public ActionResult AssertionOptionsPost([FromForm] string username)
        {
            try
            {
                // 1. Get user from DB
                var user = DemoStorage.GetUser(username);
                if (user == null)
                {
                    throw new ArgumentException("Username was not registered");
                }

                // 2. Get registered credentials from database
                List <PublicKeyCredentialDescriptor> existingCredentials = DemoStorage.GetCredentialsByUser(user).Select(c => c.Descriptor).ToList();

                // 3. Create options
                var options = _lib.GetAssertionOptions(
                    existingCredentials,
                    UserVerificationRequirement.Discouraged
                    );

                // 4. Temporarily store options, session/in-memory cache/redis/db
                HttpContext.Session.SetString("fido2.assertionOptions", options.ToJson());

                // 5. Return options to client
                return(Json(options));
            }

            catch (Exception e)
            {
                return(Json(new AssertionOptions {
                    Status = "error", ErrorMessage = FormatException(e)
                }));
            }
        }
Exemple #2
0
        public ActionResult AssertionOptionsPost([FromForm] string username, [FromForm] string userVerification)
        {
            try
            {
                var existingCredentials = new List <PublicKeyCredentialDescriptor>();

                if (!string.IsNullOrEmpty(username))
                {
                    // 1. Get user from DB
                    var user = fidoStore.GetUser(username);
                    if (user == null)
                    {
                        throw new ArgumentException("Username was not registered");
                    }

                    // 2. Get registered credentials from database
                    existingCredentials = fidoStore.GetCredentialsByUser(user).Select(c => c.Descriptor).ToList();
                }

                var exts = new AuthenticationExtensionsClientInputs()
                {
                    SimpleTransactionAuthorization  = "FIDO",
                    GenericTransactionAuthorization = new TxAuthGenericArg
                    {
                        ContentType = "text/plain",
                        Content     = new byte[] { 0x46, 0x49, 0x44, 0x4F }
                    },
                    UserVerificationIndex = true,
                    Location = true,
                    UserVerificationMethod = true
                };

                // 3. Create options
                var uv = string.IsNullOrEmpty(userVerification)
                    ? UserVerificationRequirement.Discouraged
                    : userVerification.ToEnum <UserVerificationRequirement>();
                var options = fido2.GetAssertionOptions(
                    existingCredentials,
                    uv,
                    exts
                    );

                // 4. Temporarily store options, session/in-memory cache/redis/db
                HttpContext.Session.SetString("fido2.assertionOptions", options.ToJson());

                // 5. Return options to client
                return(Ok(options));
            }

            catch (Exception e)
            {
                return(BadRequest(new AssertionOptions {
                    Status = "error", ErrorMessage = FormatException(e)
                }));
            }
        }
Exemple #3
0
        public ContentResult Index(string username)
        {
            // 1. Get user from DB
            var user = DemoStorage.GetUser(username + "@example.com");

            // 2. Get registered credentials from database
            var existingCredentials = DemoStorage.GetCredentialsByUser(user);

            var content = System.IO.File.ReadAllText("wwwroot/index.html");

            var table = "";

            foreach (var cred in existingCredentials)
            {
                var coseKey = PeterO.Cbor.CBORObject.DecodeFromBytes(cred.PublicKey);
                var kty     = coseKey[PeterO.Cbor.CBORObject.FromObject(COSE.KeyCommonParameters.kty)].AsInt32();
                var desc    = "";
                var icon    = "";
                try {
                    var entry = _mds.GetEntry(cred.AaGuid);
                    desc = entry.MetadataStatement.Description.ToString();
                    icon = entry.MetadataStatement.Icon.ToString();
                }
                catch { }

                table +=
                    "<tr>" +
                    "<td class=\"format no-wrap\">" + cred.CredType + "</td>" +
                    "<td class=\"no-wrap\">" + cred.RegDate + "</td>" +
                    "<td class=\"no-wrap\">" + cred.SignatureCounter.ToString() + "</td>" +
                    "<td class=\"no-wrap\">" + cred.AaGuid.ToString() + "</td>" +
                    "<td class=\"no-wrap\">" + desc + "</td>" +
                    "<img src=" + icon + ">" +
                    "<td>";
                switch (kty)
                {
                case (int)COSE.KeyTypes.OKP:
                {
                    var X = coseKey[PeterO.Cbor.CBORObject.FromObject(COSE.KeyTypeParameters.x)].GetByteString();
                    table += "<table class=\"sub-table\">" +
                             "<tr>" +
                             "<td><pre>X: " + BitConverter.ToString(X).Replace("-", "") + "</pre></td>" +
                             "</tr>" +
                             "</table>";
                    break;
                }

                case (int)COSE.KeyTypes.EC2:
                {
                    var X = coseKey[PeterO.Cbor.CBORObject.FromObject(COSE.KeyTypeParameters.x)].GetByteString();
                    var Y = coseKey[PeterO.Cbor.CBORObject.FromObject(COSE.KeyTypeParameters.y)].GetByteString();
                    table += "<table class=\"sub-table\">" +
                             "<tr>" +
                             "<td><pre>X: " + BitConverter.ToString(X).Replace("-", "") + "</pre></td>" +
                             "</tr>" +
                             "<tr>" +
                             "<td><pre>Y: " + BitConverter.ToString(Y).Replace("-", "") + "</pre></td>" +
                             "</tr>" +
                             "</table>";
                    break;
                }

                case (int)COSE.KeyTypes.RSA:
                {
                    var modulus  = coseKey[PeterO.Cbor.CBORObject.FromObject(COSE.KeyTypeParameters.n)].GetByteString();
                    var exponent = coseKey[PeterO.Cbor.CBORObject.FromObject(COSE.KeyTypeParameters.e)].GetByteString();
                    table += "<table class=\"sub-table\">" +
                             "<tr>" +
                             "<td><pre>Modulus: " + BitConverter.ToString(modulus).Replace("-", "") + "</pre></td>" +
                             "</tr>" +
                             "<tr>" +
                             "<td><pre>Exponent: " + BitConverter.ToString(exponent).Replace("-", "") + "</pre></td>" +
                             "</tr>" +
                             "</table>";
                    break;
                }

                default:
                {
                    throw new Fido2VerificationException(string.Format("Missing or unknown keytype {0}", kty.ToString()));
                }
                }
            }

            return(new ContentResult
            {
                ContentType = "text/html",
                StatusCode = (int)System.Net.HttpStatusCode.OK,
                Content = string.Format(content, username, table)
            });
        }