public ActionResult SelectAuthenticator() { var authenticators = (IList <AuthenticatorViewModel>)Session["authenticators"] ?? new List <AuthenticatorViewModel>(); var viewModel = new SelectAuthenticatorViewModel { Authenticators = authenticators, AuthenticatorId = authenticators.FirstOrDefault()?.AuthenticatorId, PasswordId = authenticators.FirstOrDefault(x => x.Name.ToLower() == "password")?.AuthenticatorId, PhoneId = authenticators.FirstOrDefault(x => x.Name.ToLower() == "phone")?.AuthenticatorId, CanSkip = TempData["canSkip"] != null && (bool)TempData["canSkip"] }; return(View(viewModel)); }
public async Task <ActionResult> SelectAuthenticatorAsync(SelectAuthenticatorViewModel model) { var authenticators = (IList <AuthenticatorViewModel>)Session["authenticators"]; if (!ModelState.IsValid) { return(View("SelectAuthenticator", model)); } try { var isChallengeFlow = (bool?)Session["isChallengeFlow"] ?? false; Session["isPhoneSelected"] = model.IsPhoneSelected; Session["phoneId"] = model.PhoneId; if (isChallengeFlow) { AuthenticationResponse selectAuthenticatorResponse = null; if (model.IsPhoneSelected) { var selectPhoneOptions = new SelectPhoneAuthenticatorOptions { EnrollmentId = authenticators .FirstOrDefault(x => x.AuthenticatorId == model.AuthenticatorId)? .EnrollmentId, AuthenticatorId = model.AuthenticatorId }; selectAuthenticatorResponse = await _idxClient.SelectChallengeAuthenticatorAsync(selectPhoneOptions, (IIdxContext)Session["IdxContext"]); } else { var selectAuthenticatorOptions = new SelectAuthenticatorOptions { AuthenticatorId = model.AuthenticatorId, }; selectAuthenticatorResponse = await _idxClient.SelectChallengeAuthenticatorAsync(selectAuthenticatorOptions, (IIdxContext)Session["IdxContext"]); } Session["IdxContext"] = selectAuthenticatorResponse.IdxContext; switch (selectAuthenticatorResponse?.AuthenticationStatus) { case AuthenticationStatus.AwaitingChallengeAuthenticatorData: var methodViewModel = new SelectAuthenticatorMethodViewModel { Profile = selectAuthenticatorResponse.CurrentAuthenticatorEnrollment.Profile, EnrollmentId = selectAuthenticatorResponse.CurrentAuthenticatorEnrollment.EnrollmentId, AuthenticatorId = model.AuthenticatorId, MethodTypes = selectAuthenticatorResponse.CurrentAuthenticatorEnrollment.MethodTypes, MethodType = selectAuthenticatorResponse.CurrentAuthenticatorEnrollment.MethodTypes.FirstOrDefault(), }; return(View("SelectPhoneChallengeMethod", methodViewModel)); case AuthenticationStatus.AwaitingAuthenticatorVerification: return(RedirectToAction("VerifyAuthenticator", "Manage")); default: return(View("SelectAuthenticator", model)); } } else { var enrollAuthenticatorOptions = new SelectEnrollAuthenticatorOptions { AuthenticatorId = model.AuthenticatorId, }; var enrollResponse = await _idxClient.SelectEnrollAuthenticatorAsync(enrollAuthenticatorOptions, (IIdxContext)Session["IdxContext"]); Session["IdxContext"] = enrollResponse.IdxContext; Session["isPasswordSelected"] = model.IsPasswordSelected; switch (enrollResponse?.AuthenticationStatus) { case AuthenticationStatus.AwaitingAuthenticatorVerification: if (model.IsPasswordSelected) { return(RedirectToAction("ChangePassword", "Manage")); } return(RedirectToAction("VerifyAuthenticator", "Manage")); case AuthenticationStatus.AwaitingAuthenticatorEnrollmentData: Session["methodTypes"] = enrollResponse.CurrentAuthenticator.MethodTypes; return(RedirectToAction("EnrollPhoneAuthenticator", "Manage")); default: return(View("SelectAuthenticator", model)); } } } catch (OktaException exception) { ModelState.AddModelError(string.Empty, exception.Message); return(View("SelectAuthenticator", model)); } }