Alternative fix to GenerateChangePhoneNumber
This commit is contained in:
parent
f147951d92
commit
87bbff6586
|
|
@ -1568,12 +1568,48 @@ namespace Microsoft.AspNetCore.Identity.Test
|
||||||
var stamp = await manager.GetSecurityStampAsync(user);
|
var stamp = await manager.GetSecurityStampAsync(user);
|
||||||
IdentityResultAssert.IsFailure(await manager.ChangePhoneNumberAsync(user, "111-111-1111", "bogus"),
|
IdentityResultAssert.IsFailure(await manager.ChangePhoneNumberAsync(user, "111-111-1111", "bogus"),
|
||||||
"Invalid token.");
|
"Invalid token.");
|
||||||
IdentityResultAssert.VerifyLogMessage(manager.Logger, $"VerifyChangePhoneNumberTokenAsync() failed for user { await manager.GetUserIdAsync(user)}.");
|
IdentityResultAssert.VerifyLogMessage(manager.Logger, $"VerifyUserTokenAsync() failed with purpose: ChangePhoneNumber:111-111-1111 for user {await manager.GetUserIdAsync(user)}.");
|
||||||
Assert.False(await manager.IsPhoneNumberConfirmedAsync(user));
|
Assert.False(await manager.IsPhoneNumberConfirmedAsync(user));
|
||||||
Assert.Equal("123-456-7890", await manager.GetPhoneNumberAsync(user));
|
Assert.Equal("123-456-7890", await manager.GetPhoneNumberAsync(user));
|
||||||
Assert.Equal(stamp, await manager.GetSecurityStampAsync(user));
|
Assert.Equal(stamp, await manager.GetSecurityStampAsync(user));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
private class YesPhoneNumberProvider : IUserTwoFactorTokenProvider<TUser>
|
||||||
|
{
|
||||||
|
public Task<bool> CanGenerateTwoFactorTokenAsync(UserManager<TUser> manager, TUser user)
|
||||||
|
=> Task.FromResult(true);
|
||||||
|
|
||||||
|
public Task<string> GenerateAsync(string purpose, UserManager<TUser> manager, TUser user)
|
||||||
|
=> Task.FromResult(purpose);
|
||||||
|
|
||||||
|
public Task<bool> ValidateAsync(string purpose, string token, UserManager<TUser> manager, TUser user)
|
||||||
|
=> Task.FromResult(true);
|
||||||
|
}
|
||||||
|
|
||||||
|
/// <summary>
|
||||||
|
/// Test.
|
||||||
|
/// </summary>
|
||||||
|
/// <returns>Task</returns>
|
||||||
|
[Fact]
|
||||||
|
public async Task ChangePhoneNumberWithCustomProvider()
|
||||||
|
{
|
||||||
|
if (ShouldSkipDbTests())
|
||||||
|
{
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
var manager = CreateManager();
|
||||||
|
manager.RegisterTokenProvider("Yes", new YesPhoneNumberProvider());
|
||||||
|
manager.Options.Tokens.ChangePhoneNumberTokenProvider = "Yes";
|
||||||
|
var user = CreateTestUser(phoneNumber: "123-456-7890");
|
||||||
|
IdentityResultAssert.IsSuccess(await manager.CreateAsync(user));
|
||||||
|
Assert.False(await manager.IsPhoneNumberConfirmedAsync(user));
|
||||||
|
var stamp = await manager.GetSecurityStampAsync(user);
|
||||||
|
IdentityResultAssert.IsSuccess(await manager.ChangePhoneNumberAsync(user, "111-111-1111", "whatever"));
|
||||||
|
Assert.True(await manager.IsPhoneNumberConfirmedAsync(user));
|
||||||
|
Assert.Equal("111-111-1111", await manager.GetPhoneNumberAsync(user));
|
||||||
|
Assert.NotEqual(stamp, await manager.GetSecurityStampAsync(user));
|
||||||
|
}
|
||||||
|
|
||||||
/// <summary>
|
/// <summary>
|
||||||
/// Test.
|
/// Test.
|
||||||
/// </summary>
|
/// </summary>
|
||||||
|
|
@ -1623,7 +1659,8 @@ namespace Microsoft.AspNetCore.Identity.Test
|
||||||
Assert.True(await manager.VerifyChangePhoneNumberTokenAsync(user, token2, num2));
|
Assert.True(await manager.VerifyChangePhoneNumberTokenAsync(user, token2, num2));
|
||||||
Assert.False(await manager.VerifyChangePhoneNumberTokenAsync(user, token2, num1));
|
Assert.False(await manager.VerifyChangePhoneNumberTokenAsync(user, token2, num1));
|
||||||
Assert.False(await manager.VerifyChangePhoneNumberTokenAsync(user, token1, num2));
|
Assert.False(await manager.VerifyChangePhoneNumberTokenAsync(user, token1, num2));
|
||||||
IdentityResultAssert.VerifyLogMessage(manager.Logger, $"VerifyChangePhoneNumberTokenAsync() failed for user {await manager.GetUserIdAsync(user)}.");
|
IdentityResultAssert.VerifyLogMessage(manager.Logger, $"VerifyUserTokenAsync() failed with purpose: ChangePhoneNumber:{num1} for user {await manager.GetUserIdAsync(user)}.");
|
||||||
|
IdentityResultAssert.VerifyLogMessage(manager.Logger, $"VerifyUserTokenAsync() failed with purpose: ChangePhoneNumber:{num2} for user {await manager.GetUserIdAsync(user)}.");
|
||||||
}
|
}
|
||||||
|
|
||||||
/// <summary>
|
/// <summary>
|
||||||
|
|
|
||||||
|
|
@ -66,7 +66,7 @@ namespace Microsoft.AspNetCore.Identity
|
||||||
/// <value>
|
/// <value>
|
||||||
/// The <see cref="ChangePhoneNumberTokenProvider"/> used to generate tokens used when changing phone numbers.
|
/// The <see cref="ChangePhoneNumberTokenProvider"/> used to generate tokens used when changing phone numbers.
|
||||||
/// </value>
|
/// </value>
|
||||||
public string ChangePhoneNumberTokenProvider { get; set; } = DefaultProvider;
|
public string ChangePhoneNumberTokenProvider { get; set; } = DefaultPhoneProvider;
|
||||||
|
|
||||||
/// <summary>
|
/// <summary>
|
||||||
/// Gets or sets the <see cref="AuthenticatorTokenProvider"/> used to validate two factor sign ins with an authenticator.
|
/// Gets or sets the <see cref="AuthenticatorTokenProvider"/> used to validate two factor sign ins with an authenticator.
|
||||||
|
|
|
||||||
|
|
@ -1579,12 +1579,10 @@ namespace Microsoft.AspNetCore.Identity
|
||||||
/// <returns>
|
/// <returns>
|
||||||
/// The <see cref="Task"/> that represents the asynchronous operation, containing the telephone change number token.
|
/// The <see cref="Task"/> that represents the asynchronous operation, containing the telephone change number token.
|
||||||
/// </returns>
|
/// </returns>
|
||||||
public virtual async Task<string> GenerateChangePhoneNumberTokenAsync(TUser user, string phoneNumber)
|
public virtual Task<string> GenerateChangePhoneNumberTokenAsync(TUser user, string phoneNumber)
|
||||||
{
|
{
|
||||||
ThrowIfDisposed();
|
ThrowIfDisposed();
|
||||||
return Rfc6238AuthenticationService.GenerateCode(
|
return GenerateUserTokenAsync(user, Options.Tokens.ChangePhoneNumberTokenProvider, ChangePhoneNumberTokenPurpose + ":" + phoneNumber);
|
||||||
await CreateSecurityTokenAsync(user), phoneNumber)
|
|
||||||
.ToString(CultureInfo.InvariantCulture);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/// <summary>
|
/// <summary>
|
||||||
|
|
@ -1598,21 +1596,16 @@ namespace Microsoft.AspNetCore.Identity
|
||||||
/// The <see cref="Task"/> that represents the asynchronous operation, returning true if the <paramref name="token"/>
|
/// The <see cref="Task"/> that represents the asynchronous operation, returning true if the <paramref name="token"/>
|
||||||
/// is valid, otherwise false.
|
/// is valid, otherwise false.
|
||||||
/// </returns>
|
/// </returns>
|
||||||
public virtual async Task<bool> VerifyChangePhoneNumberTokenAsync(TUser user, string token, string phoneNumber)
|
public virtual Task<bool> VerifyChangePhoneNumberTokenAsync(TUser user, string token, string phoneNumber)
|
||||||
{
|
{
|
||||||
ThrowIfDisposed();
|
ThrowIfDisposed();
|
||||||
|
if (user == null)
|
||||||
var securityToken = await CreateSecurityTokenAsync(user);
|
|
||||||
int code;
|
|
||||||
if (securityToken != null && Int32.TryParse(token, out code))
|
|
||||||
{
|
{
|
||||||
if (Rfc6238AuthenticationService.ValidateCode(securityToken, code, phoneNumber))
|
throw new ArgumentNullException(nameof(user));
|
||||||
{
|
|
||||||
return true;
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
Logger.LogWarning(8, "VerifyChangePhoneNumberTokenAsync() failed for user {userId}.", await GetUserIdAsync(user));
|
|
||||||
return false;
|
// Make sure the token is valid and the stamp matches
|
||||||
|
return VerifyUserTokenAsync(user, Options.Tokens.ChangePhoneNumberTokenProvider, ChangePhoneNumberTokenPurpose+":"+ phoneNumber, token);
|
||||||
}
|
}
|
||||||
|
|
||||||
/// <summary>
|
/// <summary>
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue