protected virtual async Task <IActionResult> HandleTwoFactorLoginAsync(OpenIddictRequest request, IdentityUser user) { var twoFactorProvider = request.GetParameter("TwoFactorProvider")?.ToString(); var twoFactorCode = request.GetParameter("TwoFactorCode")?.ToString();; if (!twoFactorProvider.IsNullOrWhiteSpace() && !twoFactorCode.IsNullOrWhiteSpace()) { var providers = await UserManager.GetValidTwoFactorProvidersAsync(user); if (providers.Contains(twoFactorProvider) && await UserManager.VerifyTwoFactorTokenAsync(user, twoFactorProvider, twoFactorCode)) { return(await SetSuccessResultAsync(request, user)); } Logger.LogInformation("Authentication failed for username: {username}, reason: InvalidAuthenticatorCode", request.Username); var properties = new AuthenticationProperties(new Dictionary <string, string> { [OpenIddictServerAspNetCoreConstants.Properties.Error] = OpenIddictConstants.Errors.InvalidGrant, [OpenIddictServerAspNetCoreConstants.Properties.ErrorDescription] = "Invalid authenticator code!" }); return(Forbid(properties, OpenIddictServerAspNetCoreDefaults.AuthenticationScheme)); } else { Logger.LogInformation("Authentication failed for username: {username}, reason: RequiresTwoFactor", request.Username); var twoFactorToken = await UserManager.GenerateUserTokenAsync(user, TokenOptions.DefaultProvider, nameof(SignInResult.RequiresTwoFactor)); await IdentitySecurityLogManager.SaveAsync(new IdentitySecurityLogContext { Identity = OpenIddictSecurityLogIdentityConsts.OpenIddict, Action = OpenIddictSecurityLogActionConsts.LoginRequiresTwoFactor, UserName = request.Username, ClientId = request.ClientId }); var properties = new AuthenticationProperties(new Dictionary <string, string> { [OpenIddictServerAspNetCoreConstants.Properties.Error] = OpenIddictConstants.Errors.InvalidGrant, [OpenIddictServerAspNetCoreConstants.Properties.ErrorDescription] = nameof(SignInResult.RequiresTwoFactor), ["userId"] = user.Id.ToString("N"), ["twoFactorToken"] = twoFactorToken }); return(Forbid(properties, OpenIddictServerAspNetCoreDefaults.AuthenticationScheme)); } }
public void PropertySetter_AddsExpectedParameter(string property, string name, OpenIddictParameter value) { // Arrange var request = new OpenIddictRequest(); // Act typeof(OpenIddictRequest).GetProperty(property) !.SetValue(request, value.Value); // Assert Assert.Equal(value, request.GetParameter(name)); }