public async Task <IActionResult> CompleteFidoLogin([FromBody] Base64FidoAuthenticationResponse authenticationResponse) { var authResult = await HttpContext.AuthenticateAsync(IdentityConstants.TwoFactorUserIdScheme); if (!authResult.Succeeded) { return(Unauthorized()); } var result = await fido.CompleteAuthentication(authenticationResponse.ToFidoResponse()); if (result.IsSuccess) { // start session (with ASP.NET Identity cookie) var user = await signInManager.UserManager.FindByNameAsync(authResult.Principal.FindFirstValue("userId")); var userPrincipal = await signInManager.CreateUserPrincipalAsync(user); await HttpContext.SignInAsync(IdentityConstants.ApplicationScheme, userPrincipal, new AuthenticationProperties()); } if (result.IsError) { return(BadRequest(result.ErrorDescription)); } return(Ok()); }
public async Task <IActionResult> CompleteLogin( [FromBody] Base64FidoAuthenticationResponse authenticationResponse) { var authenticationResult = await _fido.CompleteAuthentication(authenticationResponse.ToFidoResponse()); if (authenticationResult.IsSuccess) { var result = await HttpContext.AuthenticateAsync(IdentityConstants.TwoFactorUserIdScheme); var claims = result.Principal.Claims.ToList(); string rememberMeClaim = claims.FirstOrDefault(c => c.Type == "rememberme")?.Value; bool rememberMe = bool.Parse(rememberMeClaim ?? "false"); string userName = claims.FirstOrDefault(c => c.Type == "userName")?.Value; var user = await _userManager.FindByNameAsync(userName); await _signInManager.SignInAsync(user, rememberMe); } await HttpContext.SignOutAsync(IdentityConstants.TwoFactorUserIdScheme); if (authenticationResult.IsError) { return(BadRequest(authenticationResult.ErrorDescription)); } return(Ok()); }
public async Task <IActionResult> CompleteFidoLogin([FromBody] Base64FidoAuthenticationResponse authenticationResponse) { var result = await fido.CompleteAuthentication(authenticationResponse.ToFidoResponse()); if (result.IsSuccess) { // start session (cookie) await HttpContext.SignInAsync("cookie", new ClaimsPrincipal(new ClaimsIdentity(new [] { new Claim(ClaimTypes.Name, result.UserId) }, "cookie")), new AuthenticationProperties()); } if (result.IsError) { return(BadRequest(result.ErrorDescription)); } return(Ok()); }
public async Task <IActionResult> CompleteLogin([FromBody] Base64FidoAuthenticationResponse authenticationResponse) { var result = await fido.CompleteAuthentication(authenticationResponse.ToFidoResponse()); if (result.IsSuccess) { await HttpContext.SignInAsync("cookie", new ClaimsPrincipal(new ClaimsIdentity(new List <Claim> { new Claim("sub", result.UserId) }, "cookie"))); } if (result.IsError) { return(BadRequest(result.ErrorDescription)); } return(Ok()); }
public async Task <IActionResult> CompleteLogin( [FromBody] Base64FidoAuthenticationResponse authenticationResponse) { var authenticationResult = await _fido.CompleteAuthentication(authenticationResponse.ToFidoResponse()); if (authenticationResult.IsSuccess) { var user = await _userManager.FindByEmailAsync(authenticationResult.UserId); await _signInManager.SignInAsync(user, false); } if (authenticationResult.IsError) { return(BadRequest(authenticationResult.ErrorDescription)); } return(Ok()); }
public async Task <IActionResult> CompleteSecurityKeyAuthentication([FromBody] Base64FidoAuthenticationResponse authenticationResponse) { // Parsing and Validating the Authentication Data // After the authentication data is fully validated, the signature is verified using the public key stored in the database during registration. // * The server retrieves the public key object associated with the user. // * The server uses the public key to verify the signature, which was generated using the `authenticatorData` bytes and a SHA-256 hash of the `clientDataJSON`. var result = await _fido.CompleteAuthentication(authenticationResponse.ToFidoResponse()); if (result.IsError) { return(BadRequest(result.ErrorDescription)); } if (result.IsSuccess) { var user = await _userManager.FindByEmailAsync(result.UserId); await _signInManager.SignInAsync(user, false); } return(Ok()); }
public async Task <IActionResult> FidoCompleteLogin( [FromBody] Base64FidoAuthenticationResponse authenticationResponse) { var result = await _fido.CompleteAuthentication(authenticationResponse.ToFidoResponse()); if (result.IsSuccess) { var authenticateResult = await HttpContext.AuthenticateAsync(IdentityConstants.TwoFactorUserIdScheme); var claims = authenticateResult.Principal.Claims.ToList(); string rememberMeClaim = claims.FirstOrDefault(c => c.Type == "rememberme")?.Value; bool rememberMe = bool.Parse(rememberMeClaim ?? "false"); string userName = claims.FirstOrDefault(c => c.Type == "userName")?.Value; string subjectId = claims.FirstOrDefault(c => c.Type == "subjectId")?.Value; AuthenticationProperties props = null; if (rememberMe) { props = new AuthenticationProperties { IsPersistent = true, ExpiresUtc = DateTimeOffset.UtcNow.Add(AccountOptions.RememberMeLoginDuration) }; } await HttpContext.SignInAsync(subjectId, userName, props); } await HttpContext.SignOutAsync(IdentityConstants.TwoFactorUserIdScheme); if (result.IsError) { return(BadRequest(result.ErrorDescription)); } return(Ok()); }