public async Task VerifyAsync(string passCode)
{
var activateFactorOptions = new ActivateFactorOptions()
{
FactorId = this.Id,
PassCode = passCode,
StateToken = this.stateController.StateToken,
};
var request = new HttpRequest()
{
Uri = "/api/v1/authn/factors?updatePhone=true",
Payload = activateFactorOptions,
};
var authResponse = await this.authnClient.PostAsync <AuthenticationResponse>(request);
this.stateController.ProcessAuthnResponse(authResponse);
}
public async Task <ActionResult> VerifyFactorAsync(VerifyFactorViewModel model)
{
if (!ModelState.IsValid)
{
return(View("VerifyFactor", model));
}
if (model.IsMfaRequiredFlow)
{
// Valid for both SMS and/or email
var verifyFactorOptions = new VerifyTotpFactorOptions
{
StateToken = Session["stateToken"].ToString(),
FactorId = Session["factorId"].ToString(),
PassCode = model.Code,
};
try
{
var authnResponse = await _oktaAuthenticationClient.VerifyFactorAsync(verifyFactorOptions)
.ConfigureAwait(false);
if (authnResponse.AuthenticationStatus == AuthenticationStatus.Success)
{
var username = authnResponse.Embedded
.GetProperty <Resource>("user")
.GetProperty <Resource>("profile")
.GetProperty <string>("login");
var identity = new ClaimsIdentity(
new[] { new Claim(ClaimTypes.Name, username) },
DefaultAuthenticationTypes.ApplicationCookie);
_authenticationManager.SignIn(new AuthenticationProperties {
IsPersistent = (bool)Session["rememberMe"]
}, identity);
return(RedirectToAction("Index", "Home"));
}
throw new NotImplementedException($"Unhandled Authentication Status {authnResponse.AuthenticationStatus}");
}
catch (Exception exception)
{
ModelState.AddModelError(string.Empty, exception.Message);
return(View("VerifyFactor", model));
}
}
else
{
var acitvateFactorOptions = new ActivateFactorOptions
{
PassCode = model.Code,
StateToken = Session["stateToken"].ToString(),
FactorId = Session["factorId"].ToString(),
};
try
{
var authnResponse =
await _oktaAuthenticationClient.ActivateFactorAsync(acitvateFactorOptions).ConfigureAwait(false);
if (authnResponse.AuthenticationStatus == AuthenticationStatus.MfaEnroll)
{
// check for skip
if (authnResponse.Links["skip"] != null)
{
authnResponse = await _oktaAuthenticationClient.SkipTransactionStateAsync(
new TransactionStateOptions
{
StateToken = Session["stateToken"].ToString(),
}).ConfigureAwait(false);
}
}
if (authnResponse.AuthenticationStatus == AuthenticationStatus.Success)
{
var username = authnResponse.Embedded
.GetProperty <Resource>("user")
.GetProperty <Resource>("profile")
.GetProperty <string>("login");
var identity = new ClaimsIdentity(
new[] { new Claim(ClaimTypes.Name, username) },
DefaultAuthenticationTypes.ApplicationCookie);
_authenticationManager.SignIn(new AuthenticationProperties {
IsPersistent = (bool)Session["rememberMe"]
}, identity);
return(RedirectToAction("Index", "Home"));
}
throw new NotImplementedException($"Unhandled Authentication Status {authnResponse.AuthenticationStatus}");
}
catch (Exception exception)
{
ModelState.AddModelError(string.Empty, exception.Message);
return(View("VerifyFactor", model));
}
}
}