internal async Task<IEndpointResult> ProcessAuthorizeRequestAsync(NameValueCollection parameters, ClaimsPrincipal user, ConsentResponse consent) { if (user != null) { _logger.LogTrace("User in authorize request: name:{0}, sub:{1}", user.GetName(), user.GetSubjectId()); } else { _logger.LogTrace("No user present in authorize request"); } // validate request var result = await _validator.ValidateAsync(parameters, user); if (result.IsError) { return await ErrorPageAsync( result.ErrorType, result.Error, result.ValidatedRequest); } var request = result.ValidatedRequest; // determine user interaction var interactionResult = await _interactionGenerator.ProcessInteractionAsync(request, consent); if (interactionResult.IsError) { return await ErrorPageAsync( interactionResult.Error.ErrorType, interactionResult.Error.Error, request); } if (interactionResult.IsLogin) { return await LoginPageAsync(request); } if (interactionResult.IsConsent) { return await ConsentPageAsync(request); } // issue response return await SuccessfulAuthorizationAsync(request); }
private static void PerformTwoFactorAuthentication(PostAuthenticationContext context, ClaimsPrincipal authenticatedUser) { var twoFactorTokenService = new TwoFactorTokenService(); if (twoFactorTokenService.HasVerifiedTwoFactorCode(authenticatedUser.GetSubjectId())) { return; } twoFactorTokenService.GenerateTwoFactorCodeFor(authenticatedUser.GetSubjectId()); context.AuthenticateResult = new AuthenticateResult("~/twofactorauthentication", authenticatedUser.GetSubjectId(), authenticatedUser.GetName(), authenticatedUser.Claims); }