* Update projects to .NET 7
* Fix nullability errors
* Fix up pipelines to run 7.0
* Update langversion to preview
* Revert "Fix up pipelines to run 7.0"
This reverts commit d0fa8d01b8126a4eaa59832a3814a567705419ae.
* Fix up pipelines again, this time without indentation changes
* Include preview versions
* Versions not Version
* Fix ModelTypeTests
* Fix MemberPasswordHasherTests
Microsoft wants to use SHA512 instead of SHA256, so our old hashes will return SuccessRehashNeeded now
* Use dotnet cli instead of nuget restore
* Update src/Umbraco.Web.UI/Umbraco.Web.UI.csproj
* Update dependencies
* Fix nullability issues
* Fix unit test
* Fix nullability in ChangingPasswordModel
OldPassword can be null, if we're changing the password with password reset enabled. Additionally, we might as well use the new required keyword instead of supressing null.
* Use required keyword instead of supressing null
* Fix up pipelines again
* fix up spelling-error
* Use dotnet cli instead of nuget restore
* Fix up another NuGet command
* Use dotnet version 7 before building
* Include preview versions
* Remove condition
* Use dotnet 7 before running powershell script
* Update templates to .net 7
* Download version 7 before running linux container
* Move use dotnet 7 even earlier in E2E process
* Remove dotnet 7
* Reintroduce .NET 7 task
* Update linux docker container and remove dotnet 7 from yml
* Fix up dockerfile with ARG
* Fix up docker file with nightly builds of dotnet 7
* Reintroduce dotnet 7 so windows can use it
* Use aspnet 7 in docker
Co-authored-by: Nikolaj <nikolajlauridsen@protonmail.ch>
Co-authored-by: Zeegaan <nge@umbraco.dk>
* Separate legacy scope provider interface and explicitly implement.
* Don't rely on legacy scope provider for existing tests.
* Assert correct type returned when using legacy scope provider.
* Further enhancements for legacy password support.
For users - try new style passwords first and fallback on failure seeing
as a valid modern password is the norm, rehash is only one time.
For both users and members also deals with the fact that for
useLegacyEncoding we could store any old thing in passwordConfig
e.g. it's possible to get Umbraco8 to store "HMACSHA384" alongside
the hash even though it's really HMACSHA1 with password used as key
(try it out by tweaking machine key settings and setting
useLegacyEncoding=true).
Has behavioral breaking changes in LegacyPasswordSecurity as the
code now expects consumers to to respect IsSupportedHashAlgorithm
rather than ignoring it.
* Less rushed removals
* Bugfix - Take ufprt from form data if the request has form content type, otherwise fallback to use the query
* External linking for members
* Changed migration to reuse old table
* removed unnecessary web.config files
* Cleanup
* Extracted class to own file
* Clean up
* Rollback changes to Umbraco.Web.UI.csproj
* Fixed migration for SqlCE
* Added 2fa for members
* Change notification handler to be on deleted
* Update src/Umbraco.Infrastructure/Security/MemberUserStore.cs
Co-authored-by: Mole <nikolajlauridsen@protonmail.ch>
* updated snippets
* Fixed issue with errors not shown on member linking
* fixed issue with errors
* clean up
* Fix issue where external logins could not be used to upgrade Umbraco, because the externalLogin table was expected to look different. (Like after the migration)
* Fixed issue in Ignore legacy column now using result column.
* Updated 2fa for members + publish notification when 2fa is requested.
* Changed so only Members out of box supports 2fa
* Cleanup
* rollback of csproj file, that should not have been changed
* Removed confirmed flag from db. It was not used.
Handle case where a user is signed up for 2fa, but the provider do not exist anymore. Then it is just ignored until it shows up again
Reintroduced ProviderName on interface, to ensure the class can be renamed safely
* Bugfix
* Registering DeleteTwoFactorLoginsOnMemberDeletedHandler
* Rollback nuget packages added by mistake
* Update src/Umbraco.Infrastructure/Services/Implement/TwoFactorLoginService.cs
Co-authored-by: Mole <nikolajlauridsen@protonmail.ch>
* Update src/Umbraco.Infrastructure/Persistence/Repositories/Implement/TwoFactorLoginRepository.cs
Co-authored-by: Mole <nikolajlauridsen@protonmail.ch>
* Added providername to snippet
Co-authored-by: Mole <nikolajlauridsen@protonmail.ch>
* Bugfix - Take ufprt from form data if the request has form content type, otherwise fallback to use the query
* External linking for members
* Changed migration to reuse old table
* removed unnecessary web.config files
* Cleanup
* Extracted class to own file
* Clean up
* Rollback changes to Umbraco.Web.UI.csproj
* Fixed migration for SqlCE
* Change notification handler to be on deleted
* Update src/Umbraco.Infrastructure/Security/MemberUserStore.cs
Co-authored-by: Mole <nikolajlauridsen@protonmail.ch>
* Fixed issue with errors not shown on member linking
* fixed issue with errors
* clean up
* Fix issue where external logins could not be used to upgrade Umbraco, because the externalLogin table was expected to look different. (Like after the migration)
* Fixed issue in Ignore legacy column now using result column.
Co-authored-by: Mole <nikolajlauridsen@protonmail.ch>
* https://github.com/umbraco/Umbraco-CMS/issues/11366
Fallback to try login using super legacy HMACSHA1 even when the algorithm is stated as being HMACSHA256. The issue is that v8 saves HMACSHA256 on the user, but when configured to use legacy encoding it actually uses HMACSHA1
* Support migration of members with:
UseLegacyEncoding+Clear
UseLegacyEncoding+Encrypted (Requires machine key)
UseLegacyEncoding+Hashed
* Fixes unit tests
* Avoid exceptions + unit tests
* Save unknown algorithm if we dont know it, instead of persisting a wrong algorithm.
* Added setting to enable clear text password rehashes.
* Removed support for migration of clear text passwords
* Fixed unit test
