public async Task <IActionResult> RegisterForMfa(
RegisterForMfaViewModel model)
{
if (ModelState.IsValid)
{
// read identity from the temporary cookie
var resultIdent = await HttpContext.AuthenticateAsync("idsrv.mfa");
if (resultIdent?.Succeeded != true)
{
throw new Exception("MFA authentication error");
}
var subject = resultIdent.Principal.FindFirst(JwtClaimTypes.Subject)?.Value;
if (await _localUserService.AddUserSecret(subject, "TOTP", model.Secret))
{
await _localUserService.SaveChangesAsync();
return(Redirect(model.ReturnUrl));
}
else
{
throw new Exception("MFA registration error");
}
}
return(View(model));
}
public async Task <IActionResult> RegisterForMfa(string returnUrl)
{
var secret = string.Empty;
using (var rng = new RNGCryptoServiceProvider())
{
byte[] tokenData = new byte[64];
rng.GetBytes(tokenData);
var result = new StringBuilder(16);
for (int i = 0; i < 16; i++)
{
var rnd = BitConverter.ToUInt32(tokenData, i * 4);
var idx = rnd % chars.Length;
result.Append(chars[idx]);
}
secret = result.ToString();
}
// read identity from the temporary cookie
var resultIdent = await HttpContext.AuthenticateAsync("idsrv.mfa");
if (resultIdent?.Succeeded != true)
{
throw new Exception("MFA authentication error");
}
var subject = resultIdent.Principal.FindFirst(JwtClaimTypes.Subject)?.Value;
var user = await _localUserService.GetUserBySubjectAsync(subject);
var keyUri = string.Format(
"otpauth://totp/{0}:{1}?secret={2}&issuer={0}",
WebUtility.UrlEncode("Marvin"),
WebUtility.UrlEncode(user.Email),
secret);
var vm = new RegisterForMfaViewModel()
{
KeyUri = keyUri,
Secret = secret,
ReturnUrl = returnUrl
};
return(View(vm));
}
public async Task <IActionResult> RegisterForMfa(
RegisterForMfaViewModel model)
{
if (ModelState.IsValid)
{
var subject = User.FindFirst(JwtClaimTypes.Subject)?.Value;
if (await _localUserService.AddUserSecret(subject, "TOTP", model.Secret))
{
await _localUserService.SaveChangesAsync();
return(Redirect("~/"));
}
else
{
throw new Exception("MFA registration error");
}
}
return(View(model));
}
public async Task <IActionResult> RegisterForMfa()
{
var secret = string.Empty;
using (var rng = new RNGCryptoServiceProvider())
{
byte[] tokenData = new byte[64];
rng.GetBytes(tokenData);
var result = new StringBuilder(16);
for (int i = 0; i < 16; i++)
{
var rnd = BitConverter.ToUInt32(tokenData, i * 4);
var idx = rnd % chars.Length;
result.Append(chars[idx]);
}
secret = result.ToString();
}
var subject = User.FindFirst(JwtClaimTypes.Subject)?.Value;
var user = await _localUserService.GetUserBySubjectAsync(subject);
var keyUri = string.Format(
"otpauth://totp/{0}:{1}?secret={2}&issuer={0}",
WebUtility.UrlEncode("Marvin"),
WebUtility.UrlEncode(user.Email),
secret);
var vm = new RegisterForMfaViewModel()
{
KeyUri = keyUri,
Secret = secret
};
return(View(vm));
}
