CalvinBackup/notesnook-sync-server_customPrivateV1
1
0
Fork 0
mirror of https://github.com/streetwriters/notesnook-sync-server.git synced 2026-02-12 11:12:44 +00:00
Code Issues Packages Projects Releases Wiki Activity

identity: validate mfa method against user's mfa methods

Browse Source
This commit is contained in:
Abdullah Atta
2025-04-30 11:45:18 +05:00
parent 0841ca1aa8
commit 8d3b0d6dbf
3 changed files with 11 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
Streetwriters.Identity/Interfaces/IMFAService.cs
View File

@@ -34,6 +34,7 @@ namespace Streetwriters.Identity.Interfaces
string GetSecondaryMethod(User user);
Task<int> GetRemainingValidCodesAsync(User user);
bool IsValidMFAMethod(string method);
bool IsValidMFAMethod(string method, User user);
Task<AuthenticatorDetails> GetAuthenticatorDetailsAsync(User user, IClient client);
Task SendOTPAsync(User user, IClient client, MultiFactorSetupForm form, bool isSetup = false);
Task<bool> VerifyOTPAsync(User user, string code, string method);

11
Streetwriters.Identity/Services/MFAService.cs
View File

@@ -121,6 +121,13 @@ namespace Streetwriters.Identity.Services
return method == MFAMethods.App || method == MFAMethods.Email || method == MFAMethods.SMS || method == MFAMethods.RecoveryCode;
}
public bool IsValidMFAMethod(string method, User user)
{
var primaryMethod = GetPrimaryMethod(user);
var secondaryMethod = GetSecondaryMethod(user);
return IsValidMFAMethod(method) && (method == primaryMethod || method == secondaryMethod);
}
private Task RemoveSecondaryMethodAsync(User user)
{
return this.RemoveClaimAsync(user, MFAService.SECONDARY_METHOD_CLAIM);
@@ -157,8 +164,8 @@ namespace Streetwriters.Identity.Services
public async Task SendOTPAsync(User user, IClient client, MultiFactorSetupForm form, bool isSetup = false)
{
var method = form.Type;
if (method != MFAMethods.Email && method != MFAMethods.SMS) throw new Exception("Invalid method.");
if ((method != MFAMethods.Email && method != MFAMethods.SMS) || !IsValidMFAMethod(method, user))
throw new Exception("Invalid method.");
if (isSetup &&
method == MFAMethods.SMS &&

2
Streetwriters.Identity/Validation/MFAGrantValidator.cs
View File

@@ -101,7 +101,7 @@ namespace Streetwriters.Identity.Validation
context.Result.ErrorDescription = "Please provide a valid multi-factor authentication code.";
if (string.IsNullOrEmpty(mfaCode)) return;
if (string.IsNullOrEmpty(mfaMethod) || !MFAService.IsValidMFAMethod(mfaMethod))
if (string.IsNullOrEmpty(mfaMethod) || !MFAService.IsValidMFAMethod(mfaMethod, user))
{
context.Result.ErrorDescription = "Please provide a valid multi-factor authentication method.";
return;