C# 클래스 Subtext.Framework.Security.SecurityHelper

Handles blog logins/passwords/tickets
파일 보기 프로젝트 열기: ayende/Subtext 1 사용 예제들

공개 메소드들

메소드 설명
Authenticate ( string claimedIdentifier, bool persist ) : bool

Check to see if the supplied OpenID claim is valid for the current blog. If so, Set the user's FormsAuthentication Ticket This method will handle passwords for both hashed and non-hashed configurations We're comparing URI objects rather than using simple string compare because functionally equivalent URI's may not pass string comparaisons, e.g. such as http://example.myopenid.com/ and http://example.myopenid.com (trailing /)
Authenticate ( string username, string password, bool persist ) : bool

Check to see if the supplied credentials are valid for the current blog. If so, Set the user's FormsAuthentication Ticket This method will handle passwords for both hashed and non-hashed configurations
AuthenticateHostAdmin ( string username, string password, bool persist ) : bool

Authenticates the host admin.
CombinePasswordAndSalt ( string password, string salt ) : string

Returns a string with a password and salt combined.
CreateRandomSalt ( ) : string

Creates a random salt value.
DecryptString ( string encryptedBase64EncodedString, Encoding encoding, byte key, byte initializationVendor ) : string

Decrypts the string.
EncryptString ( string clearText, Encoding encoding, byte key, byte initializationVendor ) : string

Generates the symmetric key.
GenerateInitializationVector ( ) : byte[]

Generates the symmetric key.
GenerateSymmetricKey ( ) : byte[]

Generates the symmetric key.
GetExpiredCookie ( ) : System.Web.HttpCookie

Used to remove a cookie from the client.
GetFullCookieName ( ) : string

Identifies cookies by unique BlogHost names (rather than a single name for all cookies in multiblog setups as the old code did).
HashPassword ( string password ) : string

Get MD5 hashed/encrypted representation of the password and returns a Base64 encoded string of the hash. This is a one-way hash.

Passwords are case sensitive now. Before they weren't.

HashPassword ( string password, string salt ) : string

Get MD5 hashed/encrypted representation of the password and a salt value combined in the proper manner. Returns a Base64 encoded string of the hash. This is a one-way hash.

Passwords are case sensitive now. Before they weren't.

IsInRole ( string role ) : bool

Returns true if the user is in the specified role. It's a wrapper to calling the IsInRole method of IPrincipal.
IsValidPassword ( string password ) : bool

Check to see if the supplied password matches the password for the current blog. This method will check the BlogConfigurationSettings to see if the password should be Encrypted/Hashed
IsValidUser ( string username, string password ) : bool

Validates if the supplied credentials match the current blog
LogOut ( ) : void

Logs the user off the system.
RandomPassword ( ) : string

Generates a "Random Enough" password. :)
ResetHostAdminPassword ( ) : string
ResetPassword ( ) : string

When we Encrypt/Hash the password, we can not un-Encrypt/Hash the password. If user's need to retrieve this value, all we can do is reset the passowrd to a new value and send it.
SelectAuthenticationCookie ( ) : System.Web.HttpCookie

Obtains the correct cookie for the current blog
SetAuthenticationTicket ( string username, bool persist ) : void
SetAuthenticationTicket ( string username, bool persist, bool forceHostAdmin ) : void

Used by methods in this class plus Install.Step02_ConfigureHost
UpdateHostAdminPassword ( string password ) : void
UpdatePassword ( string password ) : void

Updates the current users password to the supplied value. Handles hashing (or not hashing of the password)

비공개 메소드들

메소드 설명
GetFullCookieName ( bool forceHostAdmin ) : string

메소드 상세

Authenticate() 공개 정적인 메소드

Check to see if the supplied OpenID claim is valid for the current blog. If so, Set the user's FormsAuthentication Ticket This method will handle passwords for both hashed and non-hashed configurations We're comparing URI objects rather than using simple string compare because functionally equivalent URI's may not pass string comparaisons, e.g. such as http://example.myopenid.com/ and http://example.myopenid.com (trailing /)
public static Authenticate ( string claimedIdentifier, bool persist ) : bool
claimedIdentifier string
persist bool If valid, should we persist the login
리턴 bool

Authenticate() 공개 정적인 메소드

Check to see if the supplied credentials are valid for the current blog. If so, Set the user's FormsAuthentication Ticket This method will handle passwords for both hashed and non-hashed configurations
public static Authenticate ( string username, string password, bool persist ) : bool
username string Supplied UserName
password string Supplied Password
persist bool If valid, should we persist the login
리턴 bool

AuthenticateHostAdmin() 공개 정적인 메소드

Authenticates the host admin.
public static AuthenticateHostAdmin ( string username, string password, bool persist ) : bool
username string The username.
password string The password.
persist bool if set to true [persist].
리턴 bool

CombinePasswordAndSalt() 공개 정적인 메소드

Returns a string with a password and salt combined.
public static CombinePasswordAndSalt ( string password, string salt ) : string
password string Password.
salt string Salt.
리턴 string

CreateRandomSalt() 공개 정적인 메소드

Creates a random salt value.
public static CreateRandomSalt ( ) : string
리턴 string

DecryptString() 공개 정적인 메소드

Decrypts the string.
public static DecryptString ( string encryptedBase64EncodedString, Encoding encoding, byte key, byte initializationVendor ) : string
encryptedBase64EncodedString string The encrypted base64 encoded string.
encoding System.Text.Encoding The encoding.
key byte The key.
initializationVendor byte The initialization vendor.
리턴 string

EncryptString() 공개 정적인 메소드

Generates the symmetric key.
public static EncryptString ( string clearText, Encoding encoding, byte key, byte initializationVendor ) : string
clearText string The clear text.
encoding System.Text.Encoding The encoding.
key byte The key.
initializationVendor byte The initialization vendor.
리턴 string

GenerateInitializationVector() 공개 정적인 메소드

Generates the symmetric key.
public static GenerateInitializationVector ( ) : byte[]
리턴 byte[]

GenerateSymmetricKey() 공개 정적인 메소드

Generates the symmetric key.
public static GenerateSymmetricKey ( ) : byte[]
리턴 byte[]

GetExpiredCookie() 공개 정적인 메소드

Used to remove a cookie from the client.
public static GetExpiredCookie ( ) : System.Web.HttpCookie
리턴 System.Web.HttpCookie

GetFullCookieName() 공개 정적인 메소드

Identifies cookies by unique BlogHost names (rather than a single name for all cookies in multiblog setups as the old code did).
public static GetFullCookieName ( ) : string
리턴 string

HashPassword() 공개 정적인 메소드

Get MD5 hashed/encrypted representation of the password and returns a Base64 encoded string of the hash. This is a one-way hash.
Passwords are case sensitive now. Before they weren't.
public static HashPassword ( string password ) : string
password string Supplied Password
리턴 string

HashPassword() 공개 정적인 메소드

Get MD5 hashed/encrypted representation of the password and a salt value combined in the proper manner. Returns a Base64 encoded string of the hash. This is a one-way hash.
Passwords are case sensitive now. Before they weren't.
public static HashPassword ( string password, string salt ) : string
password string Supplied Password
salt string
리턴 string

IsInRole() 공개 정적인 메소드

Returns true if the user is in the specified role. It's a wrapper to calling the IsInRole method of IPrincipal.
public static IsInRole ( string role ) : bool
role string Role.
리턴 bool

IsValidPassword() 공개 정적인 메소드

Check to see if the supplied password matches the password for the current blog. This method will check the BlogConfigurationSettings to see if the password should be Encrypted/Hashed
public static IsValidPassword ( string password ) : bool
password string Supplied Password
리턴 bool

IsValidUser() 공개 정적인 메소드

Validates if the supplied credentials match the current blog
public static IsValidUser ( string username, string password ) : bool
username string Supplied Username
password string Supplied Password
리턴 bool

LogOut() 공개 정적인 메소드

Logs the user off the system.
public static LogOut ( ) : void
리턴 void

RandomPassword() 공개 정적인 메소드

Generates a "Random Enough" password. :)
public static RandomPassword ( ) : string
리턴 string

ResetHostAdminPassword() 공개 정적인 메소드

public static ResetHostAdminPassword ( ) : string
리턴 string

ResetPassword() 공개 정적인 메소드

When we Encrypt/Hash the password, we can not un-Encrypt/Hash the password. If user's need to retrieve this value, all we can do is reset the passowrd to a new value and send it.
public static ResetPassword ( ) : string
리턴 string

SelectAuthenticationCookie() 공개 정적인 메소드

Obtains the correct cookie for the current blog
public static SelectAuthenticationCookie ( ) : System.Web.HttpCookie
리턴 System.Web.HttpCookie

SetAuthenticationTicket() 공개 정적인 메소드

public static SetAuthenticationTicket ( string username, bool persist ) : void
username string
persist bool
리턴 void

SetAuthenticationTicket() 공개 정적인 메소드

Used by methods in this class plus Install.Step02_ConfigureHost
public static SetAuthenticationTicket ( string username, bool persist, bool forceHostAdmin ) : void
username string Username for the ticket
persist bool Should this ticket be persisted
forceHostAdmin bool
리턴 void

UpdateHostAdminPassword() 공개 정적인 메소드

public static UpdateHostAdminPassword ( string password ) : void
password string
리턴 void

UpdatePassword() 공개 정적인 메소드

Updates the current users password to the supplied value. Handles hashing (or not hashing of the password)
public static UpdatePassword ( string password ) : void
password string Supplied Password
리턴 void