public AuthenticateDeviceModel GetAuthenticationModel(Device device) { var u2F = new FidoUniversalTwoFactor(); var deviceRegistration = FidoDeviceRegistration.FromJson(device.Data); var authentication = u2F.StartAuthentication(AppId, deviceRegistration); var model = new AuthenticateDeviceModel { AppId = authentication.AppId.ToString(), Challenge = authentication.Challenge, KeyHandle = device.Identifier }; return(model); }
public IActionResult AuthenticateDevice(AuthenticateDeviceModel model) { if (App.CurrentUser == null) { return(BadRequest(new { error = "You must login.", code = 401 })); } if (model == null || string.IsNullOrEmpty(model.KeyHandle)) { return(BadRequest(new { error = "Invalid device id.", code = 400 })); } var device = App.CurrentUser.Devices.FirstOrDefault(x => x.Identifier.Equals(model.KeyHandle)); if (device == null) { return(BadRequest(new { error = "Device not found.", code = 400 })); } var u2F = new FidoUniversalTwoFactor(); var deviceRegistration = FidoDeviceRegistration.FromJson(device.Data); if (deviceRegistration == null) { return(BadRequest(new { error = "Unknown key handle.", code = 400 })); } var challenge = model.Challenge; var startedAuthentication = new FidoStartedAuthentication(AppId, challenge, FidoKeyHandle.FromWebSafeBase64(model.KeyHandle ?? "")); var facetIds = new List <FidoFacetId> { new FidoFacetId(AppId.ToString()) }; var counter = u2F.FinishAuthentication(startedAuthentication, model.RawAuthenticateResponse, deviceRegistration, facetIds); deviceRegistration.Counter = counter; device.Usage++; return(Ok(new { message = "Device has been authenticated.", code = 200, redirect = Url.Action("CurrentUser") })); }
public IActionResult AuthenticateDeviceRequest(AuthenticateDeviceModel model) { if (App.CurrentUser == null) { return(BadRequest(new { error = "You must login.", code = 401 })); } if (model == null || string.IsNullOrEmpty(model.KeyHandle)) { return(BadRequest(new { error = "Invalid device id.", code = 401 })); } var device = App.CurrentUser.Devices.FirstOrDefault(x => x.Identifier.Equals(model.KeyHandle)); if (device == null) { return(BadRequest(new { error = "Device not found.", code = 401 })); } return(Ok(GetAuthenticationModel(device))); }