diff --git a/src/Identity/Extensions.Core/src/AuthenticatorTokenProvider.cs b/src/Identity/Extensions.Core/src/AuthenticatorTokenProvider.cs index f067e398c2..d40ec7f50f 100644 --- a/src/Identity/Extensions.Core/src/AuthenticatorTokenProvider.cs +++ b/src/Identity/Extensions.Core/src/AuthenticatorTokenProvider.cs @@ -13,14 +13,15 @@ namespace Microsoft.AspNetCore.Identity public class AuthenticatorTokenProvider : IUserTwoFactorTokenProvider where TUser : class { /// - /// Checks if a two factor authentication token can be generated for the specified . + /// Checks if a two-factor authentication token can be generated for the specified . /// /// The to retrieve the from. - /// The to check for the possibility of generating a two factor authentication token. + /// The to check for the possibility of generating a two-factor authentication token. /// True if the user has an authenticator key set, otherwise false. public async virtual Task CanGenerateTwoFactorTokenAsync(UserManager manager, TUser user) { var key = await manager.GetAuthenticatorKeyAsync(user); + return !string.IsNullOrWhiteSpace(key); } @@ -65,6 +66,7 @@ namespace Microsoft.AspNetCore.Identity return true; } } + return false; } } diff --git a/src/Identity/Extensions.Core/src/EmailTokenProvider.cs b/src/Identity/Extensions.Core/src/EmailTokenProvider.cs index a6ee043876..dc9fcfaaaf 100644 --- a/src/Identity/Extensions.Core/src/EmailTokenProvider.cs +++ b/src/Identity/Extensions.Core/src/EmailTokenProvider.cs @@ -1,3 +1,6 @@ +// Copyright (c) .NET Foundation. All rights reserved. +// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information. + using System.Threading.Tasks; namespace Microsoft.AspNetCore.Identity @@ -10,29 +13,31 @@ namespace Microsoft.AspNetCore.Identity where TUser : class { /// - /// Checks if a two factor authentication token can be generated for the specified . + /// Checks if a two-factor authentication token can be generated for the specified . /// /// The to retrieve the from. - /// The to check for the possibility of generating a two factor authentication token. + /// The to check for the possibility of generating a two-factor authentication token. /// True if the user has an email address set, otherwise false. public override async Task CanGenerateTwoFactorTokenAsync(UserManager manager, TUser user) { var email = await manager.GetEmailAsync(user); + return !string.IsNullOrWhiteSpace(email) && await manager.IsEmailConfirmedAsync(user); } /// /// Returns the a value for the user used as entropy in the generated token. /// - /// The purpose of the two factor authentication token. + /// The purpose of the two-factor authentication token. /// The to retrieve the from. - /// The to check for the possibility of generating a two factor authentication token. + /// The to check for the possibility of generating a two-factor authentication token. /// A string suitable for use as entropy in token generation. public override async Task GetUserModifierAsync(string purpose, UserManager manager, TUser user) { var email = await manager.GetEmailAsync(user); - return "Email:" + purpose + ":" + email; + + return $"Email:{purpose}:{email}"; } } -} \ No newline at end of file +} diff --git a/src/Identity/Extensions.Core/src/IUserTwoFactorTokenProvider.cs b/src/Identity/Extensions.Core/src/IUserTwoFactorTokenProvider.cs index 5c9f7d82d6..0f1a0b07b7 100644 --- a/src/Identity/Extensions.Core/src/IUserTwoFactorTokenProvider.cs +++ b/src/Identity/Extensions.Core/src/IUserTwoFactorTokenProvider.cs @@ -6,7 +6,7 @@ using System.Threading.Tasks; namespace Microsoft.AspNetCore.Identity { /// - /// Provides an abstraction for two factor token generators. + /// Provides an abstraction for two-factor token generators. /// /// The type encapsulating a user. public interface IUserTwoFactorTokenProvider where TUser : class @@ -48,7 +48,7 @@ namespace Microsoft.AspNetCore.Identity Task ValidateAsync(string purpose, string token, UserManager manager, TUser user); /// - /// Returns a flag indicating whether the token provider can generate a token suitable for two factor authentication token for + /// Returns a flag indicating whether the token provider can generate a token suitable for two-factor authentication token for /// the specified . /// /// The that can be used to retrieve user properties. @@ -56,7 +56,7 @@ namespace Microsoft.AspNetCore.Identity /// /// The that represents the asynchronous operation, containing the a flag indicating if a two /// factor token could be generated by this provider for the specified . - /// The task will return true if a two factor authentication token could be generated, otherwise false. + /// The task will return true if a two-factor authentication token could be generated, otherwise false. /// Task CanGenerateTwoFactorTokenAsync(UserManager manager, TUser user); } diff --git a/src/Identity/Extensions.Core/src/PhoneNumberTokenProvider.cs b/src/Identity/Extensions.Core/src/PhoneNumberTokenProvider.cs index b3c497f867..7a1df48ebf 100644 --- a/src/Identity/Extensions.Core/src/PhoneNumberTokenProvider.cs +++ b/src/Identity/Extensions.Core/src/PhoneNumberTokenProvider.cs @@ -1,3 +1,6 @@ +// Copyright (c) .NET Foundation. All rights reserved. +// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information. + using System; using System.Threading.Tasks; @@ -12,7 +15,7 @@ namespace Microsoft.AspNetCore.Identity where TUser : class { /// - /// Returns a flag indicating whether the token provider can generate a token suitable for two factor authentication token for + /// Returns a flag indicating whether the token provider can generate a token suitable for two-factor authentication token for /// the specified . /// /// The that can be used to retrieve user properties. @@ -20,7 +23,7 @@ namespace Microsoft.AspNetCore.Identity /// /// The that represents the asynchronous operation, containing the a flag indicating if a two /// factor token could be generated by this provider for the specified . - /// The task will return true if a two factor authentication token could be generated as the user has + /// The task will return true if a two-factor authentication token could be generated as the user has /// a telephone number, otherwise false. /// public override async Task CanGenerateTwoFactorTokenAsync(UserManager manager, TUser user) @@ -29,7 +32,9 @@ namespace Microsoft.AspNetCore.Identity { throw new ArgumentNullException(nameof(manager)); } + var phoneNumber = await manager.GetPhoneNumberAsync(user); + return !string.IsNullOrWhiteSpace(phoneNumber) && await manager.IsPhoneNumberConfirmedAsync(user); } @@ -49,8 +54,10 @@ namespace Microsoft.AspNetCore.Identity { throw new ArgumentNullException(nameof(manager)); } + var phoneNumber = await manager.GetPhoneNumberAsync(user); - return "PhoneNumber:" + purpose + ":" + phoneNumber; + + return $"PhoneNumber:{purpose}:{phoneNumber}"; } } -} \ No newline at end of file +} diff --git a/src/Identity/Extensions.Core/src/TotpSecurityStampBasedTokenProvider.cs b/src/Identity/Extensions.Core/src/TotpSecurityStampBasedTokenProvider.cs index 117fb0752f..023ba3f250 100644 --- a/src/Identity/Extensions.Core/src/TotpSecurityStampBasedTokenProvider.cs +++ b/src/Identity/Extensions.Core/src/TotpSecurityStampBasedTokenProvider.cs @@ -5,7 +5,7 @@ using System.Threading.Tasks; namespace Microsoft.AspNetCore.Identity { /// - /// Represents a token provider that generates time based codes using the user's security stamp. + /// Represents a token provider that generates time-based codes using the user's security stamp. /// /// The type encapsulating a user. public abstract class TotpSecurityStampBasedTokenProvider : IUserTwoFactorTokenProvider @@ -38,6 +38,7 @@ namespace Microsoft.AspNetCore.Identity } var token = await manager.CreateSecurityTokenAsync(user); var modifier = await GetUserModifierAsync(purpose, manager, user); + return Rfc6238AuthenticationService.GenerateCode(token, modifier).ToString("D6", CultureInfo.InvariantCulture); } @@ -67,6 +68,7 @@ namespace Microsoft.AspNetCore.Identity } var securityToken = await manager.CreateSecurityTokenAsync(user); var modifier = await GetUserModifierAsync(purpose, manager, user); + return securityToken != null && Rfc6238AuthenticationService.ValidateCode(securityToken, code, modifier); } @@ -87,11 +89,12 @@ namespace Microsoft.AspNetCore.Identity throw new ArgumentNullException(nameof(manager)); } var userId = await manager.GetUserIdAsync(user); - return "Totp:" + purpose + ":" + userId; + + return $"Totp:{purpose}:{userId}"; } /// - /// Returns a flag indicating whether the token provider can generate a token suitable for two factor authentication token for + /// Returns a flag indicating whether the token provider can generate a token suitable for two-factor authentication token for /// the specified . /// /// The that can be used to retrieve user properties. @@ -99,8 +102,8 @@ namespace Microsoft.AspNetCore.Identity /// /// The that represents the asynchronous operation, containing the a flag indicating if a two /// factor token could be generated by this provider for the specified . - /// The task will return true if a two factor authentication token could be generated, otherwise false. + /// The task will return true if a two-factor authentication token could be generated, otherwise false. /// public abstract Task CanGenerateTwoFactorTokenAsync(UserManager manager, TUser user); } -} \ No newline at end of file +}