public async Task <CheckOneTimeCodeResponse> CheckOneTimeCodeAsync(string longCode)
{
if (string.IsNullOrEmpty(longCode) || longCode.Length > 36)
{
return(new CheckOneTimeCodeResponse(CheckOneTimeCodeResult.CodeIncorrect));
}
var longCodeHash = GetFastHash(longCode);
var otc = await _oneTimeCodeStore.GetOneTimeCodeByLongCodeAsync(longCodeHash);
if (otc == null)
{
return(new CheckOneTimeCodeResponse(CheckOneTimeCodeResult.NotFound));
}
if (otc.ExpiresUTC < DateTime.UtcNow)
{
return(new CheckOneTimeCodeResponse(CheckOneTimeCodeResult.Expired));
}
await _oneTimeCodeStore.ExpireOneTimeCodeAsync(otc.SentTo);
return(new CheckOneTimeCodeResponse(CheckOneTimeCodeResult.Verified, otc.SentTo, otc.RedirectUrl));
}
private async Task <Response <CheckOneTimeCodeResult, CheckOneTimeCodeStatus> > ExpireTokenAndValidateNonceAsync(OneTimeCode otc, string clientNonce)
{
_logger.LogTrace("Validating nonce");
_logger.LogDebug("Expiring the token so it cannot be used again and so a new token can be generated");
await _oneTimeCodeStore.ExpireOneTimeCodeAsync(otc.SentTo);
if (FastHashService.ValidateHash(otc.ClientNonceHash, clientNonce, otc.SentTo))
{
_logger.LogDebug("Client nonce was valid");
return(new Response <CheckOneTimeCodeResult, CheckOneTimeCodeStatus>(
new CheckOneTimeCodeResult(otc),
CheckOneTimeCodeStatus.Success(_localizer["The one time code was verified."], CheckOneTimeCodeStatusCode.VerifiedWithNonce)));
}
_logger.LogDebug("Client nonce was missing or invalid");
return(new Response <CheckOneTimeCodeResult, CheckOneTimeCodeStatus>(
new CheckOneTimeCodeResult(otc),
CheckOneTimeCodeStatus.Success(_localizer["The one time code was verified."], CheckOneTimeCodeStatusCode.VerifiedWithoutNonce)));
}