public async Task <ActionResult> Validate([Bind(Include = "otp")] string otp)
{
if (ModelState.IsValid)
{
var status = OTPValidation.Validate(otp, User.Identity.GetUserId());
TempData["status"] = status.ToString();
return(RedirectToAction("ValidationResult"));
}
return(View());
}
public YubiCryptKey GetTokenStoredSecret([FromUri] string tokenOTP)
{
var usrId = User.Identity.GetUserId();
var validationResult = OTPValidation.Validate(tokenOTP, usrId);
if (validationResult != OTPValidation.Status.OK)
{
var resp = new HttpResponseMessage(HttpStatusCode.Unauthorized)
{
Content = new StringContent("The provided OTP token is invalid."),
ReasonPhrase = "Invalid authentication token"
};
throw new HttpResponseException(resp);
}
using (var db = new ApplicationDbContext())
{
var usr = db.Users.Where(u => u.Id == usrId).Single();
#if ALLOW_DUMMY_OTPS
var userHardwareToken = usr.Yubikeys.FirstOrDefault();
var tokenPublicID = "TESTTAG";
#else
var tokenPublicID = OTPValidation.SplitOTP(tokenOTP).Item1;
var userHardwareToken = usr.Yubikeys.Where(yk => yk.YubiKeyUID == tokenPublicID).SingleOrDefault();
#endif
if (userHardwareToken == null)
{
var resp = new HttpResponseMessage(HttpStatusCode.NotFound)
{
Content = new StringContent(string.Format("User has no associated YubiKey with ID = {0}", tokenPublicID)),
ReasonPhrase = "YubiKey Not Found"
};
throw new HttpResponseException(resp);
}
var secretKey = userHardwareToken.TFKDSecret;
if (secretKey == null)
{
var resp = new HttpResponseMessage(HttpStatusCode.NotFound)
{
Content = new StringContent("This YubiKey does not have the secret key stored in the YubiCrypt platform."),
ReasonPhrase = "Key Not Found"
};
throw new HttpResponseException(resp);
}
return(new YubiCryptKey(secretKey.TFKDEncryptedSecret, secretKey.TFKDEncryptionSalt, userHardwareToken.SerialNumber));
}
}
public ActionResult SaveDropzoneJsUploadedFiles()
{
var currentUserId = User.Identity.GetUserId();;
foreach (string fileName in Request.Files)
{
HttpPostedFileBase file = Request.Files[fileName];
string result = new StreamReader(file.InputStream).ReadToEnd();
var config = JsonConvert.DeserializeObject <YubiCryptConfig>(result);
YubiKey newToken = new YubiKey
{
DateAdded = DateTime.Now,
Active = true,
Counter = 0,
Time = 0,
AESKey = Convert.ToBase64String(OTPValidation.StringToByteArray(config.OTPAESKey)),
Privateidentity = config.OTPPrivateID,
YubiKeyUID = config.OTPPublicID,
SerialNumber = config.YubikeySerialNumber,
YubikeyVersion = config.YubikeyVersion,
NDEFEnabled = config.NDEFEnabled,
UserProfile = db.Users.Where(u => u.Id == currentUserId).SingleOrDefault()
};
if (config.ChallengeResponseKey != null)
{
var parts = config.ChallengeResponseKey.Split(':');
TFKDSecret secret = new TFKDSecret()
{
TFKDEncryptedSecret = parts[0],
TFKDEncryptionSalt = parts[1]
};
newToken.TFKDSecret = secret;
}
db.YubiKeys.Add(newToken);
}
db.SaveChanges();
return(Json(new { Message = string.Empty }));
}
private bool IsAuthenticated(HttpActionContext actionContext)
{
var headers = actionContext.Request.Headers;
var timeStampString = GetHttpRequestHeader(headers, TimestampHeaderName);
//if (!IsDateValidated(timeStampString))
// return false;
var authenticationString = GetHttpRequestHeader(headers, AuthenticationHeaderName);
if (string.IsNullOrEmpty(authenticationString))
{
return(false);
}
//var authenticationParts = authenticationString.Split(new[] { ":" },
// StringSplitOptions.RemoveEmptyEntries);
//if (authenticationParts.Length != 2)
// return false;
//var username = authenticationParts[0];
//var signature = authenticationParts[1];
//if (!IsSignatureValidated(signature))
// return false;
//AddToMemoryCache(signature);
//var hashedPassword = GetHashedPassword(username);
//var baseString = BuildBaseString(actionContext);
//return IsAuthenticated(hashedPassword, baseString, signature);
return(OTPValidation.Validate(authenticationString, "c8e1c37d-2606-4547-8534-b55b4c9c3149") == OTPValidation.Status.OK);
}
