public async Task When_User_Is_Not_Authenticated_Then_Exception_Is_Thrown()
{
var emptyClaimsPrincipal = new ClaimsPrincipal();
var exception = await _getUserOperation.Execute(emptyClaimsPrincipal, CancellationToken.None)
.ConfigureAwait(false) as Option <ResourceOwner> .Error;
Assert.Equal(ErrorCodes.UnhandledExceptionCode, exception.Details.Title);
Assert.Equal(Strings.TheUserNeedsToBeAuthenticated, exception.Details.Detail);
}
private async Task <IActionResult> GetEditView(
ClaimsPrincipal authenticatedUser,
CancellationToken cancellationToken)
{
var option =
await _getUserOperation.Execute(authenticatedUser, cancellationToken).ConfigureAwait(false);
UpdateResourceOwnerViewModel viewModel;
var subject = authenticatedUser.GetSubject() !;
if (option is not Option <ResourceOwner> .Result ro)
{
viewModel = BuildViewModel(string.Empty, subject, authenticatedUser.Claims, false);
return(View("Edit", viewModel));
}
var resourceOwner = ro.Item;
viewModel = BuildViewModel(
resourceOwner.TwoFactorAuthentication ?? string.Empty,
subject,
resourceOwner.Claims,
true);
return(View("Edit", viewModel));
}
public async Task <IActionResult> ConfirmCode(
ConfirmCodeViewModel confirmCodeViewModel,
CancellationToken cancellationToken)
{
if (confirmCodeViewModel == null)
{
throw new ArgumentNullException(nameof(confirmCodeViewModel));
}
var user = await SetUser().ConfigureAwait(false);
if (user?.Identity != null && user.Identity.IsAuthenticated)
{
return(RedirectToAction("Index", "User", new { Area = "pwd" }));
}
var authenticatedUser = await _authenticationService
.GetAuthenticatedUser(this, CookieNames.PasswordLessCookieName)
.ConfigureAwait(false);
if (authenticatedUser?.Identity == null || !authenticatedUser.Identity.IsAuthenticated)
{
var message = "SMS authentication cannot be performed";
_logger.LogError(message);
return(SetRedirection(message, Strings.InternalServerError, ErrorCodes.UnhandledExceptionCode));
}
var authenticatedUserClaims = authenticatedUser.Claims.ToArray();
var subject = authenticatedUserClaims.First(c => c.Type == OpenIdClaimTypes.Subject).Value;
var phoneNumber = authenticatedUserClaims.First(c => c.Type == OpenIdClaimTypes.PhoneNumber);
if (confirmCodeViewModel.Action == "resend") // Resend the confirmation code.
{
_ = await _generateAndSendSmsCodeOperation.Execute(phoneNumber.Value, cancellationToken)
.ConfigureAwait(false);
return(Ok(confirmCodeViewModel));
}
// Check the confirmation code.
if (confirmCodeViewModel.ConfirmationCode == null ||
!await _validateConfirmationCode
.Execute(confirmCodeViewModel.ConfirmationCode, subject, cancellationToken)
.ConfigureAwait(false))
{
ModelState.AddModelError("message_error", "Confirmation code is not valid");
return(Ok(confirmCodeViewModel));
}
await _authenticationService.SignOutAsync(
HttpContext,
CookieNames.PasswordLessCookieName,
new AuthenticationProperties())
.ConfigureAwait(false);
var resourceOwnerOption =
await _getUserOperation.Execute(authenticatedUser, cancellationToken).ConfigureAwait(false);
if (resourceOwnerOption is Option <ResourceOwner> .Error e)
{
return(SetRedirection(e.Details.Detail, e.Details.Status.ToString(), e.Details.Title));
}
var resourceOwner = (resourceOwnerOption as Option <ResourceOwner> .Result) !.Item;
if (!string.IsNullOrWhiteSpace(resourceOwner.TwoFactorAuthentication)) // Execute TWO Factor authentication
{
try
{
await SetTwoFactorCookie(authenticatedUserClaims).ConfigureAwait(false);
await _generateAndSendSmsCodeOperation.Execute(phoneNumber.Value, cancellationToken)
.ConfigureAwait(false);
return(RedirectToAction("SendCode", new { code = confirmCodeViewModel.Code }));
}
catch (ClaimRequiredException)
{
return(RedirectToAction("SendCode", new { code = confirmCodeViewModel.Code }));
}
catch (Exception)
{
ModelState.AddModelError("message_error", "Two factor authenticator is not properly configured");
return(Ok(confirmCodeViewModel));
}
}
if (!string.IsNullOrWhiteSpace(confirmCodeViewModel.Code)) // Execute OPENID workflow
{
var request = DataProtector.Unprotect <AuthorizationRequest>(confirmCodeViewModel.Code);
await SetLocalCookie(authenticatedUserClaims, request.session_id !).ConfigureAwait(false);
var issuerName = Request.GetAbsoluteUriWithVirtualPath();
var actionResult = await _authenticateHelper.ProcessRedirection(
request.ToParameter(),
confirmCodeViewModel.Code,
subject,
authenticatedUserClaims,
issuerName,
cancellationToken)
.ConfigureAwait(false);
var result = actionResult.CreateRedirectionFromActionResult(request, _logger);
if (result != null)
{
await LogAuthenticateUser(resourceOwner !.Subject !, actionResult.Amr !).ConfigureAwait(false);
return(result);
}
}
await SetLocalCookie(authenticatedUserClaims, Id.Create())
.ConfigureAwait(false); // Authenticate the resource owner
var modelCode = string.IsNullOrWhiteSpace(confirmCodeViewModel.Code)
? confirmCodeViewModel.ConfirmationCode
: confirmCodeViewModel.Code;
if (!string.IsNullOrWhiteSpace(modelCode))
{
await _confirmationCodeStore.Remove(modelCode, subject, cancellationToken).ConfigureAwait(false);
}
return(RedirectToAction("Index", "User", new { Area = "pwd" }));
}