removes remaining back office things from underlying UmbracoUserManager moves files

src/Umbraco.Core/Security/IBackOfficeUserPasswordChecker.cs

@@ -11,9 +11,6 @@ namespace Umbraco.Core.Security
         /// <summary>
         /// Checks a password for a user
         /// </summary>
-        /// <param name="user"></param>
-        /// <param name="password"></param>
-        /// <returns></returns>
         /// <remarks>
         /// This will allow a developer to auto-link a local account which is required if the user queried doesn't exist locally.
         /// The user parameter will always contain the username, if the user doesn't exist locally, the other properties will not be filled in.

src/Umbraco.Infrastructure/Install/InstallSteps/NewInstallStep.cs

@@ -1,4 +1,4 @@
-using System;
+using System;
 using System.Collections.Specialized;
 using System.Net.Http;
 using System.Text;
@@ -6,10 +6,9 @@ using System.Threading.Tasks;
 using Microsoft.Extensions.Options;
 using Newtonsoft.Json;
 using Umbraco.Core;
-using Umbraco.Core.BackOffice;
-using Umbraco.Core.Configuration;
 using Umbraco.Core.Configuration.Models;
 using Umbraco.Core.Migrations.Install;
+using Umbraco.Core.Security;
 using Umbraco.Core.Services;
 using Umbraco.Extensions;
 using Umbraco.Web.Install.Models;

src/Umbraco.Infrastructure/Security/BackOfficeClaimsPrincipalFactory.cs

@@ -6,7 +6,7 @@ using Microsoft.AspNetCore.Identity;
 using Microsoft.Extensions.Options;
 using Umbraco.Core.Security;
 
-namespace Umbraco.Core.BackOffice
+namespace Umbraco.Core.Security
 {
     /// <summary>
     /// A <see cref="UserClaimsPrincipalFactory{TUser}" for the back office/>

src/Umbraco.Infrastructure/Security/BackOfficeIdentityBuilder.cs

@@ -1,19 +1,25 @@
-using System;
+using System;
 using System.Reflection;
 using Microsoft.AspNetCore.Identity;
 using Microsoft.Extensions.DependencyInjection;
-using Umbraco.Core.BackOffice;
-using Umbraco.Core.Security;
 
-namespace Umbraco.Infrastructure.BackOffice
+namespace Umbraco.Core.Security
 {
     public class BackOfficeIdentityBuilder : IdentityBuilder
     {
-        public BackOfficeIdentityBuilder(IServiceCollection services) : base(typeof(BackOfficeIdentityUser), services)
+        /// <summary>
+        /// Initializes a new instance of the <see cref="BackOfficeIdentityBuilder"/> class.
+        /// </summary>
+        public BackOfficeIdentityBuilder(IServiceCollection services)
+            : base(typeof(BackOfficeIdentityUser), services)
         {
         }
 
-        public BackOfficeIdentityBuilder(Type role, IServiceCollection services) : base(typeof(BackOfficeIdentityUser), role, services)
+        /// <summary>
+        /// Initializes a new instance of the <see cref="BackOfficeIdentityBuilder"/> class.
+        /// </summary>
+        public BackOfficeIdentityBuilder(Type role, IServiceCollection services)
+            : base(typeof(BackOfficeIdentityUser), role, services)
         {
         }
 
@@ -29,10 +35,8 @@ namespace Umbraco.Infrastructure.BackOffice
             {
                 throw new InvalidOperationException($"Invalid Type for TokenProvider: {provider.FullName}");
             }
-            Services.Configure<BackOfficeIdentityOptions>(options =>
-            {
-                options.Tokens.ProviderMap[providerName] = new TokenProviderDescriptor(provider);
-            });
+
+            Services.Configure<BackOfficeIdentityOptions>(options => options.Tokens.ProviderMap[providerName] = new TokenProviderDescriptor(provider));
             Services.AddTransient(provider);
             return this;
         }

src/Umbraco.Infrastructure/Security/BackOfficeIdentityErrorDescriber.cs

@@ -1,11 +1,12 @@
-using Microsoft.AspNetCore.Identity;
+using Microsoft.AspNetCore.Identity;
 
-namespace Umbraco.Core.BackOffice
+namespace Umbraco.Core.Security
 {
     /// <summary>
     /// Umbraco back office specific <see cref="IdentityErrorDescriber"/>
     /// </summary>
     public class BackOfficeIdentityErrorDescriber : IdentityErrorDescriber
     {
+        // TODO: Override all the methods in order to provide our own translated error messages
     }
 }

src/Umbraco.Infrastructure/Security/BackOfficeIdentityOptions.cs

@@ -1,6 +1,6 @@
-using Microsoft.AspNetCore.Identity;
+using Microsoft.AspNetCore.Identity;
 
-namespace Umbraco.Core.BackOffice
+namespace Umbraco.Core.Security
 {
     /// <summary>
     /// Identity options specifically for the back office identity implementation

src/Umbraco.Infrastructure/Security/BackOfficeLookupNormalizer.cs

@@ -1,6 +1,6 @@
-using Microsoft.AspNetCore.Identity;
+using Microsoft.AspNetCore.Identity;
 
-namespace Umbraco.Core.BackOffice
+namespace Umbraco.Core.Security
 {
 
     /// <summary>
@@ -8,6 +8,8 @@ namespace Umbraco.Core.BackOffice
     /// </summary>
     public class BackOfficeLookupNormalizer : ILookupNormalizer
     {
+        // TODO: Do we need this?
+
         public string NormalizeName(string name) => name;
 
         public string NormalizeEmail(string email) => email;

src/Umbraco.Infrastructure/Security/BackOfficeUserStore.cs

@@ -15,7 +15,7 @@ using Umbraco.Core.Scoping;
 using Umbraco.Core.Security;
 using Umbraco.Core.Services;
 
-namespace Umbraco.Core.BackOffice
+namespace Umbraco.Core.Security
 {
     // TODO: Make this into a base class that can be re-used
 

src/Umbraco.Infrastructure/Security/BackOfficeUserValidator.cs

@@ -1,8 +1,8 @@
-using System.Threading.Tasks;
+using System.Threading.Tasks;
 using Microsoft.AspNetCore.Identity;
 using Umbraco.Core.Security;
 
-namespace Umbraco.Core.BackOffice
+namespace Umbraco.Core.Security
 {
     public class BackOfficeUserValidator<T> : UserValidator<T>
         where T : BackOfficeIdentityUser

src/Umbraco.Infrastructure/Security/IBackOfficeUserManager.cs

@@ -1,6 +1,6 @@
 using Umbraco.Core.Security;
 
-namespace Umbraco.Core.BackOffice
+namespace Umbraco.Core.Security
 {
     /// <summary>
     /// The user manager for the back office

src/Umbraco.Infrastructure/Security/IUmbracoUserManager.cs

@@ -8,7 +8,7 @@ using Umbraco.Core.Models.Membership;
 using Umbraco.Core.Security;
 using Umbraco.Web.Models.ContentEditing;
 
-namespace Umbraco.Core.BackOffice
+namespace Umbraco.Core.Security
 {
 
     /// <summary>

src/Umbraco.Infrastructure/Security/IUserSessionStore.cs

@@ -1,7 +1,7 @@
 using System.Threading.Tasks;
 using Microsoft.AspNetCore.Identity;
 
-namespace Umbraco.Core.BackOffice
+namespace Umbraco.Core.Security
 {
     /// <summary>
     /// An IUserStore interface part to implement if the store supports validating user session Ids

src/Umbraco.Infrastructure/Security/SignOutAuditEventArgs.cs

@@ -1,6 +1,6 @@
-using Umbraco.Core.Security;
+using Umbraco.Core.Security;
 
-namespace Umbraco.Core.BackOffice
+namespace Umbraco.Core.Security
 {
 
     /// <summary>

src/Umbraco.Infrastructure/Security/UserInviteEventArgs.cs

@@ -1,8 +1,8 @@
-using Umbraco.Core.Models.Membership;
+using Umbraco.Core.Models.Membership;
 using Umbraco.Core.Security;
 using Umbraco.Web.Models.ContentEditing;
 
-namespace Umbraco.Core.BackOffice
+namespace Umbraco.Core.Security
 {
     public class UserInviteEventArgs : IdentityAuditEventArgs
     {
@@ -25,7 +25,7 @@ namespace Umbraco.Core.BackOffice
 
         /// <summary>
         /// The local user that has been created that is pending the invite
-        /// </summary>        
+        /// </summary>
         public IUser User { get; }
 
         /// <summary>

src/Umbraco.Tests.Integration/Umbraco.Web.BackOffice/UmbracoBackOfficeServiceCollectionExtensionsTests.cs

@@ -2,10 +2,9 @@ using System;
 using Microsoft.AspNetCore.Identity;
 using Microsoft.Extensions.DependencyInjection;
 using NUnit.Framework;
-using Umbraco.Extensions;
-using Umbraco.Core.BackOffice;
-using Umbraco.Tests.Integration.Testing;
 using Umbraco.Core.Security;
+using Umbraco.Extensions;
+using Umbraco.Tests.Integration.Testing;
 
 namespace Umbraco.Tests.Integration.Umbraco.Web.BackOffice
 {

src/Umbraco.Tests.UnitTests/Umbraco.Core/BackOffice/BackOfficeClaimsPrincipalFactoryTests.cs

@@ -7,7 +7,6 @@ using Microsoft.Extensions.Options;
 using Moq;
 using NUnit.Framework;
 using Umbraco.Core;
-using Umbraco.Core.BackOffice;
 using Umbraco.Core.Configuration.Models;
 using Umbraco.Core.Models.Membership;
 using Umbraco.Core.Security;

src/Umbraco.Tests.UnitTests/Umbraco.Core/BackOffice/NopLookupNormalizerTests.cs

@@ -1,6 +1,6 @@
-using System;
+using System;
 using NUnit.Framework;
-using Umbraco.Core.BackOffice;
+using Umbraco.Core.Security;
 
 namespace Umbraco.Tests.UnitTests.Umbraco.Core.BackOffice
 {

src/Umbraco.Tests.UnitTests/Umbraco.Infrastructure/BackOffice/BackOfficeLookupNormalizerTests.cs

@@ -1,6 +1,6 @@
-using System;
+using System;
 using NUnit.Framework;
-using Umbraco.Core.BackOffice;
+using Umbraco.Core.Security;
 
 namespace Umbraco.Tests.UnitTests.Umbraco.Web.Backoffice
 {

src/Umbraco.Tests.UnitTests/Umbraco.Web.BackOffice/Controllers/UsersControllerUnitTests.cs

@@ -1,9 +1,6 @@
-using System.Threading;
 using AutoFixture.NUnit3;
-using Microsoft.AspNetCore.Identity;
 using Moq;
 using NUnit.Framework;
-using Umbraco.Core.BackOffice;
 using Umbraco.Core.Security;
 using Umbraco.Tests.UnitTests.AutoFixture;
 using Umbraco.Web.BackOffice.Controllers;

src/Umbraco.Web.BackOffice/Controllers/AuthenticationController.cs

@@ -1,10 +1,10 @@
-using System;
+using System;
 using System.Collections.Generic;
 using System.Linq;
 using System.Net;
 using System.Security.Claims;
 using System.Threading.Tasks;
-using Microsoft.AspNetCore.Authentication;
+using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Http;
 using Microsoft.AspNetCore.Identity;
 using Microsoft.AspNetCore.Mvc;
@@ -12,7 +12,6 @@ using Microsoft.AspNetCore.Routing;
 using Microsoft.Extensions.Logging;
 using Microsoft.Extensions.Options;
 using Umbraco.Core;
-using Umbraco.Core.BackOffice;
 using Umbraco.Core.Configuration.Models;
 using Umbraco.Core.Mapping;
 using Umbraco.Core.Models;
@@ -26,6 +25,7 @@ using Umbraco.Web.BackOffice.Filters;
 using Umbraco.Web.BackOffice.Security;
 using Umbraco.Web.Common.ActionsResults;
 using Umbraco.Web.Common.Attributes;
+using Umbraco.Web.Common.Authorization;
 using Umbraco.Web.Common.Controllers;
 using Umbraco.Web.Common.Exceptions;
 using Umbraco.Web.Common.Filters;
@@ -33,8 +33,6 @@ using Umbraco.Web.Common.Security;
 using Umbraco.Web.Models;
 using Umbraco.Web.Models.ContentEditing;
 using Constants = Umbraco.Core.Constants;
-using Microsoft.AspNetCore.Authorization;
-using Umbraco.Web.Common.Authorization;
 
 namespace Umbraco.Web.BackOffice.Controllers
 {

src/Umbraco.Web.BackOffice/Controllers/BackOfficeController.cs

@@ -1,15 +1,19 @@
-using System;
+using System;
 using System.Collections.Generic;
 using System.Globalization;
 using System.IO;
 using System.Linq;
+using System.Security.Claims;
 using System.Threading;
 using System.Threading.Tasks;
+using Microsoft.AspNetCore.Authentication;
+using Microsoft.AspNetCore.Authorization;
+using Microsoft.AspNetCore.Http;
+using Microsoft.AspNetCore.Identity;
 using Microsoft.AspNetCore.Mvc;
-using Microsoft.Extensions.Options;
 using Microsoft.Extensions.Logging;
+using Microsoft.Extensions.Options;
 using Umbraco.Core;
-using Umbraco.Core.BackOffice;
 using Umbraco.Core.Cache;
 using Umbraco.Core.Configuration;
 using Umbraco.Core.Configuration.Grid;
@@ -22,21 +26,16 @@ using Umbraco.Core.WebAssets;
 using Umbraco.Extensions;
 using Umbraco.Web.BackOffice.ActionResults;
 using Umbraco.Web.BackOffice.Filters;
+using Umbraco.Web.BackOffice.Security;
+using Umbraco.Web.Common.ActionsResults;
 using Umbraco.Web.Common.Attributes;
+using Umbraco.Web.Common.Authorization;
 using Umbraco.Web.Common.Filters;
 using Umbraco.Web.Common.Security;
 using Umbraco.Web.Models;
 using Umbraco.Web.Mvc;
 using Umbraco.Web.WebAssets;
 using Constants = Umbraco.Core.Constants;
-using Microsoft.AspNetCore.Identity;
-using System.Security.Claims;
-using Microsoft.AspNetCore.Http;
-using Umbraco.Web.BackOffice.Security;
-using Umbraco.Web.Common.ActionsResults;
-using Microsoft.AspNetCore.Authorization;
-using Umbraco.Web.Common.Authorization;
-using Microsoft.AspNetCore.Authentication;
 
 namespace Umbraco.Web.BackOffice.Controllers
 {

src/Umbraco.Web.BackOffice/Controllers/CurrentUserController.cs

@@ -1,15 +1,15 @@
-using System;
+using System;
 using System.Collections.Generic;
 using System.Globalization;
 using System.Linq;
 using System.Threading.Tasks;
+using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Http;
 using Microsoft.AspNetCore.Mvc;
-using Microsoft.Extensions.Options;
 using Microsoft.Extensions.Logging;
+using Microsoft.Extensions.Options;
 using Newtonsoft.Json;
 using Umbraco.Core;
-using Umbraco.Core.BackOffice;
 using Umbraco.Core.Cache;
 using Umbraco.Core.Configuration.Models;
 using Umbraco.Core.Hosting;
@@ -23,12 +23,10 @@ using Umbraco.Extensions;
 using Umbraco.Web.BackOffice.Filters;
 using Umbraco.Web.BackOffice.Security;
 using Umbraco.Web.Common.Attributes;
+using Umbraco.Web.Common.Authorization;
 using Umbraco.Web.Common.Exceptions;
-using Umbraco.Web.Common.Filters;
 using Umbraco.Web.Models;
 using Umbraco.Web.Models.ContentEditing;
-using Microsoft.AspNetCore.Authorization;
-using Umbraco.Web.Common.Authorization;
 
 namespace Umbraco.Web.BackOffice.Controllers
 {

src/Umbraco.Web.BackOffice/Controllers/UsersController.cs

@@ -1,4 +1,4 @@
-using System;
+using System;
 using System.Collections.Generic;
 using System.IO;
 using System.Linq;
@@ -6,13 +6,13 @@ using System.Net;
 using System.Runtime.Serialization;
 using System.Security.Cryptography;
 using System.Threading.Tasks;
+using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Http;
 using Microsoft.AspNetCore.Mvc;
 using Microsoft.AspNetCore.Routing;
-using Microsoft.Extensions.Options;
 using Microsoft.Extensions.Logging;
+using Microsoft.Extensions.Options;
 using Umbraco.Core;
-using Umbraco.Core.BackOffice;
 using Umbraco.Core.Cache;
 using Umbraco.Core.Configuration;
 using Umbraco.Core.Configuration.Models;
@@ -26,23 +26,21 @@ using Umbraco.Core.Persistence;
 using Umbraco.Core.Security;
 using Umbraco.Core.Services;
 using Umbraco.Core.Strings;
-using Umbraco.Web.Models;
-using Umbraco.Web.Models.ContentEditing;
 using Umbraco.Extensions;
+using Umbraco.Web.BackOffice.ActionResults;
 using Umbraco.Web.BackOffice.Filters;
 using Umbraco.Web.BackOffice.ModelBinders;
 using Umbraco.Web.BackOffice.Security;
-using Umbraco.Web.BackOffice.ActionResults;
+using Umbraco.Web.Common.ActionsResults;
 using Umbraco.Web.Common.Attributes;
+using Umbraco.Web.Common.Authorization;
 using Umbraco.Web.Common.Exceptions;
 using Umbraco.Web.Editors;
+using Umbraco.Web.Models;
+using Umbraco.Web.Models.ContentEditing;
 using Constants = Umbraco.Core.Constants;
 using IUser = Umbraco.Core.Models.Membership.IUser;
 using Task = System.Threading.Tasks.Task;
-using Umbraco.Net;
-using Umbraco.Web.Common.ActionsResults;
-using Microsoft.AspNetCore.Authorization;
-using Umbraco.Web.Common.Authorization;
 
 namespace Umbraco.Web.BackOffice.Controllers
 {

src/Umbraco.Web.BackOffice/Extensions/BackOfficeApplicationBuilderExtensions.cs

@@ -2,7 +2,6 @@ using System;
 using Microsoft.AspNetCore.Builder;
 using Microsoft.Extensions.DependencyInjection;
 using SixLabors.ImageSharp.Web.DependencyInjection;
-using Umbraco.Core.BackOffice;
 using Umbraco.Web.BackOffice.Middleware;
 using Umbraco.Web.BackOffice.Routing;
 using Umbraco.Web.Common.Security;

src/Umbraco.Web.BackOffice/Extensions/BackOfficeServiceCollectionExtensions.cs

@@ -1,18 +1,13 @@
-using System;
 using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Identity;
-using Microsoft.AspNetCore.Mvc.Filters;
 using Microsoft.Extensions.DependencyInjection;
 using Microsoft.Extensions.DependencyInjection.Extensions;
 using Umbraco.Core;
-using Umbraco.Core.BackOffice;
 using Umbraco.Core.Security;
 using Umbraco.Core.Serialization;
-using Umbraco.Infrastructure.BackOffice;
 using Umbraco.Net;
 using Umbraco.Web.Actions;
 using Umbraco.Web.BackOffice.Authorization;
-using Umbraco.Web.BackOffice.Filters;
 using Umbraco.Web.BackOffice.Security;
 using Umbraco.Web.Common.AspNetCore;
 using Umbraco.Web.Common.Authorization;

src/Umbraco.Web.BackOffice/Extensions/WebMappingProfiles.cs

@@ -1,8 +1,5 @@
-using Microsoft.Extensions.DependencyInjection;
-using Umbraco.Core;
-using Umbraco.Core.BackOffice;
+using Microsoft.Extensions.DependencyInjection;
 using Umbraco.Core.Builder;
-using Umbraco.Core.Composing;
 using Umbraco.Core.Mapping;
 using Umbraco.Web.BackOffice.Mapping;
 

src/Umbraco.Web.BackOffice/Security/BackOfficeSessionIdValidator.cs

@@ -1,4 +1,4 @@
-
+
 using System;
 using System.Security.Claims;
 using System.Threading.Tasks;
@@ -7,9 +7,9 @@ using Microsoft.AspNetCore.Authentication.Cookies;
 using Microsoft.AspNetCore.Http;
 using Microsoft.Extensions.Options;
 using Umbraco.Core;
-using Umbraco.Core.BackOffice;
 using Umbraco.Core.Configuration.Models;
 using Umbraco.Core.Hosting;
+using Umbraco.Core.Security;
 using Umbraco.Extensions;
 
 namespace Umbraco.Web.BackOffice.Security

src/Umbraco.Web.BackOffice/Security/BackOfficeUserManagerAuditer.cs

@@ -1,8 +1,6 @@
-using Microsoft.Extensions.Options;
 using System;
-using System.Threading.Tasks;
+using Microsoft.Extensions.Options;
 using Umbraco.Core;
-using Umbraco.Core.BackOffice;
 using Umbraco.Core.Compose;
 using Umbraco.Core.Configuration.Models;
 using Umbraco.Core.Models.Membership;

src/Umbraco.Web.BackOffice/Security/ConfigureBackOfficeIdentityOptions.cs

@@ -1,11 +1,11 @@
-using System;
+using System;
 using System.Security.Claims;
 using Microsoft.AspNetCore.Identity;
 using Microsoft.Extensions.Options;
 using Umbraco.Core;
-using Umbraco.Core.BackOffice;
 using Umbraco.Core.Configuration;
 using Umbraco.Core.Configuration.Models;
+using Umbraco.Core.Security;
 
 namespace Umbraco.Web.BackOffice.Security
 {

src/Umbraco.Web.BackOffice/Security/PasswordChanger.cs

@@ -1,10 +1,10 @@
-using System;
+using System;
 using System.ComponentModel.DataAnnotations;
 using System.Threading.Tasks;
 using Microsoft.Extensions.Logging;
 using Umbraco.Core;
-using Umbraco.Core.BackOffice;
 using Umbraco.Core.Models;
+using Umbraco.Core.Security;
 using Umbraco.Extensions;
 using Umbraco.Web.Models;
 using IUser = Umbraco.Core.Models.Membership.IUser;

src/Umbraco.Web.Common/Security/BackOfficeUserManager.cs

@@ -1,17 +1,13 @@
 using System;
 using System.Collections.Generic;
 using System.Security.Principal;
-using System.Threading;
 using System.Threading.Tasks;
 using Microsoft.AspNetCore.Http;
 using Microsoft.AspNetCore.Identity;
 using Microsoft.Extensions.Logging;
 using Microsoft.Extensions.Options;
 using Umbraco.Core;
-using Umbraco.Core.BackOffice;
-using Umbraco.Core.Configuration;
 using Umbraco.Core.Configuration.Models;
-using Umbraco.Core.Models.Identity;
 using Umbraco.Core.Models.Membership;
 using Umbraco.Core.Security;
 using Umbraco.Extensions;
@@ -21,7 +17,7 @@ using Umbraco.Web.Models.ContentEditing;
 
 namespace Umbraco.Web.Common.Security
 {
-    public class BackOfficeUserManager : UmbracoUserManager<BackOfficeIdentityUser>, IBackOfficeUserManager
+    public class BackOfficeUserManager : UmbracoUserManager<BackOfficeIdentityUser, UserPasswordConfigurationSettings>, IBackOfficeUserManager
     {
         private readonly IHttpContextAccessor _httpContextAccessor;
 
@@ -43,6 +39,11 @@ namespace Umbraco.Web.Common.Security
             _httpContextAccessor = httpContextAccessor;
         }
 
+        /// <summary>
+        /// Gets or sets the default back office user password checker
+        /// </summary>
+        public IBackOfficeUserPasswordChecker BackOfficeUserPasswordChecker { get; set; } // TODO: This isn't a good way to set this, it needs to be injected
+
         /// <inheritdoc />
         /// <remarks>
         /// By default this uses the standard ASP.Net Identity approach which is:

src/Umbraco.Web.Common/Security/UmbracoUserManager.cs

@@ -5,7 +5,6 @@ using System.Threading.Tasks;
 using Microsoft.AspNetCore.Identity;
 using Microsoft.Extensions.Logging;
 using Microsoft.Extensions.Options;
-using Umbraco.Core.BackOffice;
 using Umbraco.Core.Configuration;
 using Umbraco.Core.Configuration.Models;
 using Umbraco.Core.Models.Identity;
@@ -18,27 +17,29 @@ namespace Umbraco.Web.Common.Security
     /// <summary>
     /// Abstract class for Umbraco User Managers for back office users or front-end members
     /// </summary>
-    /// <typeparam name="T">The type of user</typeparam>
-    public abstract class UmbracoUserManager<T> : UserManager<T>
-        where T : UmbracoIdentityUser
+    /// <typeparam name="TUser">The type of user</typeparam>
+    /// /// <typeparam name="TPasswordConfig">The type password config</typeparam>
+    public abstract class UmbracoUserManager<TUser, TPasswordConfig> : UserManager<TUser>
+        where TUser : UmbracoIdentityUser
+        where TPasswordConfig: class, IPasswordConfiguration, new()
     {
         private PasswordGenerator _passwordGenerator;
 
         /// <summary>
-        /// Initializes a new instance of the <see cref="UmbracoUserManager{T}"/> class.
+        /// Initializes a new instance of the <see cref="UmbracoUserManager{T, TPasswordConfig}"/> class.
         /// </summary>
         public UmbracoUserManager(
             IIpResolver ipResolver,
-            IUserStore<T> store,
-            IOptions<BackOfficeIdentityOptions> optionsAccessor,
-            IPasswordHasher<T> passwordHasher,
-            IEnumerable<IUserValidator<T>> userValidators,
-            IEnumerable<IPasswordValidator<T>> passwordValidators,
-            BackOfficeLookupNormalizer keyNormalizer,
-            BackOfficeIdentityErrorDescriber errors,
+            IUserStore<TUser> store,
+            IOptions<IdentityOptions> optionsAccessor,
+            IPasswordHasher<TUser> passwordHasher,
+            IEnumerable<IUserValidator<TUser>> userValidators,
+            IEnumerable<IPasswordValidator<TUser>> passwordValidators,
+            ILookupNormalizer keyNormalizer,
+            IdentityErrorDescriber errors,
             IServiceProvider services,
-            ILogger<UserManager<T>> logger,
-            IOptions<UserPasswordConfigurationSettings> passwordConfiguration)
+            ILogger<UserManager<TUser>> logger,
+            IOptions<TPasswordConfig> passwordConfiguration)
             : base(store, optionsAccessor, passwordHasher, userValidators, passwordValidators, keyNormalizer, errors, services, logger)
         {
             IpResolver = ipResolver ?? throw new ArgumentNullException(nameof(ipResolver));
@@ -67,9 +68,10 @@ namespace Umbraco.Web.Common.Security
         /// <returns>True if the sesion is valid, else false</returns>
         public virtual async Task<bool> ValidateSessionIdAsync(string userId, string sessionId)
         {
-            var userSessionStore = Store as IUserSessionStore<T>;
+            var userSessionStore = Store as IUserSessionStore<TUser>;
 
             // if this is not set, for backwards compat (which would be super rare), we'll just approve it
+            // TODO: This should be removed after members supports this
             if (userSessionStore == null)
             {
                 return true;
@@ -83,14 +85,9 @@ namespace Umbraco.Web.Common.Security
         /// </summary>
         /// <param name="passwordConfiguration">The <see cref="IPasswordConfiguration"/></param>
         /// <returns>An <see cref="IPasswordHasher{T}"/></returns>
-        protected virtual IPasswordHasher<T> GetDefaultPasswordHasher(IPasswordConfiguration passwordConfiguration) => new PasswordHasher<T>();
+        protected virtual IPasswordHasher<TUser> GetDefaultPasswordHasher(IPasswordConfiguration passwordConfiguration) => new PasswordHasher<TUser>();
 
-        /// <summary>
-        /// Gets or sets the default back office user password checker
-        /// </summary>
-        public IBackOfficeUserPasswordChecker BackOfficeUserPasswordChecker { get; set; }
-
-        public IPasswordConfiguration PasswordConfiguration { get; protected set; }
+        public IPasswordConfiguration PasswordConfiguration { get; }
 
         public IIpResolver IpResolver { get; }
 
@@ -110,7 +107,7 @@ namespace Umbraco.Web.Common.Security
         }
 
         /// <inheritdoc />
-        public override async Task<bool> CheckPasswordAsync(T user, string password)
+        public override async Task<bool> CheckPasswordAsync(TUser user, string password)
         {
             // we cannot proceed if the user passed in does not have an identity
             if (user.HasIdentity == false)
@@ -135,7 +132,7 @@ namespace Umbraco.Web.Common.Security
         /// </remarks>
         public virtual async Task<IdentityResult> ChangePasswordWithResetAsync(int userId, string token, string newPassword)
         {
-            T user = await FindByIdAsync(userId.ToString());
+            TUser user = await FindByIdAsync(userId.ToString());
             if (user == null)
             {
                 throw new InvalidOperationException("Could not find user");
@@ -148,9 +145,9 @@ namespace Umbraco.Web.Common.Security
         /// <summary>
         /// This is copied from the underlying .NET base class since they decided to not expose it
         /// </summary>
-        private IUserSecurityStampStore<T> GetSecurityStore()
+        private IUserSecurityStampStore<TUser> GetSecurityStore()
         {
-            var store = Store as IUserSecurityStampStore<T>;
+            var store = Store as IUserSecurityStampStore<TUser>;
             if (store == null)
             {
                 throw new NotSupportedException("The current user store does not implement " + typeof(IUserSecurityStampStore<>));
@@ -165,7 +162,7 @@ namespace Umbraco.Web.Common.Security
         private static string NewSecurityStamp() => Guid.NewGuid().ToString();
 
         /// <inheritdoc/>
-        public override async Task<IdentityResult> SetLockoutEndDateAsync(T user, DateTimeOffset? lockoutEnd)
+        public override async Task<IdentityResult> SetLockoutEndDateAsync(TUser user, DateTimeOffset? lockoutEnd)
         {
             if (user == null)
             {
@@ -185,14 +182,14 @@ namespace Umbraco.Web.Common.Security
         }
 
         /// <inheritdoc/>
-        public override async Task<IdentityResult> ResetAccessFailedCountAsync(T user)
+        public override async Task<IdentityResult> ResetAccessFailedCountAsync(TUser user)
         {
             if (user == null)
             {
                 throw new ArgumentNullException(nameof(user));
             }
 
-            var lockoutStore = (IUserLockoutStore<T>)Store;
+            var lockoutStore = (IUserLockoutStore<TUser>)Store;
             var accessFailedCount = await GetAccessFailedCountAsync(user);
 
             if (accessFailedCount == 0)
@@ -209,14 +206,14 @@ namespace Umbraco.Web.Common.Security
         /// Overrides the Microsoft ASP.NET user management method
         /// </summary>
         /// <inheritdoc/>
-        public override async Task<IdentityResult> AccessFailedAsync(T user)
+        public override async Task<IdentityResult> AccessFailedAsync(TUser user)
         {
             if (user == null)
             {
                 throw new ArgumentNullException(nameof(user));
             }
 
-            var lockoutStore = Store as IUserLockoutStore<T>;
+            var lockoutStore = Store as IUserLockoutStore<TUser>;
             if (lockoutStore == null)
             {
                 throw new NotSupportedException("The current user store does not implement " + typeof(IUserLockoutStore<>));

src/Umbraco.Web/Security/ActiveDirectoryBackOfficeUserPasswordChecker.cs

@@ -2,8 +2,6 @@ using System;
 using System.DirectoryServices.AccountManagement;
 using System.Threading.Tasks;
 using Microsoft.Extensions.Options;
-using Umbraco.Core.BackOffice;
-using Umbraco.Core.Configuration;
 using Umbraco.Core.Configuration.Models;
 using Umbraco.Core.Security;
 

src/Umbraco.Web/Security/BackOfficeCookieAuthenticationProvider.cs

@@ -1,46 +0,0 @@
-using System;
-using System.Security.Claims;
-using System.Threading.Tasks;
-using Microsoft.Extensions.Options;
-using Microsoft.Owin;
-using Microsoft.Owin.Security.Cookies;
-using Umbraco.Core;
-using Umbraco.Core.BackOffice;
-using Umbraco.Core.Configuration;
-using Umbraco.Core.Configuration.Models;
-using Umbraco.Core.Services;
-using Umbraco.Core.Configuration.UmbracoSettings;
-using Umbraco.Core.Hosting;
-using Umbraco.Core.Security;
-
-namespace Umbraco.Web.Security
-{
-    // TODO: Migrate this logic to cookie events in ConfigureUmbracoBackOfficeCookieOptions
-
-    public class BackOfficeCookieAuthenticationProvider : CookieAuthenticationProvider
-    {
-        private readonly IUserService _userService;
-        private readonly IRuntimeState _runtimeState;
-        private readonly GlobalSettings _globalSettings;
-        private readonly IHostingEnvironment _hostingEnvironment;
-        private readonly SecuritySettings _securitySettings;
-
-        public BackOfficeCookieAuthenticationProvider(IUserService userService, IRuntimeState runtimeState, GlobalSettings globalSettings, IHostingEnvironment hostingEnvironment, IOptions<SecuritySettings> securitySettings)
-        {
-            _userService = userService;
-            _runtimeState = runtimeState;
-            _globalSettings = globalSettings;
-            _hostingEnvironment = hostingEnvironment;
-            _securitySettings = securitySettings.Value;
-        }
-
-
-        public override void ResponseSignOut(CookieResponseSignOutContext context)
-        {
-
-        }
-
-
-
-    }
-}

src/Umbraco.Web/Security/BackOfficeSignInManager.cs

@@ -1,47 +0,0 @@
-using System;
-using System.Diagnostics;
-using System.Security.Claims;
-using System.Threading.Tasks;
-using Microsoft.AspNetCore.Identity;
-using Microsoft.Extensions.Options;
-using Microsoft.Owin;
-using Microsoft.Owin.Logging;
-using Microsoft.Owin.Security;
-using Umbraco.Core;
-using Umbraco.Core.BackOffice;
-using Umbraco.Core.Configuration.Models;
-using Umbraco.Core.Security;
-
-namespace Umbraco.Web.Security
-{
-    // TODO: This has been migrated to netcore
-    public class BackOfficeSignInManager : IDisposable
-    {
-        private readonly IBackOfficeUserManager _userManager;
-        private readonly IUserClaimsPrincipalFactory<BackOfficeIdentityUser> _claimsPrincipalFactory;
-        private readonly IAuthenticationManager _authenticationManager;
-        private readonly ILogger _logger;
-        private readonly GlobalSettings _globalSettings;
-        private readonly IOwinRequest _request;
-
-        public BackOfficeSignInManager(
-            IBackOfficeUserManager userManager,
-            IUserClaimsPrincipalFactory<BackOfficeIdentityUser> claimsPrincipalFactory,
-            IAuthenticationManager authenticationManager,
-            ILogger logger,
-            GlobalSettings globalSettings,
-            IOwinRequest request)
-        {
-            _userManager = userManager ?? throw new ArgumentNullException(nameof(userManager));
-            _claimsPrincipalFactory = claimsPrincipalFactory ?? throw new ArgumentNullException(nameof(claimsPrincipalFactory));
-            _authenticationManager = authenticationManager ?? throw new ArgumentNullException(nameof(authenticationManager));
-            _logger = logger ?? throw new ArgumentNullException(nameof(logger));
-            _globalSettings = globalSettings ?? throw new ArgumentNullException(nameof(globalSettings));
-            _request = request ?? throw new ArgumentNullException(nameof(request));
-        }
-
-        public void Dispose()
-        {
-        }
-    }
-}

src/Umbraco.Web/Umbraco.Web.csproj

@@ -159,7 +159,6 @@
     <Compile Include="AspNet\AspNetPasswordHasher.cs" />
     <Compile Include="RoutableDocumentFilter.cs" />
     <Compile Include="Runtime\AspNetUmbracoBootPermissionChecker.cs" />
-    <Compile Include="Security\BackOfficeSignInManager.cs" />
     <Compile Include="WebAssets\CDF\ClientDependencyComponent.cs" />
     <Compile Include="WebAssets\CDF\ClientDependencyComposer.cs" />
     <Compile Include="Security\MembershipProviderBase.cs" />
@@ -181,7 +180,6 @@
     <Compile Include="Composing\Current.cs" />
     <Compile Include="ImageProcessorLogger.cs" />
     <Compile Include="OwinExtensions.cs" />
-    <Compile Include="Security\BackOfficeCookieAuthenticationProvider.cs" />
     <Compile Include="WebAssets\CDF\ClientDependencyConfiguration.cs" />
     <Compile Include="UmbracoApplicationBase.cs" />
     <Compile Include="WebApi\HttpActionContextExtensions.cs" />
@@ -306,4 +304,4 @@
     </None>
   </ItemGroup>
   <Import Project="$(MSBuildBinPath)\Microsoft.CSharp.targets" />
-</Project>
+</Project>