public void FromJson()
{
var deviceRegistration = FidoDeviceRegistration.FromJson("{\"Certificate\":\"Y2VydGlmaWNhdGU\",\"Counter\":12345,\"KeyHandle\":\"a2V5aGFuZGxl\",\"PublicKey\":\"cHVibGlja2V5\"}");
var keyHandle = new FidoKeyHandle(Encoding.Default.GetBytes("keyhandle"));
var publicKey = new FidoPublicKey(Encoding.Default.GetBytes("publickey"));
var certificate = new FidoAttestationCertificate(Encoding.Default.GetBytes("certificate"));
Assert.AreEqual(12345, deviceRegistration.Counter);
Assert.IsTrue(certificate.Equals(deviceRegistration.Certificate));
Assert.IsTrue(publicKey.Equals(deviceRegistration.PublicKey));
Assert.IsTrue(keyHandle.Equals(deviceRegistration.KeyHandle));
}
public AuthenticateDeviceModel GetAuthenticationModel(Device device)
{
var u2F = new FidoUniversalTwoFactor();
var deviceRegistration = FidoDeviceRegistration.FromJson(device.Data);
var authentication = u2F.StartAuthentication(AppId, deviceRegistration);
var model = new AuthenticateDeviceModel
{
AppId = authentication.AppId.ToString(),
Challenge = authentication.Challenge,
KeyHandle = device.Identifier
};
return(model);
}
public IActionResult AuthenticateDevice(AuthenticateDeviceModel model)
{
if (App.CurrentUser == null)
{
return(BadRequest(new { error = "You must login.", code = 401 }));
}
if (model == null || string.IsNullOrEmpty(model.KeyHandle))
{
return(BadRequest(new { error = "Invalid device id.", code = 400 }));
}
var device = App.CurrentUser.Devices.FirstOrDefault(x => x.Identifier.Equals(model.KeyHandle));
if (device == null)
{
return(BadRequest(new { error = "Device not found.", code = 400 }));
}
var u2F = new FidoUniversalTwoFactor();
var deviceRegistration = FidoDeviceRegistration.FromJson(device.Data);
if (deviceRegistration == null)
{
return(BadRequest(new { error = "Unknown key handle.", code = 400 }));
}
var challenge = model.Challenge;
var startedAuthentication = new FidoStartedAuthentication(AppId, challenge, FidoKeyHandle.FromWebSafeBase64(model.KeyHandle ?? ""));
var facetIds = new List <FidoFacetId> {
new FidoFacetId(AppId.ToString())
};
var counter = u2F.FinishAuthentication(startedAuthentication, model.RawAuthenticateResponse, deviceRegistration, facetIds);
deviceRegistration.Counter = counter;
device.Usage++;
return(Ok(new { message = "Device has been authenticated.", code = 200, redirect = Url.Action("CurrentUser") }));
}