public async Task <JsonResult> MakeAssertion([FromBody] AuthenticatorAssertionRawResponse clientResponse)
{
try
{
// 1. Get the assertion options we sent the client
var jsonOptions = HttpContext.Session.GetString("fido2.assertionOptions");
var options = AssertionOptions.FromJson(jsonOptions);
// 2. Get registered credential from database
var creds = DemoStorage.GetCredentialById(clientResponse.Id);
if (creds == null)
{
throw new Exception("Unknown credentials");
}
// 3. Get credential counter from database
var storedCounter = creds.SignatureCounter;
// 4. Create callback to check if userhandle owns the credentialId
IsUserHandleOwnerOfCredentialIdAsync callback = async(args) =>
{
var storedCreds = await DemoStorage.GetCredentialsByUserHandleAsync(args.UserHandle);
return(storedCreds.Exists(c => c.Descriptor.Id.SequenceEqual(args.CredentialId)));
};
// 5. Make the assertion
var res = await _lib.MakeAssertionAsync(clientResponse, options, creds.PublicKey, storedCounter, callback);
// 6. Store the updated counter
DemoStorage.UpdateCounter(res.CredentialId, res.Counter);
// Begin customization - Krishna
// 7. At this point, the user has been authenticated successfully.
// Set auth cookie through standard ASP.NET core's identity methods, using creds.userHandle as the UPN claim.
var userHandleStr = Encoding.UTF8.GetString(creds.UserHandle);
await SetClaimsPrincipalAsync(userHandleStr);
// End customization - Krishna
// 8. return OK to client
return(Json(res));
}
catch (Exception e)
{
return(Json(new AssertionVerificationResult {
Status = "error", ErrorMessage = FormatException(e)
}));
}
}
public async Task <JsonResult> MakeAssertion([FromBody] AuthenticatorAssertionRawResponse clientResponse)
{
try
{
// 1. Get the assertion options we sent the client
var jsonOptions = HttpContext.Session.GetString("fido2.assertionOptions");
var options = AssertionOptions.FromJson(jsonOptions);
// 2. Get registered credential from database
var creds = PasswordlessStore.GetCredentialById(clientResponse.Id);
if (creds == null)
{
throw new Exception("Unknown credentials");
}
// 3. Get credential counter from database
var storedCounter = creds.SignatureCounter;
// 4. Create callback to check if userhandle owns the credentialId
IsUserHandleOwnerOfCredentialIdAsync callback = async(args) =>
{
var storedCreds = await PasswordlessStore.GetCredentialsByUserHandleAsync(args.UserHandle);
return(storedCreds.Exists(c => c.Descriptor.Id.SequenceEqual(args.CredentialId)));
};
// 5. Make the assertion
var res = await _fido2.MakeAssertionAsync(clientResponse, options, creds.PublicKey, storedCounter,
callback);
// 6. Store the updated counter
PasswordlessStore.UpdateCounter(res.CredentialId, res.Counter);
if (res.Status == "ok")
{
var username = System.Text.Encoding.UTF8.GetString(creds.UserId);
await SignInOidc(username);
}
// 7. return OK to client
return(Json(res));
}
catch (Exception e)
{
return(Json(new AssertionVerificationResult {
Status = "error", ErrorMessage = FormatException(e)
}));
}
}
public async Task <JsonResult> MakeAssertion([FromBody] AuthenticatorAssertionRawResponse clientResponse)
{
try
{
// 1. Get the assertion options we sent the client
var jsonOptions = HttpContext.Session.GetString("fido2.assertionOptions");
var options = AssertionOptions.FromJson(jsonOptions);
// 2. Get registered credential from database
StoredCredential creds = DemoStorage.GetCredentialById(clientResponse.Id);
// 3. Get credential counter from database
var storedCounter = creds.SignatureCounter;
// 4. Create callback to check if userhandle owns the credentialId
IsUserHandleOwnerOfCredentialIdAsync callback = async(args) =>
{
List <StoredCredential> storedCreds = await DemoStorage.GetCredentialsByUserHandleAsync(args.UserHandle);
return(storedCreds.Exists(c => c.Descriptor.Id.SequenceEqual(args.CredentialId)));
};
// 5. Make the assertion
var res = await _lib.MakeAssertionAsync(clientResponse, options, creds.PublicKey, storedCounter, callback);
// 6. Store the updated counter
DemoStorage.UpdateCounter(res.CredentialId, res.Counter);
// 7. return OK to client
return(Json(res));
}
catch (Exception e)
{
return(Json(new AssertionVerificationResult {
Status = "error", ErrorMessage = FormatException(e)
}));
}
}