private ActionResult RedirectToMfa(string login, string displayName, string email, string phone, string documentUrl, string samlSessionId, bool mustResetPassword = false)
{
//public url from browser if we behind nginx or other proxy
var currentUri = new Uri(documentUrl);
var noLastSegment = string.Format("{0}://{1}", currentUri.Scheme, currentUri.Authority);
for (int i = 0; i < currentUri.Segments.Length - 1; i++)
{
noLastSegment += currentUri.Segments[i];
}
noLastSegment = noLastSegment.Trim("/".ToCharArray()); // remove trailing /
var postbackUrl = noLastSegment + "/PostbackFromMfa";
//exra params
var claims = new Dictionary <string, string>
{
{ MultiFactorClaims.RawUserName, login } //as specifyed by user
};
if (mustResetPassword)
{
claims.Add(MultiFactorClaims.ChangePassword, "true");
}
else
{
if (samlSessionId != null)
{
claims.Add(MultiFactorClaims.SamlSessionId, samlSessionId);
}
}
var client = new MultiFactorApiClient();
var accessPage = client.CreateAccessRequest(login, displayName, email, phone, postbackUrl, claims);
return(RedirectPermanent(accessPage.Url));
}
