public async Task <ActionResult> SelectPhoneChallengeMethodAsync(SelectAuthenticatorMethodViewModel model)
{
if (!ModelState.IsValid)
{
return(View("SelectPhoneChallengeMethod", model));
}
try
{
var challengeOptions = new ChallengePhoneAuthenticatorOptions
{
AuthenticatorId = model.AuthenticatorId,
EnrollmentId = model.EnrollmentId,
MethodType = model.MethodType,
};
var challengeResponse = await _idxClient.ChallengeAuthenticatorAsync(challengeOptions, (IIdxContext)Session["IdxContext"]);
switch (challengeResponse?.AuthenticationStatus)
{
case AuthenticationStatus.AwaitingAuthenticatorVerification:
return(RedirectToAction("VerifyAuthenticator", "Manage"));
default:
return(View("SelectPhoneChallengeMethod", model));
}
}
catch (OktaException exception)
{
ModelState.AddModelError(string.Empty, exception.Message);
return(View("SelectPhoneChallengeMethod", model));
}
}
public async Task <ActionResult> SelectAuthenticatorAsync(SelectAuthenticatorViewModel model)
{
var authenticators = (IList <AuthenticatorViewModel>)Session["authenticators"];
if (!ModelState.IsValid)
{
return(View("SelectAuthenticator", model));
}
try
{
var isChallengeFlow = (bool?)Session["isChallengeFlow"] ?? false;
Session["isPhoneSelected"] = model.IsPhoneSelected;
Session["phoneId"] = model.PhoneId;
if (isChallengeFlow)
{
AuthenticationResponse selectAuthenticatorResponse = null;
if (model.IsPhoneSelected)
{
var selectPhoneOptions = new SelectPhoneAuthenticatorOptions
{
EnrollmentId = authenticators
.FirstOrDefault(x => x.AuthenticatorId == model.AuthenticatorId)?
.EnrollmentId,
AuthenticatorId = model.AuthenticatorId
};
selectAuthenticatorResponse = await _idxClient.SelectChallengeAuthenticatorAsync(selectPhoneOptions, (IIdxContext)Session["IdxContext"]);
}
else
{
var selectAuthenticatorOptions = new SelectAuthenticatorOptions
{
AuthenticatorId = model.AuthenticatorId,
};
selectAuthenticatorResponse = await _idxClient.SelectChallengeAuthenticatorAsync(selectAuthenticatorOptions, (IIdxContext)Session["IdxContext"]);
}
Session["IdxContext"] = selectAuthenticatorResponse.IdxContext;
switch (selectAuthenticatorResponse?.AuthenticationStatus)
{
case AuthenticationStatus.AwaitingChallengeAuthenticatorData:
var methodViewModel = new SelectAuthenticatorMethodViewModel
{
Profile = selectAuthenticatorResponse.CurrentAuthenticatorEnrollment.Profile,
EnrollmentId = selectAuthenticatorResponse.CurrentAuthenticatorEnrollment.EnrollmentId,
AuthenticatorId = model.AuthenticatorId,
MethodTypes = selectAuthenticatorResponse.CurrentAuthenticatorEnrollment.MethodTypes,
MethodType = selectAuthenticatorResponse.CurrentAuthenticatorEnrollment.MethodTypes.FirstOrDefault(),
};
return(View("SelectPhoneChallengeMethod", methodViewModel));
case AuthenticationStatus.AwaitingAuthenticatorVerification:
return(RedirectToAction("VerifyAuthenticator", "Manage"));
default:
return(View("SelectAuthenticator", model));
}
}
else
{
var enrollAuthenticatorOptions = new SelectEnrollAuthenticatorOptions
{
AuthenticatorId = model.AuthenticatorId,
};
var enrollResponse = await _idxClient.SelectEnrollAuthenticatorAsync(enrollAuthenticatorOptions, (IIdxContext)Session["IdxContext"]);
Session["IdxContext"] = enrollResponse.IdxContext;
Session["isPasswordSelected"] = model.IsPasswordSelected;
switch (enrollResponse?.AuthenticationStatus)
{
case AuthenticationStatus.AwaitingAuthenticatorVerification:
if (model.IsPasswordSelected)
{
return(RedirectToAction("ChangePassword", "Manage"));
}
return(RedirectToAction("VerifyAuthenticator", "Manage"));
case AuthenticationStatus.AwaitingAuthenticatorEnrollmentData:
Session["methodTypes"] = enrollResponse.CurrentAuthenticator.MethodTypes;
return(RedirectToAction("EnrollPhoneAuthenticator", "Manage"));
default:
return(View("SelectAuthenticator", model));
}
}
}
catch (OktaException exception)
{
ModelState.AddModelError(string.Empty, exception.Message);
return(View("SelectAuthenticator", model));
}
}
public ActionResult SelectPhoneChallengeMethod(SelectAuthenticatorMethodViewModel model)
{
return(View(model));
}