public async Task <IActionResult> CompleteFidoLogin([FromBody] Base64FidoAuthenticationResponse authenticationResponse)
{
var authResult = await HttpContext.AuthenticateAsync(IdentityConstants.TwoFactorUserIdScheme);
if (!authResult.Succeeded)
{
return(Unauthorized());
}
var result = await fido.CompleteAuthentication(authenticationResponse.ToFidoResponse());
if (result.IsSuccess)
{
// start session (with ASP.NET Identity cookie)
var user = await signInManager.UserManager.FindByNameAsync(authResult.Principal.FindFirstValue("userId"));
var userPrincipal = await signInManager.CreateUserPrincipalAsync(user);
await HttpContext.SignInAsync(IdentityConstants.ApplicationScheme, userPrincipal, new AuthenticationProperties());
}
if (result.IsError)
{
return(BadRequest(result.ErrorDescription));
}
return(Ok());
}
public async Task <IActionResult> CompleteLogin(
[FromBody] Base64FidoAuthenticationResponse authenticationResponse)
{
var authenticationResult = await _fido.CompleteAuthentication(authenticationResponse.ToFidoResponse());
if (authenticationResult.IsSuccess)
{
var result = await HttpContext.AuthenticateAsync(IdentityConstants.TwoFactorUserIdScheme);
var claims = result.Principal.Claims.ToList();
string rememberMeClaim = claims.FirstOrDefault(c => c.Type == "rememberme")?.Value;
bool rememberMe = bool.Parse(rememberMeClaim ?? "false");
string userName = claims.FirstOrDefault(c => c.Type == "userName")?.Value;
var user = await _userManager.FindByNameAsync(userName);
await _signInManager.SignInAsync(user, rememberMe);
}
await HttpContext.SignOutAsync(IdentityConstants.TwoFactorUserIdScheme);
if (authenticationResult.IsError)
{
return(BadRequest(authenticationResult.ErrorDescription));
}
return(Ok());
}
public async Task <IActionResult> CompleteFidoLogin([FromBody] Base64FidoAuthenticationResponse authenticationResponse)
{
var result = await fido.CompleteAuthentication(authenticationResponse.ToFidoResponse());
if (result.IsSuccess)
{
// start session (cookie)
await HttpContext.SignInAsync("cookie", new ClaimsPrincipal(new ClaimsIdentity(new [] { new Claim(ClaimTypes.Name, result.UserId) }, "cookie")), new AuthenticationProperties());
}
if (result.IsError)
{
return(BadRequest(result.ErrorDescription));
}
return(Ok());
}
public async Task <IActionResult> CompleteLogin([FromBody] Base64FidoAuthenticationResponse authenticationResponse)
{
var result = await fido.CompleteAuthentication(authenticationResponse.ToFidoResponse());
if (result.IsSuccess)
{
await HttpContext.SignInAsync("cookie", new ClaimsPrincipal(new ClaimsIdentity(new List <Claim>
{
new Claim("sub", result.UserId)
}, "cookie")));
}
if (result.IsError)
{
return(BadRequest(result.ErrorDescription));
}
return(Ok());
}
public async Task <IActionResult> CompleteLogin(
[FromBody] Base64FidoAuthenticationResponse authenticationResponse)
{
var authenticationResult = await _fido.CompleteAuthentication(authenticationResponse.ToFidoResponse());
if (authenticationResult.IsSuccess)
{
var user = await _userManager.FindByEmailAsync(authenticationResult.UserId);
await _signInManager.SignInAsync(user, false);
}
if (authenticationResult.IsError)
{
return(BadRequest(authenticationResult.ErrorDescription));
}
return(Ok());
}
public async Task <IActionResult> CompleteSecurityKeyAuthentication([FromBody] Base64FidoAuthenticationResponse authenticationResponse)
{
// Parsing and Validating the Authentication Data
// After the authentication data is fully validated, the signature is verified using the public key stored in the database during registration.
// * The server retrieves the public key object associated with the user.
// * The server uses the public key to verify the signature, which was generated using the `authenticatorData` bytes and a SHA-256 hash of the `clientDataJSON`.
var result = await _fido.CompleteAuthentication(authenticationResponse.ToFidoResponse());
if (result.IsError)
{
return(BadRequest(result.ErrorDescription));
}
if (result.IsSuccess)
{
var user = await _userManager.FindByEmailAsync(result.UserId);
await _signInManager.SignInAsync(user, false);
}
return(Ok());
}
public async Task <IActionResult> FidoCompleteLogin(
[FromBody] Base64FidoAuthenticationResponse authenticationResponse)
{
var result = await _fido.CompleteAuthentication(authenticationResponse.ToFidoResponse());
if (result.IsSuccess)
{
var authenticateResult = await HttpContext.AuthenticateAsync(IdentityConstants.TwoFactorUserIdScheme);
var claims = authenticateResult.Principal.Claims.ToList();
string rememberMeClaim = claims.FirstOrDefault(c => c.Type == "rememberme")?.Value;
bool rememberMe = bool.Parse(rememberMeClaim ?? "false");
string userName = claims.FirstOrDefault(c => c.Type == "userName")?.Value;
string subjectId = claims.FirstOrDefault(c => c.Type == "subjectId")?.Value;
AuthenticationProperties props = null;
if (rememberMe)
{
props = new AuthenticationProperties
{
IsPersistent = true,
ExpiresUtc = DateTimeOffset.UtcNow.Add(AccountOptions.RememberMeLoginDuration)
};
}
await HttpContext.SignInAsync(subjectId, userName, props);
}
await HttpContext.SignOutAsync(IdentityConstants.TwoFactorUserIdScheme);
if (result.IsError)
{
return(BadRequest(result.ErrorDescription));
}
return(Ok());
}
