Merge pull request #27 from sawest/master

version 6.0.4
DNNCommunity · Jan 11, 2018 · 6158e3e · 6158e3e
2 parents dc01919 + 1b045cd
commit 6158e3e
Show file tree

Hide file tree

Showing 9 changed files with 62 additions and 30 deletions.
diff --git a/ActiveDirectory.dnn b/ActiveDirectory.dnn
@@ -1,6 +1,6 @@
 <dotnetnuke type="Package" version="5.0">
   <packages>
-    <package name="DNN_ActiveDirectoryAuthentication" type="Auth_System" version="06.00.02">
+    <package name="DNN_ActiveDirectoryAuthentication" type="Auth_System" version="06.00.04">
       <friendlyName>DNN_ActiveDirectoryAuthentication</friendlyName>
       <description>The DotNetNuke Active Directory Authentication Project is an Authentication provider for DotNetNuke that uses the Windows 
         Active Directory authentication protocol to authenticate users.
@@ -33,7 +33,7 @@
             <assembly>
               <path>bin\Providers</path>
               <name>DotNetNuke.Authentication.ActiveDirectory.dll</name>
-              <version>06.00.02</version>
+              <version>06.00.04</version>
             </assembly>
             <assembly>
               <path>bin</path>

diff --git a/AssemblyInfo.vb b/AssemblyInfo.vb
@@ -12,7 +12,7 @@ Imports System.Runtime.InteropServices
 <Assembly: AssemblyConfiguration("")>
 <Assembly: AssemblyCompany("")>
 <Assembly: AssemblyProduct("")>
-<Assembly: AssemblyCopyright("2017 DotNetNuke Corporation")>
+<Assembly: AssemblyCopyright("2018 DotNetNuke Corporation")>
 <Assembly: AssemblyTrademark("")>
 
 <Assembly: ComVisible(False)>
@@ -29,7 +29,7 @@ Imports System.Runtime.InteropServices
 '
 ' You can specify all the values or you can default the Build and Revision Numbers 
 ' by using the '*' as shown below:
-' <Assembly: AssemblyVersion("06.00.02.29")> 
+' <Assembly: AssemblyVersion("06.00.04.7")> 
 
-<Assembly: AssemblyVersion("06.00.02.29")>
-<Assembly: AssemblyFileVersion("06.00.02.29")>
+<Assembly: AssemblyVersion("06.00.04.7")>
+<Assembly: AssemblyFileVersion("06.00.04.7")>
diff --git a/Components/AuthenticationController.vb b/Components/AuthenticationController.vb
@@ -198,7 +198,7 @@ Namespace DotNetNuke.Authentication.ActiveDirectory
                 Dim aspNetUser As MembershipUser = Web.Security.Membership.GetUser(objUser.Username)
                 Dim strPassword As String
 
-                If Web.Security.Membership.Provider.EnablePasswordRetrieval Then
+                If Web.Security.Membership.Provider.EnablePasswordRetrieval And Web.Security.Membership.Provider.PasswordFormat <> MembershipPasswordFormat.Hashed Then
                     strPassword = RandomizePassword(aspNetUser, objUser, aspNetUser.GetPassword())
                 Else
                     strPassword = RandomizePassword(aspNetUser, objUser, "")
@@ -239,9 +239,10 @@ Namespace DotNetNuke.Authentication.ActiveDirectory
                 If Not _config.AutoCreateUsers = True Then
                     'User doesn't exist in this portal. Make sure user doesn't exist on any other portal
                     objUser = DNNUserController.GetUserByName(Null.NullInteger, objAuthUser.Username)
+                    objAuthUser.Membership.Password = Utilities.GetRandomPassword()
                     If objUser Is Nothing Then 'User doesn't exist in any portal
                         'Item 6365
-                        objAuthUser.Membership.Password = Utilities.GetRandomPassword()
+                        'objAuthUser.Membership.Password = Utilities.GetRandomPassword() 'moved up Steven A West 1/11/2018
                         Dim objDnnUserInfo As New UserInfo
                         objDnnUserInfo.AffiliateID = objAuthUser.AffiliateID
                         objDnnUserInfo.DisplayName = objAuthUser.DisplayName
@@ -260,7 +261,9 @@ Namespace DotNetNuke.Authentication.ActiveDirectory
                         objDnnUserInfo.Username = objAuthUser.Username
                         CreateUser(objDnnUserInfo, loginStatus)
                     Else 'user exists in another portal
-                        objAuthUser.Membership.Password = RandomizePassword(objUser, "")
+                        'No need to use randomizepassword here useing getrandompassword instead 
+                        'password set above - Steven A West 1/11/2018 regarding #23
+                        'objAuthUser.Membership.Password = RandomizePassword(objUser, "") 
                         objAuthUser.UserID = objUser.UserID
                         CreateUser(CType(objAuthUser, UserInfo), loginStatus)
                     End If
@@ -400,7 +403,7 @@ Namespace DotNetNuke.Authentication.ActiveDirectory
 
             Dim aspNetUser As MembershipUser = Web.Security.Membership.GetUser(objUser.Username)
             Dim strStoredPassword As String = ""
-            If Web.Security.Membership.Provider.EnablePasswordRetrieval Then
+            If Web.Security.Membership.Provider.EnablePasswordRetrieval And Web.Security.Membership.Provider.PasswordFormat <> MembershipPasswordFormat.Hashed Then
                 strStoredPassword = aspNetUser.GetPassword()
             End If
 
@@ -427,7 +430,7 @@ Namespace DotNetNuke.Authentication.ActiveDirectory
         Private Function RandomizePassword(ByVal aspNetUser As MembershipUser, ByVal objUser As UserInfo, ByRef strPassword As String) As String
 
             Dim strStoredPassword As String = ""
-            If Web.Security.Membership.Provider.EnablePasswordRetrieval Then
+            If Web.Security.Membership.Provider.EnablePasswordRetrieval And Web.Security.Membership.Provider.PasswordFormat <> MembershipPasswordFormat.Hashed Then
                 strStoredPassword = aspNetUser.GetPassword()
             End If
 

diff --git a/Login.ascx.vb b/Login.ascx.vb
@@ -111,32 +111,58 @@ Namespace DotNetNuke.Authentication.ActiveDirectory
                 Dim theUser As String = String.Empty
                 Dim strDomain As String = String.Empty
                 Dim userinfo As String()
-                If Not String.IsNullOrEmpty (txtUsername.Text) Then
+                If Not String.IsNullOrEmpty(txtUsername.Text) Then
+
+                    'If UPN username provided, strip domain, translate to netBiOS
                     If txtUsername.Text.Contains("@") Then
-                        userinfo = Split(txtUsername.Text, "@")
-                        theUser = userinfo(0)
+
+                        '***Changed Steven A West 1-11-2018 Bug fix #12 & #24
+                        theUser = ADSI.Utilities.UPNToLogonName0(txtUsername.Text.ToLower)
+
+                        '***Commented Out Steven A West 1-11-2018 Bug fix #12 & #24**************
+                        ' userinfo = Split(txtUsername.Text, "@")
+                        '  theUser = userinfo(0)
                         'theUser = Left(txtUsername.Text, txtUsername.Text.IndexOf("@")) ***Changed Steven A West 2-25-2017  Bug fix #12
-                        strDomain = UCase(userinfo(1))
+                        ' strDomain = UCase(userinfo(1))
 
                         '***Changed Steven A West 2-25-2017 Bug fix #12
                         'strDomain = Right(txtUsername.Text, Len(txtUsername.Text) - (Len(theUser) + 1)).ToUpper 
-                        If strDomain.Contains(sDefaultDomain) Then
-                            theUser = Trim(sDefaultDomain).Replace("\", "") & "\" & theUser
-                        Else
-                            theUser = strDomain & "\" & theUser
-                        End If
-                        '****
+                        '***Changed Steven A West 8-29-2017 Bug fix #12
+                        'If strDomain.Contains(sDefaultDomain) Then
+                        '    theUser = Trim(sDefaultDomain).Replace("\", "") & "\" & theUser
+                        'Else
+                        '    theUser = strDomain & "\" & theUser
+                        'End If
+                        'If Not String.IsNullOrEmpty(sDefaultDomain) Then
+                        '    If strDomain.Contains(sDefaultDomain) Then
+                        '        theUser = Trim(sDefaultDomain).Replace("\", "") & "\" & theUser
+                        '    Else
+                        '        theUser = strDomain & "\" & theUser
+                        '    End If
+                        'End If
+
+                        '****************************************************************************
                     Else
                         'If username doesn't contain the DOMAIN\ already and config uses Default Domain
                         'Then append default domain as prefix
                         If (Not txtUsername.Text.Contains("\")) And (sDefaultDomain <> "") Then
                             theUser = Trim(sDefaultDomain).Replace("\", "") & "\" & txtUsername.Text
                         Else
-                            If txtUsername.Text.IndexOf("\") > -1 Then
-                                strDomain = Left(txtUsername.Text, txtUsername.Text.IndexOf("\")).ToUpper
-                                theUser = Right(txtUsername.Text, Len(txtUsername.Text) - (Len(strDomain) + 1))
-                                theUser = strDomain & "\" & theUser
+                            'if username contains domain\ then check if domain provided is canonical and translate
+                            If txtUsername.Text.Contains("\") Then
+
+                                '***Changed Steven A West 1-11-2018 Bug fix #12 & #24
+                                strDomain = UCase(Split(txtUsername.Text, "\")(0))
+                                theUser = UCase(Split(txtUsername.Text, "\")(1))
+                                If strDomain.Contains(".") Then 'canonical domain provided, translate
+                                    strDomain = ADSI.Utilities.CanonicalToNetBIOS(strDomain.ToLower)
+                                End If
+                                If Not String.IsNullOrEmpty(strDomain) Then
+                                    theUser = strDomain & "\" & theUser
+                                End If
+                                '********
                             Else
+                                'no domain provided and no default domain set
                                 theUser = txtUsername.Text
                             End If
                         End If
@@ -263,9 +289,12 @@ Namespace DotNetNuke.Authentication.ActiveDirectory
                     AddEventLog(PortalId, UserName, Null.NullInteger, PortalSettings.PortalName, IPAddress, loginStatus)
                 End If
                 'Raise UserAuthenticated Event
+                'Dim _
+                '    eventArgs As UserAuthenticatedEventArgs =
+                '        New UserAuthenticatedEventArgs(objUser, Split(UserName, "\")(1), loginStatus, "Active Directory") 'Bug fix #12 Steven A West
                 Dim _
                     eventArgs As UserAuthenticatedEventArgs =
-                        New UserAuthenticatedEventArgs(objUser, Split(UserName, "\")(1), loginStatus, "Active Directory") 'Bug fix #12 Steven A West
+                        New UserAuthenticatedEventArgs(objUser, UserName, loginStatus, "Active Directory") 'Bug fix #17 Steven A West, possible for user not to have \ in username (unauthenticated) so dont split assuming there is an index of 1
                 eventArgs.Authenticated = authenticated
                 eventArgs.Message = message
                 OnUserAuthenticated(eventArgs)

diff --git a/Providers/ADSIProvider/ADSIProvider.vb b/Providers/ADSIProvider/ADSIProvider.vb
@@ -90,7 +90,7 @@ Namespace DotNetNuke.Authentication.ActiveDirectory.ADSI
                         UserName = crossRef.NetBIOSName & "\" & UserName
                     Next
                 End If
-                Dim userEntry As New DirectoryEntry(Path, UserName, Password) ', AuthenticationTypes.Signing)
+                Dim userEntry As New DirectoryEntry(Path, UserName, Password, AuthenticationTypes.Signing)
                 ' Bind to the native AdsObject to force authentication.
                 Dim obj As Object = userEntry.NativeObject
 

diff --git a/Providers/ADSIProvider/Domain.vb b/Providers/ADSIProvider/Domain.vb
@@ -146,7 +146,7 @@ Namespace DotNetNuke.Authentication.ActiveDirectory.ADSI
         ''' </history>
         ''' -------------------------------------------------------------------
         Public Shared Function GetDomain (ByVal Path As String) As Domain
-            Return GetDomain (Path, "", "", AuthenticationTypes.Delegation)
+            Return GetDomain(Path, "", "", AuthenticationTypes.Delegation)
         End Function
 
         ''' -------------------------------------------------------------------

diff --git a/Providers/ADSIProvider/Utilities.vb b/Providers/ADSIProvider/Utilities.vb
@@ -266,7 +266,7 @@ Namespace DotNetNuke.Authentication.ActiveDirectory.ADSI
                 userEntries = .GetEntries
                 Select Case userEntries.Count
                     Case 0
-                        ' Found no entry, return nothing
+                        'Found no entry, return nothing
                         Return Nothing
                     Case 1
                         ' Find only one entry, return it

diff --git a/Resources.zip b/Resources.zip
diff --git a/version.txt b/version.txt
@@ -1 +1 @@
-6.0.2.29
+6.0.4.7