two-factor login re-worked with new auth flow

This commit is contained in:
Kyle Spearrin 2017-02-06 09:39:07 -05:00
parent 54f8771a9c
commit d112e0ea42
4 changed files with 52 additions and 13 deletions

View file

@ -1,4 +1,5 @@
using Newtonsoft.Json;
using System.Collections.Generic;
namespace Bit.App.Models.Api
{
@ -12,5 +13,6 @@ namespace Bit.App.Models.Api
public string RefreshToken { get; set; }
[JsonProperty("token_type")]
public string TokenType { get; set; }
public List<int> TwoFactorProviders { get; set; }
}
}

View file

@ -197,6 +197,13 @@ namespace Bit.App.Pages
return;
}
if(response.Result.TwoFactorProviders != null && response.Result.TwoFactorProviders.Count > 0)
{
_googleAnalyticsService.TrackAppEvent("LoggedIn To Two-step");
await Navigation.PushAsync(new LoginTwoFactorPage(request.Email, request.MasterPasswordHash, key));
return;
}
_cryptoService.Key = key;
_tokenService.Token = response.Result.AccessToken;
_tokenService.RefreshToken = response.Result.RefreshToken;
@ -211,15 +218,8 @@ namespace Bit.App.Pages
_pushNotification.Register();
}
if(false) // TODO: 2FA
{
await Navigation.PushAsync(new LoginTwoFactorPage());
}
else
{
var task = Task.Run(async () => await _syncService.FullSyncAsync());
Application.Current.MainPage = new MainPage();
}
var task = Task.Run(async () => await _syncService.FullSyncAsync());
Application.Current.MainPage = new MainPage();
}
}
}

View file

@ -8,6 +8,8 @@ using Xamarin.Forms;
using XLabs.Ioc;
using Acr.UserDialogs;
using System.Threading.Tasks;
using Plugin.Settings.Abstractions;
using PushNotification.Plugin.Abstractions;
namespace Bit.App.Pages
{
@ -20,10 +22,20 @@ namespace Bit.App.Pages
private IAppIdService _appIdService;
private IUserDialogs _userDialogs;
private ISyncService _syncService;
private ISettings _settings;
private IGoogleAnalyticsService _googleAnalyticsService;
private IPushNotification _pushNotification;
private readonly string _email;
private readonly string _masterPasswordHash;
private readonly byte[] _key;
public LoginTwoFactorPage()
public LoginTwoFactorPage(string email, string masterPasswordHash, byte[] key)
: base(updateActivity: false)
{
_email = email;
_masterPasswordHash = masterPasswordHash;
_key = key;
_cryptoService = Resolver.Resolve<ICryptoService>();
_authService = Resolver.Resolve<IAuthService>();
_tokenService = Resolver.Resolve<ITokenService>();
@ -31,6 +43,9 @@ namespace Bit.App.Pages
_appIdService = Resolver.Resolve<IAppIdService>();
_userDialogs = Resolver.Resolve<IUserDialogs>();
_syncService = Resolver.Resolve<ISyncService>();
_settings = Resolver.Resolve<ISettings>();
_googleAnalyticsService = Resolver.Resolve<IGoogleAnalyticsService>();
_pushNotification = Resolver.Resolve<IPushNotification>();
Init();
}
@ -138,9 +153,10 @@ namespace Bit.App.Pages
var request = new TokenRequest
{
// TODO: username and pass from previous page
Email = _email,
MasterPasswordHash = _masterPasswordHash,
Token = CodeCell.Entry.Text.Replace(" ", ""),
Provider = 0,
Provider = 0, // Authenticator app (only 1 provider for now, so hard coded)
Device = new DeviceRequest(_appIdService, _deviceInfoService)
};
@ -153,10 +169,19 @@ namespace Bit.App.Pages
return;
}
_cryptoService.Key = _key;
_tokenService.Token = response.Result.AccessToken;
_tokenService.RefreshToken = response.Result.RefreshToken;
_authService.UserId = _tokenService.TokenUserId;
_authService.Email = _tokenService.TokenEmail;
_settings.AddOrUpdateValue(Constants.LastLoginEmail, _authService.Email);
_googleAnalyticsService.RefreshUserId();
_googleAnalyticsService.TrackAppEvent("LoggedIn From Two-step");
if(Device.OS == TargetPlatform.Android)
{
_pushNotification.Register();
}
var task = Task.Run(async () => await _syncService.FullSyncAsync());
Application.Current.MainPage = new MainPage();

View file

@ -6,6 +6,8 @@ using Bit.App.Models.Api;
using Newtonsoft.Json;
using Plugin.Connectivity.Abstractions;
using System.Net;
using Newtonsoft.Json.Linq;
using System.Collections.Generic;
namespace Bit.App.Repositories
{
@ -39,12 +41,22 @@ namespace Bit.App.Repositories
try
{
var response = await client.SendAsync(requestMessage).ConfigureAwait(false);
var responseContent = await response.Content.ReadAsStringAsync().ConfigureAwait(false);
if(!response.IsSuccessStatusCode)
{
var errorResponse = JObject.Parse(responseContent);
if(errorResponse["TwoFactorProviders"] != null)
{
return ApiResult<TokenResponse>.Success(new TokenResponse
{
TwoFactorProviders = errorResponse["TwoFactorProviders"].ToObject<List<int>>()
}, response.StatusCode);
}
return await HandleErrorAsync<TokenResponse>(response).ConfigureAwait(false);
}
var responseContent = await response.Content.ReadAsStringAsync().ConfigureAwait(false);
var responseObj = JsonConvert.DeserializeObject<TokenResponse>(responseContent);
return ApiResult<TokenResponse>.Success(responseObj, response.StatusCode);
}