public virtual async Task <bool> EnableAuthenticatorAsync(TUser user, Authenticator authenticator, string code, CancellationToken cancellationToken = default(CancellationToken))
{
ThrowIfDisposed();
var userAuthenticatorStore = GetUserAuthenticatorStore();
user.CheckArgumentNull(nameof(user));
authenticator.CheckArgumentNull(nameof(authenticator));
var authenticatorEnabled = await GetAuthenticatorEnabledAsync(user, cancellationToken);
if (authenticatorEnabled)
{
throw new InvalidOperationException(Resources.Exception_AuthenticatorAlreadyEnableForThisUser);
}
if (!ValidateAuthenticatorCode(code, authenticator.HashAlgorithm, authenticator.Secret, authenticator.NumberOfDigits, authenticator.PeriodInSeconds))
{
return(false);
}
var authenticatorParams = new AuthenticatorParams
{
Secret = _dataProtector.Protect(authenticator.Secret),
HashAlgorithm = authenticator.HashAlgorithm,
NumberOfDigits = authenticator.NumberOfDigits,
PeriodInSeconds = authenticator.PeriodInSeconds
};
await userAuthenticatorStore.SetAuthenticatorParamsAsync(user, authenticatorParams, cancellationToken);
await UpdateAsync(user);
return(true);
}
public virtual async Task <bool> DisableAuthenticatorAsync(TUser user, string code, CancellationToken cancellationToken = default(CancellationToken))
{
ThrowIfDisposed();
var userAuthenticatorStore = GetUserAuthenticatorStore();
user.CheckArgumentNull(nameof(user));
var authenticatorParams = await GetAuthenticatorParamsAsync(user, cancellationToken);
if (!ValidateAuthenticatorCode(code, authenticatorParams.HashAlgorithm, authenticatorParams.Secret, authenticatorParams.NumberOfDigits, authenticatorParams.PeriodInSeconds))
{
return(false);
}
authenticatorParams = new AuthenticatorParams
{
Secret = null,
HashAlgorithm = HashAlgorithmType.SHA1,
NumberOfDigits = 0,
PeriodInSeconds = 0
};
await userAuthenticatorStore.SetAuthenticatorParamsAsync(user, authenticatorParams, cancellationToken);
await UpdateAsync(user);
return(true);
}
