bitwarden/server
1
0
Fork 0
mirror of https://github.com/bitwarden/server synced 2025-12-30 07:03:42 +00:00
Code Issues Releases Wiki Activity

More CanAccessPremium checks

Browse Source
This commit is contained in:
Kyle Spearrin
2018-08-28 17:40:08 -04:00
parent c41a1e0936
commit cf73b168ee
16 changed files with 90 additions and 48 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
src/Core/Identity/DuoWebTokenProvider.cs
View File

@@ -37,41 +37,41 @@ namespace Bit.Core.Identity
return await user.TwoFactorProviderIsEnabledAsync(TwoFactorProviderType.Duo, _userService);
}
public Task<string> GenerateAsync(string purpose, UserManager<User> manager, User user)
public async Task<string> GenerateAsync(string purpose, UserManager<User> manager, User user)
{
if(!user.Premium)
if(!(await _userService.CanAccessPremium(user)))
{
return Task.FromResult<string>(null);
return null;
}
var provider = user.GetTwoFactorProvider(TwoFactorProviderType.Duo);
if(!HasProperMetaData(provider))
{
return Task.FromResult<string>(null);
return null;
}
var signatureRequest = DuoWeb.SignRequest((string)provider.MetaData["IKey"], (string)provider.MetaData["SKey"],
_globalSettings.Duo.AKey, user.Email);
return Task.FromResult(signatureRequest);
return signatureRequest;
}
public Task<bool> ValidateAsync(string purpose, string token, UserManager<User> manager, User user)
public async Task<bool> ValidateAsync(string purpose, string token, UserManager<User> manager, User user)
{
if(!user.Premium)
if(!(await _userService.CanAccessPremium(user)))
{
return Task.FromResult(false);
return false;
}
var provider = user.GetTwoFactorProvider(TwoFactorProviderType.Duo);
if(!HasProperMetaData(provider))
{
return Task.FromResult(false);
return false;
}
var response = DuoWeb.VerifyResponse((string)provider.MetaData["IKey"], (string)provider.MetaData["SKey"],
_globalSettings.Duo.AKey, token);
return Task.FromResult(response == user.Email);
return response == user.Email;
}
private bool HasProperMetaData(TwoFactorProvider provider)