//根据密钥获取验证码 public static string getCodeFromSecret(string secret) { secretKey = secret; var authenticator = new TwoStepsAuthenticator.TimeAuthenticator(); return(authenticator.GetCode(secretKey)); }
internal void GetCode() { var auth = new TwoStepsAuthenticator.TimeAuthenticator(); Code = auth.GetCode(this.Key); auth.CheckCode(key, Code, "user"); }
public static string SendCodeSms(string secret, int time = 30) { var authenticator = new TwoStepsAuthenticator.TimeAuthenticator(null, null, time); var code = authenticator.GetCode(secret); Console.WriteLine(code); Console.WriteLine(secret); return(code); }
private static string secretKey;//模拟客户端保存的密钥//应加密后存储在客户端中 //获取验证码 public static string getCodeFromSecret() { if (secretKey == null) { throw new NullReferenceException("当前密钥为空!"); } else { var authenticator = new TwoStepsAuthenticator.TimeAuthenticator(); return(authenticator.GetCode(secretKey)); } }
internal void GetCode() { var auth = new TwoStepsAuthenticator.TimeAuthenticator(); Code = auth.GetCode(this.Key); auth.CheckCode(key, Code); }
public static async Task <string> GenerateCode(UserManager <ApplicationUser> userManager, ApplicationUser user, string typeGenerate) { try { var secret = TwoStepsAuthenticator.Authenticator.GenerateKey(); Console.WriteLine(secret); var oldJsonSecretKey = user.ListSecretKeySms; var secretSmsKey = new SecretSmsKey(); if (!string.IsNullOrEmpty(oldJsonSecretKey)) { secretSmsKey = SecretSmsKey.FromJson(user.ListSecretKeySms); } switch (typeGenerate) { case Const.TypeGenerateChangePassword: secretSmsKey.ChangePassword = secret; break; case Const.TypeGenerateChangeOldPhoneNumber: secretSmsKey.ChangePhoneOldPhone = secret; break; case Const.TypeGenerateChangeNewPhoneNumber: secretSmsKey.ChangePhoneNewPhone = secret; break; case Const.TypeGenerateChangeConfirmPhoneNumber: secretSmsKey.ChangePhoneConfirmPhone = secret; break; case Const.TypeGenerateChangeTwoFactor: secretSmsKey.ChangeTwoFactor = secret; break; case Const.TypeGenerateLockAccount: secretSmsKey.LockAccount = secret; break; case Const.TypeGenerateUnlockAccount: secretSmsKey.UnlockAccount = secret; break; case Const.TypeGenerateAddPhoneNumber: secretSmsKey.AddPhoneNumber = secret; break; case Const.TypeGenerateAddLockScreen: secretSmsKey.AddLockScreen = secret; break; case Const.TypeGenerateLogin: secretSmsKey.Login = secret; break; default: return(null); } var newJsonListSecretSms = SecretSmsKey.ToJson(secretSmsKey); user.ListSecretKeySms = newJsonListSecretSms; await userManager.UpdateAsync(user); var authenticator = new TwoStepsAuthenticator.TimeAuthenticator(); var code = authenticator.GetCode(secret); var message = "Vakaxa security code is: " + code; Console.WriteLine(message); return(message); } catch (Exception e) { Logger.LogError("SecurityController ==>> GenerateCode: " + e.Message); return(null); } }
public async Task <IActionResult> Login(LoginInputModel model, string button) { // check if we are in the context of an authorization request var context = await _interaction.GetAuthorizationContextAsync(model.ReturnUrl); // the user clicked the "cancel" button if (button != "login") { if (context != null) { // if the user cancels, send a result back into IdentityServer as if they // denied the consent (even if this client does not require consent). // this will send back an access denied OIDC error response to the client. await _interaction.GrantConsentAsync(context, ConsentResponse.Denied); // we can trust model.ReturnUrl since GetAuthorizationContextAsync returned non-null if (await _clientStore.IsPkceClientAsync(context.ClientId)) { // if the client is PKCE then we assume it's native, so this change in how to // return the response is for better UX for the end user. return(View("Redirect", new RedirectViewModel { RedirectUrl = model.ReturnUrl })); } return(Redirect(model.ReturnUrl)); } else { // since we don't have a valid context, then we just go back to the home page return(Redirect("~/")); } } if (ModelState.IsValid) { // validate username/password against in-memory store if (await _localUserService.ValidateCredentialsAsync( model.Username, model.Password)) { var user = await _localUserService.GetUserByUserNameAsync(model.Username); // issue temporary authentication ticket var temporaryIdentity = new ClaimsIdentity(); temporaryIdentity.AddClaim(new Claim(JwtClaimTypes.Subject, user.Subject)); await HttpContext.SignInAsync("idsrv.mfa", new ClaimsPrincipal(temporaryIdentity)); // if there's no TOTP secret registered for this user, send an OTP via // mail as backup if (!(await _localUserService.UserHasRegisteredTotpSecret(user.Subject))) { // generate OTP var authenticator = new TwoStepsAuthenticator.TimeAuthenticator(); var totp = authenticator.GetCode(_totpSecret); // send OTP by mail (fake this by writing it to the debug output window) Debug.WriteLine($"OTP: {totp}"); } var redirectToAdditionalFactorUrl = Url.Action("AdditionalAuthenticationFactor", new { returnUrl = model.ReturnUrl, rememberLogin = model.RememberLogin }); return(Redirect(redirectToAdditionalFactorUrl)); } await _events.RaiseAsync(new UserLoginFailureEvent(model.Username, "invalid credentials", clientId : context?.ClientId)); ModelState.AddModelError(string.Empty, AccountOptions.InvalidCredentialsErrorMessage); } // something went wrong, show form with error var vm = await BuildLoginViewModelAsync(model); return(View(vm)); }