mirror of
https://github.com/bitwarden/android.git
synced 2024-10-31 15:15:34 +03:00
refactors for new 2fa flows
This commit is contained in:
parent
35ae2b783f
commit
4116d95a3e
10 changed files with 254 additions and 95 deletions
|
@ -1,4 +1,5 @@
|
|||
using Bit.App.Models;
|
||||
using Bit.App.Enums;
|
||||
using Bit.App.Models;
|
||||
using System.Threading.Tasks;
|
||||
|
||||
namespace Bit.App.Abstractions
|
||||
|
@ -15,6 +16,7 @@ namespace Bit.App.Abstractions
|
|||
bool BelongsToOrganization(string orgId);
|
||||
void LogOut();
|
||||
Task<FullLoginResult> TokenPostAsync(string email, string masterPassword);
|
||||
Task<LoginResult> TokenPostTwoFactorAsync(string token, string email, string masterPasswordHash, SymmetricCryptoKey key);
|
||||
Task<LoginResult> TokenPostTwoFactorAsync(TwoFactorProviderType type, string token, bool remember, string email,
|
||||
string masterPasswordHash, SymmetricCryptoKey key);
|
||||
}
|
||||
}
|
||||
|
|
|
@ -81,6 +81,7 @@
|
|||
<Compile Include="Controls\FormEntryCell.cs" />
|
||||
<Compile Include="Controls\PinControl.cs" />
|
||||
<Compile Include="Controls\VaultListViewCell.cs" />
|
||||
<Compile Include="Enums\TwoFactorProviderType.cs" />
|
||||
<Compile Include="Enums\EncryptionType.cs" />
|
||||
<Compile Include="Enums\OrganizationUserType.cs" />
|
||||
<Compile Include="Enums\LockType.cs" />
|
||||
|
|
12
src/App/Enums/TwoFactorProviderType.cs
Normal file
12
src/App/Enums/TwoFactorProviderType.cs
Normal file
|
@ -0,0 +1,12 @@
|
|||
namespace Bit.App.Enums
|
||||
{
|
||||
public enum TwoFactorProviderType : byte
|
||||
{
|
||||
Authenticator = 0,
|
||||
Email = 1,
|
||||
Duo = 2,
|
||||
YubiKey = 3,
|
||||
U2f = 4,
|
||||
Remember = 5
|
||||
}
|
||||
}
|
|
@ -1,4 +1,5 @@
|
|||
using System;
|
||||
using Bit.App.Enums;
|
||||
using System;
|
||||
using System.Collections.Generic;
|
||||
|
||||
namespace Bit.App.Models.Api
|
||||
|
@ -8,10 +9,11 @@ namespace Bit.App.Models.Api
|
|||
public string Email { get; set; }
|
||||
public string MasterPasswordHash { get; set; }
|
||||
public string Token { get; set; }
|
||||
public int? Provider { get; set; }
|
||||
public TwoFactorProviderType? Provider { get; set; }
|
||||
[Obsolete]
|
||||
public string OldAuthBearer { get; set; }
|
||||
public DeviceRequest Device { get; set; }
|
||||
public bool Remember { get; set; }
|
||||
|
||||
public IDictionary<string, string> ToIdentityTokenRequest()
|
||||
{
|
||||
|
@ -40,7 +42,8 @@ namespace Bit.App.Models.Api
|
|||
if(Token != null && Provider.HasValue)
|
||||
{
|
||||
dict.Add("TwoFactorToken", Token);
|
||||
dict.Add("TwoFactorProvider", Provider.Value.ToString());
|
||||
dict.Add("TwoFactorProvider", ((byte)(Provider.Value)).ToString());
|
||||
dict.Add("TwoFactorRemember", Remember ? "1" : "0");
|
||||
}
|
||||
|
||||
return dict;
|
||||
|
|
|
@ -1,4 +1,5 @@
|
|||
using Newtonsoft.Json;
|
||||
using Bit.App.Enums;
|
||||
using Newtonsoft.Json;
|
||||
using System.Collections.Generic;
|
||||
|
||||
namespace Bit.App.Models.Api
|
||||
|
@ -13,7 +14,7 @@ namespace Bit.App.Models.Api
|
|||
public string RefreshToken { get; set; }
|
||||
[JsonProperty("token_type")]
|
||||
public string TokenType { get; set; }
|
||||
public List<int> TwoFactorProviders { get; set; }
|
||||
public Dictionary<TwoFactorProviderType, Dictionary<string, object>> TwoFactorProviders2 { get; set; }
|
||||
public string PrivateKey { get; set; }
|
||||
public string Key { get; set; }
|
||||
}
|
||||
|
|
|
@ -1,4 +1,7 @@
|
|||
namespace Bit.App.Models
|
||||
using Bit.App.Enums;
|
||||
using System.Collections.Generic;
|
||||
|
||||
namespace Bit.App.Models
|
||||
{
|
||||
public class LoginResult
|
||||
{
|
||||
|
@ -8,7 +11,8 @@
|
|||
|
||||
public class FullLoginResult : LoginResult
|
||||
{
|
||||
public bool TwoFactorRequired { get; set; }
|
||||
public bool TwoFactorRequired => TwoFactorProviders != null && TwoFactorProviders.Count > 0;
|
||||
public Dictionary<TwoFactorProviderType, Dictionary<string, object>> TwoFactorProviders { get; set; }
|
||||
public SymmetricCryptoKey Key { get; set; }
|
||||
public string MasterPasswordHash { get; set; }
|
||||
}
|
||||
|
|
|
@ -192,7 +192,7 @@ namespace Bit.App.Pages
|
|||
if(result.TwoFactorRequired)
|
||||
{
|
||||
_googleAnalyticsService.TrackAppEvent("LoggedIn To Two-step");
|
||||
await Navigation.PushAsync(new LoginTwoFactorPage(EmailCell.Entry.Text, result.MasterPasswordHash, result.Key));
|
||||
await Navigation.PushAsync(new LoginTwoFactorPage(EmailCell.Entry.Text, result));
|
||||
return;
|
||||
}
|
||||
|
||||
|
|
|
@ -9,6 +9,9 @@ using System.Threading.Tasks;
|
|||
using PushNotification.Plugin.Abstractions;
|
||||
using Bit.App.Models;
|
||||
using Bit.App.Utilities;
|
||||
using Bit.App.Enums;
|
||||
using System.Collections.Generic;
|
||||
using System.Linq;
|
||||
|
||||
namespace Bit.App.Pages
|
||||
{
|
||||
|
@ -22,13 +25,17 @@ namespace Bit.App.Pages
|
|||
private readonly string _email;
|
||||
private readonly string _masterPasswordHash;
|
||||
private readonly SymmetricCryptoKey _key;
|
||||
private readonly Dictionary<TwoFactorProviderType, Dictionary<string, object>> _providers;
|
||||
private readonly TwoFactorProviderType? _providerType;
|
||||
|
||||
public LoginTwoFactorPage(string email, string masterPasswordHash, SymmetricCryptoKey key)
|
||||
public LoginTwoFactorPage(string email, FullLoginResult result, TwoFactorProviderType? type = null)
|
||||
: base(updateActivity: false)
|
||||
{
|
||||
_email = email;
|
||||
_masterPasswordHash = masterPasswordHash;
|
||||
_key = key;
|
||||
_masterPasswordHash = result.MasterPasswordHash;
|
||||
_key = result.Key;
|
||||
_providers = result.TwoFactorProviders;
|
||||
_providerType = type ?? GetDefaultProvider();
|
||||
|
||||
_authService = Resolver.Resolve<IAuthService>();
|
||||
_userDialogs = Resolver.Resolve<IUserDialogs>();
|
||||
|
@ -39,109 +46,192 @@ namespace Bit.App.Pages
|
|||
Init();
|
||||
}
|
||||
|
||||
public FormEntryCell CodeCell { get; set; }
|
||||
public FormEntryCell TokenCell { get; set; }
|
||||
public ExtendedSwitchCell RememberCell { get; set; }
|
||||
|
||||
private void Init()
|
||||
{
|
||||
var padding = Helpers.OnPlatform(
|
||||
iOS: new Thickness(15, 20),
|
||||
Android: new Thickness(15, 8),
|
||||
WinPhone: new Thickness(15, 20));
|
||||
|
||||
CodeCell = new FormEntryCell(AppResources.VerificationCode, useLabelAsPlaceholder: true,
|
||||
imageSource: "lock", containerPadding: padding);
|
||||
|
||||
CodeCell.Entry.Keyboard = Keyboard.Numeric;
|
||||
CodeCell.Entry.ReturnType = Enums.ReturnType.Go;
|
||||
|
||||
var table = new ExtendedTableView
|
||||
{
|
||||
Intent = TableIntent.Settings,
|
||||
EnableScrolling = false,
|
||||
HasUnevenRows = true,
|
||||
EnableSelection = true,
|
||||
NoFooter = true,
|
||||
VerticalOptions = LayoutOptions.Start,
|
||||
Root = new TableRoot
|
||||
{
|
||||
new TableSection(" ")
|
||||
{
|
||||
CodeCell
|
||||
}
|
||||
}
|
||||
};
|
||||
|
||||
var codeLabel = new Label
|
||||
{
|
||||
Text = AppResources.EnterVerificationCode,
|
||||
LineBreakMode = LineBreakMode.WordWrap,
|
||||
FontSize = Device.GetNamedSize(NamedSize.Small, typeof(Label)),
|
||||
Style = (Style)Application.Current.Resources["text-muted"],
|
||||
Margin = new Thickness(15, (this.IsLandscape() ? 5 : 0), 15, 25)
|
||||
};
|
||||
|
||||
var lostAppButton = new ExtendedButton
|
||||
{
|
||||
Text = AppResources.Lost2FAApp,
|
||||
Style = (Style)Application.Current.Resources["btn-primaryAccent"],
|
||||
Margin = new Thickness(15, 0, 15, 25),
|
||||
Command = new Command(() => Lost2FAApp()),
|
||||
Uppercase = false,
|
||||
BackgroundColor = Color.Transparent
|
||||
};
|
||||
|
||||
var layout = new StackLayout
|
||||
{
|
||||
Children = { table, codeLabel, lostAppButton },
|
||||
Spacing = 0
|
||||
};
|
||||
|
||||
var scrollView = new ScrollView { Content = layout };
|
||||
|
||||
if(Device.RuntimePlatform == Device.iOS)
|
||||
{
|
||||
table.RowHeight = -1;
|
||||
table.EstimatedRowHeight = 70;
|
||||
}
|
||||
var scrollView = new ScrollView();
|
||||
|
||||
var continueToolbarItem = new ToolbarItem(AppResources.Continue, null, async () =>
|
||||
{
|
||||
await LogInAsync();
|
||||
var token = TokenCell?.Entry.Text.Trim().Replace(" ", "");
|
||||
await LogInAsync(token);
|
||||
}, ToolbarItemOrder.Default, 0);
|
||||
|
||||
ToolbarItems.Add(continueToolbarItem);
|
||||
Title = AppResources.VerificationCode;
|
||||
if(!_providerType.HasValue)
|
||||
{
|
||||
var noProviderLabel = new Label
|
||||
{
|
||||
Text = "No provider.",
|
||||
LineBreakMode = LineBreakMode.WordWrap,
|
||||
Margin = new Thickness(15),
|
||||
HorizontalTextAlignment = TextAlignment.Center
|
||||
};
|
||||
scrollView.Content = noProviderLabel;
|
||||
}
|
||||
else
|
||||
{
|
||||
var padding = Helpers.OnPlatform(
|
||||
iOS: new Thickness(15, 20),
|
||||
Android: new Thickness(15, 8),
|
||||
WinPhone: new Thickness(15, 20));
|
||||
|
||||
TokenCell = new FormEntryCell(AppResources.VerificationCode, useLabelAsPlaceholder: true,
|
||||
imageSource: "lock", containerPadding: padding);
|
||||
|
||||
TokenCell.Entry.Keyboard = Keyboard.Numeric;
|
||||
TokenCell.Entry.ReturnType = ReturnType.Go;
|
||||
|
||||
RememberCell = new ExtendedSwitchCell
|
||||
{
|
||||
Text = "Remember me",
|
||||
On = false
|
||||
};
|
||||
|
||||
var table = new ExtendedTableView
|
||||
{
|
||||
Intent = TableIntent.Settings,
|
||||
EnableScrolling = false,
|
||||
HasUnevenRows = true,
|
||||
EnableSelection = true,
|
||||
NoFooter = true,
|
||||
NoHeader = true,
|
||||
VerticalOptions = LayoutOptions.Start,
|
||||
Root = new TableRoot
|
||||
{
|
||||
new TableSection(" ")
|
||||
{
|
||||
TokenCell,
|
||||
RememberCell
|
||||
}
|
||||
}
|
||||
};
|
||||
|
||||
|
||||
if(Device.RuntimePlatform == Device.iOS)
|
||||
{
|
||||
table.RowHeight = -1;
|
||||
table.EstimatedRowHeight = 70;
|
||||
}
|
||||
|
||||
var instruction = new Label
|
||||
{
|
||||
Text = AppResources.EnterVerificationCode,
|
||||
LineBreakMode = LineBreakMode.WordWrap,
|
||||
Margin = new Thickness(15),
|
||||
HorizontalTextAlignment = TextAlignment.Center
|
||||
};
|
||||
|
||||
var anotherMethodButton = new ExtendedButton
|
||||
{
|
||||
Text = "Use another two-step login method",
|
||||
Style = (Style)Application.Current.Resources["btn-primaryAccent"],
|
||||
Margin = new Thickness(15, 0, 15, 25),
|
||||
Command = new Command(() => AnotherMethod()),
|
||||
Uppercase = false,
|
||||
BackgroundColor = Color.Transparent
|
||||
};
|
||||
|
||||
var layout = new StackLayout
|
||||
{
|
||||
Children = { instruction, table, anotherMethodButton },
|
||||
Spacing = 0
|
||||
};
|
||||
|
||||
scrollView.Content = layout;
|
||||
|
||||
switch(_providerType.Value)
|
||||
{
|
||||
case TwoFactorProviderType.Authenticator:
|
||||
instruction.Text = "Enter the 6 digit verification code from your authenticator app.";
|
||||
layout.Children.Add(instruction);
|
||||
layout.Children.Add(table);
|
||||
layout.Children.Add(anotherMethodButton);
|
||||
|
||||
ToolbarItems.Add(continueToolbarItem);
|
||||
Title = AppResources.VerificationCode;
|
||||
break;
|
||||
case TwoFactorProviderType.Email:
|
||||
var emailParams = _providers[TwoFactorProviderType.Email];
|
||||
var redactedEmail = emailParams["Email"].ToString();
|
||||
|
||||
instruction.Text = "Enter the 6 digit verification code from your authenticator app.";
|
||||
var resendEmailButton = new ExtendedButton
|
||||
{
|
||||
Text = $"Enter the 6 digit verification code that was emailed to {redactedEmail}.",
|
||||
Style = (Style)Application.Current.Resources["btn-primaryAccent"],
|
||||
Margin = new Thickness(15, 0, 15, 25),
|
||||
Command = new Command(() => SendEmail()),
|
||||
Uppercase = false,
|
||||
BackgroundColor = Color.Transparent
|
||||
};
|
||||
|
||||
layout.Children.Add(instruction);
|
||||
layout.Children.Add(table);
|
||||
layout.Children.Add(resendEmailButton);
|
||||
layout.Children.Add(anotherMethodButton);
|
||||
|
||||
ToolbarItems.Add(continueToolbarItem);
|
||||
Title = AppResources.VerificationCode;
|
||||
break;
|
||||
case TwoFactorProviderType.Duo:
|
||||
break;
|
||||
default:
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
Content = scrollView;
|
||||
}
|
||||
|
||||
protected override void OnAppearing()
|
||||
{
|
||||
base.OnAppearing();
|
||||
CodeCell.InitEvents();
|
||||
CodeCell.Entry.FocusWithDelay();
|
||||
CodeCell.Entry.Completed += Entry_Completed;
|
||||
|
||||
if(TokenCell != null)
|
||||
{
|
||||
TokenCell.InitEvents();
|
||||
TokenCell.Entry.FocusWithDelay();
|
||||
TokenCell.Entry.Completed += Entry_Completed;
|
||||
}
|
||||
}
|
||||
|
||||
protected override void OnDisappearing()
|
||||
{
|
||||
base.OnDisappearing();
|
||||
CodeCell.Dispose();
|
||||
CodeCell.Entry.Completed -= Entry_Completed;
|
||||
|
||||
if(TokenCell != null)
|
||||
{
|
||||
TokenCell.Dispose();
|
||||
TokenCell.Entry.Completed -= Entry_Completed;
|
||||
}
|
||||
}
|
||||
|
||||
private void Lost2FAApp()
|
||||
private void AnotherMethod()
|
||||
{
|
||||
|
||||
}
|
||||
|
||||
private void SendEmail()
|
||||
{
|
||||
|
||||
}
|
||||
|
||||
private void Recover()
|
||||
{
|
||||
Device.OpenUri(new Uri("https://help.bitwarden.com/article/lost-two-step-device/"));
|
||||
}
|
||||
|
||||
private async void Entry_Completed(object sender, EventArgs e)
|
||||
{
|
||||
await LogInAsync();
|
||||
var token = TokenCell.Entry.Text.Trim().Replace(" ", "");
|
||||
await LogInAsync(token);
|
||||
}
|
||||
|
||||
private async Task LogInAsync()
|
||||
private async Task LogInAsync(string token)
|
||||
{
|
||||
if(string.IsNullOrWhiteSpace(CodeCell.Entry.Text))
|
||||
if(string.IsNullOrWhiteSpace(token))
|
||||
{
|
||||
await DisplayAlert(AppResources.AnErrorHasOccurred, string.Format(AppResources.ValidationFieldRequired,
|
||||
AppResources.VerificationCode), AppResources.Ok);
|
||||
|
@ -149,7 +239,8 @@ namespace Bit.App.Pages
|
|||
}
|
||||
|
||||
_userDialogs.ShowLoading(AppResources.ValidatingCode, MaskType.Black);
|
||||
var response = await _authService.TokenPostTwoFactorAsync(CodeCell.Entry.Text, _email, _masterPasswordHash, _key);
|
||||
var response = await _authService.TokenPostTwoFactorAsync(_providerType.Value, token, RememberCell.On,
|
||||
_email, _masterPasswordHash, _key);
|
||||
_userDialogs.HideLoading();
|
||||
if(!response.Success)
|
||||
{
|
||||
|
@ -167,5 +258,45 @@ namespace Bit.App.Pages
|
|||
var task = Task.Run(async () => await _syncService.FullSyncAsync(true));
|
||||
Application.Current.MainPage = new MainPage();
|
||||
}
|
||||
|
||||
private TwoFactorProviderType? GetDefaultProvider()
|
||||
{
|
||||
TwoFactorProviderType? provider = null;
|
||||
|
||||
if(_providers != null)
|
||||
{
|
||||
if(_providers.Count == 1)
|
||||
{
|
||||
return _providers.First().Key;
|
||||
}
|
||||
|
||||
foreach(var p in _providers)
|
||||
{
|
||||
switch(p.Key)
|
||||
{
|
||||
case TwoFactorProviderType.Authenticator:
|
||||
if(provider == TwoFactorProviderType.Duo)
|
||||
{
|
||||
continue;
|
||||
}
|
||||
break;
|
||||
case TwoFactorProviderType.Email:
|
||||
if(provider.HasValue)
|
||||
{
|
||||
continue;
|
||||
}
|
||||
break;
|
||||
case TwoFactorProviderType.Duo:
|
||||
break;
|
||||
default:
|
||||
continue;
|
||||
}
|
||||
|
||||
provider = p.Key;
|
||||
}
|
||||
}
|
||||
|
||||
return provider;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -8,6 +8,7 @@ using Plugin.Connectivity.Abstractions;
|
|||
using System.Net;
|
||||
using Newtonsoft.Json.Linq;
|
||||
using System.Collections.Generic;
|
||||
using Bit.App.Enums;
|
||||
|
||||
namespace Bit.App.Repositories
|
||||
{
|
||||
|
@ -46,11 +47,13 @@ namespace Bit.App.Repositories
|
|||
if(!response.IsSuccessStatusCode)
|
||||
{
|
||||
var errorResponse = JObject.Parse(responseContent);
|
||||
if(errorResponse["TwoFactorProviders"] != null)
|
||||
if(errorResponse["TwoFactorProviders2"] != null)
|
||||
{
|
||||
return ApiResult<TokenResponse>.Success(new TokenResponse
|
||||
{
|
||||
TwoFactorProviders = errorResponse["TwoFactorProviders"].ToObject<List<int>>()
|
||||
TwoFactorProviders2 =
|
||||
errorResponse["TwoFactorProviders2"]
|
||||
.ToObject<Dictionary<TwoFactorProviderType, Dictionary<string, object>>>()
|
||||
}, response.StatusCode);
|
||||
}
|
||||
|
||||
|
|
|
@ -6,6 +6,7 @@ using Bit.App.Models.Api;
|
|||
using Plugin.Settings.Abstractions;
|
||||
using Bit.App.Models;
|
||||
using System.Linq;
|
||||
using Bit.App.Enums;
|
||||
|
||||
namespace Bit.App.Services
|
||||
{
|
||||
|
@ -230,11 +231,11 @@ namespace Bit.App.Services
|
|||
}
|
||||
|
||||
result.Success = true;
|
||||
if(response.Result.TwoFactorProviders != null && response.Result.TwoFactorProviders.Count > 0)
|
||||
if(response.Result.TwoFactorProviders2 != null && response.Result.TwoFactorProviders2.Count > 0)
|
||||
{
|
||||
result.Key = key;
|
||||
result.MasterPasswordHash = request.MasterPasswordHash;
|
||||
result.TwoFactorRequired = true;
|
||||
result.TwoFactorProviders = response.Result.TwoFactorProviders2;
|
||||
return result;
|
||||
}
|
||||
|
||||
|
@ -242,17 +243,18 @@ namespace Bit.App.Services
|
|||
return result;
|
||||
}
|
||||
|
||||
public async Task<LoginResult> TokenPostTwoFactorAsync(string token, string email, string masterPasswordHash,
|
||||
SymmetricCryptoKey key)
|
||||
public async Task<LoginResult> TokenPostTwoFactorAsync(TwoFactorProviderType type, string token, bool remember,
|
||||
string email, string masterPasswordHash, SymmetricCryptoKey key)
|
||||
{
|
||||
var result = new LoginResult();
|
||||
|
||||
var request = new TokenRequest
|
||||
{
|
||||
Remember = remember,
|
||||
Email = email.Trim().ToLower(),
|
||||
MasterPasswordHash = masterPasswordHash,
|
||||
Token = token.Trim().Replace(" ", ""),
|
||||
Provider = 0, // Authenticator app (only 1 provider for now, so hard coded)
|
||||
Token = token,
|
||||
Provider = type,
|
||||
Device = new DeviceRequest(_appIdService, _deviceInfoService)
|
||||
};
|
||||
|
||||
|
|
Loading…
Reference in a new issue