-
Notifications
You must be signed in to change notification settings - Fork 2.6k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
V9: Fix for migration of non-default configurated users/members (#11684)
* #11366 Fallback to try login using super legacy HMACSHA1 even when the algorithm is stated as being HMACSHA256. The issue is that v8 saves HMACSHA256 on the user, but when configured to use legacy encoding it actually uses HMACSHA1 * Support migration of members with: UseLegacyEncoding+Clear UseLegacyEncoding+Encrypted (Requires machine key) UseLegacyEncoding+Hashed * Fixes unit tests * Avoid exceptions + unit tests * Save unknown algorithm if we dont know it, instead of persisting a wrong algorithm. * Added setting to enable clear text password rehashes. * Removed support for migration of clear text passwords * Fixed unit test
- Loading branch information
Showing
12 changed files
with
226 additions
and
67 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
30 changes: 30 additions & 0 deletions
30
src/Umbraco.Core/Configuration/Models/LegacyPasswordMigrationSettings.cs
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,30 @@ | ||
// Copyright (c) Umbraco. | ||
// See LICENSE for more details. | ||
|
||
using System.ComponentModel; | ||
|
||
namespace Umbraco.Cms.Core.Configuration.Models | ||
{ | ||
/// <summary> | ||
/// Typed configuration options for legacy machine key settings used for migration of members from a v8 solution. | ||
/// </summary> | ||
[UmbracoOptions(Constants.Configuration.ConfigLegacyPasswordMigration)] | ||
public class LegacyPasswordMigrationSettings | ||
{ | ||
private const string StaticDecryptionKey = ""; | ||
|
||
/// <summary> | ||
/// Gets the decryption algorithm. | ||
/// </summary> | ||
/// <remarks> | ||
/// Currently only AES is supported. This should include all machine keys generated by Umbraco. | ||
/// </remarks> | ||
public string MachineKeyDecryption => "AES"; | ||
|
||
/// <summary> | ||
/// Gets or sets the decryption hex-formatted string key found in legacy web.config machineKey configuration-element. | ||
/// </summary> | ||
[DefaultValue(StaticDecryptionKey)] | ||
public string MachineKeyDecryptionKey { get; set; } = StaticDecryptionKey; | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.