public DriveMap()
{
Group = "";
Credentials = CredentialOption.Final;
}
public async Task <ActionResult <CredentialCreateOptions> > MakeCredentialOptions(CredentialOption option)
{
try
{
// 註冊使用者
var user = await context.Members.Where(x => x.UserName == option.UserName).FirstOrDefaultAsync();
if (user == null)
{
user = new Member
{
MemberId = Guid.NewGuid(),
UserName = option.UserName,
DisplayName = option.DisplayName,
UserId = Encoding.UTF8.GetBytes(option.UserName)
};
context.Members.Add(user);
await context.SaveChangesAsync();
}
var fidoUser = new Fido2User
{
DisplayName = user.DisplayName,
Name = user.UserName,
Id = user.UserId
};
// 取得 Key. 排除已經註冊過的 Credentials
var existingKeys = await context.StoredCredentials.Where(x => x.UserId == user.UserId).Select(x => x.Descriptor).ToListAsync();
// 建立 Option
var authenticatorSelection = new AuthenticatorSelection
{
RequireResidentKey = option.RequireResidentKey,
UserVerification = option.UserVerification.ToEnum <UserVerificationRequirement>()
};
if (!string.IsNullOrEmpty(option.AuthType))
{
authenticatorSelection.AuthenticatorAttachment = option.AuthType.ToEnum <AuthenticatorAttachment>();
}
var exts = new AuthenticationExtensionsClientInputs()
{
Extensions = true, UserVerificationIndex = true, Location = true, UserVerificationMethod = true, BiometricAuthenticatorPerformanceBounds = new AuthenticatorBiometricPerfBounds {
FAR = float.MaxValue, FRR = float.MaxValue
}
};
var options = _fido2.RequestNewCredential(fidoUser, existingKeys, authenticatorSelection, option.AttType.ToEnum <AttestationConveyancePreference>(), exts);
// Temporarily store options, session/in-memory cache/redis/db
HttpContext.Session.SetString("fido2.attestationOptions", options.ToJson());
// 回傳
return(Ok(options));
}
catch (Exception e)
{
return(BadRequest(new CredentialCreateOptions {
Status = "error", ErrorMessage = FormatException(e)
}));
}
}
public DriveMap()
{
Group = "";
Credentials = CredentialOption.Final;
}