Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

FIX: Invalid tokens for password reset #220

Merged
merged 1 commit into from Jan 31, 2022
Merged

FIX: Invalid tokens for password reset #220

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
97 changes: 49 additions & 48 deletions backend/Origam.Security.Common/IManager.cs
View file
Open in desktop
@@ -1,49 +1,50 @@
#region license
/*
Copyright 2005 - 2020 Advantage Solutions, s. r. o.

This file is part of ORIGAM (http://www.origam.org).

ORIGAM is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.

ORIGAM is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.

You should have received a copy of the GNU General Public License
along with ORIGAM. If not, see <http://www.gnu.org/licenses/>.
*/
#endregion
using System.Threading.Tasks;
using System.Xml;
using Origam.Security.Common;

namespace Origam.Security.Identity
{
public interface IManager
{
Task<IOrigamUser> FindByNameAsync(string name);
Task<bool> ChangePasswordQuestionAndAnswerAsync(string userName, string password, string question, string answer);
Task<bool> IsLockedOutAsync(string userId);
Task<bool> GetTwoFactorEnabledAsync(string userId);
Task<bool> SetTwoFactorEnabledAsync(string userId, bool enabled);
Task<bool> IsEmailConfirmedAsync(string userId);
Task<bool> UnlockUserAsync(string userName);
Task<InternalIdentityResult> ConfirmEmailAsync(string userId);
Task<InternalIdentityResult> ConfirmEmailAsync(string userId, string token);
Task<InternalIdentityResult> ChangePasswordAsync(string userId, string currentPassword, string newPassword);
Task<InternalIdentityResult> ResetPasswordFromUsernameAsync(string userName, string token, string newPassword);
Task<InternalIdentityResult> DeleteAsync(IOrigamUser user);
Task<InternalIdentityResult> UpdateAsync(IOrigamUser user);
void SendNewUserToken(string userName);
Task<InternalIdentityResult> CreateAsync(IOrigamUser user, string password);
Task<string> GenerateEmailConfirmationTokenAsync(string userId);
Task<TokenResult> GetPasswordResetTokenFromEmailAsync(string email);
Task<string> GeneratePasswordResetTokenAsync1(string userId);
Task<XmlDocument> GetPasswordAttributesAsync();
}
#region license
/*
Copyright 2005 - 2020 Advantage Solutions, s. r. o.

This file is part of ORIGAM (http://www.origam.org).

ORIGAM is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.

ORIGAM is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.

You should have received a copy of the GNU General Public License
along with ORIGAM. If not, see <http://www.gnu.org/licenses/>.
*/
#endregion

using System.Threading.Tasks;
using System.Xml;
using Origam.Security.Common;

namespace Origam.Security.Identity
{
public interface IManager
{
Task<IOrigamUser> FindByNameAsync(string name);
Task<bool> ChangePasswordQuestionAndAnswerAsync(string userName, string password, string question, string answer);
Task<bool> IsLockedOutAsync(string userId);
Task<bool> GetTwoFactorEnabledAsync(string userId);
Task<bool> SetTwoFactorEnabledAsync(string userId, bool enabled);
Task<bool> IsEmailConfirmedAsync(string userId);
Task<bool> UnlockUserAsync(string userName);
Task<InternalIdentityResult> ConfirmEmailAsync(string userId);
Task<InternalIdentityResult> ConfirmEmailAsync(string userId, string token);
Task<InternalIdentityResult> ChangePasswordAsync(string userId, string currentPassword, string newPassword);
Task<InternalIdentityResult> ResetPasswordFromUsernameAsync(string userName, string token, string newPassword);
Task<InternalIdentityResult> DeleteAsync(IOrigamUser user);
Task<InternalIdentityResult> UpdateAsync(IOrigamUser user);
void SendNewUserToken(string userName);
Task<InternalIdentityResult> CreateAsync(IOrigamUser user, string password);
Task<string> GenerateEmailConfirmationTokenAsync(string userId);
Task<TokenResult> GetPasswordResetTokenFromEmailAsync(string email);
Task<string> GeneratePasswordResetTokenAsync(string userId);
Task<XmlDocument> GetPasswordAttributesAsync();
}
}
2 changes: 1 addition & 1 deletion backend/Origam.Security.Identity/IdentityServiceAgent.cs
View file
Open in desktop
Expand Up @@ -706,7 +706,7 @@ private void GetPasswordResetToken()
Resources.ErrorUserIdNotGuid);
}
Task<string> task = userManager
.GeneratePasswordResetTokenAsync1(
.GeneratePasswordResetTokenAsync(
Parameters["UserId"].ToString());
if (task.IsFaulted)
{
Expand Down