-
Notifications
You must be signed in to change notification settings - Fork 28
/
authn_oob.go
87 lines (74 loc) · 2.56 KB
/
authn_oob.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
package nodes
import (
"fmt"
"github.com/authgear/authgear-server/pkg/api/model"
"github.com/authgear/authgear-server/pkg/lib/authn"
"github.com/authgear/authgear-server/pkg/lib/authn/authenticator"
"github.com/authgear/authgear-server/pkg/lib/facade"
"github.com/authgear/authgear-server/pkg/lib/interaction"
)
func init() {
interaction.RegisterNode(&NodeAuthenticationOOB{})
}
type InputAuthenticationOOB interface {
GetOOBOTP() string
}
type EdgeAuthenticationOOB struct {
Stage authn.AuthenticationStage
Authenticator *authenticator.Info
Secret string
}
func (e *EdgeAuthenticationOOB) Instantiate(ctx *interaction.Context, graph *interaction.Graph, rawInput interface{}) (interaction.Node, error) {
var input InputAuthenticationOOB
if !interaction.Input(rawInput, &input) {
return nil, interaction.ErrIncompatibleInput
}
info := e.Authenticator
_, err := ctx.Authenticators.VerifyWithSpec(info, &authenticator.Spec{
OOBOTP: &authenticator.OOBOTPSpec{
Code: input.GetOOBOTP(),
},
}, &facade.VerifyOptions{
AuthenticationDetails: facade.NewAuthenticationDetails(
info.UserID,
e.Stage,
deriveNodeAuthenticationOOBAuthenticationType(info.Type),
),
})
if err != nil {
return nil, err
}
return &NodeAuthenticationOOB{Stage: e.Stage, Authenticator: info, AuthenticatorType: e.Authenticator.Type}, nil
}
type NodeAuthenticationOOB struct {
Stage authn.AuthenticationStage `json:"stage"`
AuthenticatorType model.AuthenticatorType `json:"authenticator_type"`
Authenticator *authenticator.Info `json:"authenticator"`
}
func (n *NodeAuthenticationOOB) Prepare(ctx *interaction.Context, graph *interaction.Graph) error {
return nil
}
func (n *NodeAuthenticationOOB) GetEffects() ([]interaction.Effect, error) {
return nil, nil
}
func (n *NodeAuthenticationOOB) DeriveEdges(graph *interaction.Graph) ([]interaction.Edge, error) {
return []interaction.Edge{
&EdgeAuthenticationEnd{
Stage: n.Stage,
AuthenticationType: deriveNodeAuthenticationOOBAuthenticationType(n.AuthenticatorType),
VerifiedAuthenticator: n.Authenticator,
},
}, nil
}
func deriveNodeAuthenticationOOBAuthenticationType(authenticatorType model.AuthenticatorType) authn.AuthenticationType {
var typ authn.AuthenticationType
switch authenticatorType {
case model.AuthenticatorTypeOOBEmail:
typ = authn.AuthenticationTypeOOBOTPEmail
case model.AuthenticatorTypeOOBSMS:
typ = authn.AuthenticationTypeOOBOTPSMS
default:
panic(fmt.Errorf("interaction: unexpected authenticator type: %v", authenticatorType))
}
return typ
}