private async Task <Dictionary <string, object> > BuildTwoFactorParams(Organization organization, User user,
TwoFactorProviderType type, TwoFactorProvider provider)
{
switch (type)
{
case TwoFactorProviderType.Duo:
case TwoFactorProviderType.WebAuthn:
case TwoFactorProviderType.Email:
case TwoFactorProviderType.YubiKey:
if (!(await _userService.TwoFactorProviderIsEnabledAsync(type, user)))
{
return(null);
}
var token = await _userManager.GenerateTwoFactorTokenAsync(user,
CoreHelpers.CustomProviderName(type));
if (type == TwoFactorProviderType.Duo)
{
return(new Dictionary <string, object>
{
["Host"] = provider.MetaData["Host"],
["Signature"] = token
});
}
else if (type == TwoFactorProviderType.WebAuthn)
{
if (token == null)
{
return(null);
}
return(JsonSerializer.Deserialize <Dictionary <string, object> >(token));
}
else if (type == TwoFactorProviderType.Email)
{
return(new Dictionary <string, object>
{
["Email"] = token
});
}
else if (type == TwoFactorProviderType.YubiKey)
{
return(new Dictionary <string, object>
{
["Nfc"] = (bool)provider.MetaData["Nfc"]
});
}
return(null);
case TwoFactorProviderType.OrganizationDuo:
if (await _organizationDuoWebTokenProvider.CanGenerateTwoFactorTokenAsync(organization))
{
return(new Dictionary <string, object>
{
["Host"] = provider.MetaData["Host"],
["Signature"] = await _organizationDuoWebTokenProvider.GenerateAsync(organization, user)
});
}
return(null);
default:
return(null);
}
}
private async Task <Dictionary <string, object> > BuildTwoFactorParams(Organization organization, User user,
TwoFactorProviderType type, TwoFactorProvider provider)
{
switch (type)
{
case TwoFactorProviderType.Duo:
case TwoFactorProviderType.U2f:
case TwoFactorProviderType.Email:
case TwoFactorProviderType.YubiKey:
if (!(await user.TwoFactorProviderIsEnabledAsync(type, _userService)))
{
return(null);
}
var token = await _userManager.GenerateTwoFactorTokenAsync(user, type.ToString());
if (type == TwoFactorProviderType.Duo)
{
return(new Dictionary <string, object>
{
["Host"] = provider.MetaData["Host"],
["Signature"] = token
});
}
else if (type == TwoFactorProviderType.U2f)
{
// TODO: Remove "Challenges" in a future update. Deprecated.
var tokens = token?.Split('|');
return(new Dictionary <string, object>
{
["Challenge"] = tokens != null && tokens.Length > 0 ? tokens[0] : null,
["Challenges"] = tokens != null && tokens.Length > 1 ? tokens[1] : null
});
}
else if (type == TwoFactorProviderType.Email)
{
return(new Dictionary <string, object>
{
["Email"] = RedactEmail((string)provider.MetaData["Email"])
});
}
else if (type == TwoFactorProviderType.YubiKey)
{
return(new Dictionary <string, object>
{
["Nfc"] = (bool)provider.MetaData["Nfc"]
});
}
return(null);
case TwoFactorProviderType.OrganizationDuo:
if (await _organizationDuoWebTokenProvider.CanGenerateTwoFactorTokenAsync(organization))
{
return(new Dictionary <string, object>
{
["Host"] = provider.MetaData["Host"],
["Signature"] = await _organizationDuoWebTokenProvider.GenerateAsync(organization, user)
});
}
return(null);
default:
return(null);
}
}
private async Task <Dictionary <string, object> > BuildTwoFactorParams(Organization organization, User user,
TwoFactorProviderType type, TwoFactorProvider provider)
{
switch (type)
{
case TwoFactorProviderType.Duo:
case TwoFactorProviderType.U2f:
case TwoFactorProviderType.Email:
case TwoFactorProviderType.YubiKey:
if (!user.TwoFactorProviderIsEnabled(type))
{
return(null);
}
var token = await _userManager.GenerateTwoFactorTokenAsync(user, type.ToString());
if (type == TwoFactorProviderType.Duo)
{
return(new Dictionary <string, object>
{
["Host"] = provider.MetaData["Host"],
["Signature"] = token
});
}
else if (type == TwoFactorProviderType.U2f)
{
return(new Dictionary <string, object>
{
["Challenges"] = token
});
}
else if (type == TwoFactorProviderType.Email)
{
return(new Dictionary <string, object>
{
["Email"] = RedactEmail((string)provider.MetaData["Email"])
});
}
else if (type == TwoFactorProviderType.YubiKey)
{
return(new Dictionary <string, object>
{
["Nfc"] = (bool)provider.MetaData["Nfc"]
});
}
return(null);
case TwoFactorProviderType.OrganizationDuo:
if (await _organizationDuoWebTokenProvider.CanGenerateTwoFactorTokenAsync(organization))
{
return(new Dictionary <string, object>
{
["Host"] = provider.MetaData["Host"],
["Signature"] = await _organizationDuoWebTokenProvider.GenerateAsync(organization, user)
});
}
return(null);
default:
return(null);
}
}
