public async Task <ActionResult> Validate([Bind(Include = "otp")] string otp) { if (ModelState.IsValid) { var status = OTPValidation.Validate(otp, User.Identity.GetUserId()); TempData["status"] = status.ToString(); return(RedirectToAction("ValidationResult")); } return(View()); }
public YubiCryptKey GetTokenStoredSecret([FromUri] string tokenOTP) { var usrId = User.Identity.GetUserId(); var validationResult = OTPValidation.Validate(tokenOTP, usrId); if (validationResult != OTPValidation.Status.OK) { var resp = new HttpResponseMessage(HttpStatusCode.Unauthorized) { Content = new StringContent("The provided OTP token is invalid."), ReasonPhrase = "Invalid authentication token" }; throw new HttpResponseException(resp); } using (var db = new ApplicationDbContext()) { var usr = db.Users.Where(u => u.Id == usrId).Single(); #if ALLOW_DUMMY_OTPS var userHardwareToken = usr.Yubikeys.FirstOrDefault(); var tokenPublicID = "TESTTAG"; #else var tokenPublicID = OTPValidation.SplitOTP(tokenOTP).Item1; var userHardwareToken = usr.Yubikeys.Where(yk => yk.YubiKeyUID == tokenPublicID).SingleOrDefault(); #endif if (userHardwareToken == null) { var resp = new HttpResponseMessage(HttpStatusCode.NotFound) { Content = new StringContent(string.Format("User has no associated YubiKey with ID = {0}", tokenPublicID)), ReasonPhrase = "YubiKey Not Found" }; throw new HttpResponseException(resp); } var secretKey = userHardwareToken.TFKDSecret; if (secretKey == null) { var resp = new HttpResponseMessage(HttpStatusCode.NotFound) { Content = new StringContent("This YubiKey does not have the secret key stored in the YubiCrypt platform."), ReasonPhrase = "Key Not Found" }; throw new HttpResponseException(resp); } return(new YubiCryptKey(secretKey.TFKDEncryptedSecret, secretKey.TFKDEncryptionSalt, userHardwareToken.SerialNumber)); } }
public ActionResult SaveDropzoneJsUploadedFiles() { var currentUserId = User.Identity.GetUserId();; foreach (string fileName in Request.Files) { HttpPostedFileBase file = Request.Files[fileName]; string result = new StreamReader(file.InputStream).ReadToEnd(); var config = JsonConvert.DeserializeObject <YubiCryptConfig>(result); YubiKey newToken = new YubiKey { DateAdded = DateTime.Now, Active = true, Counter = 0, Time = 0, AESKey = Convert.ToBase64String(OTPValidation.StringToByteArray(config.OTPAESKey)), Privateidentity = config.OTPPrivateID, YubiKeyUID = config.OTPPublicID, SerialNumber = config.YubikeySerialNumber, YubikeyVersion = config.YubikeyVersion, NDEFEnabled = config.NDEFEnabled, UserProfile = db.Users.Where(u => u.Id == currentUserId).SingleOrDefault() }; if (config.ChallengeResponseKey != null) { var parts = config.ChallengeResponseKey.Split(':'); TFKDSecret secret = new TFKDSecret() { TFKDEncryptedSecret = parts[0], TFKDEncryptionSalt = parts[1] }; newToken.TFKDSecret = secret; } db.YubiKeys.Add(newToken); } db.SaveChanges(); return(Json(new { Message = string.Empty })); }
private bool IsAuthenticated(HttpActionContext actionContext) { var headers = actionContext.Request.Headers; var timeStampString = GetHttpRequestHeader(headers, TimestampHeaderName); //if (!IsDateValidated(timeStampString)) // return false; var authenticationString = GetHttpRequestHeader(headers, AuthenticationHeaderName); if (string.IsNullOrEmpty(authenticationString)) { return(false); } //var authenticationParts = authenticationString.Split(new[] { ":" }, // StringSplitOptions.RemoveEmptyEntries); //if (authenticationParts.Length != 2) // return false; //var username = authenticationParts[0]; //var signature = authenticationParts[1]; //if (!IsSignatureValidated(signature)) // return false; //AddToMemoryCache(signature); //var hashedPassword = GetHashedPassword(username); //var baseString = BuildBaseString(actionContext); //return IsAuthenticated(hashedPassword, baseString, signature); return(OTPValidation.Validate(authenticationString, "c8e1c37d-2606-4547-8534-b55b4c9c3149") == OTPValidation.Status.OK); }