Shannon
|
8d2e708d1c
|
Adds exception handling for the BackOfficeUserStore - this will occur if the external OAuth provider doesn't return the Email or Name correctly, then an exception is swallowed at the service level and the user is not actually created, but the BackOfficeUserStore could not detect this, so it's detecting this now.
|
2016-01-05 11:36:52 +01:00 |
|
Shannon
|
8598ab565c
|
Fixes: U4-7536 Sign-out in back office will call all ASP.Net identity middleware sign out methods
publicises a few things too.
|
2015-12-15 10:34:11 +01:00 |
|
Shannon
|
555b520a0c
|
Cleans up the usages of auth cookies. OWIN is in charge of auth cookies but because we have Webforms, WebApi, MVC and OWIN, they all like to deal with cookies differently. OWIN should still be solely in charge of the auth cookies, so the auth extensions are cleaned up, the renewal now works by queuing the renewal and we have custom middleware detect if a force renewal has been queued and we renew the auth cookie there. Have obsoleted a few methods that should not be used that write auth tickets directly (this is purely for backwards compat with webforms). All of these changes now ensure that the auth cookie is renewed consistently between Webforms, WebApi, MVC and OWIN. Some changes also include ensuring that OWIN is used to sign out.
|
2015-11-19 18:12:21 +01:00 |
|
Shannon
|
f472f5d950
|
Ensures that OWIN signout method is called - this ensures that any auth middleware configured for the current user is called for sign out. Updates our cookie middleware provider to also ensure that our custom cookies are cleared when signing out with OWIN.
|
2015-11-19 11:57:24 +01:00 |
|
Shannon
|
9b054eaa47
|
Adds native ability to be able to fallback to default password checking if specifying a custom IBackOfficeUserPasswordChecker
|
2015-10-26 14:51:19 +01:00 |
|
Shannon
|
96c087d00f
|
adds a ctor to the BackOfficeUserManager to allow better inheritance so that all settings are initialized by default, changes init method to be protected so other devs can use it. Adds a new property for devs to use to more easily extend the logic to just validate the username/password.
|
2015-10-22 18:40:20 +02:00 |
|
Shannon
|
779dd26527
|
Fixes: U4-6969 Property label localization in 7.3 always uses en-US locale
|
2015-09-16 15:22:40 +02:00 |
|
Shannon
|
b0fb892b16
|
Fixes: U4-6736 Log "logout" from Umbraco and also ensures logging is occuring on timeout, logout, login all with Identity stuff.
|
2015-07-23 12:03:50 +02:00 |
|
Shannon
|
d0c4b2ab72
|
Fixes user lockout with aspnet identity
|
2015-07-01 18:02:58 +02:00 |
|
Shannon
|
53a0c55b14
|
Implements SignInManager, implements lock out policy for user manager, allows for better implementation of 2 factor auth for developers. Updates to latest owin libs.
|
2015-07-01 17:07:29 +02:00 |
|
Shannon
|
b42959f663
|
Gets U4-6753 Identity support must have an option to enable auto-linked accounts working
|
2015-06-26 16:59:40 +02:00 |
|
Shannon
|
95ff94c532
|
Merge branch 'dev-v7' into 7.3.0
Conflicts:
src/Umbraco.Core/packages.config
src/Umbraco.Web.UI/packages.config
src/Umbraco.Web.UI/umbraco/config/lang/en_us.xml
src/Umbraco.Web/Editors/AuthenticationController.cs
src/Umbraco.Web/packages.config
|
2015-05-11 12:26:53 +10:00 |
|
Shannon
|
d94b334375
|
Moves login logging to the provider level
|
2015-05-11 12:22:56 +10:00 |
|
Shannon
|
5a3b97c669
|
puts the claim validation back in (needs to be there, took it out for testing)
|
2015-04-15 20:38:04 +10:00 |
|
Shannon
|
442160bb7a
|
fixes identity conversion when it's just a generic identity and not auth'd, we can never convert to back office identity if it's not auth'd
|
2015-04-15 17:03:12 +10:00 |
|
Shannon
|
f2e319a01f
|
Updates the UmbracoBackOfficeIdentity to have better support for claims and adds unit tests for it. Creates OwinLogger's and methods to apply them. Updates security methods to ensure that a UmbracoBackOfficeIdentity is returned even from a normal ClaimsIdentity which will be the case with bearer tokens. Updates the angular anti-forgery checker to be ignore if the auth type is not cookie based. Adds a simple token server provider that people can use if they want. Now token authentication is working.
|
2015-04-10 14:22:09 +10:00 |
|
Shannon
|
6efd14eff3
|
Updates the startup auth code extension methods to better support extensibility so people could override the default user store or manager in order to implement some interfaces that we currently don't.
|
2015-04-01 13:42:31 +11:00 |
|
Shannon
|
86833aa8bf
|
Updates the back office external cookie name to be consistently cased with the other back office cookie names
|
2015-04-01 13:42:11 +11:00 |
|
Shannon
|
4dcc4807ed
|
Implements IUserSecurityStore and ensures there is a security stamp token in place, have updated the repository layer to manual update this if ASPNet Identity APIs are not used to update users.
|
2015-04-01 13:42:09 +11:00 |
|
Shannon
|
90b562a0a1
|
Update the PostLogin method to write the auth ticket the way that webapi is supposed to, not sure how this was actually working before because writing cookies directly with HttpContext and then also using WebApi normally doesn't work (maybe in very specific circumstances), so now the cookie writing is done consistently and it is working, prior to this i was getting lots of issues with the xsrf tokens. Updated some user model mappings for convenience and update naming conventions for some properties of the BackOfficeIdentityUser for consistency.
|
2015-04-01 13:42:07 +11:00 |
|
Shannon
|
5a88ff774c
|
adds overload to specify custom backoffice user store for custom implementations (i.e. 2 factor auth, etc...)
|
2015-04-01 13:41:57 +11:00 |
|
Shannon
|
b269760b21
|
removes the BackOfficeRoleManager since we don't use roles in the back office (sections i suppose) and we can't dynamically just create them, that doesn't make sense.
|
2015-04-01 13:41:55 +11:00 |
|
Shannon
|
3efd038906
|
implements IUserRoleStore for sections for users
|
2015-04-01 13:41:52 +11:00 |
|
Shannon
|
4b156ba27e
|
Starts stubbing out role manager code
|
2015-04-01 13:41:43 +11:00 |
|
Shannon
|
52c4d80cfc
|
more identity awesome
|
2015-04-01 13:41:33 +11:00 |
|
Shannon
|
d9f453d860
|
Gets the user store up to date with the correct queries.
|
2015-04-01 13:41:28 +11:00 |
|
Shannon
|
8c51e8bad8
|
Implements IExternalLoginService and the db table, implements more logic to start enabling this to work in the back office, need to implement the rest of the userstore and then implement a way once logged in to the back office to allow users to link their accounts with external logins. Currently if an external login is detected during startup and it has not been linked we'll throw an exception. Very very close to making this all work nicely.
|
2015-04-01 13:41:26 +11:00 |
|
Shannon
|
d4b21243ca
|
Allows external logins to be listed on login page, updates BackOfficeController with actions for invoking them.
|
2015-04-01 13:41:24 +11:00 |
|
Shannon
|
927add6f44
|
Updates UmbracoBackOfficeIdentity to add claims and adds a new ctor so people can create an identity manually - this is really the key, by doing this we'd already be able to have 3rd party authentication happening. Ensures our custom secure data format persists the user data
|
2015-04-01 13:41:21 +11:00 |
|
Shannon
|
48317d7e61
|
massively simplifies the cookie handling, we don't use our own and just use the defaults, the trick to not validating everything is to use the cookie path. This does mean that each clientside request will also be validated but there's no way to override this behavior in identity currently, the cookie handler is internal so unless we copy/paste all of it's code can't do much about that.
|
2015-04-01 13:41:18 +11:00 |
|
Shannon
|
93df2edec2
|
Initial install which now uses Identity middleware to perform the back office auth (no longer done in our module). Created custom data secure classes that use the legacy Forms auth logic for backwards compat. This means that the cookie can still be written the old way and still auth the new way if required. Now need to clean a lot of this up.
|
2015-04-01 13:41:16 +11:00 |
|
Shannon
|
da778e277f
|
Fixes: U4-6093 ContentService.SaveAndPublishDo changes Culture
|
2015-01-12 21:45:52 +11:00 |
|
Shannon
|
ad66613011
|
Updates ValidateCurrentUser so that it doesn't re-decrypt the cookie since that is already done, it just needs to check if the current user is authenticated and if it is a back office identity. Added lots of notes for extension points when we start looking at extending how the back office auth works.
|
2014-12-05 10:29:18 +11:00 |
|
Sebastiaan Janssen
|
db22dfcf7d
|
#U4-5337 fixed Due in version: 7.1.5,6.2.2
Too easy to lock yourself out of the backoffice
|
2014-08-12 11:05:25 +02:00 |
|
Shannon
|
f3c7533796
|
Potentially fixes U4-5069 Deadlock occurring in MemberService.GetByUsername
|
2014-07-01 10:43:44 +10:00 |
|
Shannon
|
ac88da4188
|
Fixes: U4-4856 ApplicationContext.Current.Services.ContentService.Save throw exception
|
2014-05-12 14:32:34 +10:00 |
|
Shannon
|
d264792e18
|
Fixes: U4-4819 Publicize AuthenticationExtensions
|
2014-05-06 18:15:38 +10:00 |
|
Shannon
|
e0c3eda675
|
Merge remote-tracking branch 'origin/6.2.0' into 7.1.2
Conflicts:
src/Umbraco.Core/Configuration/UmbracoSettings.cs
src/Umbraco.Core/Models/PropertyExtensions.cs
src/Umbraco.Core/Persistence/Repositories/Interfaces/IMemberRepository.cs
src/Umbraco.Core/Persistence/Repositories/MediaRepository.cs
src/Umbraco.Core/Persistence/Repositories/MemberRepository.cs
src/Umbraco.Core/Security/MembershipProviderBase.cs
src/Umbraco.Core/Services/ContentService.cs
src/Umbraco.Core/Services/MediaService.cs
src/Umbraco.Core/Services/PackagingService.cs
src/Umbraco.Tests/Models/DataValueSetterTests.cs
src/Umbraco.Web.UI/web.Template.config
src/umbraco.cms/businesslogic/media/Media.cs
src/umbraco.cms/businesslogic/member/Member.cs
|
2014-04-29 13:06:10 +10:00 |
|
Shannon
|
2f53698bc5
|
Fixes: U4-4766 UmbracoMembershipProvider.ChangePassword() is seal, what might be a breaking change?
|
2014-04-28 19:19:48 +10:00 |
|
Shannon
|
c32cae16db
|
Fixes: U4-4696 Macro personalized cache with custom membership provider not working - for any membership provider regardless of provider user key type
|
2014-04-24 12:14:06 +10:00 |
|
Shannon
|
e10e04aabf
|
Fixes: U4-4696 Macro personalized cache with custom membership provider not working - for any membership provider regardless of provider user key type
|
2014-04-24 12:12:06 +10:00 |
|
Shannon
|
4d13925e3b
|
Fixes merge issues
|
2014-03-18 19:05:07 +11:00 |
|
Shannon
|
02481dcfba
|
Merge remote-tracking branch 'origin/6.2.0' into 7.1.0
Conflicts:
src/Umbraco.Core/Configuration/UmbracoSettings.cs
|
2014-03-18 18:53:04 +11:00 |
|
Shannon
|
caad775399
|
Removes the User membership provider name constant - it is not a constant, this value is configurable!
|
2014-03-18 18:52:17 +11:00 |
|
Shannon
|
fd14065f14
|
Merge remote-tracking branch 'origin/6.2.0' into 7.1.0
Conflicts:
src/Umbraco.Core/Models/Member.cs
src/Umbraco.Core/Models/Membership/MembershipUserExtensions.cs
src/Umbraco.Core/Persistence/Factories/MemberFactory.cs
src/Umbraco.Core/Persistence/Factories/MemberReadOnlyFactory.cs
src/Umbraco.Core/Persistence/Mappers/MemberMapper.cs
src/Umbraco.Core/Persistence/Repositories/MemberRepository.cs
src/Umbraco.Core/Services/IMembershipUserService.cs
src/Umbraco.Core/Services/UserService.cs
src/Umbraco.Tests/Persistence/Repositories/MemberRepositoryTest.cs
src/Umbraco.Tests/Persistence/Repositories/UserRepositoryTest.cs
src/Umbraco.Tests/Services/ContentServiceTests.cs
src/Umbraco.Tests/TestHelpers/Entities/MockedMember.cs
src/Umbraco.Tests/TestHelpers/Entities/MockedUser.cs
src/Umbraco.Web.UI/install/steps/DefaultUser.ascx.cs
src/Umbraco.Web/Controllers/UmbProfileController.cs
src/Umbraco.Web/Routing/PublishedContentRequestEngine.cs
src/Umbraco.Web/Security/WebSecurity.cs
src/Umbraco.Web/umbraco.presentation/LegacyClasses.cs
src/Umbraco.Web/umbraco.presentation/install/steps/LegacyClasses.cs
src/Umbraco.Web/umbraco.presentation/umbraco/channels/UmbracoMetaWeblogAPI.cs
src/Umbraco.Web/umbraco.presentation/umbraco/create/member.ascx.cs
src/Umbraco.Web/umbraco.presentation/umbraco/create/memberTasks.cs
src/Umbraco.Web/umbraco.presentation/umbraco/create/userTasks.cs
src/Umbraco.Web/umbraco.presentation/umbraco/dashboard/ChangePassword.ascx.cs
src/Umbraco.Web/umbraco.presentation/umbraco/login.aspx.cs
src/Umbraco.Web/umbraco.presentation/umbraco/members/EditMember.aspx.cs
src/Umbraco.Web/umbraco.presentation/umbraco/webservices/MediaUploader.ashx.cs
|
2014-03-18 18:47:49 +11:00 |
|
Shannon
|
8dd950bd52
|
Ensures all access to the users membership provider is done with our extension method
|
2014-03-18 17:22:25 +11:00 |
|
Shannon
|
e2881e07d1
|
Ensures that all calls to the members membership provider are done so explicitly with the membership provider alias - this decouples the need to have the umbraco membership provider declared as the default, we were doing both before.
|
2014-03-18 17:08:21 +11:00 |
|
Shannon
|
3c3f2d7c8d
|
Merge remote-tracking branch 'origin/6.2.0' into 7.1.0
Conflicts:
src/Umbraco.Core/Constants-Conventions.cs
src/Umbraco.Core/DateTimeExtensions.cs
src/Umbraco.Core/Models/PropertyType.cs
src/Umbraco.Core/Persistence/Factories/MemberTypeReadOnlyFactory.cs
src/Umbraco.Core/Persistence/Factories/PropertyGroupFactory.cs
src/Umbraco.Core/Persistence/Repositories/ContentTypeBaseRepository.cs
src/Umbraco.Core/Persistence/Repositories/Interfaces/IUserRepository.cs
src/Umbraco.Core/Persistence/Repositories/MemberTypeRepository.cs
src/Umbraco.Core/Persistence/Repositories/PermissionRepository.cs
src/Umbraco.Tests/App.config
src/Umbraco.Tests/Persistence/Repositories/MemberTypeRepositoryTest.cs
src/Umbraco.Tests/UmbracoExamine/ExamineBaseTest.cs
src/Umbraco.Tests/packages.config
src/Umbraco.Web.UI/packages.config
src/Umbraco.Web/Umbraco.Web.csproj
src/Umbraco.Web/app.config
src/Umbraco.Web/umbraco.presentation/umbraco/developer/Xslt/xsltInsertValueOf.aspx.cs
src/Umbraco.Web/umbraco.presentation/umbraco/dialogs/umbracoField.aspx.cs
src/Umbraco.Web/umbraco.presentation/umbraco/members/EditMember.aspx.cs
src/umbraco.MacroEngines/App.Config
src/umbraco.providers/members/UmbracoMembershipProvider.cs
|
2014-02-21 16:32:53 +11:00 |
|
Shannon
|
c677f36f08
|
Changes some of the naming conventions for the underlying membership provider services bits.
|
2014-02-21 16:03:32 +11:00 |
|
Shannon
|
8da2c22a4e
|
removes special default password check, this is no longer necessary.
|
2014-02-20 14:38:56 +11:00 |
|