示例#1
0
        public AuthResponse Verify(string stateToken, Factor factor, MfaAnswer answer = null)
        {
            // This is "Href" and not "First()" because this is a "Factor Links Object"
            var verifyLink = factor.Links["verify"].Href;

            return(Execute(stateToken, verifyLink, answer));
        }
示例#2
0
        public ActionResult Verify(Otp otp)
        {
            if (ModelState.IsValid != true)
            {
                return(View());
            }
            var stateToken = (string)Session[stateTokenKey];
            var response   = okta.authn.GetStatus(stateToken);
            var factor     = response.Embedded.Factors.First();

            ViewBag.FactorType = factor.FactorType;
            var answer = new MfaAnswer();

            answer.Passcode = otp.passCode;
            // TODO: Modify "response" to get the _links for the .factors attribute, then pass the factor from factors to Verify()
            try
            {
                var rv = okta.authn.Verify(stateToken, factor, answer);
                return(CreateSessionFor(rv));
            }
            catch (OktaException e)
            {
                ModelState.AddModelError("*", e.ErrorSummary);
            }
            return(View());
        }
        protected void btnVerifySms_Click(object sender, EventArgs e)
        {
            string            passcode      = this.tbSmsCode.Text;
            User              user          = Factory.UserClient.Where <User>(u => u.Profile.Login.Equals(this.tbUsername.Text)).FirstOrDefault();
            UserFactorsClient factorsClient = Factory.UserClient.GetUserFactorsClient(user);
            Factor            smsFactor     = factorsClient.First(x => x.FactorType == FactorType.Sms);
            MfaAnswer         answer        = new MfaAnswer {
                Passcode = passcode
            };
            ChallengeResponse response = factorsClient.CompleteChallenge(smsFactor, answer);

            if (response.FactorResult == "SUCCESS")
            {
                Uri    uri           = Factory.UserClient.ForgotPassword(user, false);
                string recoveryToken = this.GetRecoveryTokenFromUri(uri);
                string resetLink     = string.Format("{0}/ResetPassword?ott={1}", "http://localhost:8080", recoveryToken);
                Response.Redirect(resetLink);
            }
            else
            {
                // TODO what to do if the verification fails?
                lblMessage.Text = string.Format("Result {0}: {1}", response.FactorResult, response.FactorResultMessage);
            }
        }
        /// <summary>
        /// Completes an MFA Security Question challenge
        /// </summary>
        /// <param name="factor">the Factor security question object used to validate the answer</param>
        /// <param name="mfaAnswer">an object of type MfaAnswer used to validate the answer</param>
        /// <returns></returns>
        public virtual ChallengeResponse CompleteChallenge(Factor factor, MfaAnswer mfaAnswer)
        {
            var response = BaseClient.Post(this.GetResourceUri(factor) + Constants.VerifyEndpoint, mfaAnswer.ToJson());

            return(Utils.Deserialize <ChallengeResponse>(response));
        }