yv01p/Umbraco-CMS
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
15,511 Commits 4 Branches 7 Tags
c4cedaddd2611330958b02e33f8e96bf99ee6dc2
Commit Graph

228 Commits

Author SHA1 Message Date
Shannon
e423864781 Merge remote-tracking branch 'origin/master-v7' into dev-v7 
Conflicts:
	build/UmbracoVersion.txt
	src/SolutionInfo.cs
	src/Umbraco.Core/Cache/FullDataSetRepositoryCachePolicy.cs
	src/Umbraco.Core/Cache/FullDataSetRepositoryCachePolicyFactory.cs
	src/Umbraco.Core/Configuration/UmbracoVersion.cs
	src/Umbraco.Core/Persistence/Repositories/ContentTypeBaseRepository.cs
	src/Umbraco.Core/Persistence/Repositories/ContentTypeRepository.cs
	src/Umbraco.Core/Persistence/Repositories/DomainRepository.cs
	src/Umbraco.Core/Persistence/Repositories/LanguageRepository.cs
	src/Umbraco.Core/Persistence/Repositories/MediaTypeRepository.cs
	src/Umbraco.Core/Persistence/Repositories/MemberTypeRepository.cs
	src/Umbraco.Core/Persistence/Repositories/PublicAccessRepository.cs
	src/Umbraco.Core/Persistence/Repositories/TemplateRepository.cs
	src/Umbraco.Core/Umbraco.Core.csproj
	src/Umbraco.Tests/Cache/FullDataSetCachePolicyTests.cs
	src/Umbraco.Web.UI.Client/src/common/directives/components/grid/grid.rte.directive.js
	src/Umbraco.Web.UI.Client/src/less/hacks.less
	src/Umbraco.Web.UI/Umbraco.Web.UI.csproj
	src/Umbraco.Web/WebBootManager.cs
 2016-02-03 12:30:11 +01:00
Shannon
6583ff4439 U4-7821 KeepUserLoggedIn with a long umbracoTimeOutInMinutes has logout issues 2016-02-02 12:12:51 +01:00
Shannon
dca6f2b42a fixes build 2016-01-06 10:47:58 +01:00
Shannon
b0060a9592 Merge remote-tracking branch 'origin/dev-v7' into 7.4.0 
Conflicts:
	build/InstallGit.cmd
	build/UmbracoVersion.txt
	src/SolutionInfo.cs
	src/Umbraco.Core/Configuration/UmbracoVersion.cs
	src/Umbraco.Web.UI/Umbraco.Web.UI.csproj
	src/Umbraco.Web.UI/Umbraco/config/lang/nb.xml
	src/Umbraco.Web/Editors/DataTypeValidateAttribute.cs
	src/Umbraco.Web/Security/Identity/UmbracoBackOfficeCookieAuthOptions.cs
	src/Umbraco.Web/WebServices/SaveFileController.cs
 2016-01-06 10:46:38 +01:00
Shannon
d08f4230c8 U4-7538 GetRemainingTimeoutSeconds is double setting the cookie in 7.4 2016-01-05 12:35:06 +01:00
Shannon
887bbdc3b0 dont' set applicationcontext to null on dispose for request based lifespan instances since applicationcontext is a singleton lifespan. 2015-12-17 11:32:50 +01:00
Shannon
3f796791cc uses the main property value instead of the param 2015-12-15 17:17:11 +01:00
Shannon
b74cab6f0b U4-7538 GetRemainingTimeoutSeconds is double setting the cookie in 7.4 2015-12-15 16:56:31 +01:00
Shannon
8598ab565c Fixes: U4-7536 Sign-out in back office will call all ASP.Net identity middleware sign out methods 
publicises a few things too.
 2015-12-15 10:34:11 +01:00
Shannon
87100feb3d Fixes: U4-7467 Umbraco 7.3.2 Clean install, OWIN error after database creation and bumps version 2015-11-27 21:23:24 +01:00
Shannon
c4860a490f Ensures that GetUserSecondsMiddleWare uses the SystemClock for UTC Now, ensures that it only extends the ticket when necessary and not everytime this middleware is called - the same logic that OWIN normally renews tickets with, this means the cookie is not written everytime this request is made. 2015-11-27 16:43:02 +01:00
Shannon
8e6bbc3df9 Ensures that written cookies are done so consistently based on the UmbracoBackOfficeCookieAuthOptions. Ensures that when a webforms page requests token renewal that the token is not always renewed for the request, it checks if the tokens expiry correctly and only renews when necessary so the cookie is not written each time. Fixes the ForceRenewalCookieAuthenticationHandler to only write a cookie if the request is for a request that is not normally auth'd (i.e. is a webforms form that exists outside the normal /umbraco path ... legacy). 2015-11-27 16:25:39 +01:00
Shannon
fd66f08520 Fixes setting auth cookie during install, removes some try/catch/swallow with some error messaging, converts some String -> string and == false updates. 2015-11-26 13:07:22 +01:00
Shannon
6d0aa824ad U4-7307 Windows Authentication prompts for Windows login after Umbraco login 2015-11-24 16:31:18 +01:00
Shannon
555b520a0c Cleans up the usages of auth cookies. OWIN is in charge of auth cookies but because we have Webforms, WebApi, MVC and OWIN, they all like to deal with cookies differently. OWIN should still be solely in charge of the auth cookies, so the auth extensions are cleaned up, the renewal now works by queuing the renewal and we have custom middleware detect if a force renewal has been queued and we renew the auth cookie there. Have obsoleted a few methods that should not be used that write auth tickets directly (this is purely for backwards compat with webforms). All of these changes now ensure that the auth cookie is renewed consistently between Webforms, WebApi, MVC and OWIN. Some changes also include ensuring that OWIN is used to sign out. 2015-11-19 18:12:21 +01:00
Shannon
71ec09486d Reverts the 'fix' from U4-7118 since it is incorrect. Updates the sliding expiration of the cookie/ticket when the user is supposed to be always logged in to 30 minutes in case the timeout is actually set very low in config. 2015-11-19 14:17:06 +01:00
Stephan
f5f9cb676c Fix CultureInfo leak in UmbracoApplicationBase too. 2015-11-17 16:54:24 +01:00
Shannon
bbbea99ced removes redundant null check. 2015-11-09 10:56:07 +01:00
Shannon
3d213342bf Fixes: U4-7353 OAuth providers for the back office require more flexibility with Challenge Results 2015-11-09 10:42:15 +01:00
Stephan
cfab30a1ef Fix thread CultureInfo issue breaking PetaPoco 2015-10-31 12:47:03 +01:00
m_stodd
7abbfbcfcc Setting UMB_CONTEXT with Domain "FALSE" 
Running Umbraco on localhost, Chrome does not handle received 'Set Cookie's with no domain.  "FALSE" works as noted here:  http://stackoverflow.com/questions/1134290/cookies-on-localhost-with-explicit-domain
 2015-09-18 02:13:12 -05:00
Shannon
779dd26527 Fixes: U4-6969 Property label localization in 7.3 always uses en-US locale 2015-09-16 15:22:40 +02:00
Shannon
b0fb892b16 Fixes: U4-6736 Log "logout" from Umbraco and also ensures logging is occuring on timeout, logout, login all with Identity stuff. 2015-07-23 12:03:50 +02:00
Stephan
db0cfad6b9 Merge 7.2.7 into dev-v7 
Conflicts:
	src/Umbraco.Core/Configuration/UmbracoVersion.cs
	src/Umbraco.Tests/packages.config
	src/Umbraco.Web.UI/Umbraco.Web.UI.csproj
	src/Umbraco.Web.UI/packages.config
	src/Umbraco.Web/Umbraco.Web.csproj
	src/Umbraco.Web/packages.config
	src/umbraco.MacroEngines/packages.config
	src/umbraco.cms/packages.config
	src/umbraco.cms/umbraco.cms.csproj
	src/umbraco.controls/umbraco.controls.csproj
	src/umbraco.editorControls/umbraco.editorControls.csproj
 2015-07-14 19:57:56 +02:00
Sebastiaan Janssen
7bc208e490 U4-6825 Can't blank out values using the built-in EditProfile snippet 
#U4-6825 Fixed
 2015-07-14 15:32:08 +02:00
Shannon
eddd643249 ensures that when setting the PropertyType's property on a PropertyGroup that the PropertyGroupId is set and updates an auth method to ensure that the correct identity type is returned. 2015-07-13 15:52:21 +02:00
Shannon
53a0c55b14 Implements SignInManager, implements lock out policy for user manager, allows for better implementation of 2 factor auth for developers. Updates to latest owin libs. 2015-07-01 17:07:29 +02:00
Shannon
56315768e9 updates method name 2015-06-26 17:04:40 +02:00
Shannon
b42959f663 Gets U4-6753 Identity support must have an option to enable auto-linked accounts working 2015-06-26 16:59:40 +02:00
Shannon
7c96f95491 Fixes: U4-6723 User timeout in the back office is an issue with new ASP.Net identity implementation 2015-06-18 19:16:49 +02:00
Shannon
2f80d5466d Merge branch '7.3.0' of https://github.com/umbraco/Umbraco-CMS into 7.3.0 2015-06-09 12:17:53 +02:00
Shannon
e90766ad06 Ensures that during install that we don't enable the identity user manager or cookie auth since no db tables exist, fixes the IsUpgrading check to check for actual valid tables 2015-06-09 12:17:45 +02:00
Stephan
379c629e9c U4-6683 - TEMP workaround enabling upgrade to 7.3 2015-06-08 22:50:48 +02:00
Shannon
95ff94c532 Merge branch 'dev-v7' into 7.3.0 
Conflicts:
	src/Umbraco.Core/packages.config
	src/Umbraco.Web.UI/packages.config
	src/Umbraco.Web.UI/umbraco/config/lang/en_us.xml
	src/Umbraco.Web/Editors/AuthenticationController.cs
	src/Umbraco.Web/packages.config
 2015-05-11 12:26:53 +10:00
Shannon
d94b334375 Moves login logging to the provider level 2015-05-11 12:22:56 +10:00
Shannon
cd2f512284 moves auth server classes to the identity extensions sln 2015-05-04 11:02:23 +10:00
Shannon
c3ca651e4a Renames a few things to shorten names 2015-04-10 16:55:04 +10:00
Shannon
f2e319a01f Updates the UmbracoBackOfficeIdentity to have better support for claims and adds unit tests for it. Creates OwinLogger's and methods to apply them. Updates security methods to ensure that a UmbracoBackOfficeIdentity is returned even from a normal ClaimsIdentity which will be the case with bearer tokens. Updates the angular anti-forgery checker to be ignore if the auth type is not cookie based. Adds a simple token server provider that people can use if they want. Now token authentication is working. 2015-04-10 14:22:09 +10:00
Shannon
a321d4d1b8 Allows the ability to use external logins to login to authorize upgrades, this means being able to add reserved paths at startup dynamically which is now built in as part of the AuthenticationOptionsExtensions for registering external logins for the back office. 2015-04-02 14:46:53 +11:00
Shannon
a43847bc8b Adds IsUpgrading method to ApplicationContext and fixes AppBuilderExtensions checks since we need a user manager when upgrading 2015-04-01 16:12:32 +11:00
Shannon
6efd14eff3 Updates the startup auth code extension methods to better support extensibility so people could override the default user store or manager in order to implement some interfaces that we currently don't. 2015-04-01 13:42:31 +11:00
Shannon
e468492064 Updates back office ext methods to include the CallbackPath which is key to make multi-tenanted work and ensures that the back office providers are linked with the umbraco back office external cookie provider. Adds some docs about it too. Updates the web.config templates to ensure the correct assembly redirects. 2015-04-01 13:42:29 +11:00
Shannon
880c9cf679 Updates back office extensions to use AuthenticationDescriptionOptionsExtension to configure the options for umb back office 2015-04-01 13:42:19 +11:00
Shannon
bf59510c68 Removes setting the default sign in auth type - this is a user setting, we cannot modify that. 2015-04-01 13:42:16 +11:00
Shannon
86833aa8bf Updates the back office external cookie name to be consistently cased with the other back office cookie names 2015-04-01 13:42:11 +11:00
Shannon
4dcc4807ed Implements IUserSecurityStore and ensures there is a security stamp token in place, have updated the repository layer to manual update this if ASPNet Identity APIs are not used to update users. 2015-04-01 13:42:09 +11:00
Shannon
90b562a0a1 Update the PostLogin method to write the auth ticket the way that webapi is supposed to, not sure how this was actually working before because writing cookies directly with HttpContext and then also using WebApi normally doesn't work (maybe in very specific circumstances), so now the cookie writing is done consistently and it is working, prior to this i was getting lots of issues with the xsrf tokens. Updated some user model mappings for convenience and update naming conventions for some properties of the BackOfficeIdentityUser for consistency. 2015-04-01 13:42:07 +11:00
Shannon
5a88ff774c adds overload to specify custom backoffice user store for custom implementations (i.e. 2 factor auth, etc...) 2015-04-01 13:41:57 +11:00
Shannon
b269760b21 removes the BackOfficeRoleManager since we don't use roles in the back office (sections i suppose) and we can't dynamically just create them, that doesn't make sense. 2015-04-01 13:41:55 +11:00
Shannon
2d72a66879 Updates OwinStartup and split the methods into an extension methods file complete with documentation on how to implement the providers. Tested the microsoft provider. Now to clean things up: remove the 3rd party package installs to be ready for shipping, ensure that the user parts are extensible enough for people to plugin their own interfaces. 2015-04-01 13:41:50 +11:00