/// <summary> /// Start the FIDO2 Sign in type on Android. /// </summary> public async System.Threading.Tasks.Task SignInUserRequestAsync(string dataJson = "") { try { Fido2AuthenticationChallengeResponse dataObject = null; // Data to sign, given from the server if (dataJson != null && dataJson.Length > 0) // Authenticate using the token, but because the token don t received the origin of this aplication this cannot be used for now. { // transform the token JSON to a object // The reason to use class for de deserializa is because of bugs that appears when using Dictionary<string, object> in the number section dataObject = Newtonsoft.Json.JsonConvert.DeserializeObject <Fido2AuthenticationChallengeResponse>(dataJson); } else { // Preparing to request to the server the information about FIDO2 var request = new TwoFactorFido2ChallengeRequest { Email = this._authService.Email, MasterPasswordHash = this._authService.MasterPasswordHash }; // Send the request to the API Service dataObject = await this._apiService.GetTwoFactorFido2AuthenticationChallengeAsync(request); } // Save the event code that will be started this.fido2CodesType = Fido2CodesTypes.RequestSignInUser; // Start the FIDO2 API from the Android code, using the data build in Fido2 Builder var task = this.fido2ApiClient.GetSignPendingIntent(Fido2BuilderObject.ParsePublicKeyCredentialRequestOptions(dataObject)); task.AddOnSuccessListener((IOnSuccessListener)this.application) .AddOnFailureListener((IOnFailureListener)this.application) .AddOnCompleteListener((IOnCompleteListener)this.application); } catch (Exception e) { Log.Error(_tag_log, e.Message); } finally { Log.Info(_tag_log, "SignInUserRequest() -> finally()"); } }
private static readonly string _tag_log = "Fido2Builder"; // Tag for the logs in the Fido2Builder /// <summary> /// Build the request for Sign In using FIDO2 /// </summary> public static PublicKeyCredentialRequestOptions ParsePublicKeyCredentialRequestOptions(Fido2AuthenticationChallengeResponse data) { if (data == null) { return(null); } PublicKeyCredentialRequestOptions.Builder builder = new PublicKeyCredentialRequestOptions.Builder(); if (data.Challenge != null && data.Challenge.Length > 0) { // Challenge to be sign builder.SetChallenge(CoreHelpers.Base64UrlDecode(data.Challenge)); } if (data.AllowCredentials != null && data.AllowCredentials.Count > 0) { // List of FIDO2 Keys that already are registered to the user and should only use one of this FIDO2 Keys builder.SetAllowList(ParseCredentialDescriptors(data.AllowCredentials)); } if (data.RpId != null && data.RpId.Length > 0) { // Server ID information builder.SetRpId(data.RpId); } if (data.Timeout > 0) { // temp limit to sign in builder.SetTimeoutSeconds((Java.Lang.Double)data.Timeout); } if (data.UserVerification != null) { // Require that user has to verify before using FIDO2 //Skip } if (data.Extensions != null) { // Adicional parameter to improve even more the security //Skip } return(builder.Build()); }