From 7942d2bc82449a4fa2499be9a07ece3235e03b71 Mon Sep 17 00:00:00 2001 From: Hao Kung Date: Fri, 25 Jul 2014 11:57:13 -0700 Subject: [PATCH] Pass user to IPasswordHasher --- src/Microsoft.AspNet.Identity/IPasswordHasher.cs | 8 +++++--- src/Microsoft.AspNet.Identity/IdentityServices.cs | 2 +- src/Microsoft.AspNet.Identity/PasswordHasher.cs | 8 +++++--- src/Microsoft.AspNet.Identity/UserManager.cs | 10 +++++----- .../UserStoreTest.cs | 2 +- .../UserStoreTestBase.cs | 2 +- .../IdentityBuilderTest.cs | 4 ++-- test/Microsoft.AspNet.Identity.Test/UserManagerTest.cs | 4 ++-- test/Shared/IdentityConfig.cs | 2 +- test/Shared/MockHelpers.cs | 4 ++-- test/Shared/UserManagerTestBase.cs | 2 +- 11 files changed, 26 insertions(+), 22 deletions(-) diff --git a/src/Microsoft.AspNet.Identity/IPasswordHasher.cs b/src/Microsoft.AspNet.Identity/IPasswordHasher.cs index c20e7db70f..9e84c2d322 100644 --- a/src/Microsoft.AspNet.Identity/IPasswordHasher.cs +++ b/src/Microsoft.AspNet.Identity/IPasswordHasher.cs @@ -6,21 +6,23 @@ namespace Microsoft.AspNet.Identity /// /// Abstraction for password hashing methods /// - public interface IPasswordHasher + public interface IPasswordHasher where TUser : class { /// /// Hash a password /// + /// /// /// - string HashPassword(string password); + string HashPassword(TUser user, string password); /// /// Verify that a password matches the hashed password /// + /// /// /// /// - PasswordVerificationResult VerifyHashedPassword(string hashedPassword, string providedPassword); + PasswordVerificationResult VerifyHashedPassword(TUser user, string hashedPassword, string providedPassword); } } \ No newline at end of file diff --git a/src/Microsoft.AspNet.Identity/IdentityServices.cs b/src/Microsoft.AspNet.Identity/IdentityServices.cs index 6860733550..d66c8fed91 100644 --- a/src/Microsoft.AspNet.Identity/IdentityServices.cs +++ b/src/Microsoft.AspNet.Identity/IdentityServices.cs @@ -25,7 +25,7 @@ namespace Microsoft.AspNet.Identity yield return describe.Transient, UserValidator>(); yield return describe.Transient, PasswordValidator>(); - yield return describe.Transient(); + yield return describe.Transient, PasswordHasher>(); // TODO: rationalize email/sms/usertoken services } diff --git a/src/Microsoft.AspNet.Identity/PasswordHasher.cs b/src/Microsoft.AspNet.Identity/PasswordHasher.cs index 5a6f6a7ecc..e5726ade4f 100644 --- a/src/Microsoft.AspNet.Identity/PasswordHasher.cs +++ b/src/Microsoft.AspNet.Identity/PasswordHasher.cs @@ -6,14 +6,15 @@ namespace Microsoft.AspNet.Identity /// /// Implements password hashing methods /// - public class PasswordHasher : IPasswordHasher + public class PasswordHasher : IPasswordHasher where TUser : class { /// /// Hash a password /// + /// /// /// - public virtual string HashPassword(string password) + public virtual string HashPassword(TUser user, string password) { return Crypto.HashPassword(password); } @@ -21,10 +22,11 @@ namespace Microsoft.AspNet.Identity /// /// Verify that a password matches the hashedPassword /// + /// /// /// /// - public virtual PasswordVerificationResult VerifyHashedPassword(string hashedPassword, string providedPassword) + public virtual PasswordVerificationResult VerifyHashedPassword(TUser user, string hashedPassword, string providedPassword) { return Crypto.VerifyHashedPassword(hashedPassword, providedPassword) ? PasswordVerificationResult.Success diff --git a/src/Microsoft.AspNet.Identity/UserManager.cs b/src/Microsoft.AspNet.Identity/UserManager.cs index 0176171209..61c7b16876 100644 --- a/src/Microsoft.AspNet.Identity/UserManager.cs +++ b/src/Microsoft.AspNet.Identity/UserManager.cs @@ -24,7 +24,7 @@ namespace Microsoft.AspNet.Identity private TimeSpan _defaultLockout = TimeSpan.Zero; private bool _disposed; - private IPasswordHasher _passwordHasher; + private IPasswordHasher _passwordHasher; private IdentityOptions _options; /// @@ -37,7 +37,7 @@ namespace Microsoft.AspNet.Identity /// /// public UserManager(IUserStore store, IOptionsAccessor optionsAccessor, - IPasswordHasher passwordHasher, IUserValidator userValidator, + IPasswordHasher passwordHasher, IUserValidator userValidator, IPasswordValidator passwordValidator) { if (store == null) @@ -68,7 +68,7 @@ namespace Microsoft.AspNet.Identity /// /// Used to hash/verify passwords /// - public IPasswordHasher PasswordHasher + public IPasswordHasher PasswordHasher { get { @@ -618,7 +618,7 @@ namespace Microsoft.AspNet.Identity } } await - passwordStore.SetPasswordHashAsync(user, PasswordHasher.HashPassword(newPassword), cancellationToken); + passwordStore.SetPasswordHashAsync(user, PasswordHasher.HashPassword(user, newPassword), cancellationToken); await UpdateSecurityStampInternal(user, cancellationToken); return IdentityResult.Success; } @@ -635,7 +635,7 @@ namespace Microsoft.AspNet.Identity string password, CancellationToken cancellationToken = default(CancellationToken)) { var hash = await store.GetPasswordHashAsync(user, cancellationToken); - return PasswordHasher.VerifyHashedPassword(hash, password) != PasswordVerificationResult.Failed; + return PasswordHasher.VerifyHashedPassword(user, hash, password) != PasswordVerificationResult.Failed; } // IUserSecurityStampStore methods diff --git a/test/Microsoft.AspNet.Identity.EntityFramework.Test/UserStoreTest.cs b/test/Microsoft.AspNet.Identity.EntityFramework.Test/UserStoreTest.cs index ffef48a667..e0b71cd17f 100644 --- a/test/Microsoft.AspNet.Identity.EntityFramework.Test/UserStoreTest.cs +++ b/test/Microsoft.AspNet.Identity.EntityFramework.Test/UserStoreTest.cs @@ -309,7 +309,7 @@ namespace Microsoft.AspNet.Identity.EntityFramework.Test var user = new IdentityUser("CanUpdatePasswordUsingHasher"); IdentityResultAssert.IsSuccess(await manager.CreateAsync(user, "password")); Assert.True(await manager.CheckPasswordAsync(user, "password")); - user.PasswordHash = manager.PasswordHasher.HashPassword("New"); + user.PasswordHash = manager.PasswordHasher.HashPassword(user, "New"); IdentityResultAssert.IsSuccess(await manager.UpdateAsync(user)); Assert.False(await manager.CheckPasswordAsync(user, "password")); Assert.True(await manager.CheckPasswordAsync(user, "New")); diff --git a/test/Microsoft.AspNet.Identity.EntityFramework.Test/UserStoreTestBase.cs b/test/Microsoft.AspNet.Identity.EntityFramework.Test/UserStoreTestBase.cs index 76787d3bcf..e920c017e8 100644 --- a/test/Microsoft.AspNet.Identity.EntityFramework.Test/UserStoreTestBase.cs +++ b/test/Microsoft.AspNet.Identity.EntityFramework.Test/UserStoreTestBase.cs @@ -190,7 +190,7 @@ namespace Microsoft.AspNet.Identity.EntityFramework.Test var user = new ApplicationUser(); IdentityResultAssert.IsSuccess(await manager.CreateAsync(user, "password")); Assert.True(await manager.CheckPasswordAsync(user, "password")); - user.PasswordHash = manager.PasswordHasher.HashPassword("New"); + user.PasswordHash = manager.PasswordHasher.HashPassword(user, "New"); IdentityResultAssert.IsSuccess(await manager.UpdateAsync(user)); Assert.False(await manager.CheckPasswordAsync(user, "password")); Assert.True(await manager.CheckPasswordAsync(user, "New")); diff --git a/test/Microsoft.AspNet.Identity.Test/IdentityBuilderTest.cs b/test/Microsoft.AspNet.Identity.Test/IdentityBuilderTest.cs index 0ff25f845a..e68f9b4ffe 100644 --- a/test/Microsoft.AspNet.Identity.Test/IdentityBuilderTest.cs +++ b/test/Microsoft.AspNet.Identity.Test/IdentityBuilderTest.cs @@ -31,7 +31,7 @@ namespace Microsoft.AspNet.Identity.Test [Fact] public void CanSpecifyPasswordHasherInstance() { - CanOverride(new PasswordHasher()); + CanOverride>(new PasswordHasher()); } [Fact] @@ -47,7 +47,7 @@ namespace Microsoft.AspNet.Identity.Test var pwdValidator = provider.GetService>() as PasswordValidator; Assert.NotNull(pwdValidator); - var hasher = provider.GetService() as PasswordHasher; + var hasher = provider.GetService>() as PasswordHasher; Assert.NotNull(hasher); } diff --git a/test/Microsoft.AspNet.Identity.Test/UserManagerTest.cs b/test/Microsoft.AspNet.Identity.Test/UserManagerTest.cs index 1b41f0b0fd..66d60b45cb 100644 --- a/test/Microsoft.AspNet.Identity.Test/UserManagerTest.cs +++ b/test/Microsoft.AspNet.Identity.Test/UserManagerTest.cs @@ -22,7 +22,7 @@ namespace Microsoft.AspNet.Identity.Test public IUserStore StorePublic { get { return Store; } } public TestManager(IUserStore store, IOptionsAccessor optionsAccessor, - IPasswordHasher passwordHasher, IUserValidator userValidator, + IPasswordHasher passwordHasher, IUserValidator userValidator, IPasswordValidator passwordValidator) : base(store, optionsAccessor, passwordHasher, userValidator, passwordValidator) { } } @@ -423,7 +423,7 @@ namespace Microsoft.AspNet.Identity.Test { var store = new NotImplementedStore(); var optionsAccessor = new OptionsAccessor(null); - var passwordHasher = new PasswordHasher(); + var passwordHasher = new PasswordHasher(); var userValidator = new UserValidator(); var passwordValidator = new PasswordValidator(); diff --git a/test/Shared/IdentityConfig.cs b/test/Shared/IdentityConfig.cs index 8aa6e0961e..75a74b1f36 100644 --- a/test/Shared/IdentityConfig.cs +++ b/test/Shared/IdentityConfig.cs @@ -9,7 +9,7 @@ namespace Microsoft.AspNet.Identity.Test public class ApplicationUserManager : UserManager { public ApplicationUserManager(IUserStore store, IOptionsAccessor options, - IPasswordHasher passwordHasher, IUserValidator userValidator, + IPasswordHasher passwordHasher, IUserValidator userValidator, IPasswordValidator passwordValidator) : base(store, options, passwordHasher, userValidator, passwordValidator) { } } diff --git a/test/Shared/MockHelpers.cs b/test/Shared/MockHelpers.cs index e9736036ac..0fa138d603 100644 --- a/test/Shared/MockHelpers.cs +++ b/test/Shared/MockHelpers.cs @@ -33,7 +33,7 @@ namespace Microsoft.AspNet.Identity.Test { var store = new Mock>(); var options = new OptionsAccessor(null); - return new Mock>(store.Object, options, new PasswordHasher(), new UserValidator(), new PasswordValidator()); + return new Mock>(store.Object, options, new PasswordHasher(), new UserValidator(), new PasswordValidator()); } public static Mock> MockRoleManager() where TRole : class @@ -51,7 +51,7 @@ namespace Microsoft.AspNet.Identity.Test { var options = new OptionsAccessor(null); var validator = new Mock>(); - var userManager = new UserManager(store, options, new PasswordHasher(), validator.Object, new PasswordValidator()); + var userManager = new UserManager(store, options, new PasswordHasher(), validator.Object, new PasswordValidator()); validator.Setup(v => v.ValidateAsync(userManager, It.IsAny(), CancellationToken.None)).Returns(Task.FromResult(IdentityResult.Success)).Verifiable(); return userManager; } diff --git a/test/Shared/UserManagerTestBase.cs b/test/Shared/UserManagerTestBase.cs index 50895b4a0b..2c26304b6a 100644 --- a/test/Shared/UserManagerTestBase.cs +++ b/test/Shared/UserManagerTestBase.cs @@ -67,7 +67,7 @@ namespace Microsoft.AspNet.Identity.Test var user = new TUser() { UserName = "UpdatePassword" }; IdentityResultAssert.IsSuccess(await manager.CreateAsync(user, "password")); Assert.True(await manager.CheckPasswordAsync(user, "password")); - user.PasswordHash = manager.PasswordHasher.HashPassword("New"); + user.PasswordHash = manager.PasswordHasher.HashPassword(user, "New"); IdentityResultAssert.IsSuccess(await manager.UpdateAsync(user)); Assert.False(await manager.CheckPasswordAsync(user, "password")); Assert.True(await manager.CheckPasswordAsync(user, "New"));