Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Browse files
Browse the repository at this point in the history
Add configuration list to determine which users have a discontinued p…
…assword login (#5414)
- Loading branch information
Scott Bommarito
committed
Feb 9, 2018
1 parent
6bac355
commit 084311c
Showing
24 changed files
with
414 additions
and
113 deletions.
There are no files selected for viewing
11 changes: 11 additions & 0 deletions
11
src/NuGetGallery/App_Data/Files/Content/Login-Discontinuation-Configuration.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,11 @@ | ||
{ | ||
"DiscontinuedForEmailAddresses": [ | ||
"cannotUsePassword@canUsePassword.com" | ||
], | ||
"DiscontinuedForDomains": [ | ||
"cannotUsePassword.com" | ||
], | ||
"ExceptionsForEmailAddresses": [ | ||
"exception@cannotUsePassword.com" | ||
] | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,46 @@ | ||
// Copyright (c) .NET Foundation. All rights reserved. | ||
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information. | ||
|
||
using System; | ||
using System.Linq; | ||
using System.Threading.Tasks; | ||
using Newtonsoft.Json; | ||
|
||
namespace NuGetGallery | ||
{ | ||
public class ContentObjectService : IContentObjectService | ||
{ | ||
private const int RefreshIntervalHours = 1; | ||
|
||
private readonly IContentService _contentService; | ||
|
||
public ContentObjectService(IContentService contentService) | ||
{ | ||
_contentService = contentService; | ||
|
||
LoginDiscontinuationConfiguration = | ||
new LoginDiscontinuationConfiguration( | ||
Enumerable.Empty<string>(), Enumerable.Empty<string>(), Enumerable.Empty<string>()); | ||
} | ||
|
||
public ILoginDiscontinuationConfiguration LoginDiscontinuationConfiguration { get; set; } | ||
|
||
public async Task Refresh() | ||
{ | ||
LoginDiscontinuationConfiguration = | ||
await Refresh<LoginDiscontinuationConfiguration>(Constants.ContentNames.LoginDiscontinuationConfiguration); | ||
} | ||
|
||
private async Task<T> Refresh<T>(string contentName) | ||
where T : class | ||
{ | ||
var configString = (await _contentService.GetContentItemAsync(contentName, TimeSpan.FromHours(RefreshIntervalHours))).ToString(); | ||
if (string.IsNullOrEmpty(configString)) | ||
{ | ||
return null; | ||
} | ||
|
||
return JsonConvert.DeserializeObject<T>(configString); | ||
} | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,14 @@ | ||
// Copyright (c) .NET Foundation. All rights reserved. | ||
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information. | ||
|
||
using System.Threading.Tasks; | ||
|
||
namespace NuGetGallery | ||
{ | ||
public interface IContentObjectService | ||
{ | ||
ILoginDiscontinuationConfiguration LoginDiscontinuationConfiguration { get; } | ||
|
||
Task Refresh(); | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
52 changes: 52 additions & 0 deletions
52
src/NuGetGallery/Services/LoginDiscontinuationConfiguration.cs
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,52 @@ | ||
// Copyright (c) .NET Foundation. All rights reserved. | ||
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information. | ||
|
||
using System; | ||
using System.Collections.Generic; | ||
using System.Linq; | ||
using Newtonsoft.Json; | ||
using NuGetGallery.Authentication; | ||
|
||
namespace NuGetGallery | ||
{ | ||
public class LoginDiscontinuationConfiguration : ILoginDiscontinuationConfiguration | ||
{ | ||
public HashSet<string> DiscontinuedForEmailAddresses { get; } | ||
public HashSet<string> DiscontinuedForDomains { get; } | ||
public HashSet<string> ExceptionsForEmailAddresses { get; } | ||
|
||
[JsonConstructor] | ||
public LoginDiscontinuationConfiguration( | ||
IEnumerable<string> discontinuedForEmailAddresses, | ||
IEnumerable<string> discontinuedForDomains, | ||
IEnumerable<string> exceptionsForEmailAddresses) | ||
{ | ||
DiscontinuedForEmailAddresses = new HashSet<string>(discontinuedForEmailAddresses); | ||
DiscontinuedForDomains = new HashSet<string>(discontinuedForDomains); | ||
ExceptionsForEmailAddresses = new HashSet<string>(exceptionsForEmailAddresses); | ||
} | ||
|
||
public bool IsLoginDiscontinued(AuthenticatedUser authUser) | ||
{ | ||
var email = authUser.User.ToMailAddress(); | ||
return | ||
authUser.CredentialUsed.IsPassword() && | ||
AreOrganizationsSupportedForUser(authUser.User) && | ||
!ExceptionsForEmailAddresses.Contains(email.Address); | ||
} | ||
|
||
public bool AreOrganizationsSupportedForUser(User user) | ||
{ | ||
var email = user.ToMailAddress(); | ||
return | ||
DiscontinuedForDomains.Contains(email.Host, StringComparer.OrdinalIgnoreCase) || | ||
DiscontinuedForEmailAddresses.Contains(email.Address); | ||
} | ||
} | ||
|
||
public interface ILoginDiscontinuationConfiguration | ||
{ | ||
bool IsLoginDiscontinued(AuthenticatedUser authUser); | ||
bool AreOrganizationsSupportedForUser(User user); | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.