Implement password config storage for members (#10170)

* Getting new netcore PublicAccessChecker in place * Adds full test coverage for PublicAccessChecker * remove PublicAccessComposer * adjust namespaces, ensure RoleManager works, separate public access controller, reduce content controller * Implements the required methods on IMemberManager, removes old migrated code * Updates routing to be able to re-route, Fixes middleware ordering ensuring endpoints are last, refactors pipeline options, adds public access middleware, ensures public access follows all hops * adds note * adds note * Cleans up ext methods, ensures that members identity is added on both front-end and back ends. updates how UmbracoApplicationBuilder works in that it explicitly starts endpoints at the time of calling. * Changes name to IUmbracoEndpointBuilder * adds note * Fixing tests, fixing error describers so there's 2x one for back office, one for members, fixes TryConvertTo, fixes login redirect * fixing build * Updates user manager to correctly validate password hashing and injects the IBackOfficeUserPasswordChecker * Merges PR * Fixes up build and notes * Implements security stamp and email confirmed for members, cleans up a bunch of repo/service level member groups stuff, shares user store code between members and users and fixes the user identity object so we arent' tracking both groups and roles. * Security stamp for members is now working * Fixes keepalive, fixes PublicAccessMiddleware to not throw, updates startup code to be more clear and removes magic that registers middleware. * adds note * removes unused filter, fixes build * fixes WebPath and tests * Looks up entities in one query * remove usings * Fix test, remove stylesheet * Set status code before we write to response to avoid error * Ensures that users and members are validated when logging in. Shares more code between users and members. * merge changes * oops * Reducing and removing published member cache * Fixes RepositoryCacheKeys to ensure the keys are normalized * oops didn't mean to commit this * Fix casing issues with caching, stop boxing value types for all cache operations, stop re-creating string keys in DefaultRepositoryCachePolicy * oops didn't mean to comit this * bah, far out this keeps getting recommitted. sorry * cannot inject IPublishedMemberCache and cannot have IPublishedMember * splits out files, fixes build * fix tests * removes membership provider classes * removes membership provider classes * updates the identity map definition * reverts commented out lines * reverts commented out lines * Implements members Password config in db, fixes members cookie auth to not interfere with the back office cookie auth, fixes Startup sequence, fixes startup pipeline * commits change to Startup * Rename migration from `MemberTableColumns2` to `AddPasswordConfigToMemberTable` * Fix test * Fix tests, but adding default passwordConfig to members Co-authored-by: Bjarke Berg <mail@bergmania.dk>
2021-04-22 23:59:13 +10:00
parent 473bc53c66
commit 39aeec0f1f
34 changed files with 483 additions and 200 deletions
--- a/src/Umbraco.Tests.Integration/TestServerTest/UmbracoTestServerTestBase.cs
+++ b/src/Umbraco.Tests.Integration/TestServerTest/UmbracoTestServerTestBase.cs
@@ -18,7 +18,6 @@ using Umbraco.Cms.Core;
 using Umbraco.Cms.Core.Cache;
 using Umbraco.Cms.Core.Composing;
 using Umbraco.Cms.Core.DependencyInjection;
-using Umbraco.Cms.Core.Security;
 using Umbraco.Cms.Core.Web;
 using Umbraco.Cms.Tests.Common.Testing;
 using Umbraco.Cms.Tests.Integration.DependencyInjection;
@@ -181,8 +180,11 @@ namespace Umbraco.Cms.Tests.Integration.TestServerTest
        public override void Configure(IApplicationBuilder app)
        {
            app.UseUmbraco()
-                .WithBackOffice()
-                .WithWebsite()
+                .WithMiddleware(u =>
+                {
+                    u.WithBackOffice();
+                    u.WithWebsite();
+                })
                .WithEndpoints(u =>
                {
                    u.UseBackOfficeEndpoints();
--- a/src/Umbraco.Tests.Integration/Umbraco.Infrastructure/Persistence/Repositories/MemberRepositoryTest.cs
+++ b/src/Umbraco.Tests.Integration/Umbraco.Infrastructure/Persistence/Repositories/MemberRepositoryTest.cs
@@ -6,11 +6,14 @@ using System.Collections.Generic;
 using System.Diagnostics;
 using System.Linq;
 using Microsoft.Extensions.Logging;
+using Microsoft.Extensions.Options;
 using Moq;
 using NPoco;
 using NUnit.Framework;
 using Umbraco.Cms.Core;
 using Umbraco.Cms.Core.Cache;
+using Umbraco.Cms.Core.Configuration;
+using Umbraco.Cms.Core.Configuration.Models;
 using Umbraco.Cms.Core.Events;
 using Umbraco.Cms.Core.Models;
 using Umbraco.Cms.Core.Persistence.Querying;
@@ -54,7 +57,23 @@ namespace Umbraco.Cms.Tests.Integration.Umbraco.Infrastructure.Persistence.Repos
            IRelationRepository relationRepository = GetRequiredService<IRelationRepository>();
            var propertyEditors = new Lazy<PropertyEditorCollection>(() => new PropertyEditorCollection(new DataEditorCollection(Enumerable.Empty<IDataEditor>())));
            var dataValueReferences = new DataValueReferenceFactoryCollection(Enumerable.Empty<IDataValueReferenceFactory>());
-            return new MemberRepository(accessor, AppCaches.Disabled, LoggerFactory.CreateLogger<MemberRepository>(), MemberTypeRepository, MemberGroupRepository, tagRepo, Mock.Of<ILanguageRepository>(), relationRepository, relationTypeRepository, PasswordHasher, propertyEditors, dataValueReferences, DataTypeService, JsonSerializer, Mock.Of<IEventAggregator>());
+            return new MemberRepository(
+                accessor,
+                AppCaches.Disabled,
+                LoggerFactory.CreateLogger<MemberRepository>(),
+                MemberTypeRepository,
+                MemberGroupRepository,
+                tagRepo,
+                Mock.Of<ILanguageRepository>(),
+                relationRepository,
+                relationTypeRepository,
+                PasswordHasher,
+                propertyEditors,
+                dataValueReferences,
+                DataTypeService,
+                JsonSerializer,
+                Mock.Of<IEventAggregator>(),
+                Options.Create(new MemberPasswordConfigurationSettings()));
        }

        [Test]
--- a/src/Umbraco.Tests.Integration/Umbraco.Infrastructure/Security/MemberPasswordHasherTests.cs
+++ b/src/Umbraco.Tests.Integration/Umbraco.Infrastructure/Security/MemberPasswordHasherTests.cs
@@ -1,73 +0,0 @@
-using System;
-using Microsoft.AspNetCore.Identity;
-using NUnit.Framework;
-using Umbraco.Cms.Core.Security;
-using Umbraco.Cms.Infrastructure.Security;
-
-namespace Umbraco.Cms.Tests.Integration.Umbraco.Infrastructure.Security
-{
-    [TestFixture]
-    public class MemberPasswordHasherTests
-    {
-        private MemberPasswordHasher CreateSut() => new MemberPasswordHasher(new LegacyPasswordSecurity());
-
-        [Test]
-        public void VerifyHashedPassword_GivenAnAspNetIdentity2PasswordHash_ThenExpectSuccessRehashNeeded()
-        {
-            const string password = "Password123!";
-            const string hash = "AJszAsQqxOYbASKfL3JVUu6cjU18ouizXDfX4j7wLlir8SWj2yQaTepE9e5bIohIsQ==";
-
-            var sut = CreateSut();
-            var result = sut.VerifyHashedPassword(null, hash, password);
-
-            Assert.AreEqual(result, PasswordVerificationResult.SuccessRehashNeeded);
-        }
-
-        [Test]
-        public void VerifyHashedPassword_GivenAnAspNetCoreIdentityPasswordHash_ThenExpectSuccess()
-        {
-            const string password = "Password123!";
-            const string hash = "AQAAAAEAACcQAAAAEGF/tTVoL6ef3bQPZFYfbgKFu1CDQIAMgyY1N4EDt9jqdG/hsOX93X1U6LNvlIQ3mw==";
-
-            var sut = CreateSut();
-            var result = sut.VerifyHashedPassword(null, hash, password);
-
-            Assert.AreEqual(result, PasswordVerificationResult.Success);
-        }
-
-        [Test]
-        public void VerifyHashedPassword_GivenALegacyPasswordHash_ThenExpectSuccessRehashNeeded()
-        {
-            const string password = "Password123!";
-            const string hash = "yDiU2YyuYZU4jz6F0fpErQ==BxNRHkXBVyJs9gwWF6ktWdfDwYf5bwm+rvV7tOcNNx8=";
-
-            var sut = CreateSut();
-            var result = sut.VerifyHashedPassword(null, hash, password);
-
-            Assert.AreEqual(result, PasswordVerificationResult.SuccessRehashNeeded);
-        }
-
-        [Test]
-        public void VerifyHashedPassword_GivenAnUnknownBase64Hash_ThenExpectInvalidOperationException()
-        {
-            var hashBytes = new byte[] {3, 2, 1};
-            var hash = Convert.ToBase64String(hashBytes);
-
-            var sut = CreateSut();
-            Assert.Throws<InvalidOperationException>(() => sut.VerifyHashedPassword(null, hash, "password"));
-        }
-
-        [TestCase("AJszAsQqxOYbASKfL3JVUu6cjU18ouizXDfX4j7wLlir8SWj2yQaTepE9e5bIohIsQ==")]
-        [TestCase("AQAAAAEAACcQAAAAEGF/tTVoL6ef3bQPZFYfbgKFu1CDQIAMgyY1N4EDt9jqdG/hsOX93X1U6LNvlIQ3mw==")]
-        [TestCase("yDiU2YyuYZU4jz6F0fpErQ==BxNRHkXBVyJs9gwWF6ktWdfDwYf5bwm+rvV7tOcNNx8=")]
-        public void VerifyHashedPassword_GivenAnInvalidPassword_ThenExpectFailure(string hash)
-        {
-            const string invalidPassword = "nope";
-
-            var sut = CreateSut();
-            var result = sut.VerifyHashedPassword(null, hash, invalidPassword);
-
-            Assert.AreEqual(result, PasswordVerificationResult.Failed);
-        }
-    }
-}