public ActionResult AssertionOptionsPost([FromForm] string username)
{
try
{
// 1. Get user from DB
var user = DemoStorage.GetUser(username);
if (user == null)
{
throw new ArgumentException("Username was not registered");
}
// 2. Get registered credentials from database
List <PublicKeyCredentialDescriptor> existingCredentials = DemoStorage.GetCredentialsByUser(user).Select(c => c.Descriptor).ToList();
// 3. Create options
var options = _lib.GetAssertionOptions(
existingCredentials,
UserVerificationRequirement.Discouraged
);
// 4. Temporarily store options, session/in-memory cache/redis/db
HttpContext.Session.SetString("fido2.assertionOptions", options.ToJson());
// 5. Return options to client
return(Json(options));
}
catch (Exception e)
{
return(Json(new AssertionOptions {
Status = "error", ErrorMessage = FormatException(e)
}));
}
}
public ActionResult AssertionOptionsPost([FromForm] string username, [FromForm] string userVerification)
{
try
{
var existingCredentials = new List <PublicKeyCredentialDescriptor>();
if (!string.IsNullOrEmpty(username))
{
// 1. Get user from DB
var user = fidoStore.GetUser(username);
if (user == null)
{
throw new ArgumentException("Username was not registered");
}
// 2. Get registered credentials from database
existingCredentials = fidoStore.GetCredentialsByUser(user).Select(c => c.Descriptor).ToList();
}
var exts = new AuthenticationExtensionsClientInputs()
{
SimpleTransactionAuthorization = "FIDO",
GenericTransactionAuthorization = new TxAuthGenericArg
{
ContentType = "text/plain",
Content = new byte[] { 0x46, 0x49, 0x44, 0x4F }
},
UserVerificationIndex = true,
Location = true,
UserVerificationMethod = true
};
// 3. Create options
var uv = string.IsNullOrEmpty(userVerification)
? UserVerificationRequirement.Discouraged
: userVerification.ToEnum <UserVerificationRequirement>();
var options = fido2.GetAssertionOptions(
existingCredentials,
uv,
exts
);
// 4. Temporarily store options, session/in-memory cache/redis/db
HttpContext.Session.SetString("fido2.assertionOptions", options.ToJson());
// 5. Return options to client
return(Ok(options));
}
catch (Exception e)
{
return(BadRequest(new AssertionOptions {
Status = "error", ErrorMessage = FormatException(e)
}));
}
}
public ContentResult Index(string username)
{
// 1. Get user from DB
var user = DemoStorage.GetUser(username + "@example.com");
// 2. Get registered credentials from database
var existingCredentials = DemoStorage.GetCredentialsByUser(user);
var content = System.IO.File.ReadAllText("wwwroot/index.html");
var table = "";
foreach (var cred in existingCredentials)
{
var coseKey = PeterO.Cbor.CBORObject.DecodeFromBytes(cred.PublicKey);
var kty = coseKey[PeterO.Cbor.CBORObject.FromObject(COSE.KeyCommonParameters.kty)].AsInt32();
var desc = "";
var icon = "";
try {
var entry = _mds.GetEntry(cred.AaGuid);
desc = entry.MetadataStatement.Description.ToString();
icon = entry.MetadataStatement.Icon.ToString();
}
catch { }
table +=
"<tr>" +
"<td class=\"format no-wrap\">" + cred.CredType + "</td>" +
"<td class=\"no-wrap\">" + cred.RegDate + "</td>" +
"<td class=\"no-wrap\">" + cred.SignatureCounter.ToString() + "</td>" +
"<td class=\"no-wrap\">" + cred.AaGuid.ToString() + "</td>" +
"<td class=\"no-wrap\">" + desc + "</td>" +
"<img src=" + icon + ">" +
"<td>";
switch (kty)
{
case (int)COSE.KeyTypes.OKP:
{
var X = coseKey[PeterO.Cbor.CBORObject.FromObject(COSE.KeyTypeParameters.x)].GetByteString();
table += "<table class=\"sub-table\">" +
"<tr>" +
"<td><pre>X: " + BitConverter.ToString(X).Replace("-", "") + "</pre></td>" +
"</tr>" +
"</table>";
break;
}
case (int)COSE.KeyTypes.EC2:
{
var X = coseKey[PeterO.Cbor.CBORObject.FromObject(COSE.KeyTypeParameters.x)].GetByteString();
var Y = coseKey[PeterO.Cbor.CBORObject.FromObject(COSE.KeyTypeParameters.y)].GetByteString();
table += "<table class=\"sub-table\">" +
"<tr>" +
"<td><pre>X: " + BitConverter.ToString(X).Replace("-", "") + "</pre></td>" +
"</tr>" +
"<tr>" +
"<td><pre>Y: " + BitConverter.ToString(Y).Replace("-", "") + "</pre></td>" +
"</tr>" +
"</table>";
break;
}
case (int)COSE.KeyTypes.RSA:
{
var modulus = coseKey[PeterO.Cbor.CBORObject.FromObject(COSE.KeyTypeParameters.n)].GetByteString();
var exponent = coseKey[PeterO.Cbor.CBORObject.FromObject(COSE.KeyTypeParameters.e)].GetByteString();
table += "<table class=\"sub-table\">" +
"<tr>" +
"<td><pre>Modulus: " + BitConverter.ToString(modulus).Replace("-", "") + "</pre></td>" +
"</tr>" +
"<tr>" +
"<td><pre>Exponent: " + BitConverter.ToString(exponent).Replace("-", "") + "</pre></td>" +
"</tr>" +
"</table>";
break;
}
default:
{
throw new Fido2VerificationException(string.Format("Missing or unknown keytype {0}", kty.ToString()));
}
}
}
return(new ContentResult
{
ContentType = "text/html",
StatusCode = (int)System.Net.HttpStatusCode.OK,
Content = string.Format(content, username, table)
});
}