src/Core/Identity/AuthenticatorTokenProvider.cs

using System;
using System.Threading.Tasks;
using Microsoft.AspNetCore.Identity;
using Bit.Core.Models.Table;
using Bit.Core.Enums;
using OtpNet;

namespace Bit.Core.Identity
{
    public class AuthenticatorTokenProvider : IUserTwoFactorTokenProvider<User>
    {
        public Task<bool> CanGenerateTwoFactorTokenAsync(UserManager<User> manager, User user)
        {
            var canGenerate = user.TwoFactorEnabled
                && user.TwoFactorProvider.HasValue
                && user.TwoFactorProvider.Value == TwoFactorProviderType.Authenticator
                && !string.IsNullOrWhiteSpace(user.AuthenticatorKey);
            
            return Task.FromResult(canGenerate);
        }

        public Task<string> GetUserModifierAsync(string purpose, UserManager<User> manager, User user)
        {
            return Task.FromResult<string>(null);
        }

        public Task<string> GenerateAsync(string purpose, UserManager<User> manager, User user)
        {
            return Task.FromResult<string>(null);
        }

        public Task<bool> ValidateAsync(string purpose, string token, UserManager<User> manager, User user)
        {
            var otp = new Totp(Base32Encoding.ToBytes(user.AuthenticatorKey));

            long timeStepMatched;
            var valid = otp.VerifyTotp(token, out timeStepMatched, new VerificationWindow(1, 1));

            return Task.FromResult(valid);
        }
    }
}
-												initial commit of source

											
										
										
											2015-12-08 22:57:38 -05:00
+								using System;
 								using System.Threading.Tasks;
-												Upgrade to ASP.NET Core RC2 release.

											
										
										
											2016-05-19 19:10:24 -04:00
+								using Microsoft.AspNetCore.Identity;
-												move domains to Models.Table

											
										
										
											2017-03-08 21:45:08 -05:00
+								using Bit.Core.Models.Table;
-												initial commit of source

											
										
										
											2015-12-08 22:57:38 -05:00
+								using Bit.Core.Enums;
-												Replace OtpSharp with Otp.NET for net core support

											
										
										
											2017-01-13 21:34:54 -05:00
+								using OtpNet;
-												initial commit of source

											
										
										
											2015-12-08 22:57:38 -05:00
 								namespace Bit.Core.Identity
 								{
-												Upgrade to ASP.NET Core RC2 release.

											
										
										
											2016-05-19 19:10:24 -04:00
+								    public class AuthenticatorTokenProvider : IUserTwoFactorTokenProvider<User>
-												initial commit of source

											
										
										
											2015-12-08 22:57:38 -05:00
+								    {
 								        public Task<bool> CanGenerateTwoFactorTokenAsync(UserManager<User> manager, User user)
 								        {
 								            var canGenerate = user.TwoFactorEnabled
 								                && user.TwoFactorProvider.HasValue
-												equivalent domains APIs and data models

											
										
										
											2017-01-09 22:20:34 -05:00
+								                && user.TwoFactorProvider.Value == TwoFactorProviderType.Authenticator
-												initial commit of source

											
										
										
											2015-12-08 22:57:38 -05:00
+								                && !string.IsNullOrWhiteSpace(user.AuthenticatorKey);
-												remove deprecated jwt bearer authentication method

											
										
										
											2017-06-06 23:19:42 -04:00
-												initial commit of source

											
										
										
											2015-12-08 22:57:38 -05:00
+								            return Task.FromResult(canGenerate);
 								        }
 								        public Task<string> GetUserModifierAsync(string purpose, UserManager<User> manager, User user)
 								        {
 								            return Task.FromResult<string>(null);
 								        }
 								        public Task<string> GenerateAsync(string purpose, UserManager<User> manager, User user)
 								        {
 								            return Task.FromResult<string>(null);
 								        }
 								        public Task<bool> ValidateAsync(string purpose, string token, UserManager<User> manager, User user)
 								        {
-												Replace OtpSharp with Otp.NET for net core support

											
										
										
											2017-01-13 21:34:54 -05:00
+								            var otp = new Totp(Base32Encoding.ToBytes(user.AuthenticatorKey));
-												initial commit of source

											
										
										
											2015-12-08 22:57:38 -05:00
 								            long timeStepMatched;
-												updated otp library. reduced verification window to RFC standard of 1

											
										
										
											2017-01-28 22:11:54 -05:00
+								            var valid = otp.VerifyTotp(token, out timeStepMatched, new VerificationWindow(1, 1));
-												initial commit of source

											
										
										
											2015-12-08 22:57:38 -05:00
 								            return Task.FromResult(valid);
 								        }
 								    }
 								}