private static readonly string _tag_log = "Fido2Builder"; // Tag for the logs in the Fido2Builder
/// <summary>
/// Build the request for Sign In using FIDO2
/// </summary>
public static PublicKeyCredentialRequestOptions ParsePublicKeyCredentialRequestOptions(Dictionary <string, object> data)
{
PublicKeyCredentialRequestOptions.Builder builder = new PublicKeyCredentialRequestOptions.Builder();
foreach (KeyValuePair <string, object> entry in data)
{
switch (entry.Key)
{
case "challenge": // Challenge to be sign
builder.SetChallenge(CoreHelpers.Base64UrlDecode((string)entry.Value));
break;
case "allowCredentials": // List of FIDO2 Keys that already are registered to the user and should only use one of this FIDO2 Keys
builder.SetAllowList(ParseCredentialDescriptors((List <Dictionary <string, object> >)entry.Value));
break;
case "rpId": // Server ID information
builder.SetRpId((string)entry.Value);
break;
case "timeout": // temp limit to sign in
builder.SetTimeoutSeconds((Java.Lang.Double)(double) entry.Value);
break;
case "userVerification": // Require that user has to verify before using FIDO2
//Skip
break;
case "extensions": // Adicional parameter to improve even more the security
//Skip
break;
}
}
return(builder.Build());
}
public static PublicKeyCredentialRequestOptions ConvertToPublicKeyCredentialRequestOptions(
IFido2Client fido2Client,
ServerPublicKeyCredentialCreationOptionsResponse response,
bool isUseSelectedPlatformAuthenticator)
{
PublicKeyCredentialRequestOptions.Builder builder = new PublicKeyCredentialRequestOptions.Builder();
builder.SetRpId(response.RpId);
builder.SetChallenge(ByteUtils.Base64ToByte(response.Challenge));
ServerPublicKeyCredentialDescriptor[] descriptors = response.AllowCredentials;
if (descriptors != null)
{
List <PublicKeyCredentialDescriptor> descriptorList = new List <PublicKeyCredentialDescriptor>();
foreach (ServerPublicKeyCredentialDescriptor descriptor in descriptors)
{
List <AuthenticatorTransport> transports = new List <AuthenticatorTransport>();
if (descriptor.Transports != null)
{
try
{
transports.Add(AuthenticatorTransport.FromValue(descriptor.Transports));
}
catch (System.Exception e)
{
Log.Error(Tag, e.Message, e);
}
}
PublicKeyCredentialDescriptor desc = new PublicKeyCredentialDescriptor(
PublicKeyCredentialType.PublicKey, ByteUtils.Base64ToByte(descriptor.Id), transports);
descriptorList.Add(desc);
}
builder.SetAllowList(descriptorList);
}
Dictionary <string, Java.Lang.Object> extensions = new Dictionary <string, Java.Lang.Object>();
if (response.Extensions != null)
{
extensions.AddRangeOverride(response.Extensions);
}
// Specify a platform authenticator and related extension items. You can specify a platform
// authenticator or not as needed.
if (isUseSelectedPlatformAuthenticator)
{
UseSelectedPlatformAuthenticator(fido2Client, extensions);
}
builder.SetExtensions(extensions);
builder.SetTimeoutSeconds((Java.Lang.Long)response.Timeout);
return(builder.Build());
}
private static readonly string _tag_log = "Fido2Builder"; // Tag for the logs in the Fido2Builder
/// <summary>
/// Build the request for Sign In using FIDO2
/// </summary>
public static PublicKeyCredentialRequestOptions ParsePublicKeyCredentialRequestOptions(Fido2AuthenticationChallengeResponse data)
{
if (data == null)
{
return(null);
}
PublicKeyCredentialRequestOptions.Builder builder = new PublicKeyCredentialRequestOptions.Builder();
if (data.Challenge != null && data.Challenge.Length > 0)
{
// Challenge to be sign
builder.SetChallenge(CoreHelpers.Base64UrlDecode(data.Challenge));
}
if (data.AllowCredentials != null && data.AllowCredentials.Count > 0)
{
// List of FIDO2 Keys that already are registered to the user and should only use one of this FIDO2 Keys
builder.SetAllowList(ParseCredentialDescriptors(data.AllowCredentials));
}
if (data.RpId != null && data.RpId.Length > 0)
{
// Server ID information
builder.SetRpId(data.RpId);
}
if (data.Timeout > 0)
{
// temp limit to sign in
builder.SetTimeoutSeconds((Java.Lang.Double)data.Timeout);
}
if (data.UserVerification != null)
{
// Require that user has to verify before using FIDO2
//Skip
}
if (data.Extensions != null)
{
// Adicional parameter to improve even more the security
//Skip
}
return(builder.Build());
}
