private static readonly string _tag_log = "Fido2Builder"; // Tag for the logs in the Fido2Builder

        /// <summary>
        /// Build the request for Sign In using FIDO2
        /// </summary>
        public static PublicKeyCredentialRequestOptions ParsePublicKeyCredentialRequestOptions(Dictionary <string, object> data)
        {
            PublicKeyCredentialRequestOptions.Builder builder = new PublicKeyCredentialRequestOptions.Builder();
            foreach (KeyValuePair <string, object> entry in data)
            {
                switch (entry.Key)
                {
                case "challenge":     // Challenge to be sign
                    builder.SetChallenge(CoreHelpers.Base64UrlDecode((string)entry.Value));
                    break;

                case "allowCredentials":     // List of FIDO2 Keys that already are registered to the user and should only use one of this FIDO2 Keys
                    builder.SetAllowList(ParseCredentialDescriptors((List <Dictionary <string, object> >)entry.Value));
                    break;

                case "rpId":     // Server ID information
                    builder.SetRpId((string)entry.Value);
                    break;

                case "timeout":     // temp limit to sign in
                    builder.SetTimeoutSeconds((Java.Lang.Double)(double) entry.Value);
                    break;

                case "userVerification":     // Require that user has to verify before using FIDO2
                    //Skip
                    break;

                case "extensions":     // Adicional parameter to improve even more the security
                    //Skip
                    break;
                }
            }
            return(builder.Build());
        }
        public static PublicKeyCredentialRequestOptions ConvertToPublicKeyCredentialRequestOptions(
            IFido2Client fido2Client,
            ServerPublicKeyCredentialCreationOptionsResponse response,
            bool isUseSelectedPlatformAuthenticator)
        {
            PublicKeyCredentialRequestOptions.Builder builder = new PublicKeyCredentialRequestOptions.Builder();

            builder.SetRpId(response.RpId);

            builder.SetChallenge(ByteUtils.Base64ToByte(response.Challenge));

            ServerPublicKeyCredentialDescriptor[] descriptors = response.AllowCredentials;
            if (descriptors != null)
            {
                List <PublicKeyCredentialDescriptor> descriptorList = new List <PublicKeyCredentialDescriptor>();
                foreach (ServerPublicKeyCredentialDescriptor descriptor in descriptors)
                {
                    List <AuthenticatorTransport> transports = new List <AuthenticatorTransport>();
                    if (descriptor.Transports != null)
                    {
                        try
                        {
                            transports.Add(AuthenticatorTransport.FromValue(descriptor.Transports));
                        }
                        catch (System.Exception e)
                        {
                            Log.Error(Tag, e.Message, e);
                        }
                    }
                    PublicKeyCredentialDescriptor desc = new PublicKeyCredentialDescriptor(
                        PublicKeyCredentialType.PublicKey, ByteUtils.Base64ToByte(descriptor.Id), transports);
                    descriptorList.Add(desc);
                }
                builder.SetAllowList(descriptorList);
            }

            Dictionary <string, Java.Lang.Object> extensions = new Dictionary <string, Java.Lang.Object>();

            if (response.Extensions != null)
            {
                extensions.AddRangeOverride(response.Extensions);
            }
            // Specify a platform authenticator and related extension items. You can specify a platform
            // authenticator or not as needed.
            if (isUseSelectedPlatformAuthenticator)
            {
                UseSelectedPlatformAuthenticator(fido2Client, extensions);
            }
            builder.SetExtensions(extensions);
            builder.SetTimeoutSeconds((Java.Lang.Long)response.Timeout);
            return(builder.Build());
        }
Example #3
0
        private static readonly string _tag_log = "Fido2Builder"; // Tag for the logs in the Fido2Builder

        /// <summary>
        /// Build the request for Sign In using FIDO2
        /// </summary>
        public static PublicKeyCredentialRequestOptions ParsePublicKeyCredentialRequestOptions(Fido2AuthenticationChallengeResponse data)
        {
            if (data == null)
            {
                return(null);
            }

            PublicKeyCredentialRequestOptions.Builder builder = new PublicKeyCredentialRequestOptions.Builder();

            if (data.Challenge != null && data.Challenge.Length > 0)
            {
                // Challenge to be sign
                builder.SetChallenge(CoreHelpers.Base64UrlDecode(data.Challenge));
            }
            if (data.AllowCredentials != null && data.AllowCredentials.Count > 0)
            {
                // List of FIDO2 Keys that already are registered to the user and should only use one of this FIDO2 Keys
                builder.SetAllowList(ParseCredentialDescriptors(data.AllowCredentials));
            }
            if (data.RpId != null && data.RpId.Length > 0)
            {
                // Server ID information
                builder.SetRpId(data.RpId);
            }
            if (data.Timeout > 0)
            {
                // temp limit to sign in
                builder.SetTimeoutSeconds((Java.Lang.Double)data.Timeout);
            }
            if (data.UserVerification != null)
            {
                // Require that user has to verify before using FIDO2
                //Skip
            }
            if (data.Extensions != null)
            {
                // Adicional parameter to improve even more the security
                //Skip
            }
            return(builder.Build());
        }