protected TwoFactorAuthorizationException(IResponse response, TwoFactorType twoFactorType, Exception innerException)
: base(response, innerException)
{
Debug.Assert(response != null && response.StatusCode == HttpStatusCode.Unauthorized, "TwoFactorRequiredException status code should be 401");
TwoFactorType = twoFactorType;
}
public TwoFactorRequiredException(IResponse response, TwoFactorType twoFactorType) : base(response)
{
Debug.Assert(response != null && response.StatusCode == HttpStatusCode.Unauthorized,
"TwoFactorRequiredException status code should be 401");
TwoFactorType = twoFactorType;
}
public Login2FaViewModel(TwoFactorType twoFactorType)
{
TwoFactorType = twoFactorType;
VerifyCommand = new RelayCommand(Verify, CanVerify);
NavigateLearnMoreCommand = new RelayCommand(NavigateLearnMore);
}
/// <summary>
/// Constructs an instance of TwoFactorRequiredException.
/// </summary>
/// <param name="response">The HTTP payload from the server</param>
/// <param name="twoFactorType">Expected 2FA response type</param>
public TwoFactorRequiredException(IResponse response, TwoFactorType twoFactorType) : base(response)
{
Debug.Assert(response != null && response.StatusCode == HttpStatusCode.Unauthorized,
"TwoFactorRequiredException status code should be 401");
TwoFactorType = twoFactorType;
}
public async Task <string> GenerateUserTwoFactorCodeAsync(TwoFactorType codeType, string userid)
{
if (codeType == TwoFactorType.EmailCode)
{
return(await GenerateTwoFactorTokenAsync(userid, codeType.ToString()));
}
return(string.Empty);
}
/// <summary>
/// Constructs an instance of TwoFactorRequiredException.
/// </summary>
/// <param name="response">The HTTP payload from the server</param>
/// <param name="twoFactorType">Expected 2FA response type</param>
/// <param name="innerException">The inner exception</param>
protected TwoFactorAuthorizationException(IResponse response, TwoFactorType twoFactorType, Exception innerException)
: base(response, innerException)
{
Debug.Assert(response != null && response.StatusCode == HttpStatusCode.Unauthorized,
"TwoFactorRequiredException status code should be 401");
TwoFactorType = twoFactorType;
}
/// <summary>
/// Constructs an instance of TwoFactorRequiredException.
/// </summary>
/// <param name="info">
/// The <see cref="SerializationInfo"/> that holds the
/// serialized object data about the exception being thrown.
/// </param>
/// <param name="context">
/// The <see cref="StreamingContext"/> that contains
/// contextual information about the source or destination.
/// </param>
protected TwoFactorAuthorizationException(SerializationInfo info, StreamingContext context)
: base(info, context)
{
if (info == null)
{
return;
}
TwoFactorType = (TwoFactorType)info.GetInt32("TwoFactorType");
}
public TwoFactorRequiredUserError(
TwoFactorAuthorizationException exception,
TwoFactorType twoFactorType)
: base(exception.Message, innerException: exception)
{
Guard.ArgumentNotNull(exception, nameof(exception));
TwoFactorType = twoFactorType;
RetryFailed = exception is TwoFactorChallengeFailedException;
}
/// <summary>
/// Generates a short security code for the user to manually enter.
/// </summary>
/// <param name="manager">The usermanager.</param>
/// <param name="codeType">Type of the code.</param>
/// <param name="userid">The userid.</param>
/// <returns>A numeric code</returns>
protected async Task <string> GenerateUserTwoFactorCodeAsync(TwoFactorType codeType, string userid, bool updateSecurityStamp = false)
{
if (codeType == TwoFactorType.EmailCode)
{
if (updateSecurityStamp)
{
await UserManager.UpdateSecurityStampAsync(userid);
}
return(await UserManager.GenerateTwoFactorTokenAsync(userid, codeType.ToString()));
}
return(string.Empty);
}
public static string GetTwoFactorTypeSummary(this TwoFactorType twoFactorType)
{
switch (twoFactorType)
{
case TwoFactorType.None:
break;
case TwoFactorType.EmailCode:
return("Please enter email code.");
case TwoFactorType.GoogleCode:
return("Please enter Google Authenticator code.");
case TwoFactorType.PinCode:
return("Please enter pin code.");
default:
break;
}
return(string.Empty);
}
public async Task ThrowsTwoFactorExceptionExceptionWhenChallenged(
string headerKey,
string otpHeaderValue,
TwoFactorType expectedFactorType)
{
var headers = new Dictionary <string, string> {
{ headerKey, otpHeaderValue }
};
IResponse response = new Response(HttpStatusCode.Unauthorized, null, headers, "application/json");
var httpClient = Substitute.For <IHttpClient>();
httpClient.Send(Args.Request, Args.CancellationToken).Returns(Task.FromResult(response));
var connection = new Connection(new ProductHeaderValue("OctokitTests"),
_exampleUri,
Substitute.For <ICredentialStore>(),
httpClient,
Substitute.For <IJsonSerializer>());
var exception = await Assert.ThrowsAsync <TwoFactorRequiredException>(
() => connection.GetResponse <string>(new Uri("endpoint", UriKind.Relative)));
Assert.Equal(expectedFactorType, exception.TwoFactorType);
}
public async Task ThrowsTwoFactorExceptionExceptionWhenChallenged(
string headerKey,
string otpHeaderValue,
TwoFactorType expectedFactorType)
{
var httpClient = Substitute.For <IHttpClient>();
IResponse <string> response = new ApiResponse <string>
{
StatusCode = HttpStatusCode.Unauthorized,
};
response.Headers[headerKey] = otpHeaderValue;
httpClient.Send <string>(Args.Request, Args.CancellationToken).Returns(Task.FromResult(response));
var connection = new Connection(new ProductHeaderValue("OctokitTests"),
ExampleUri,
Substitute.For <ICredentialStore>(),
httpClient,
Substitute.For <IJsonSerializer>());
var exception = await AssertEx.Throws <TwoFactorRequiredException>(
async() => await connection.GetAsync <string>(new Uri("endpoint", UriKind.Relative)));
Assert.Equal(expectedFactorType, exception.TwoFactorType);
}
public Task <bool> CheckTwoFactorAsync(int userId, TwoFactorType twoFactorType, string twoFactorKey, string twoFactorCode)
{
if (twoFactorType == TwoFactorType.None)
{
return(Task.FromResult(true));
}
if (twoFactorType == TwoFactorType.PinCode)
{
return(Task.FromResult(twoFactorCode.IsDigits() && twoFactorCode.Equals(twoFactorKey)));
}
if (twoFactorType == TwoFactorType.EmailCode)
{
return(VerifyTwoFactorCodeAsync(userId, twoFactorCode));
}
if (twoFactorType == TwoFactorType.OtpCode)
{
return(Task.FromResult(IdentityTwoFactorHelper.VerifyOtpCode(twoFactorKey, twoFactorCode)));
}
return(Task.FromResult(false));
}
/// <summary>
/// Constructs an instance of TwoFactorRequiredException.
/// </summary>
/// <param name="twoFactorType">Expected 2FA response type</param>
public TwoFactorRequiredException(TwoFactorType twoFactorType) : base(twoFactorType, null)
{
}
/// <summary>
/// Constructs an instance of TwoFactorRequiredException.
/// </summary>
/// <param name="twoFactorType">Expected 2FA response type</param>
/// <param name="innerException">The inner exception</param>
protected TwoFactorAuthorizationException(TwoFactorType twoFactorType, Exception innerException)
: base(HttpStatusCode.Unauthorized, innerException)
{
TwoFactorType = twoFactorType;
}
/// <summary>
/// Verifies the users short code.
/// </summary>
/// <param name="manager">The manager.</param>
/// <param name="codeType">Type of the code.</param>
/// <param name="userid">The userid.</param>
/// <param name="code">The code.</param>
protected async Task <bool> VerifyUserTwoFactorCodeAsync(TwoFactorComponent component, TwoFactorType twofactorType,
string userid, string code, string code2 = "")
{
if (string.IsNullOrEmpty(code))
{
return(false);
}
var user = await UserManager.FindByIdAsync(userid);
if (user == null)
{
return(false);
}
var twofactorMethod = user.TwoFactor.FirstOrDefault(x => x.Component == component && x.Type == twofactorType);
if (twofactorMethod == null)
{
return(false);
}
if (twofactorType == TwoFactorType.GoogleCode)
{
byte[] secretKey = Base32Encoder.Decode(twofactorMethod.Data);
long timeStepMatched = 0;
var otp = new Totp(secretKey);
return(otp.VerifyTotp(code, out timeStepMatched, new VerificationWindow(2, 2)));
}
if (twofactorType == TwoFactorType.Password)
{
return(await UserManager.CheckPasswordAsync(user, code));
}
if (twofactorType == TwoFactorType.Question)
{
return(twofactorMethod.Data2 == code && twofactorMethod.Data4 == code2);
}
if (twofactorType == TwoFactorType.PinCode)
{
return(twofactorMethod.Data == code);
}
return(await UserManager.VerifyTwoFactorTokenAsync(userid, twofactorType.ToString(), code));
}
/// <summary>
/// Constructs an instance of TwoFactorRequiredException.
/// </summary>
/// <param name="twoFactorType">Expected 2FA response type</param>
public TwoFactorRequiredException(TwoFactorType twoFactorType)
: base(HttpStatusCode.Unauthorized, null)
{
TwoFactorType = twoFactorType;
}
public async Task ThrowsTwoFactorExceptionExceptionWhenChallenged(
string headerKey,
string otpHeaderValue,
TwoFactorType expectedFactorType)
{
var httpClient = Substitute.For<IHttpClient>();
IResponse<string> response = new ApiResponse<string>
{
StatusCode = HttpStatusCode.Unauthorized,
};
response.Headers[headerKey] = otpHeaderValue;
httpClient.Send<string>(Args.Request).Returns(Task.FromResult(response));
var connection = new Connection(new ProductHeaderValue("OctokitTests"),
ExampleUri,
Substitute.For<ICredentialStore>(),
httpClient,
Substitute.For<IJsonSerializer>());
var exception = await AssertEx.Throws<TwoFactorRequiredException>(
async () => await connection.GetAsync<string>(new Uri("endpoint", UriKind.Relative)));
Assert.Equal(expectedFactorType, exception.TwoFactorType);
}
public async Task ThrowsTwoFactorExceptionExceptionWhenChallenged(
string headerKey,
string otpHeaderValue,
TwoFactorType expectedFactorType)
{
var headers = new Dictionary<string, string> { { headerKey, otpHeaderValue } };
IResponse response = new Response(HttpStatusCode.Unauthorized, null, headers, "application/json");
var httpClient = Substitute.For<IHttpClient>();
httpClient.Send(Args.Request, Args.CancellationToken).Returns(Task.FromResult(response));
var connection = new Connection(new ProductHeaderValue("OctokitTests"),
_exampleUri,
Substitute.For<ICredentialStore>(),
httpClient,
Substitute.For<IJsonSerializer>());
var exception = await Assert.ThrowsAsync<TwoFactorRequiredException>(
() => connection.GetResponse<string>(new Uri("endpoint", UriKind.Relative)));
Assert.Equal(expectedFactorType, exception.TwoFactorType);
}
public TwoFactorRequiredException(TwoFactorType twoFactorType)
: this(new ApiResponse<object> { StatusCode = HttpStatusCode.Unauthorized}, twoFactorType)
{
}
/// <summary>
/// Constructs an instance of TwoFactorRequiredException.
/// </summary>
/// <param name="twoFactorType">Expected 2FA response type</param>
public TwoFactorRequiredException(TwoFactorType twoFactorType)
: base(HttpStatusCode.Unauthorized, null)
{
TwoFactorType = twoFactorType;
}
public TwoFactorRequiredException(IResponse response, TwoFactorType twoFactorType)
: base(response, twoFactorType)
{
Debug.Assert(response != null && response.StatusCode == HttpStatusCode.Unauthorized, "TwoFactorRequiredException wrong status code");
}
/// <summary>
/// Constructs an instance of TwoFactorRequiredException.
/// </summary>
/// <param name="twoFactorType">Expected 2FA response type</param>
public TwoFactorRequiredException(TwoFactorType twoFactorType) : base(twoFactorType, null)
{
}
/// <summary>
/// Constructs an instance of TwoFactorRequiredException.
/// </summary>
/// <param name="info">
/// The <see cref="SerializationInfo"/> that holds the
/// serialized object data about the exception being thrown.
/// </param>
/// <param name="context">
/// The <see cref="StreamingContext"/> that contains
/// contextual information about the source or destination.
/// </param>
protected TwoFactorAuthorizationException(SerializationInfo info, StreamingContext context)
: base(info, context)
{
if (info == null) return;
TwoFactorType = (TwoFactorType) info.GetInt32("TwoFactorType");
}
/// <summary>
/// Constructs an instance of TwoFactorRequiredException.
/// </summary>
/// <param name="twoFactorType">Expected 2FA response type</param>
/// <param name="innerException">The inner exception</param>
protected TwoFactorAuthorizationException(TwoFactorType twoFactorType, Exception innerException)
: base(HttpStatusCode.Unauthorized, innerException)
{
TwoFactorType = twoFactorType;
}
public TwoFactorRequiredException(TwoFactorType twoFactorType)
: this(new ApiResponse <object> {
StatusCode = HttpStatusCode.Unauthorized
}, twoFactorType)
{
}
