public ConfirmCodeViewModel SendConfirmCode(SendConfirmCodeQuery query)
{
ConfirmCodeViewModel vm = new ConfirmCodeViewModel();
if (!validator.UserExists(query.UserName, vm))
{
string code = System.IO.Path.GetRandomFileName().Replace(".", "").Substring(0, 8);
vm.Code = code;
EmailHandler emailHandler = new EmailHandler(true);
emailHandler.Send(new List <string> {
query.Email
}, "Cherries - User Confirmation", GetConfirmationCodeMail(code, query.UserName));
}
return(vm);
}
public ViewModelLocator()
{
navigationService = new NavigationService();
appViewModel = new AppViewModel();
logInViewModel = new LogInViewModel(navigationService);
registerEmailViewModel = new RegisterEmailViewModel(navigationService);
forGetPassViewModel = new ForgetPassViewModel(navigationService);
sendCodeEmailViewModel = new SendCodeEmailViewModel(navigationService);
homeViewModel = new HomeViewModel(navigationService);
confirmationCodeViewModel = new ConfirmCodeViewModel(navigationService);
signUpViewModel = new SignUpViewModel(navigationService);
createProjectViewModel = new CreateProjectViewModel(navigationService);
projectPageViewModel = new ProjectPageViewModel(navigationService);
listChannelsViewModel = new ListChannelsViewModel(navigationService);
chatViewModel = new ChatViewModel(navigationService);
accountViewModel = new AccountViewModel(navigationService);
navigationService.AddPage(signUpViewModel, ViewType.SignUp);
navigationService.AddPage(confirmationCodeViewModel, ViewType.ConfirmCode);
navigationService.AddPage(registerEmailViewModel, ViewType.RegisterEmail);
navigationService.AddPage(forGetPassViewModel, ViewType.ForgetPass);
navigationService.AddPage(sendCodeEmailViewModel, ViewType.ForgotEmailCode);
navigationService.AddPage(homeViewModel, ViewType.Home);
navigationService.AddPage(logInViewModel, ViewType.LogIn);
navigationService.AddPage(createProjectViewModel, ViewType.CreateProject);
navigationService.AddPage(chatViewModel, ViewType.ChatView);
navigationService.AddPage(projectPageViewModel, ViewType.ProjectPage);
navigationService.AddPage(listChannelsViewModel, ViewType.ListChannels);
navigationService.AddPage(accountViewModel, ViewType.Profile);
userService = new UserService();
string user = CheckLoginLog.Load();
if (user != "" && userService.Select(user) != null)
{
CurrentUser.Instance.User = userService.Select(user);
navigationService.NavigateTo(ViewType.Home);
}
else
{
navigationService.NavigateTo(ViewType.LogIn);
}
}
public async Task <IActionResult> ConfirmCode(
ConfirmCodeViewModel confirmCodeViewModel,
CancellationToken cancellationToken)
{
if (confirmCodeViewModel == null)
{
throw new ArgumentNullException(nameof(confirmCodeViewModel));
}
var user = await SetUser().ConfigureAwait(false);
if (user?.Identity != null && user.Identity.IsAuthenticated)
{
return(RedirectToAction("Index", "User", new { Area = "pwd" }));
}
var authenticatedUser = await _authenticationService
.GetAuthenticatedUser(this, CookieNames.PasswordLessCookieName)
.ConfigureAwait(false);
if (authenticatedUser?.Identity == null || !authenticatedUser.Identity.IsAuthenticated)
{
var message = "SMS authentication cannot be performed";
_logger.LogError(message);
return(SetRedirection(message, Strings.InternalServerError, ErrorCodes.UnhandledExceptionCode));
}
var authenticatedUserClaims = authenticatedUser.Claims.ToArray();
var subject = authenticatedUserClaims.First(c => c.Type == OpenIdClaimTypes.Subject).Value;
var phoneNumber = authenticatedUserClaims.First(c => c.Type == OpenIdClaimTypes.PhoneNumber);
if (confirmCodeViewModel.Action == "resend") // Resend the confirmation code.
{
_ = await _generateAndSendSmsCodeOperation.Execute(phoneNumber.Value, cancellationToken)
.ConfigureAwait(false);
return(Ok(confirmCodeViewModel));
}
// Check the confirmation code.
if (confirmCodeViewModel.ConfirmationCode == null ||
!await _validateConfirmationCode
.Execute(confirmCodeViewModel.ConfirmationCode, subject, cancellationToken)
.ConfigureAwait(false))
{
ModelState.AddModelError("message_error", "Confirmation code is not valid");
return(Ok(confirmCodeViewModel));
}
await _authenticationService.SignOutAsync(
HttpContext,
CookieNames.PasswordLessCookieName,
new AuthenticationProperties())
.ConfigureAwait(false);
var resourceOwnerOption =
await _getUserOperation.Execute(authenticatedUser, cancellationToken).ConfigureAwait(false);
if (resourceOwnerOption is Option <ResourceOwner> .Error e)
{
return(SetRedirection(e.Details.Detail, e.Details.Status.ToString(), e.Details.Title));
}
var resourceOwner = (resourceOwnerOption as Option <ResourceOwner> .Result) !.Item;
if (!string.IsNullOrWhiteSpace(resourceOwner.TwoFactorAuthentication)) // Execute TWO Factor authentication
{
try
{
await SetTwoFactorCookie(authenticatedUserClaims).ConfigureAwait(false);
await _generateAndSendSmsCodeOperation.Execute(phoneNumber.Value, cancellationToken)
.ConfigureAwait(false);
return(RedirectToAction("SendCode", new { code = confirmCodeViewModel.Code }));
}
catch (ClaimRequiredException)
{
return(RedirectToAction("SendCode", new { code = confirmCodeViewModel.Code }));
}
catch (Exception)
{
ModelState.AddModelError("message_error", "Two factor authenticator is not properly configured");
return(Ok(confirmCodeViewModel));
}
}
if (!string.IsNullOrWhiteSpace(confirmCodeViewModel.Code)) // Execute OPENID workflow
{
var request = DataProtector.Unprotect <AuthorizationRequest>(confirmCodeViewModel.Code);
await SetLocalCookie(authenticatedUserClaims, request.session_id !).ConfigureAwait(false);
var issuerName = Request.GetAbsoluteUriWithVirtualPath();
var actionResult = await _authenticateHelper.ProcessRedirection(
request.ToParameter(),
confirmCodeViewModel.Code,
subject,
authenticatedUserClaims,
issuerName,
cancellationToken)
.ConfigureAwait(false);
var result = actionResult.CreateRedirectionFromActionResult(request, _logger);
if (result != null)
{
await LogAuthenticateUser(resourceOwner !.Subject !, actionResult.Amr !).ConfigureAwait(false);
return(result);
}
}
await SetLocalCookie(authenticatedUserClaims, Id.Create())
.ConfigureAwait(false); // Authenticate the resource owner
var modelCode = string.IsNullOrWhiteSpace(confirmCodeViewModel.Code)
? confirmCodeViewModel.ConfirmationCode
: confirmCodeViewModel.Code;
if (!string.IsNullOrWhiteSpace(modelCode))
{
await _confirmationCodeStore.Remove(modelCode, subject, cancellationToken).ConfigureAwait(false);
}
return(RedirectToAction("Index", "User", new { Area = "pwd" }));
}
public ConfirmCodeViewModel SendConfirmCode(SendConfirmCodeQuery query)
{
ConfirmCodeViewModel code = userBL.SendConfirmCode(query);
return(code);
}
public ConfirmCodePage()
{
InitializeComponent();
BindingContext = new ConfirmCodeViewModel();
}
public async Task <IActionResult> ConfirmCode(ConfirmCodeViewModel confirmCodeViewModel)
{
if (confirmCodeViewModel == null)
{
throw new ArgumentNullException(nameof(confirmCodeViewModel));
}
var user = await SetUser();
if (user != null &&
user.Identity != null &&
user.Identity.IsAuthenticated)
{
return(RedirectToAction("Index", "User", new { area = "UserManagement" }));
}
var authenticatedUser = await _authenticationService.GetAuthenticatedUser(this, Host.Constants.CookieNames.PasswordLessCookieName);
if (authenticatedUser == null || authenticatedUser.Identity == null || !authenticatedUser.Identity.IsAuthenticated)
{
throw new IdentityServerException(Core.Errors.ErrorCodes.UnhandledExceptionCode, "SMS authentication cannot be performed");
}
var subject = authenticatedUser.Claims.First(c => c.Type == Core.Jwt.Constants.StandardResourceOwnerClaimNames.Subject).Value;
var phoneNumber = authenticatedUser.Claims.First(c => c.Type == Core.Jwt.Constants.StandardResourceOwnerClaimNames.PhoneNumber);
if (confirmCodeViewModel.Action == "resend") // Resend the confirmation code.
{
var code = await _generateAndSendSmsCodeOperation.Execute(phoneNumber.Value);
await TranslateView(DefaultLanguage);
return(View("ConfirmCode", confirmCodeViewModel));
}
if (!await _authenticateActions.ValidateCode(confirmCodeViewModel.ConfirmationCode)) // Check the confirmation code.
{
ModelState.AddModelError("message_error", "Confirmation code is not valid");
await TranslateView(DefaultLanguage);
return(View("ConfirmCode", confirmCodeViewModel));
}
await _authenticationService.SignOutAsync(HttpContext, Host.Constants.CookieNames.PasswordLessCookieName, new AuthenticationProperties());
var resourceOwner = await _userActions.GetUser(authenticatedUser);
if (!string.IsNullOrWhiteSpace(resourceOwner.TwoFactorAuthentication)) // Execute TWO Factor authentication
{
try
{
await SetTwoFactorCookie(authenticatedUser.Claims);
var code = await _generateAndSendSmsCodeOperation.Execute(phoneNumber.Value);
return(RedirectToAction("SendCode", new { code = confirmCodeViewModel.Code }));
}
catch (ClaimRequiredException)
{
return(RedirectToAction("SendCode", new { code = confirmCodeViewModel.Code }));
}
catch (Exception)
{
ModelState.AddModelError("message_error", "Two factor authenticator is not properly configured");
await TranslateView(DefaultLanguage);
return(View("ConfirmCode", confirmCodeViewModel));
}
}
_simpleIdentityServerEventSource.AuthenticateResourceOwner(subject);
if (!string.IsNullOrWhiteSpace(confirmCodeViewModel.Code)) // Execute OPENID workflow
{
var request = _dataProtector.Unprotect <AuthorizationRequest>(confirmCodeViewModel.Code);
await SetLocalCookie(authenticatedUser.Claims, request.SessionId);
var issuerName = Request.GetAbsoluteUriWithVirtualPath();
var actionResult = await _authenticateHelper.ProcessRedirection(request.ToParameter(), confirmCodeViewModel.Code, subject, authenticatedUser.Claims.ToList(), issuerName);
var result = this.CreateRedirectionFromActionResult(actionResult, request);
if (result != null)
{
LogAuthenticateUser(actionResult, request.ProcessId);
return(result);
}
}
await SetLocalCookie(authenticatedUser.Claims, Guid.NewGuid().ToString()); // Authenticate the resource owner
return(RedirectToAction("Index", "User", new { area = "UserManagement" }));
}
public async Task <IActionResult> ConfirmCode(ConfirmCodeViewModel confirmCodeViewModel)
{
if (confirmCodeViewModel == null)
{
throw new ArgumentNullException(nameof(confirmCodeViewModel));
}
if (string.IsNullOrWhiteSpace(confirmCodeViewModel.Code))
{
throw new ArgumentNullException(nameof(confirmCodeViewModel.Code));
}
var user = await SetUser().ConfigureAwait(false);
if (user != null && user.Identity != null && user.Identity.IsAuthenticated)
{
return(new UnauthorizedResult());
}
var authenticatedUser = await _authenticationService.GetAuthenticatedUser(this, Host.Constants.CookieNames.PasswordLessCookieName).ConfigureAwait(false);
if (authenticatedUser == null || authenticatedUser.Identity == null || !authenticatedUser.Identity.IsAuthenticated)
{
throw new IdentityServerException(ErrorCodes.UnhandledExceptionCode, "SMS authentication cannot be performed");
}
var subject = authenticatedUser.Claims.First(c => c.Type == Core.Jwt.Constants.StandardResourceOwnerClaimNames.Subject).Value;
var phoneNumber = authenticatedUser.Claims.First(c => c.Type == Core.Jwt.Constants.StandardResourceOwnerClaimNames.PhoneNumber);
if (confirmCodeViewModel.Action == "resend") // Resend the confirmation code.
{
var code = await _generateAndSendSmsCodeOperation.Execute(phoneNumber.Value).ConfigureAwait(false);
await TranslateView(DefaultLanguage).ConfigureAwait(false);
return(View("ConfirmCode", confirmCodeViewModel));
}
ResourceOwner resourceOwner;
try
{
resourceOwner = await _resourceOwnerAuthenticateHelper.Authenticate(phoneNumber.Value, confirmCodeViewModel.ConfirmationCode, new[] { Constants.AMR }).ConfigureAwait(false);
}
catch (Exception)
{
ModelState.AddModelError("message_error", "Confirmation code is not valid");
await TranslateView(DefaultLanguage).ConfigureAwait(false);
return(View("ConfirmCode", confirmCodeViewModel));
}
await _authenticationService.SignOutAsync(HttpContext, Host.Constants.CookieNames.PasswordLessCookieName, new AuthenticationProperties()).ConfigureAwait(false);
var request = _dataProtector.Unprotect <AuthorizationRequest>(confirmCodeViewModel.Code);
var issuerName = Request.GetAbsoluteUriWithVirtualPath();
var actionResult = await _authenticateHelper.ProcessRedirection(request.ToParameter(), confirmCodeViewModel.Code, subject, authenticatedUser.Claims.ToList(), issuerName).ConfigureAwait(false);
if (actionResult.AmrLst != null)
{
request.AmrValues = string.Join(" ", actionResult.AmrLst);
}
if (actionResult.Type == Core.Results.TypeActionResult.RedirectToAction && actionResult.RedirectInstruction.Action == Core.Results.IdentityServerEndPoints.AuthenticateIndex)
{
var encryptedRequest = _dataProtector.Protect(request);
actionResult.RedirectInstruction.AddParameter(Core.Constants.StandardAuthorizationResponseNames.AuthorizationCodeName, encryptedRequest);
await SetAcrCookie(authenticatedUser.Claims).ConfigureAwait(false);
return(this.CreateRedirectionFromActionResult(actionResult, request));
}
await _authenticationService.SignOutAsync(HttpContext, Host.Constants.CookieNames.AcrCookieName, new AuthenticationProperties()).ConfigureAwait(false);
await SetLocalCookie(authenticatedUser.Claims, request.SessionId).ConfigureAwait(false);
var result = this.CreateRedirectionFromActionResult(actionResult, request);
LogAuthenticateUser(actionResult, request.ProcessId);
return(result);
}
