public async Task <ActionResult> RegisterAsync(RegisterViewModel model)
{
if (!ModelState.IsValid)
{
return(View("Register"));
}
try
{
var userProfile = new UserProfile();
userProfile.SetProperty("firstName", model.FirstName);
userProfile.SetProperty("lastName", model.LastName);
userProfile.SetProperty("email", model.Email);
var registerResponse = await _idxClient.RegisterAsync(userProfile);
if (registerResponse.AuthenticationStatus == AuthenticationStatus.AwaitingAuthenticatorEnrollment)
{
Session["idxContext"] = registerResponse.IdxContext;
Session["authenticators"] = ViewModelHelper.ConvertToAuthenticatorViewModelList(registerResponse.Authenticators);
return(RedirectToAction("SelectAuthenticator", "Manage"));
}
ModelState.AddModelError(string.Empty, $"Oops! Something went wrong.");
return(View("Register", model));
}
catch (OktaException exception)
{
ModelState.AddModelError(string.Empty, $"Oops! Something went wrong: {exception.Message}");
return(View("Register", model));
}
}
public async Task <ActionResult> ChangePasswordAsync(ChangePasswordViewModel model)
{
if (!ModelState.IsValid)
{
return(View("ChangePassword", model));
}
// Password was selected during registration.
if ((bool?)Session["isPasswordSelected"] ?? false)
{
return(await VerifyAuthenticatorAsync(model.NewPassword, "ChangePassword", model));
}
var changePasswordOptions = new ChangePasswordOptions()
{
NewPassword = model.NewPassword,
};
try
{
var authnResponse = await _idxClient.ChangePasswordAsync(changePasswordOptions, (IIdxContext)Session["idxContext"]).ConfigureAwait(false);
Session["idxContext"] = authnResponse.IdxContext;
switch (authnResponse.AuthenticationStatus)
{
case AuthenticationStatus.Success:
ClaimsIdentity identity = await AuthenticationHelper.GetIdentityFromTokenResponseAsync(_idxClient.Configuration, authnResponse.TokenInfo);
_authenticationManager.SignIn(new AuthenticationProperties(), identity);
return(RedirectToAction("Index", "Home"));
case AuthenticationStatus.AwaitingAuthenticatorEnrollment:
Session["authenticators"] = ViewModelHelper.ConvertToAuthenticatorViewModelList(authnResponse.Authenticators);
TempData["canSkip"] = authnResponse.CanSkip;
return(RedirectToAction("SelectAuthenticator", "Manage"));
case AuthenticationStatus.AwaitingChallengeAuthenticatorSelection:
Session["authenticators"] = ViewModelHelper.ConvertToAuthenticatorViewModelList(authnResponse.Authenticators);
Session["isChallengeFlow"] = true;
return(RedirectToAction("selectAuthenticator", "Manage"));
}
return(View("ChangePassword", model));
}
catch (OktaApiException exception)
{
ModelState.AddModelError("Oops! Something went wrong.", exception.ErrorSummary
?? "Cannot change password. Check if the new password meets the requirements.");
return(View("ChangePassword", model));
}
catch (OktaException exception)
{
ModelState.AddModelError("Oops! Something went wrong.", exception.Message);
return(View("ChangePassword", model));
}
}
public async Task <ActionResult> LoginAsync(LoginViewModel model)
{
if (!ModelState.IsValid)
{
return(View("Login"));
}
var authnOptions = new AuthenticationOptions()
{
Username = model.UserName,
Password = model.Password,
};
try
{
var authnResponse = await _idxClient.AuthenticateAsync(authnOptions).ConfigureAwait(false);
Session["idxContext"] = authnResponse.IdxContext;
switch (authnResponse?.AuthenticationStatus)
{
case AuthenticationStatus.Success:
ClaimsIdentity identity = await AuthenticationHelper.GetIdentityFromTokenResponseAsync(_idxClient.Configuration, authnResponse.TokenInfo);
_authenticationManager.SignIn(new AuthenticationProperties {
IsPersistent = model.RememberMe
}, identity);
return(RedirectToAction("Index", "Home"));
case AuthenticationStatus.PasswordExpired:
return(RedirectToAction("ChangePassword", "Manage"));
case AuthenticationStatus.AwaitingChallengeAuthenticatorSelection:
Session["authenticators"] = ViewModelHelper.ConvertToAuthenticatorViewModelList(authnResponse.Authenticators);
Session["isChallengeFlow"] = true;
return(RedirectToAction("SelectAuthenticator", "Manage"));
case AuthenticationStatus.AwaitingAuthenticatorEnrollment:
Session["isChallengeFlow"] = false;
Session["authenticators"] = ViewModelHelper.ConvertToAuthenticatorViewModelList(authnResponse.Authenticators);
return(RedirectToAction("SelectAuthenticator", "Manage"));
default:
return(View("Login", model));
}
}
catch (OktaException exception)
{
ModelState.AddModelError(string.Empty, $"Invalid login attempt: {exception.Message}");
return(View("Login", model));
}
}
private async Task <ActionResult> VerifyAuthenticatorAsync(string code, string view, BaseViewModel model)
{
if (!ModelState.IsValid)
{
return(View(view, model));
}
var verifyAuthenticatorOptions = new VerifyAuthenticatorOptions
{
Code = code,
};
try
{
var authnResponse = await _idxClient.VerifyAuthenticatorAsync(verifyAuthenticatorOptions, (IIdxContext)Session["idxContext"]);
Session["idxContext"] = authnResponse.IdxContext;
switch (authnResponse.AuthenticationStatus)
{
case AuthenticationStatus.AwaitingPasswordReset:
return(RedirectToAction("ChangePassword", "Manage"));
case AuthenticationStatus.AwaitingAuthenticatorEnrollment:
Session["authenticators"] = ViewModelHelper.ConvertToAuthenticatorViewModelList(authnResponse.Authenticators);
TempData["canSkip"] = authnResponse.CanSkip;
Session["isChallengeFlow"] = false;
return(RedirectToAction("SelectAuthenticator", "Manage"));
case AuthenticationStatus.Success:
ClaimsIdentity identity = await AuthenticationHelper.GetIdentityFromTokenResponseAsync(_idxClient.Configuration, authnResponse.TokenInfo);
_authenticationManager.SignIn(new AuthenticationProperties(), identity);
return(RedirectToAction("Index", "Home"));
}
return(View(view, model));
}
catch (OktaException exception)
{
ModelState.AddModelError(string.Empty, exception.Message);
return(View(view, model));
}
}
public async Task <ActionResult> ForgotPasswordAsync(ForgotPasswordViewModel model)
{
if (!ModelState.IsValid)
{
return(View("ForgotPassword", model));
}
var recoverPasswordOptions = new RecoverPasswordOptions {
Username = model.UserName,
};
try
{
var authnResponse = await _idxClient.RecoverPasswordAsync(recoverPasswordOptions);
Session["idxContext"] = authnResponse.IdxContext;
if (authnResponse.AuthenticationStatus == AuthenticationStatus.AwaitingAuthenticatorSelection)
{
Session["authenticators"] =
ViewModelHelper.ConvertToAuthenticatorViewModelList(authnResponse.Authenticators);
return(RedirectToAction("SelectRecoveryAuthenticator", "Manage"));
}
if (authnResponse.AuthenticationStatus == AuthenticationStatus.AwaitingAuthenticatorVerification)
{
return(RedirectToAction("VerifyAuthenticator", "Manage"));
}
return(View("ForgotPassword", model));
}
catch (OktaException exception)
{
ModelState.AddModelError(string.Empty, exception.Message);
return(View("ForgotPassword", model));
}
}