/// <summary>
/// Start the FIDO2 Sign in type on Android.
/// </summary>
public async System.Threading.Tasks.Task SignInUserRequestAsync(string dataJson = "")
{
try
{
Fido2AuthenticationChallengeResponse dataObject = null; // Data to sign, given from the server
if (dataJson != null && dataJson.Length > 0) // Authenticate using the token, but because the token don t received the origin of this aplication this cannot be used for now.
{
// transform the token JSON to a object
// The reason to use class for de deserializa is because of bugs that appears when using Dictionary<string, object> in the number section
dataObject = Newtonsoft.Json.JsonConvert.DeserializeObject <Fido2AuthenticationChallengeResponse>(dataJson);
}
else
{
// Preparing to request to the server the information about FIDO2
var request = new TwoFactorFido2ChallengeRequest
{
Email = this._authService.Email,
MasterPasswordHash = this._authService.MasterPasswordHash
};
// Send the request to the API Service
dataObject = await this._apiService.GetTwoFactorFido2AuthenticationChallengeAsync(request);
}
// Save the event code that will be started
this.fido2CodesType = Fido2CodesTypes.RequestSignInUser;
// Start the FIDO2 API from the Android code, using the data build in Fido2 Builder
var task = this.fido2ApiClient.GetSignPendingIntent(Fido2BuilderObject.ParsePublicKeyCredentialRequestOptions(dataObject));
task.AddOnSuccessListener((IOnSuccessListener)this.application)
.AddOnFailureListener((IOnFailureListener)this.application)
.AddOnCompleteListener((IOnCompleteListener)this.application);
}
catch (Exception e)
{
Log.Error(_tag_log, e.Message);
}
finally
{
Log.Info(_tag_log, "SignInUserRequest() -> finally()");
}
}
private static readonly string _tag_log = "Fido2Builder"; // Tag for the logs in the Fido2Builder
/// <summary>
/// Build the request for Sign In using FIDO2
/// </summary>
public static PublicKeyCredentialRequestOptions ParsePublicKeyCredentialRequestOptions(Fido2AuthenticationChallengeResponse data)
{
if (data == null)
{
return(null);
}
PublicKeyCredentialRequestOptions.Builder builder = new PublicKeyCredentialRequestOptions.Builder();
if (data.Challenge != null && data.Challenge.Length > 0)
{
// Challenge to be sign
builder.SetChallenge(CoreHelpers.Base64UrlDecode(data.Challenge));
}
if (data.AllowCredentials != null && data.AllowCredentials.Count > 0)
{
// List of FIDO2 Keys that already are registered to the user and should only use one of this FIDO2 Keys
builder.SetAllowList(ParseCredentialDescriptors(data.AllowCredentials));
}
if (data.RpId != null && data.RpId.Length > 0)
{
// Server ID information
builder.SetRpId(data.RpId);
}
if (data.Timeout > 0)
{
// temp limit to sign in
builder.SetTimeoutSeconds((Java.Lang.Double)data.Timeout);
}
if (data.UserVerification != null)
{
// Require that user has to verify before using FIDO2
//Skip
}
if (data.Extensions != null)
{
// Adicional parameter to improve even more the security
//Skip
}
return(builder.Build());
}
