public void TestSignWithCustomTime() { long fake_current_time = 1300157874 - 75; DateTime fake_current_dt = new DateTime(1970, 1, 1).AddSeconds(fake_current_time); string request_sig = DuoWeb.SignRequest(IKEY, SKEY, AKEY, USER, fake_current_dt); Assert.AreEqual(request_sig, OLD_REQUEST); }
public void TestVerifyExpiredUserWithCustomTime() { long fake_current_unixtime = 1300157874 - 60; DateTime fake_current_dt = new DateTime(1970, 1, 1).AddSeconds(fake_current_unixtime); string expired_user = DuoWeb.VerifyResponse(IKEY, SKEY, AKEY, EXPIRED_RESPONSE + ":" + OLD_REQUEST_APP_SIG, fake_current_dt); Assert.AreEqual(expired_user, USER); }
public void SetUp() { var request_sig = DuoWeb.SignRequest(IKEY, SKEY, AKEY, USER); var sigs = request_sig.Split(':'); valid_app_sig = sigs[1]; request_sig = DuoWeb.SignRequest(IKEY, SKEY, "invalidinvalidinvalidinvalidinvalidinvalid", USER); sigs = request_sig.Split(':'); invalid_app_sig = sigs[1]; }
public async Task <bool> ValidateAsync(string purpose, string token, UserManager <User> manager, User user) { var provider = user.GetTwoFactorProvider(TwoFactorProviderType.Duo); if (!HasProperMetaData(provider)) { return(false); } var response = DuoWeb.VerifyResponse((string)provider.MetaData["IKey"], (string)provider.MetaData["SKey"], _globalSettings.Duo.AKey, token); return(response == user.Email); }
public async Task <string> GenerateAsync(string purpose, UserManager <User> manager, User user) { var provider = user.GetTwoFactorProvider(TwoFactorProviderType.Duo); if (!HasProperMetaData(provider)) { return(null); } var signatureRequest = DuoWeb.SignRequest((string)provider.MetaData["IKey"], (string)provider.MetaData["SKey"], _globalSettings.Duo.AKey, user.Email); return(signatureRequest); }
public Task <bool> ValidateAsync(string token, Organization organization, User user) { if (organization == null || !organization.Enabled || !organization.Use2fa) { return(Task.FromResult(false)); } var provider = organization.GetTwoFactorProvider(TwoFactorProviderType.OrganizationDuo); if (!HasProperMetaData(provider)) { return(Task.FromResult(false)); } var response = DuoWeb.VerifyResponse(provider.MetaData["IKey"].ToString(), provider.MetaData["SKey"].ToString(), _globalSettings.Duo.AKey, token); return(Task.FromResult(response == user.Email)); }
public Task <string> GenerateAsync(Organization organization, User user) { if (organization == null || !organization.Enabled || !organization.Use2fa) { return(Task.FromResult <string>(null)); } var provider = organization.GetTwoFactorProvider(TwoFactorProviderType.OrganizationDuo); if (!HasProperMetaData(provider)) { return(Task.FromResult <string>(null)); } var signatureRequest = DuoWeb.SignRequest(provider.MetaData["IKey"].ToString(), provider.MetaData["SKey"].ToString(), _globalSettings.Duo.AKey, user.Email); return(Task.FromResult(signatureRequest)); }
private static string doPost(HttpListenerRequest request) { using (Stream body = request.InputStream) { using (StreamReader reader = new StreamReader(body, request.ContentEncoding)) { string bodyStream = reader.ReadToEnd(); var form = bodyStream.Split('='); var sig_response_val = WebUtility.UrlDecode(form[1]); string responseUser = DuoWeb.VerifyResponse(ikey, skey, akey, sig_response_val); if (string.IsNullOrEmpty(responseUser)) { return("Did not authenticate with Duo."); } return($"Authenticated with Duo as {responseUser}."); } } }
private static string doGet(HttpListenerRequest request) { string response; try { response = File.ReadAllText(Path.GetFileName(request.RawUrl)); } catch { string userName = request.QueryString.Get("user"); if (string.IsNullOrEmpty(userName)) { return("You must include a user to authenticate with Duo"); } var sig_request = DuoWeb.SignRequest(ikey, skey, akey, userName); response = $@"<html> <head> <title>Duo Authentication</title> <meta name='viewport' content='width=device-width, initial-scale=1'> <meta http-equiv='X-UA-Compatible' content='IE=edge'> <link rel='stylesheet' type='text/css' href='Duo-Frame.css'> </head> <body> <h1>Duo Authentication</h1> <script src='/Duo-Web-v2.js'></script> <iframe id='duo_iframe' title='Two-Factor Authentication' frameborder='0' data-host='{host}' data-sig-request='{sig_request}'> </iframe> </body> </html>"; } return(response); }
public void TestVerifyFutureUserInvalidAppSig() { string future_user = DuoWeb.VerifyResponse(IKEY, SKEY, AKEY, FUTURE_RESPONSE + ":" + invalid_app_sig); Assert.IsNull(future_user); }
public void TestSign() { string request_sig = DuoWeb.SignRequest(IKEY, SKEY, AKEY, USER); Assert.IsNotNull(request_sig); }
public void TestVerifyInvalidUser() { string invalid_user = DuoWeb.VerifyResponse(IKEY, SKEY, AKEY, INVALID_RESPONSE + ":" + valid_app_sig); Assert.IsNull(invalid_user); }
public void TestVerifyExpiredUser() { string expired_user = DuoWeb.VerifyResponse(IKEY, SKEY, AKEY, EXPIRED_RESPONSE + ":" + valid_app_sig); Assert.IsNull(expired_user); }
public void TestVerifyFutureUserWrongIkey() { string future_user = DuoWeb.VerifyResponse(WRONG_IKEY, SKEY, AKEY, FUTURE_RESPONSE + ":" + valid_app_sig); Assert.IsNull(future_user); }
public void TestVerifyFutureUserWrongAppSigFormat() { string future_user = DuoWeb.VerifyResponse(IKEY, SKEY, AKEY, FUTURE_RESPONSE + ":" + WRONG_PARAMS_APP); Assert.IsNull(future_user); }
public void TestVerifyFutureUserWrongResponseFormat() { string future_user = DuoWeb.VerifyResponse(IKEY, SKEY, AKEY, WRONG_PARAMS_RESPONSE + ":" + valid_app_sig); Assert.IsNull(future_user, USER); }
public void TestSignBadUsername() { string request_sig = DuoWeb.SignRequest(IKEY, SKEY, AKEY, "in|valid"); Assert.AreEqual(request_sig, DuoWeb.ERR_USER); }
public void TestSignBadAkey() { string request_sig = DuoWeb.SignRequest(IKEY, SKEY, "invalid", USER); Assert.AreEqual(request_sig, DuoWeb.ERR_AKEY); }
public void TestVerifyFutureUserValidAppSig() { string future_user = DuoWeb.VerifyResponse(IKEY, SKEY, AKEY, FUTURE_RESPONSE + ":" + valid_app_sig); Assert.AreEqual(future_user, USER); }