protected virtual void SetAccountPhone(Guid accountID, ref IEnumerable <Claim> claims)
{
var phone = ClaimsExtensions.GetValue(claims, Constants.ClaimTypes.PhoneNumber);
if (phone != null)
{
var acct = userAccountService.GetByID(accountID);
if (acct.MobilePhoneNumber == null)
{
try
{
var phone_verified = ClaimsExtensions.GetValue(claims, Constants.ClaimTypes.PhoneNumberVerified);
if (phone_verified != null && phone_verified == "true")
{
userAccountService.SetConfirmedMobilePhone(acct.ID, phone);
}
else
{
userAccountService.ChangeMobilePhoneRequest(acct.ID, phone);
}
var phoneClaims = new string[] { Constants.ClaimTypes.PhoneNumber, Constants.ClaimTypes.PhoneNumberVerified };
claims = claims.Where(x => !phoneClaims.Contains(x.Type));
}
catch (ValidationException)
{
// presumably the phone is already associated with another account
// so eat the validation exception and let the claim pass thru
}
}
}
}
public void AuthenticateWithCode_ValidCode_ReturnsTrue()
{
securitySettings.RequireAccountVerification = false;
var id = subject.CreateAccount("test", "pass", "*****@*****.**").ID;
subject.ChangeMobilePhoneRequest(id, "123");
var acct = subject.GetByID(id);
subject.ChangeMobilePhoneFromCode(id, acct.MobileCode);
subject.ConfigureTwoFactorAuthentication(acct.ID, TwoFactorAuthMode.Mobile);
subject.Authenticate("test", "pass");
acct = subject.GetByID(id);
Assert.IsTrue(subject.AuthenticateWithCode(id, acct.MobileCode));
}
