public async Task <CacheItem> ExecuteAsync(string fido2Payload, CacheItem relatedItem)
{
var request = OwnIdSerializer.Deserialize <Fido2RegisterRequest>(fido2Payload);
if (string.IsNullOrWhiteSpace(request.AttestationObject))
{
throw new CommandValidationException("Incorrect Fido2 register request: AttestationObject is missing");
}
if (string.IsNullOrWhiteSpace(request.ClientDataJson))
{
throw new CommandValidationException("Incorrect Fido2 register request: ClientDataJson is missing");
}
var fido2Response = new AuthenticatorAttestationRawResponse
{
Id = _encodingService.Base64UrlDecode(NewUserId),
RawId = _encodingService.Base64UrlDecode(NewUserId),
Type = PublicKeyCredentialType.PublicKey,
Response = new AuthenticatorAttestationRawResponse.ResponseData
{
AttestationObject = _encodingService.Base64UrlDecode(request.AttestationObject),
ClientDataJson = _encodingService.Base64UrlDecode(request.ClientDataJson)
}
};
var options = new CredentialCreateOptions
{
Challenge = _encodingService.ASCIIDecode(relatedItem.Context),
Rp = new PublicKeyCredentialRpEntity(
_configuration.Fido2.RelyingPartyId,
_configuration.Fido2.RelyingPartyName,
null),
User = new Fido2User
{
DisplayName = _configuration.Fido2.UserDisplayName,
Name = _configuration.Fido2.UserName,
Id = _encodingService.Base64UrlDecode(NewUserId)
}
};
var result = await _fido2.MakeNewCredentialAsync(fido2Response, options, args => Task.FromResult(true));
if (result == null)
{
throw new InternalLogicException("Cannot verify fido2 register request");
}
var publicKey = _encodingService.Base64UrlEncode(result.Result.PublicKey);
return(await ProcessFido2RegisterResponseAsync(relatedItem, publicKey, result.Result.Counter,
_encodingService.Base64UrlEncode(result.Result.CredentialId)));
}