Esempio n. 1
0
        public async Task SendPin(SendPinRequest request)
        {
            Context.WebContext.MarkConfidential();
            Context.ThrowIfNull(request, ClientFaultCodes.ContentMissing, "SendPinRequest", "Pin request object must be provided.");
            Context.ValidateNotEmpty(request.ProcessToken, "ProcessToken", "Process token should be provided.");
            Context.ValidateNotEmpty(request.Factor, "Factor", "Factor (email or phone) should be provided.");
            Context.ThrowValidation();
            var session = Context.OpenSession();
            var process = GetActiveProcess(session, request.ProcessToken, confirmedOnly: false);

            if (process == null)
            {
                return; //no indication process exist or not
            }
            Context.ThrowIf(process.CurrentFactor != null, ClientFaultCodes.InvalidAction, "token", "The previous process step is not completed.");
            var iFactor = _processService.FindLoginExtraFactor(process.Login, request.Factor);

            //now having completed at least one extra factor, we can openly indicate that we could not find next factor
            Context.ThrowIfNull(iFactor, ClientFaultCodes.InvalidValue, "factor", "Login factor (email or phone) is not found for a user.");
            //Check that factor type is one in the pending steps
            var factorOk = process.PendingFactors.IsSet(iFactor.FactorType);

            Context.ThrowIf(!factorOk, ClientFaultCodes.InvalidValue, "factor", "Login factor type attempted (email or phone) is not pending in the process.");
            await _processService.SendPinAsync(process, iFactor, request.Factor); //we use factor from request, to avoid unencrypting twice
        }
Esempio n. 2
0
        public async Task SendPinForMultiFactor(SendPinRequest pinRequest)
        {
            var session = Context.OpenSession();
            var process = GetMutiFactorProcess(session, pinRequest.ProcessToken);

            Context.ThrowIf(process.CurrentFactor != null, ClientFaultCodes.InvalidAction, "token", "Factor verification pending, the previous process step is not completed.");
            var pendingFactorTypes = process.PendingFactors;

            Context.ThrowIf(!pendingFactorTypes.IsSet(pinRequest.FactorType), ClientFaultCodes.InvalidValue, "factortype", "Factor type is not pending in login process");
            var factor = process.Login.ExtraFactors.FirstOrDefault(f => f.FactorType == pinRequest.FactorType);

            Context.ThrowIfNull(factor, ClientFaultCodes.ObjectNotFound, "factor",
                                "Login factor (email or phone) not setup in user account; factor type: {0}", pinRequest.FactorType);
            await _processService.SendPinAsync(process, factor);
        }