgorithmName));
+            var passwordSecurity = new LegacyPasswordSecurity(Mock.Of<IPasswordConfiguration>(x => x.HashAlgorithmType == Constants.Security.AspNetUmbraco8PasswordHashAlgorithmName));
 
             string salt;
             var pass = "ThisIsAHashedPassword";
@@ -44,9 +44,9 @@ namespace Umbraco.Tests.UnitTests.Umbraco.Core.Security
         [Test]
         public void Format_Pass_For_Storage_Hashed()
         {
-            var passwordSecurity = new PasswordSecurity(Mock.Of<IPasswordConfiguration>(x => x.HashAlgorithmType == Constants.Security.AspNetUmbraco8PasswordHashAlgorithmName));
+            var passwordSecurity = new LegacyPasswordSecurity(Mock.Of<IPasswordConfiguration>(x => x.HashAlgorithmType == Constants.Security.AspNetUmbraco8PasswordHashAlgorithmName));
 
-            var salt = PasswordSecurity.GenerateSalt();
+            var salt = LegacyPasswordSecurity.GenerateSalt();
             var stored = "ThisIsAHashedPassword";
 
             var result = passwordSecurity.FormatPasswordForStorage(stored, salt);
@@ -57,9 +57,9 @@ namespace Umbraco.Tests.UnitTests.Umbraco.Core.Security
         [Test]
         public void Get_Stored_Password_Hashed()
         {
-            var passwordSecurity = new PasswordSecurity(Mock.Of<IPasswordConfiguration>(x => x.HashAlgorithmType == Constants.Security.AspNetUmbraco8PasswordHashAlgorithmName));
+            var passwordSecurity = new LegacyPasswordSecurity(Mock.Of<IPasswordConfiguration>(x => x.HashAlgorithmType == Constants.Security.AspNetUmbraco8PasswordHashAlgorithmName));
 
-            var salt = PasswordSecurity.GenerateSalt();
+            var salt = LegacyPasswordSecurity.GenerateSalt();
             var stored = salt + "ThisIsAHashedPassword";
 
             string initSalt;
@@ -77,7 +77,7 @@ namespace Umbraco.Tests.UnitTests.Umbraco.Core.Security
             var lastLength = 0;
             for (var i = 0; i < 10000; i++)
             {
-                var result = PasswordSecurity.GenerateSalt();
+                var result = LegacyPasswordSecurity.GenerateSalt();
 
                 if (i > 0)
                     Assert.AreEqual(lastLength, result.Length);
diff --git a/src/Umbraco.Web.BackOffice/Extensions/UmbracoBackOfficeServiceCollectionExtensions.cs b/src/Umbraco.Web.BackOffice/Extensions/UmbracoBackOfficeServiceCollectionExtensions.cs
index 979d059f2c..a0704da14c 100644
--- a/src/Umbraco.Web.BackOffice/Extensions/UmbracoBackOfficeServiceCollectionExtensions.cs
+++ b/src/Umbraco.Web.BackOffice/Extensions/UmbracoBackOfficeServiceCollectionExtensions.cs
@@ -65,7 +65,7 @@ namespace Umbraco.Extensions
             services.TryAddScoped<IPasswordValidator<BackOfficeIdentityUser>, PasswordValidator<BackOfficeIdentityUser>>();
             services.TryAddScoped<IPasswordHasher<BackOfficeIdentityUser>>(
                 services => new BackOfficePasswordHasher(
-                    new PasswordSecurity(services.GetRequiredService<IUserPasswordConfiguration>()),
+                    new LegacyPasswordSecurity(services.GetRequiredService<IUserPasswordConfiguration>()),
                     services.GetRequiredService<IJsonSerializer>()));
             services.TryAddScoped<IUserConfirmation<BackOfficeIdentityUser>, DefaultUserConfirmation<BackOfficeIdentityUser>>();
             services.TryAddScoped<IUserClaimsPrincipalFactory<BackOfficeIdentityUser>, UserClaimsPrincipalFactory<BackOfficeIdentityUser>>();
diff --git a/src/Umbraco.Web.BackOffice/Security/BackOfficePasswordHasher.cs b/src/Umbraco.Web.BackOffice/Security/BackOfficePasswordHasher.cs
index dc3f7b75ee..df3bc2935b 100644
--- a/src/Umbraco.Web.BackOffice/Security/BackOfficePasswordHasher.cs
+++ b/src/Umbraco.Web.BackOffice/Security/BackOfficePasswordHasher.cs
@@ -13,10 +13,10 @@ namespace Umbraco.Web.BackOffice.Security
     /// </summary>
     public class BackOfficePasswordHasher : PasswordHasher<BackOfficeIdentityUser>
     {
-        private readonly PasswordSecurity _passwordSecurity;
+        private readonly LegacyPasswordSecurity _passwordSecurity;
         private readonly IJsonSerializer _jsonSerializer;
 
-        public BackOfficePasswordHasher(PasswordSecurity passwordSecurity, IJsonSerializer jsonSerializer)
+        public BackOfficePasswordHasher(LegacyPasswordSecurity passwordSecurity, IJsonSerializer jsonSerializer)
         {
             _passwordSecurity = passwordSecurity;
             _jsonSerializer = jsonSerializer;
diff --git a/src/Umbraco.Web/Editors/MemberController.cs b/src/Umbraco.Web/Editors/MemberController.cs
index 15f031c3a6..cf96b0ade6 100644
--- a/src/Umbraco.Web/Editors/MemberController.cs
+++ b/src/Umbraco.Web/Editors/MemberController.cs
@@ -63,13 +63,13 @@ namespace Umbraco.Web.Editors
         {
             _passwordConfig = passwordConfig ?? throw new ArgumentNullException(nameof(passwordConfig));
             _propertyEditors = propertyEditors ?? throw new ArgumentNullException(nameof(propertyEditors));
-            _passwordSecurity = new PasswordSecurity(_passwordConfig);
+            _passwordSecurity = new LegacyPasswordSecurity(_passwordConfig);
             _passwordValidator = new ConfiguredPasswordValidator();
         }
 
         private readonly IMemberPasswordConfiguration _passwordConfig;
         private readonly PropertyEditorCollection _propertyEditors;
-        private readonly PasswordSecurity _passwordSecurity;
+        private readonly LegacyPasswordSecurity _passwordSecurity;
         private readonly IPasswordValidator _passwordValidator;
 
         public PagedResult<MemberBasic> GetPagedResults(
diff --git a/src/Umbraco.Web/Security/BackOfficeOwinUserManager.cs b/src/Umbraco.Web/Security/BackOfficeOwinUserManager.cs
index 9d86a235e0..c38c2a0ff9 100644
--- a/src/Umbraco.Web/Security/BackOfficeOwinUserManager.cs
+++ b/src/Umbraco.Web/Security/BackOfficeOwinUserManager.cs
@@ -119,7 +119,7 @@ namespace Umbraco.Web.Security
 
         protected override IPasswordHasher<BackOfficeIdentityUser> GetDefaultPasswordHasher(IPasswordConfiguration passwordConfiguration)
         {
-            return new UserAwarePasswordHasher<BackOfficeIdentityUser>(new PasswordSecurity(passwordConfiguration));
+            return new UserAwarePasswordHasher<BackOfficeIdentityUser>(new LegacyPasswordSecurity(passwordConfiguration));
         }
 
         protected void InitUserManager(BackOfficeOwinUserManager manager, IDataProtectionProvider dataProtectionProvider)
diff --git a/src/Umbraco.Web/Security/Providers/MembersMembershipProvider.cs b/src/Umbraco.Web/Security/Providers/MembersMembershipProvider.cs
index d393078cc6..10adc76e6b 100644
--- a/src/Umbraco.Web/Security/Providers/MembersMembershipProvider.cs
+++ b/src/Umbraco.Web/Security/Providers/MembersMembershipProvider.cs
@@ -80,7 +80,7 @@ namespace Umbraco.Web.Security.Providers
                     CustomHashAlgorithmType.IsNullOrWhiteSpace() ? Membership.HashAlgorithmType : CustomHashAlgorithmType,
                     MaxInvalidPasswordAttempts));
 
-            _passwordSecurity = new Lazy<PasswordSecurity>(() => new PasswordSecurity(PasswordConfiguration));
+            _passwordSecurity = new Lazy<LegacyPasswordSecurity>(() => new LegacyPasswordSecurity(PasswordConfiguration));
 
         }
 
@@ -114,10 +114,10 @@ namespace Umbraco.Web.Security.Providers
             }
         }
 
-        private Lazy<PasswordSecurity> _passwordSecurity;
+        private Lazy<LegacyPasswordSecurity> _passwordSecurity;
         private Lazy<IPasswordConfiguration> _passwordConfig;
 
-        public override PasswordSecurity PasswordSecurity => _passwordSecurity.Value;
+        public override LegacyPasswordSecurity PasswordSecurity => _passwordSecurity.Value;
         public IPasswordConfiguration PasswordConfiguration => _passwordConfig.Value;
 
         private class MembershipProviderPasswordConfiguration : IPasswordConfiguration
diff --git a/src/Umbraco.Web/Security/UmbracoMembershipProviderBase.cs b/src/Umbraco.Web/Security/UmbracoMembershipProviderBase.cs
index ef61bc40e9..d031a9f915 100644
--- a/src/Umbraco.Web/Security/UmbracoMembershipProviderBase.cs
+++ b/src/Umbraco.Web/Security/UmbracoMembershipProviderBase.cs
@@ -14,7 +14,7 @@ namespace Umbraco.Web.Security
         {
         }
 
-        public abstract PasswordSecurity PasswordSecurity { get; }
+        public abstract LegacyPasswordSecurity PasswordSecurity { get; }
         public abstract string DefaultMemberTypeAlias { get; }
 
         /// <summary>
diff --git a/src/Umbraco.Web/Security/UserAwarePasswordHasher.cs b/src/Umbraco.Web/Security/UserAwarePasswordHasher.cs
index b1d88348d0..040d79be02 100644
--- a/src/Umbraco.Web/Security/UserAwarePasswordHasher.cs
+++ b/src/Umbraco.Web/Security/UserAwarePasswordHasher.cs
@@ -7,9 +7,9 @@ namespace Umbraco.Web.Security
     public class UserAwarePasswordHasher<T> : IPasswordHasher<T>
         where T : BackOfficeIdentityUser
     {
-        private readonly PasswordSecurity _passwordSecurity;
+        private readonly LegacyPasswordSecurity _passwordSecurity;
 
-        public UserAwarePasswordHasher(PasswordSecurity passwordSecurity)
+        public UserAwarePasswordHasher(LegacyPasswordSecurity passwordSecurity)
         {
             _passwordSecurity = passwordSecurity;
         }