private async Task <FrontendBehavior> NavigateToPasswordlessPageAsync(TransitionInput <AcceptStartRequest> input,
CacheItem relatedItem)
{
await _verifyFido2CredentialIdCommand.ExecuteAsync(relatedItem);
var fido2Url = UrlProvider.GetFido2Url(relatedItem.Context, relatedItem.RequestToken,
input.CultureInfo?.Name);
return(FrontendBehavior.CreateRedirect(fido2Url));
}
private async Task <ITransitionResult> SwitchConnectionAuthTypeAsync(CacheItem relatedItem,
TransitionInput <JwtContainer> input, bool supportsFido2, string publicKey)
{
relatedItem.NewAuthType
= supportsFido2 && _configuration.Fido2.IsEnabled
? ConnectionAuthType.Fido2
: ConnectionAuthType.Passcode;
var composeInfo = new BaseJwtComposeInfo(input)
{
EncKey = relatedItem.EncKey,
EncVector = relatedItem.EncVector
};
switch (relatedItem.NewAuthType)
{
case ConnectionAuthType.Passcode:
composeInfo.Behavior = new FrontendBehavior(StepType.EnterPasscode, relatedItem.ChallengeType,
GetNextBehaviorFunc(input, relatedItem))
{
AlternativeBehavior = new FrontendBehavior(StepType.ResetPasscode, relatedItem.ChallengeType,
new CallAction(UrlProvider.GetResetPasscodeUrl(relatedItem.Context),
HttpMethod.Delete.ToString()))
};
break;
case ConnectionAuthType.Fido2:
{
await _cacheItemRepository.UpdateAsync(relatedItem.Context, item => item.OldPublicKey = publicKey);
var fido2Url = UrlProvider.GetFido2Url(relatedItem.Context, relatedItem.RequestToken,
input.CultureInfo?.Name);
composeInfo.Behavior = FrontendBehavior.CreateRedirect(fido2Url);
break;
}
default:
throw new ArgumentOutOfRangeException();
}
var jwt = JwtComposer.GenerateBaseStepJwt(composeInfo);
return(new StateResult(jwt, _cookieService.CreateAuthCookies(relatedItem)));
}
