Example #1
0
        /// <summary>
        /// Validates the server's key by asking it to authenticate to the client.
        /// </summary>
        private async Task VerifyServer()
        {
            var token          = GpgAuthToken.NewToken();
            var encryptedToken = await _pgp.EncryptStringAsync(token.Token, _serverKey);

            var auth = new Dictionary <string, dynamic>
            {
                { "gpg_auth", new Dictionary <string, dynamic>
                  {
                      { "keyid", _clientKey.Fingerprint },
                      { "server_verify_token", encryptedToken }
                  } }
            };

            var result = await _session.Post(URL_LOGIN, auth).SendAsync();

            result.ThrowIfFailed();

            GpgAuthHeaders.Validate(result.Response.Headers, GpgAuthState.VerifyServer);
            var verifyToken = new GpgAuthToken(result.Response.Headers.GetValue("X-GPGAuth-Verify-Response"));

            if (verifyToken.Token != token.Token)
            {
                throw new Exception("The server failed to prove it can use the advertised OpenPGP key.");
            }
        }
Example #2
0
        /// <summary>
        /// Verifies the MFA challenge with the specified response.
        /// </summary>
        /// <param name="otp">The one-time password from the user's security token.</param>
        /// <returns>Whether the server accepted the response.</returns>
        public async Task <bool> VerifyMfaChallenge(string otp)
        {
            var response = await _session.Post(GetVerifyApiPath(), GetVerifyPostData(otp))
                           .WithCsrfToken()
                           .SendAsync <JObject>();

            if (!response.Response.IsSuccessStatusCode)
            {
                _session.Logger?.LogError($"There was a problem with MFA authentication. Server returned code {response.Response.StatusCode}.");
                return(false);
            }

            return(true);
        }