public async Task <IActionResult> CompleteSecurityKeyRegistration([FromBody] Base64FidoRegistrationResponse registrationResponse)
{
// Parsing and Validating the Registration Data
// The WebAuthn specification describes a 19-point procedure to validate the registration data.
// https://w3c.github.io/webauthn/#registering-a-new-credential
// Validates `clientDataJSON` like (challenge, origin, type, ...) and attestationObject (authData, fmt, attStmt)
var result = await _fido.CompleteRegistration(registrationResponse.ToFidoResponse());
if (result.IsError)
{
return(BadRequest(result.ErrorDescription));
}
var user = await _userManager.GetUserAsync(User);
if (user is null)
{
return(NotFound($"Unable to load user with ID '{_userManager.GetUserId(User)}'."));
}
await _userManager.SetTwoFactorEnabledAsync(user, true);
if (await _userManager.CountRecoveryCodesAsync(user) == 0)
{
var recoveryCodes = await _userManager.GenerateNewTwoFactorRecoveryCodesAsync(user, 10);
RecoveryCodes = recoveryCodes.ToArray();
}
return(Ok());
}
public async Task <IActionResult> CompleteRegistration([FromBody] Base64FidoRegistrationResponse registrationResponse)
{
var result = await fido.CompleteRegistration(registrationResponse.ToFidoResponse());
if (result.IsError)
{
return(BadRequest(result.ErrorDescription));
}
return(Ok());
}
public async Task <IActionResult> CompleteRegistration(
[FromQuery] string userName,
[FromBody] Base64FidoRegistrationResponse registrationResponse)
{
var result = await _fido.CompleteRegistration(registrationResponse.ToFidoResponse());
if (result.IsError)
{
var user = await _userManager.FindByEmailAsync(userName);
var res = await _userManager.DeleteAsync(user);
return(BadRequest(result.ErrorDescription));
}
return(Ok());
}
