Beispiel #1
0
        public void GetAuthenticatorKeyName_Executed_ReturnsAspNetUserStoreProviderName()
        {
            // Arrange
            var expectedValue = "AuthenticatorKey";

            // Act
            var lookedUpValue = tokenOptions.GetAuthenticatorKeyName();

            // Assert
            Assert.True((lookedUpValue == expectedValue), $"GetAuthenticatorKeyName() should return {expectedValue}.");
        }
Beispiel #2
0
        public async override Task SetTokenAsync(UserModel user, string loginProvider, string name, string value, CancellationToken cancellationToken)
        {
            bool encrypt = (name == tokenOptions.GetAuthenticatorKeyName());
            bool isAutomaticallyVerified = (name == tokenOptions.GetRecoverCodesName());

            var tokenEntity =
                a3SContext.UserToken.SingleOrDefault(
                    l =>
                    l.Name == name && l.LoginProvider == loginProvider &&
                    l.UserId == user.Id);

            if (tokenEntity != null)
            {
                tokenEntity.Value = (encrypt ? string.Empty : value);

                if (isAutomaticallyVerified)
                {
                    tokenEntity.IsVerified = true;
                }

                a3SContext.Entry(tokenEntity).State = EntityState.Modified;
            }
            else
            {
                a3SContext.UserToken.Add(new UserTokenModel
                {
                    UserId        = user.Id,
                    LoginProvider = loginProvider,
                    Name          = name,
                    Value         = (encrypt ? string.Empty : value),
                    IsVerified    = isAutomaticallyVerified
                });
            }

            await a3SContext.SaveChangesAsync();

            if (encrypt)
            {
                await StoreEncryptedValue(user, loginProvider, name, value);
            }
        }
Beispiel #3
0
        public async Task RemoveTwoFactorAuthenticationAsync(Guid userId)
        {
            // Start transactions to allow complete rollback in case of an error
            BeginAllTransactions();

            try
            {
                UserModel userModel = await userRepository.GetByIdAsync(userId, true);

                if (userModel == null)
                {
                    throw new ItemNotFoundException($"User with Id '{userId}' not found while attempting to update a user using this Id.");
                }

                // Remove all two-factor references and tokens
                userModel.TwoFactorEnabled = false;

                if (userModel.UserTokens != null)
                {
                    userModel.UserTokens.RemoveAll(x =>
                                                   x.Name == tokenOptions.GetAuthenticatorKeyName() ||
                                                   x.Name == tokenOptions.GetRecoverCodesName()
                                                   );
                }

                await userRepository.UpdateAsync(userModel);

                // All successful
                CommitAllTransactions();
            }
            catch
            {
                RollbackAllTransactions();
                throw;
            }
        }
Beispiel #4
0
        public async Task <IActionResult> Deregister2FAAuthenticator(string redirectUrl)
        {
            var user = await _userManager.GetUserAsync(HttpContext.User);

            if (user == null)
            {
                throw new Exception("Invalid login info.");
            }

            await _userManager.RemoveAuthenticationTokenAsync(user, _tokenOptions.GetAspNetUserStoreProviderName(), _tokenOptions.GetRecoverCodesName());

            await _userManager.RemoveAuthenticationTokenAsync(user, _tokenOptions.GetAspNetUserStoreProviderName(), _tokenOptions.GetAuthenticatorKeyName());

            await UpdateUser2faStatus(user.Id);

            return(RedirectToAction("Register2FA", new { redirectUrl, userId = user.Id }));
        }