public Fido2LinkFlow(IServiceProvider serviceProvider) : base(serviceProvider, FlowType.Fido2Link) { // 1.Starting 2.AcceptStart AddStartingTransitions(StepType.Fido2Authorize); // 3. Fido2Authorize (link) AddHandler <Fido2LinkTransitionHandler, TransitionInput <string> >((_, item) => FrontendBehavior.CreateSuccessFinish(item.ChallengeType)); }
public RecoveryWithPinFlow(IServiceProvider serviceProvider, IOwnIdCoreConfiguration coreConfiguration) : base( serviceProvider, FlowType.RecoverWithPin, coreConfiguration) { // 1.Starting 2.PinApprovalStatus 3.AcceptStart AddStartingTransitionsWithPin <RecoverAcceptStartTransitionHandler>(StepType.Recover); // 4. Recover AddHandler <RecoveryTransitionHandler, TransitionInput <JwtContainer> >((_, item) => FrontendBehavior.CreateSuccessFinish(item.ChallengeType)); }
public LinkWithPinFlow(IServiceProvider serviceProvider, IOwnIdCoreConfiguration ownIdCoreConfiguration) : base( serviceProvider, FlowType.LinkWithPin, ownIdCoreConfiguration) { // 1.Starting 2.PinApprovalStatus 3.AcceptStart AddStartingTransitionsWithPin(StepType.Link); // 4. Link AddHandler <LinkBaseTransitionHandler, TransitionInput <JwtContainer> >((_, item) => FrontendBehavior.CreateSuccessFinish(item.ChallengeType)); }
private FrontendBehavior NavigateToEnterPasscode(TransitionInput <AcceptStartRequest> input, CacheItem relatedItem) { return(new(StepType.EnterPasscode, relatedItem.ChallengeType, GetNextBehaviorFunc(input, relatedItem)) { AlternativeBehavior = new FrontendBehavior(StepType.ResetPasscode, relatedItem.ChallengeType, new CallAction(UrlProvider.GetResetPasscodeUrl(relatedItem.Context), HttpMethod.Delete.ToString())) });
private async Task <FrontendBehavior> NavigateToPasswordlessPageAsync(TransitionInput <AcceptStartRequest> input, CacheItem relatedItem) { await _verifyFido2CredentialIdCommand.ExecuteAsync(relatedItem); var fido2Url = UrlProvider.GetFido2Url(relatedItem.Context, relatedItem.RequestToken, input.CultureInfo?.Name); return(FrontendBehavior.CreateRedirect(fido2Url)); }
private FrontendBehavior OnSuccess(TransitionInput <string> _, CacheItem item) { var challengeType = item.ChallengeType; if (item.ChallengeType == ChallengeType.Register && item.InitialChallengeType == ChallengeType.Login) { challengeType = ChallengeType.LinkOnLogin; } return(FrontendBehavior.CreateSuccessFinish(challengeType)); }
protected ITransitionResult CreateErrorResponse(ITransitionInput input, ErrorType errorType) { var composeInfo = new BaseJwtComposeInfo(input) { Behavior = FrontendBehavior.CreateError(errorType) }; var jwt = JwtComposer.GenerateFinalStepJwt(composeInfo); return(new JwtContainer(jwt)); }
private FrontendBehavior OnSuccess <T>(TransitionInput <T> _, CacheItem item) { var challengeType = item.ChallengeType; if (item.ChallengeType == ChallengeType.Register && item.InitialChallengeType == ChallengeType.Login && !CoreConfiguration.LoginOnlyEnabled) { challengeType = ChallengeType.LinkOnLogin; } return(FrontendBehavior.CreateSuccessFinish(challengeType)); }
private async Task <ITransitionResult> FinishAuthProcessAsync(UserIdentitiesData userData, CacheItem relatedItem, TransitionInput <JwtContainer> input) { await _savePartialConnectionCommand.ExecuteAsync(userData, relatedItem); var composeInfo = new BaseJwtComposeInfo(input) { Behavior = FrontendBehavior.CreateSuccessFinish(relatedItem.ChallengeType) }; var jwt = JwtComposer.GenerateFinalStepJwt(composeInfo); return(new StateResult(jwt, _cookieService.CreateAuthCookies(relatedItem))); }
public RecoveryFlow(IServiceProvider serviceProvider, IOwnIdCoreConfiguration coreConfiguration) : base( serviceProvider, FlowType.Recover, coreConfiguration) { // 1. Starting AddHandler <StartFlowTransitionHandler, TransitionInput <StartRequest> >((input, item) => GetReferenceToExistingStep(StepType.AcceptStart, input.Context, item.ChallengeType)); // 2. AcceptStart AddHandler <RecoverAcceptStartTransitionHandler, TransitionInput <AcceptStartRequest> >((input, item) => { var next = GetReferenceToExistingStep(StepType.Recover, input.Context, item.ChallengeType); return(TryAddFido2DisclaimerToBehavior(input, item, next)); }); // 3. Recover AddHandler <RecoveryTransitionHandler, TransitionInput <JwtContainer> >((_, item) => FrontendBehavior.CreateSuccessFinish(item.ChallengeType)); }
private async Task <ITransitionResult> SwitchConnectionAuthTypeAsync(CacheItem relatedItem, TransitionInput <JwtContainer> input, bool supportsFido2, string publicKey) { relatedItem.NewAuthType = supportsFido2 && _configuration.Fido2.IsEnabled ? ConnectionAuthType.Fido2 : ConnectionAuthType.Passcode; var composeInfo = new BaseJwtComposeInfo(input) { EncKey = relatedItem.EncKey, EncVector = relatedItem.EncVector }; switch (relatedItem.NewAuthType) { case ConnectionAuthType.Passcode: composeInfo.Behavior = new FrontendBehavior(StepType.EnterPasscode, relatedItem.ChallengeType, GetNextBehaviorFunc(input, relatedItem)) { AlternativeBehavior = new FrontendBehavior(StepType.ResetPasscode, relatedItem.ChallengeType, new CallAction(UrlProvider.GetResetPasscodeUrl(relatedItem.Context), HttpMethod.Delete.ToString())) }; break; case ConnectionAuthType.Fido2: { await _cacheItemRepository.UpdateAsync(relatedItem.Context, item => item.OldPublicKey = publicKey); var fido2Url = UrlProvider.GetFido2Url(relatedItem.Context, relatedItem.RequestToken, input.CultureInfo?.Name); composeInfo.Behavior = FrontendBehavior.CreateRedirect(fido2Url); break; } default: throw new ArgumentOutOfRangeException(); } var jwt = JwtComposer.GenerateBaseStepJwt(composeInfo); return(new StateResult(jwt, _cookieService.CreateAuthCookies(relatedItem))); }
protected FrontendBehavior TryAddFido2DisclaimerToBehavior(TransitionInput <AcceptStartRequest> input, CacheItem relatedItem, FrontendBehavior expectedBehavior) { if (CoreConfiguration.TFAEnabled && CoreConfiguration.Fido2FallbackBehavior == Fido2FallbackBehavior.Basic && !input.Data.SupportsFido2 && relatedItem.ChallengeType != ChallengeType.Login) { return new FrontendBehavior(StepType.Fido2Disclaimer, relatedItem.ChallengeType, expectedBehavior) { AlternativeBehavior = GetReferenceToExistingStep(StepType.Stopped, relatedItem.Context, relatedItem.ChallengeType) } } ; return(expectedBehavior); } }
private Dictionary <string, object> GetStepBehavior(FrontendBehavior nextFrontendBehavior) { if (nextFrontendBehavior.Error != null && nextFrontendBehavior.Type != StepType.Error) { throw new ArgumentException( $"{nameof(nextFrontendBehavior.Error)} can be supplied only if {nameof(nextFrontendBehavior.Type)} is '{nameof(StepType.Error)}'", nameof(nextFrontendBehavior)); } if (nextFrontendBehavior.Error == null && nextFrontendBehavior.Type == StepType.Error) { throw new ArgumentException( $"{nameof(nextFrontendBehavior.Error)} must be provided if {nameof(nextFrontendBehavior.Type)} is '{nameof(StepType.Error)}'", nameof(nextFrontendBehavior)); } var stepType = nextFrontendBehavior.Type.ToString(); var actionType = nextFrontendBehavior.ActionType.ToString(); var stepDict = new Dictionary <string, object> { { "type", stepType.First().ToString().ToLowerInvariant() + stepType.Substring(1) }, { "actionType", actionType.First().ToString().ToLowerInvariant() + actionType.Substring(1) } }; if (nextFrontendBehavior.Error != null) { stepDict.Add("error", nextFrontendBehavior.Error.ToString().ToCamelCase()); } else { stepDict.Add("challengeType", nextFrontendBehavior.ChallengeType.ToString().ToLowerInvariant()); } if (nextFrontendBehavior.Polling != null) { stepDict.Add("polling", new { url = nextFrontendBehavior.Polling.Url.ToString(), method = nextFrontendBehavior.Polling.Method, interval = nextFrontendBehavior.Polling.Interval }); } if (nextFrontendBehavior.Callback != null) { stepDict.Add("callback", new { url = nextFrontendBehavior.Callback.Url, method = nextFrontendBehavior.Callback.Method }); } if (nextFrontendBehavior.NextBehavior != null) { stepDict.Add("nextBehavior", GetStepBehavior(nextFrontendBehavior.NextBehavior)); } if (nextFrontendBehavior.AlternativeBehavior != null) { stepDict.Add("alternativeBehavior", GetStepBehavior(nextFrontendBehavior.AlternativeBehavior)); } return(stepDict); }