protected virtual void SetAccountPhone(Guid accountID, ref IEnumerable <Claim> claims) { var phone = ClaimsExtensions.GetValue(claims, Constants.ClaimTypes.PhoneNumber); if (phone != null) { var acct = userAccountService.GetByID(accountID); if (acct.MobilePhoneNumber == null) { try { var phone_verified = ClaimsExtensions.GetValue(claims, Constants.ClaimTypes.PhoneNumberVerified); if (phone_verified != null && phone_verified == "true") { userAccountService.SetConfirmedMobilePhone(acct.ID, phone); } else { userAccountService.ChangeMobilePhoneRequest(acct.ID, phone); } var phoneClaims = new string[] { Constants.ClaimTypes.PhoneNumber, Constants.ClaimTypes.PhoneNumberVerified }; claims = claims.Where(x => !phoneClaims.Contains(x.Type)); } catch (ValidationException) { // presumably the phone is already associated with another account // so eat the validation exception and let the claim pass thru } } } }
public void AuthenticateWithCode_ValidCode_ReturnsTrue() { securitySettings.RequireAccountVerification = false; var id = subject.CreateAccount("test", "pass", "*****@*****.**").ID; subject.ChangeMobilePhoneRequest(id, "123"); var acct = subject.GetByID(id); subject.ChangeMobilePhoneFromCode(id, acct.MobileCode); subject.ConfigureTwoFactorAuthentication(acct.ID, TwoFactorAuthMode.Mobile); subject.Authenticate("test", "pass"); acct = subject.GetByID(id); Assert.IsTrue(subject.AuthenticateWithCode(id, acct.MobileCode)); }