From 1862bf033f3b3d9273f9600bd1a6d116a6712044 Mon Sep 17 00:00:00 2001 From: Scott Brady Date: Tue, 28 Apr 2020 12:20:04 +0100 Subject: [PATCH] Normalized int to string conversion --- .../Editors/AuthenticationController.cs | 6 ++-- .../Security/BackOfficeSignInManager.cs | 35 ++++--------------- .../Security/BackOfficeUserManager.cs | 5 +-- .../Security/BackOfficeUserStore.cs | 17 ++------- 4 files changed, 14 insertions(+), 49 deletions(-) diff --git a/src/Umbraco.Web/Editors/AuthenticationController.cs b/src/Umbraco.Web/Editors/AuthenticationController.cs index 44f41a0114..a0143548fc 100644 --- a/src/Umbraco.Web/Editors/AuthenticationController.cs +++ b/src/Umbraco.Web/Editors/AuthenticationController.cs @@ -349,13 +349,13 @@ namespace Umbraco.Web.Editors public async Task> Get2FAProviders() { var userId = await SignInManager.GetVerifiedUserIdAsync(); - if (userId == int.MinValue) + if (string.IsNullOrWhiteSpace(userId)) { Logger.Warn("Get2FAProviders :: No verified user found, returning 404"); throw new HttpResponseException(HttpStatusCode.NotFound); } - var user = await UserManager.FindByIdAsync(userId.ToString()); + var user = await UserManager.FindByIdAsync(userId); var userFactors = await UserManager.GetValidTwoFactorProvidersAsync(user); return userFactors; @@ -368,7 +368,7 @@ namespace Umbraco.Web.Editors throw new HttpResponseException(HttpStatusCode.NotFound); var userId = await SignInManager.GetVerifiedUserIdAsync(); - if (userId == int.MinValue) + if (string.IsNullOrWhiteSpace(userId)) { Logger.Warn("Get2FAProviders :: No verified user found, returning 404"); throw new HttpResponseException(HttpStatusCode.NotFound); diff --git a/src/Umbraco.Web/Security/BackOfficeSignInManager.cs b/src/Umbraco.Web/Security/BackOfficeSignInManager.cs index bb408479c5..bbb4328fc3 100644 --- a/src/Umbraco.Web/Security/BackOfficeSignInManager.cs +++ b/src/Umbraco.Web/Security/BackOfficeSignInManager.cs @@ -1,6 +1,5 @@ using System; using System.Diagnostics; -using System.Globalization; using System.Security.Claims; using System.Threading.Tasks; using Microsoft.AspNetCore.Identity; @@ -219,7 +218,7 @@ namespace Umbraco.Web.Security if (rememberBrowser) { - var rememberBrowserIdentity = _authenticationManager.CreateTwoFactorRememberBrowserIdentity(ConvertIdToString(user.Id)); + var rememberBrowserIdentity = _authenticationManager.CreateTwoFactorRememberBrowserIdentity(user.Id.ToString()); _authenticationManager.SignIn(new AuthenticationProperties() { IsPersistent = isPersistent, @@ -263,14 +262,14 @@ namespace Umbraco.Web.Security /// /// Replaces the underlying call which is not flexible and doesn't support a custom cookie /// - public async Task GetVerifiedUserIdAsync() + public async Task GetVerifiedUserIdAsync() { var result = await _authenticationManager.AuthenticateAsync(Constants.Security.BackOfficeTwoFactorAuthenticationType); if (result != null && result.Identity != null && string.IsNullOrEmpty(result.Identity.GetUserId()) == false) { - return ConvertIdFromString(result.Identity.GetUserId()); + return result.Identity.GetUserId(); } - return int.MinValue; + return null; } /// @@ -304,11 +303,11 @@ namespace Umbraco.Web.Security public async Task TwoFactorSignInAsync(string provider, string code, bool isPersistent, bool rememberBrowser) { var userId = await GetVerifiedUserIdAsync(); - if (userId == int.MinValue) + if (string.IsNullOrWhiteSpace(userId)) { return SignInResult.Failed; } - var user = await _userManager.FindByIdAsync(ConvertIdToString(userId)); + var user = await _userManager.FindByIdAsync(userId.ToString()); if (user == null) { return SignInResult.Failed; @@ -339,29 +338,9 @@ namespace Umbraco.Web.Security /// the default(int) value returned by the base class is always a valid user (i.e. the admin) so we just have to duplicate /// all of this code to check for int.MinVale instead. /// - public async Task SendTwoFactorCodeAsync(string provider) + public Task SendTwoFactorCodeAsync(string provider) { throw new NotImplementedException(); - - /*var userId = await GetVerifiedUserIdAsync(); - if (userId == int.MinValue) - return false; - - var token = await _userManager.GenerateTwoFactorTokenAsync(userId, provider); - - - var identityResult = await _userManager.NotifyTwoFactorTokenAsync(userId, provider, token); - return identityResult.Succeeded;*/ - } - - private string ConvertIdToString(int id) - { - return Convert.ToString(id, CultureInfo.InvariantCulture); - } - - private int ConvertIdFromString(string id) - { - return id == null ? default(int) : (int) Convert.ChangeType(id, typeof(int), CultureInfo.InvariantCulture); } public void Dispose() diff --git a/src/Umbraco.Web/Security/BackOfficeUserManager.cs b/src/Umbraco.Web/Security/BackOfficeUserManager.cs index 805c6b902c..443485529c 100644 --- a/src/Umbraco.Web/Security/BackOfficeUserManager.cs +++ b/src/Umbraco.Web/Security/BackOfficeUserManager.cs @@ -305,10 +305,7 @@ namespace Umbraco.Web.Security /// public async Task ChangePasswordWithResetAsync(int userId, string token, string newPassword) { - var userIdAsString = userId.TryConvertTo(); - if (!userIdAsString.Success) throw new InvalidOperationException("Unable to convert userId to int"); - - var user = await base.FindByIdAsync(userIdAsString.Result); + var user = await base.FindByIdAsync(userId.ToString()); var result = await base.ResetPasswordAsync(user, token, newPassword); if (result.Succeeded) RaisePasswordChangedEvent(userId); return result; diff --git a/src/Umbraco.Web/Security/BackOfficeUserStore.cs b/src/Umbraco.Web/Security/BackOfficeUserStore.cs index 6ddae55d82..feb8be9af1 100644 --- a/src/Umbraco.Web/Security/BackOfficeUserStore.cs +++ b/src/Umbraco.Web/Security/BackOfficeUserStore.cs @@ -14,9 +14,6 @@ using Umbraco.Core.Models.Membership; using Umbraco.Core.Security; using Umbraco.Core.Services; using Umbraco.Web.Models.Identity; -using Constants = Umbraco.Core.Constants; -using IUser = Umbraco.Core.Models.Membership.IUser; -using UserLoginInfo = Microsoft.AspNetCore.Identity.UserLoginInfo; namespace Umbraco.Web.Security { @@ -70,7 +67,7 @@ namespace Umbraco.Web.Security ThrowIfDisposed(); if (user == null) throw new ArgumentNullException(nameof(user)); - return Task.FromResult(UserIdToString(user.Id)); + return Task.FromResult(user.Id.ToString()); } public Task GetUserNameAsync(BackOfficeIdentityUser user, CancellationToken cancellationToken) @@ -895,16 +892,8 @@ namespace Umbraco.Web.Security return Task.FromResult(false); } - - private string UserIdToString(int userId) - { - var attempt = userId.TryConvertTo(); - if (attempt.Success) return attempt.Result; - - throw new InvalidOperationException("Unable to convert user ID to string", attempt.Exception); - } - - private int UserIdToInt(string userId) + + private static int UserIdToInt(string userId) { var attempt = userId.TryConvertTo(); if (attempt.Success) return attempt.Result;