3 |
4 | This demo show how to add a Passwordless and Usernameless flow with FIDO2 and ASP.NET Identity.
5 |
6 | * **Server Side**: ASP.NET Core MVC
7 |
8 | Pre reqs
9 |
10 | * .NET 6
11 |
12 | Techs:
13 |
14 | * ASP.NET Core
15 |
16 | # How to run
17 |
18 | 1. Open VSCode and load folder
19 | * Open terminas (CTRL + \`)
20 | * dotnet run
21 |
22 | Device used for this demo [BioPass FIDO Security Key](https://www.ftsafe.com/store/product/biopass-fido-security-key/)
23 |
24 | There is a post about this code:
25 | [Integração ASP.NET Identity com FIDO2](https://brunobrito.net.br/asp-net-identity-fido2/)
26 |
--------------------------------------------------------------------------------
/src/Fido2.Passwordless/Views/Shared/_LoginPartial.cshtml:
--------------------------------------------------------------------------------
1 | @using Microsoft.AspNetCore.Identity
2 | @inject SignInManagerError.
7 |An error occurred while processing your request.
8 | 9 | @if (Model.ShowRequestId) 10 | { 11 |
12 | Request ID: @Model.RequestId
13 |
Development Mode
17 |18 | Swapping to Development environment will display more detailed information about the error that occurred. 19 |
20 |21 | The Development environment shouldn't be enabled for deployed applications. 22 | It can result in displaying sensitive information from exceptions to end users. 23 | For local debugging, enable the Development environment by setting the ASPNETCORE_ENVIRONMENT environment variable to Development 24 | and restarting the app. 25 |
26 | -------------------------------------------------------------------------------- /src/Fido2.Passwordless/Views/Shared/_Layout.cshtml.css: -------------------------------------------------------------------------------- 1 | /* Please see documentation at https://docs.microsoft.com/aspnet/core/client-side/bundling-and-minification 2 | for details on configuring this project to bundle and minify static web assets. */ 3 | 4 | a.navbar-brand { 5 | white-space: normal; 6 | text-align: center; 7 | word-break: break-all; 8 | } 9 | 10 | a { 11 | color: #0077cc; 12 | } 13 | 14 | .btn-primary { 15 | color: #fff; 16 | background-color: #1b6ec2; 17 | border-color: #1861ac; 18 | } 19 | 20 | .nav-pills .nav-link.active, .nav-pills .show > .nav-link { 21 | color: #fff; 22 | background-color: #1b6ec2; 23 | border-color: #1861ac; 24 | } 25 | 26 | .border-top { 27 | border-top: 1px solid #e5e5e5; 28 | } 29 | .border-bottom { 30 | border-bottom: 1px solid #e5e5e5; 31 | } 32 | 33 | .box-shadow { 34 | box-shadow: 0 .25rem .75rem rgba(0, 0, 0, .05); 35 | } 36 | 37 | button.accept-policy { 38 | font-size: 1rem; 39 | line-height: inherit; 40 | } 41 | 42 | .footer { 43 | position: absolute; 44 | bottom: 0; 45 | width: 100%; 46 | white-space: nowrap; 47 | line-height: 60px; 48 | } 49 | -------------------------------------------------------------------------------- /src/Fido2.Passwordless/Models/UsernamelessModel.cs: -------------------------------------------------------------------------------- 1 | using Fido2NetLib; 2 | using NetDevPack.Utilities; 3 | using System.ComponentModel.DataAnnotations; 4 | using System.Text; 5 | 6 | namespace Fido2.Passwordless.Models 7 | { 8 | public class UsernamelessModel 9 | { 10 | [StringLength(100, ErrorMessage = "The {0} must be at least {2} and at max {1} characters long.", MinimumLength = 1)] 11 | [Display(Name = "Name")] 12 | public string DisplayName { get; set; } 13 | 14 | public string? AttestationResponse { get; set; } 15 | 16 | public Fido2User Get() 17 | { 18 | return new Fido2User 19 | { 20 | DisplayName = DisplayName, 21 | Name = DisplayName.Urlize(), 22 | Id = Encoding.UTF8.GetBytes(DisplayName.Urlize()) // byte representation of userID is required 23 | }; 24 | } 25 | 26 | public class LoginModel 27 | { 28 | [Required] 29 | public bool RememberMe { get; set; } 30 | 31 | public string? AssertionResponse { get; set; } 32 | } 33 | } 34 | 35 | } 36 | -------------------------------------------------------------------------------- /src/Fido2.Passwordless/wwwroot/lib/jquery-validation/LICENSE.md: -------------------------------------------------------------------------------- 1 | The MIT License (MIT) 2 | ===================== 3 | 4 | Copyright Jörn Zaefferer 5 | 6 | Permission is hereby granted, free of charge, to any person obtaining a copy 7 | of this software and associated documentation files (the "Software"), to deal 8 | in the Software without restriction, including without limitation the rights 9 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 10 | copies of the Software, and to permit persons to whom the Software is 11 | furnished to do so, subject to the following conditions: 12 | 13 | The above copyright notice and this permission notice shall be included in 14 | all copies or substantial portions of the Software. 15 | 16 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 17 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 18 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 19 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 20 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 21 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN 22 | THE SOFTWARE. 23 | -------------------------------------------------------------------------------- /Fido2.sln: -------------------------------------------------------------------------------- 1 | 2 | Microsoft Visual Studio Solution File, Format Version 12.00 3 | # Visual Studio Version 17 4 | VisualStudioVersion = 17.2.32616.157 5 | MinimumVisualStudioVersion = 10.0.40219.1 6 | Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "Fido2.Passwordless", "src\Fido2.Passwordless\Fido2.Passwordless.csproj", "{25F39EA0-0BFA-40D7-8096-06B628E3125A}" 7 | EndProject 8 | Global 9 | GlobalSection(SolutionConfigurationPlatforms) = preSolution 10 | Debug|Any CPU = Debug|Any CPU 11 | Release|Any CPU = Release|Any CPU 12 | EndGlobalSection 13 | GlobalSection(ProjectConfigurationPlatforms) = postSolution 14 | {25F39EA0-0BFA-40D7-8096-06B628E3125A}.Debug|Any CPU.ActiveCfg = Debug|Any CPU 15 | {25F39EA0-0BFA-40D7-8096-06B628E3125A}.Debug|Any CPU.Build.0 = Debug|Any CPU 16 | {25F39EA0-0BFA-40D7-8096-06B628E3125A}.Release|Any CPU.ActiveCfg = Release|Any CPU 17 | {25F39EA0-0BFA-40D7-8096-06B628E3125A}.Release|Any CPU.Build.0 = Release|Any CPU 18 | EndGlobalSection 19 | GlobalSection(SolutionProperties) = preSolution 20 | HideSolutionNode = FALSE 21 | EndGlobalSection 22 | GlobalSection(ExtensibilityGlobals) = postSolution 23 | SolutionGuid = {1CAB7981-4B00-4D8B-BEAD-D02FB535AB8F} 24 | EndGlobalSection 25 | EndGlobal 26 | -------------------------------------------------------------------------------- /src/Fido2.Passwordless/Data/DbMigrationHelpers.cs: -------------------------------------------------------------------------------- 1 | namespace Fido2.Passwordless.Data 2 | { 3 | public static class DbMigrationHelpers 4 | { 5 | ///@ViewData["Title"]
9 | 10 |
11 |
27 |
28 | @section Scripts {
29 |
12 |
25 |
26 | @ViewData["Title"]
9 | 10 |
11 |
32 |
33 | @section Scripts {
34 |
12 |
30 |
31 | @ViewData["Title"]
8 |
9 |
41 |
42 | @section Scripts {
43 |
10 |
11 |
37 |
38 |
39 |
40 | @ViewData["Title"]
8 |
9 |
47 |
48 | @section Scripts {
49 |
10 |
11 |
43 |
44 |
45 |
46 |
51 |
52 | @RenderBody()
53 |
54 |
55 |
56 |
61 |
62 |
63 |
64 |
65 |
66 |
67 |
68 | @await RenderSectionAsync("Scripts", required: false)
69 |
70 |
71 |
--------------------------------------------------------------------------------
/src/Fido2.Passwordless/wwwroot/js/register.usernameless.js:
--------------------------------------------------------------------------------
1 | document.getElementById('registerSubmit').addEventListener('click', handleRegisterSubmit);
2 |
3 | async function handleRegisterSubmit(event) {
4 | event.preventDefault();
5 |
6 | let displayName = document.getElementById('DisplayName').value;
7 |
8 |
9 | // prepare form post data
10 | var data = new FormData();
11 | data.append('displayName', displayName);
12 |
13 | // send to server for registering
14 | let makeCredentialOptions;
15 | try {
16 | makeCredentialOptions = await fetchMakeCredentialOptions(data);
17 |
18 | } catch (e) {
19 | console.error(e);
20 | let msg = "Something wen't really wrong";
21 | showErrorAlert(msg);
22 | }
23 |
24 |
25 | console.log("Credential Options Object", makeCredentialOptions);
26 |
27 | if (makeCredentialOptions.status !== "ok") {
28 | console.log("Error creating credential options");
29 | console.log(makeCredentialOptions.errorMessage);
30 | showErrorAlert(makeCredentialOptions.errorMessage);
31 | return;
32 | }
33 |
34 | // Turn the challenge back into the accepted format of padded base64
35 | makeCredentialOptions.challenge = coerceToArrayBuffer(makeCredentialOptions.challenge);
36 | // Turn ID into a UInt8Array Buffer for some reason
37 | makeCredentialOptions.user.id = coerceToArrayBuffer(makeCredentialOptions.user.id);
38 |
39 | makeCredentialOptions.excludeCredentials = makeCredentialOptions.excludeCredentials.map((c) => {
40 | c.id = coerceToArrayBuffer(c.id);
41 | return c;
42 | });
43 |
44 | if (makeCredentialOptions.authenticatorSelection.authenticatorAttachment === null) makeCredentialOptions.authenticatorSelection.authenticatorAttachment = undefined;
45 |
46 | console.log("Credential Options Formatted", makeCredentialOptions);
47 |
48 | Swal.fire({
49 | title: 'Registering...',
50 | text: 'Tap your security key to finish registration.',
51 | imageUrl: "/images/securitykey.min.svg",
52 | showCancelButton: true,
53 | showConfirmButton: false,
54 | focusConfirm: false,
55 | focusCancel: false
56 | });
57 |
58 |
59 | console.log("Creating PublicKeyCredential...");
60 |
61 | let newCredential;
62 | try {
63 | newCredential = await navigator.credentials.create({
64 | publicKey: makeCredentialOptions
65 | });
66 | } catch (e) {
67 | var msg = "Could not create credentials in browser. Probably because the username is already registered with your authenticator. Please change username or authenticator."
68 | console.error(msg, e);
69 | showErrorAlert(msg, e);
70 | }
71 |
72 |
73 | console.log("PublicKeyCredential Created", newCredential);
74 |
75 | try {
76 | registerNewCredential(newCredential);
77 |
78 | } catch (e) {
79 | showErrorAlert(err.message ? err.message : err);
80 | }
81 | }
82 |
83 | async function fetchMakeCredentialOptions(queryData) {
84 | let response = await fetch(urlAttestationOptions + '?' + new URLSearchParams(queryData), {
85 | method: 'GET', // or 'PUT'
86 | headers: {
87 | 'Accept': 'application/json'
88 | }
89 | });
90 |
91 | let data = await response.json();
92 |
93 | return data;
94 | }
95 |
96 |
97 | // This should be used to verify the auth data with the server
98 | async function registerNewCredential(newCredential) {
99 | /// Move data into Arrays incase it is super long
100 | let attestationObject = new Uint8Array(newCredential.response.attestationObject);
101 | let clientDataJSON = new Uint8Array(newCredential.response.clientDataJSON);
102 | let rawId = new Uint8Array(newCredential.rawId);
103 |
104 | const data = {
105 | id: newCredential.id,
106 | rawId: coerceToBase64Url(rawId),
107 | type: newCredential.type,
108 | extensions: newCredential.getClientExtensionResults(),
109 | response: {
110 | attestationObject: coerceToBase64Url(attestationObject),
111 | clientDataJSON: coerceToBase64Url(clientDataJSON)
112 | }
113 | };
114 |
115 | document.getElementById('AttestationResponse').value = JSON.stringify(data);
116 |
117 | document.getElementById('registerForm').submit();
118 |
119 |
120 | // redirect to dashboard?
121 | //window.location.href = "/dashboard/" + state.user.displayName;
122 | }
123 |
124 | async function registerCredentialWithServer(formData) {
125 | let response = await fetch(urlMakeCredentials, {
126 | method: 'POST', // or 'PUT'
127 | body: JSON.stringify(formData), // data can be `string` or {object}!
128 | headers: {
129 | 'Accept': 'application/json',
130 | 'Content-Type': 'application/json'
131 | }
132 | });
133 |
134 | let data = await response.json();
135 |
136 | return data;
137 | }
138 |
--------------------------------------------------------------------------------
/src/Fido2.Passwordless/wwwroot/js/register.passwordless.js:
--------------------------------------------------------------------------------
1 | document.getElementById('registerSubmit').addEventListener('click', handleRegisterSubmit);
2 |
3 | async function handleRegisterSubmit(event) {
4 | event.preventDefault();
5 |
6 | let username = document.getElementById('Username').value;
7 | let displayName = document.getElementById('DisplayName').value;
8 |
9 |
10 | // prepare form post data
11 | var data = new FormData();
12 | data.append('username', username);
13 | data.append('displayName', displayName);
14 |
15 | // send to server for registering
16 | let makeCredentialOptions;
17 | try {
18 | makeCredentialOptions = await fetchMakeCredentialOptions(data);
19 |
20 | } catch (e) {
21 | console.error(e);
22 | let msg = "Something wen't really wrong";
23 | showErrorAlert(msg);
24 | }
25 |
26 |
27 | console.log("Credential Options Object", makeCredentialOptions);
28 |
29 | if (makeCredentialOptions.status !== "ok") {
30 | console.log("Error creating credential options");
31 | console.log(makeCredentialOptions.errorMessage);
32 | showErrorAlert(makeCredentialOptions.errorMessage);
33 | return;
34 | }
35 |
36 | // Turn the challenge back into the accepted format of padded base64
37 | makeCredentialOptions.challenge = coerceToArrayBuffer(makeCredentialOptions.challenge);
38 | // Turn ID into a UInt8Array Buffer for some reason
39 | makeCredentialOptions.user.id = coerceToArrayBuffer(makeCredentialOptions.user.id);
40 |
41 | makeCredentialOptions.excludeCredentials = makeCredentialOptions.excludeCredentials.map((c) => {
42 | c.id = coerceToArrayBuffer(c.id);
43 | return c;
44 | });
45 |
46 | if (makeCredentialOptions.authenticatorSelection.authenticatorAttachment === null) makeCredentialOptions.authenticatorSelection.authenticatorAttachment = undefined;
47 |
48 | console.log("Credential Options Formatted", makeCredentialOptions);
49 |
50 | Swal.fire({
51 | title: 'Registering...',
52 | text: 'Tap your security key to finish registration.',
53 | imageUrl: "/images/securitykey.min.svg",
54 | showCancelButton: true,
55 | showConfirmButton: false,
56 | focusConfirm: false,
57 | focusCancel: false
58 | });
59 |
60 |
61 | console.log("Creating PublicKeyCredential...");
62 |
63 | let newCredential;
64 | try {
65 | newCredential = await navigator.credentials.create({
66 | publicKey: makeCredentialOptions
67 | });
68 | } catch (e) {
69 | var msg = "Could not create credentials in browser. Probably because the username is already registered with your authenticator. Please change username or authenticator."
70 | console.error(msg, e);
71 | showErrorAlert(msg, e);
72 | }
73 |
74 |
75 | console.log("PublicKeyCredential Created", newCredential);
76 |
77 | try {
78 | registerNewCredential(newCredential);
79 |
80 | } catch (e) {
81 | showErrorAlert(err.message ? err.message : err);
82 | }
83 | }
84 |
85 | async function fetchMakeCredentialOptions(queryData) {
86 | let response = await fetch(urlAttestationOptions + '?' + new URLSearchParams(queryData), {
87 | method: 'GET', // or 'PUT'
88 | headers: {
89 | 'Accept': 'application/json'
90 | }
91 | });
92 |
93 | let data = await response.json();
94 |
95 | return data;
96 | }
97 |
98 |
99 | // This should be used to verify the auth data with the server
100 | async function registerNewCredential(newCredential) {
101 | /// Move data into Arrays incase it is super long
102 | let attestationObject = new Uint8Array(newCredential.response.attestationObject);
103 | let clientDataJSON = new Uint8Array(newCredential.response.clientDataJSON);
104 | let rawId = new Uint8Array(newCredential.rawId);
105 |
106 | const data = {
107 | id: newCredential.id,
108 | rawId: coerceToBase64Url(rawId),
109 | type: newCredential.type,
110 | extensions: newCredential.getClientExtensionResults(),
111 | response: {
112 | attestationObject: coerceToBase64Url(attestationObject),
113 | clientDataJSON: coerceToBase64Url(clientDataJSON)
114 | }
115 | };
116 |
117 | document.getElementById('AttestationResponse').value = JSON.stringify(data);
118 |
119 | document.getElementById('registerForm').submit();
120 |
121 |
122 | // redirect to dashboard?
123 | //window.location.href = "/dashboard/" + state.user.displayName;
124 | }
125 |
126 | async function registerCredentialWithServer(formData) {
127 | let response = await fetch(urlMakeCredentials, {
128 | method: 'POST', // or 'PUT'
129 | body: JSON.stringify(formData), // data can be `string` or {object}!
130 | headers: {
131 | 'Accept': 'application/json',
132 | 'Content-Type': 'application/json'
133 | }
134 | });
135 |
136 | let data = await response.json();
137 |
138 | return data;
139 | }
140 |
--------------------------------------------------------------------------------
/.gitignore:
--------------------------------------------------------------------------------
1 | ## Ignore Visual Studio temporary files, build results, and
2 | ## files generated by popular Visual Studio add-ons.
3 |
4 | # User-specific files
5 | *.suo
6 | *.user
7 | *.userosscache
8 | *.sln.docstates
9 | *log*.txt
10 | *.eml
11 |
12 | # User-specific files (MonoDevelop/Xamarin Studio)
13 | *.userprefs
14 |
15 | # Build results
16 | [Dd]ebug/
17 | [Dd]ebugPublic/
18 | [Rr]elease/
19 | [Rr]eleases/
20 | [Xx]64/
21 | [Xx]86/
22 | bld/
23 | [Bb]in/
24 | [Oo]bj/
25 | [Dd]ist/
26 | TempMail/
27 |
28 | # Visual Studio 2015 cache/options directory
29 | .vs/
30 | # Uncomment if you have tasks that create the project's static files in wwwroot
31 | #wwwroot/
32 |
33 | # Vs publish files
34 | *.pubxml
35 |
36 | # MSTest test Results
37 | [Tt]est[Rr]esult*/
38 | [Bb]uild[Ll]og.*
39 |
40 | # NUNIT
41 | *.VisualState.xml
42 | TestResult.xml
43 |
44 | # Build Results of an ATL Project
45 | [Dd]ebugPS/
46 | [Rr]eleasePS/
47 | dlldata.c
48 |
49 | # DNX
50 | project.lock.json
51 | artifacts/
52 |
53 | *_i.c
54 | *_p.c
55 | *_i.h
56 | *.ilk
57 | *.meta
58 | *.obj
59 | *.pch
60 | *.pdb
61 | *.pgc
62 | *.pgd
63 | *.rsp
64 | *.sbr
65 | *.tlb
66 | *.tli
67 | *.tlh
68 | *.tmp
69 | *.tmp_proj
70 | *.log
71 | *.vspscc
72 | *.vssscc
73 | .builds
74 | *.pidb
75 | *.svclog
76 | *.scc
77 |
78 | # Chutzpah Test files
79 | _Chutzpah*
80 |
81 | # Visual C++ cache files
82 | ipch/
83 | *.aps
84 | *.ncb
85 | *.opendb
86 | *.opensdf
87 | *.sdf
88 | *.cachefile
89 | *.VC.db
90 |
91 | # Visual Studio profiler
92 | *.psess
93 | *.vsp
94 | *.vspx
95 | *.sap
96 |
97 | # TFS 2012 Local Workspace
98 | $tf/
99 |
100 | # Guidance Automation Toolkit
101 | *.gpState
102 |
103 | # ReSharper is a .NET coding add-in
104 | _ReSharper*/
105 | *.[Rr]e[Ss]harper
106 | *.DotSettings.user
107 |
108 | # JustCode is a .NET coding add-in
109 | .JustCode
110 |
111 | # TeamCity is a build add-in
112 | _TeamCity*
113 |
114 | # DotCover is a Code Coverage Tool
115 | *.dotCover
116 |
117 | # NCrunch
118 | _NCrunch_*
119 | .*crunch*.local.xml
120 | nCrunchTemp_*
121 |
122 | # MightyMoose
123 | *.mm.*
124 | AutoTest.Net/
125 |
126 | # Web workbench (sass)
127 | .sass-cache/
128 |
129 | # Installshield output folder
130 | [Ee]xpress/
131 |
132 | # DocProject is a documentation generator add-in
133 | DocProject/buildhelp/
134 | DocProject/Help/*.HxT
135 | DocProject/Help/*.HxC
136 | DocProject/Help/*.hhc
137 | DocProject/Help/*.hhk
138 | DocProject/Help/*.hhp
139 | DocProject/Help/Html2
140 | DocProject/Help/html
141 |
142 | # Log files
143 | src/**/*log*.txt
144 |
145 | # Click-Once directory
146 | publish/
147 |
148 | # Publish Web Output
149 | *.[Pp]ublish.xml
150 | *.azurePubxml
151 |
152 | # TODO: Un-comment the next line if you do not want to checkin
153 | # your web deploy settings because they may include unencrypted
154 | # passwords
155 | #*.pubxml
156 | *.publishproj
157 |
158 | # NuGet Packages
159 | *.nupkg
160 | # The packages folder can be ignored because of Package Restore
161 | **/packages/*
162 | # except build/, which is used as an MSBuild target.
163 | !**/packages/build/
164 | # Uncomment if necessary however generally it will be regenerated when needed
165 | #!**/packages/repositories.config
166 | # NuGet v3's project.json files produces more ignoreable files
167 | *.nuget.props
168 | *.nuget.targets
169 |
170 | # Microsoft Azure Build Output
171 | csx/
172 | *.build.csdef
173 |
174 | # Microsoft Azure Emulator
175 | ecf/
176 | rcf/
177 |
178 | # Windows Store app package directory
179 | AppPackages/
180 | BundleArtifacts/
181 |
182 | # Visual Studio cache files
183 | # files ending in .cache can be ignored
184 | *.[Cc]ache
185 | # but keep track of directories ending in .cache
186 | !*.[Cc]ache/
187 |
188 | # Others
189 | ClientBin/
190 | [Ss]tyle[Cc]op.*
191 | ~$*
192 | *~
193 | *.dbmdl
194 | *.dbproj.schemaview
195 | *.pfx
196 | *.publishsettings
197 | node_modules/
198 | orleans.codegen.cs
199 |
200 | # RIA/Silverlight projects
201 | Generated_Code/
202 |
203 | # Backup & report files from converting an old project file
204 | # to a newer Visual Studio version. Backup files are not needed,
205 | # because we have git ;-)
206 | _UpgradeReport_Files/
207 | Backup*/
208 | UpgradeLog*.XML
209 | UpgradeLog*.htm
210 |
211 | # SQL Server files
212 | *.mdf
213 | *.ldf
214 |
215 | # Business Intelligence projects
216 | *.rdl.data
217 | *.bim.layout
218 | *.bim_*.settings
219 |
220 | # Microsoft Fakes
221 | FakesAssemblies/
222 |
223 | # GhostDoc plugin setting file
224 | *.GhostDoc.xml
225 |
226 | # Node.js Tools for Visual Studio
227 | .ntvs_analysis.dat
228 |
229 | # Visual Studio 6 build log
230 | *.plg
231 |
232 | # Visual Studio 6 workspace options file
233 | *.opt
234 |
235 | # Visual Studio LightSwitch build output
236 | **/*.HTMLClient/GeneratedArtifacts
237 | **/*.DesktopClient/GeneratedArtifacts
238 | **/*.DesktopClient/ModelManifest.xml
239 | **/*.Server/GeneratedArtifacts
240 | **/*.Server/ModelManifest.xml
241 | _Pvt_Extensions
242 |
243 | # LightSwitch generated files
244 | GeneratedArtifacts/
245 | ModelManifest.xml
246 |
247 | # Paket dependency manager
248 | .paket/paket.exe
249 |
250 | # FAKE - F# Make
251 | .fake/
252 |
253 | # Sphinx
254 | *.opt
255 | docs/_build
256 | docs/.vscode
257 | healthcheck
258 | back-end/src/DesenvolvedorIO.Site/Properties/ServiceDependencies/stage-desenvolvedorio - Web Deploy2/profile.arm.json
259 |
--------------------------------------------------------------------------------
/src/Fido2.Passwordless/wwwroot/lib/jquery-validation-unobtrusive/jquery.validate.unobtrusive.min.js:
--------------------------------------------------------------------------------
1 | // Unobtrusive validation support library for jQuery and jQuery Validate
2 | // Copyright (c) .NET Foundation. All rights reserved.
3 | // Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
4 | // @version v3.2.11
5 | !function(a){"function"==typeof define&&define.amd?define("jquery.validate.unobtrusive",["jquery-validation"],a):"object"==typeof module&&module.exports?module.exports=a(require("jquery-validation")):jQuery.validator.unobtrusive=a(jQuery)}(function(a){function e(a,e,n){a.rules[e]=n,a.message&&(a.messages[e]=a.message)}function n(a){return a.replace(/^\s+|\s+$/g,"").split(/\s*,\s*/g)}function t(a){return a.replace(/([!"#$%&'()*+,.\/:;<=>?@\[\\\]^`{|}~])/g,"\\$1")}function r(a){return a.substr(0,a.lastIndexOf(".")+1)}function i(a,e){return 0===a.indexOf("*.")&&(a=a.replace("*.",e)),a}function o(e,n){var r=a(this).find("[data-valmsg-for='"+t(n[0].name)+"']"),i=r.attr("data-valmsg-replace"),o=i?a.parseJSON(i)!==!1:null;r.removeClass("field-validation-valid").addClass("field-validation-error"),e.data("unobtrusiveContainer",r),o?(r.empty(),e.removeClass("input-validation-error").appendTo(r)):e.hide()}function d(e,n){var t=a(this).find("[data-valmsg-summary=true]"),r=t.find("ul");r&&r.length&&n.errorList.length&&(r.empty(),t.addClass("validation-summary-errors").removeClass("validation-summary-valid"),a.each(n.errorList,function(){a("").html(this.message).appendTo(r)}))}function s(e){var n=e.data("unobtrusiveContainer");if(n){var t=n.attr("data-valmsg-replace"),r=t?a.parseJSON(t):null;n.addClass("field-validation-valid").removeClass("field-validation-error"),e.removeData("unobtrusiveContainer"),r&&n.empty()}}function l(e){var n=a(this),t="__jquery_unobtrusive_validation_form_reset";if(!n.data(t)){n.data(t,!0);try{n.data("validator").resetForm()}finally{n.removeData(t)}n.find(".validation-summary-errors").addClass("validation-summary-valid").removeClass("validation-summary-errors"),n.find(".field-validation-error").addClass("field-validation-valid").removeClass("field-validation-error").removeData("unobtrusiveContainer").find(">*").removeData("unobtrusiveContainer")}}function u(e){var n=a(e),t=n.data(v),r=a.proxy(l,e),i=f.unobtrusive.options||{},u=function(n,t){var r=i[n];r&&a.isFunction(r)&&r.apply(e,t)};return t||(t={options:{errorClass:i.errorClass||"input-validation-error",errorElement:i.errorElement||"span",errorPlacement:function(){o.apply(e,arguments),u("errorPlacement",arguments)},invalidHandler:function(){d.apply(e,arguments),u("invalidHandler",arguments)},messages:{},rules:{},success:function(){s.apply(e,arguments),u("success",arguments)}},attachValidation:function(){n.off("reset."+v,r).on("reset."+v,r).validate(this.options)},validate:function(){return n.validate(),n.valid()}},n.data(v,t)),t}var m,f=a.validator,v="unobtrusiveValidation";return f.unobtrusive={adapters:[],parseElement:function(e,n){var t,r,i,o=a(e),d=o.parents("form")[0];d&&(t=u(d),t.options.rules[e.name]=r={},t.options.messages[e.name]=i={},a.each(this.adapters,function(){var n="data-val-"+this.name,t=o.attr(n),s={};void 0!==t&&(n+="-",a.each(this.params,function(){s[this]=o.attr(n+this)}),this.adapt({element:e,form:d,message:t,params:s,rules:r,messages:i}))}),a.extend(r,{__dummy__:!0}),n||t.attachValidation())},parse:function(e){var n=a(e),t=n.parents().addBack().filter("form").add(n.find("form")).has("[data-val=true]");n.find("[data-val=true]").each(function(){f.unobtrusive.parseElement(this,!0)}),t.each(function(){var a=u(this);a&&a.attachValidation()})}},m=f.unobtrusive.adapters,m.add=function(a,e,n){return n||(n=e,e=[]),this.push({name:a,params:e,adapt:n}),this},m.addBool=function(a,n){return this.add(a,function(t){e(t,n||a,!0)})},m.addMinMax=function(a,n,t,r,i,o){return this.add(a,[i||"min",o||"max"],function(a){var i=a.params.min,o=a.params.max;i&&o?e(a,r,[i,o]):i?e(a,n,i):o&&e(a,t,o)})},m.addSingleVal=function(a,n,t){return this.add(a,[n||"val"],function(r){e(r,t||a,r.params[n])})},f.addMethod("__dummy__",function(a,e,n){return!0}),f.addMethod("regex",function(a,e,n){var t;return!!this.optional(e)||(t=new RegExp(n).exec(a),t&&0===t.index&&t[0].length===a.length)}),f.addMethod("nonalphamin",function(a,e,n){var t;return n&&(t=a.match(/\W/g),t=t&&t.length>=n),t}),f.methods.extension?(m.addSingleVal("accept","mimtype"),m.addSingleVal("extension","extension")):m.addSingleVal("extension","extension","accept"),m.addSingleVal("regex","pattern"),m.addBool("creditcard").addBool("date").addBool("digits").addBool("email").addBool("number").addBool("url"),m.addMinMax("length","minlength","maxlength","rangelength").addMinMax("range","min","max","range"),m.addMinMax("minlength","minlength").addMinMax("maxlength","minlength","maxlength"),m.add("equalto",["other"],function(n){var o=r(n.element.name),d=n.params.other,s=i(d,o),l=a(n.form).find(":input").filter("[name='"+t(s)+"']")[0];e(n,"equalTo",l)}),m.add("required",function(a){"INPUT"===a.element.tagName.toUpperCase()&&"CHECKBOX"===a.element.type.toUpperCase()||e(a,"required",!0)}),m.add("remote",["url","type","additionalfields"],function(o){var d={url:o.params.url,type:o.params.type||"GET",data:{}},s=r(o.element.name);a.each(n(o.params.additionalfields||o.element.name),function(e,n){var r=i(n,s);d.data[r]=function(){var e=a(o.form).find(":input").filter("[name='"+t(r)+"']");return e.is(":checkbox")?e.filter(":checked").val()||e.filter(":hidden").val()||"":e.is(":radio")?e.filter(":checked").val()||"":e.val()}}),e(o,"remote",d)}),m.add("password",["min","nonalphamin","regex"],function(a){a.params.min&&e(a,"minlength",a.params.min),a.params.nonalphamin&&e(a,"nonalphamin",a.params.nonalphamin),a.params.regex&&e(a,"regex",a.params.regex)}),m.add("fileextensions",["extensions"],function(a){e(a,"extension",a.params.extensions)}),a(function(){f.unobtrusive.parse(document)}),f.unobtrusive});
6 |
--------------------------------------------------------------------------------
/src/Fido2.Passwordless/Controllers/UsernamelessController.cs:
--------------------------------------------------------------------------------
1 | using Fido2.Passwordless.Models;
2 | using Fido2NetLib;
3 | using Fido2NetLib.Development;
4 | using Fido2NetLib.Objects;
5 | using Microsoft.AspNetCore.DataProtection;
6 | using Microsoft.AspNetCore.Identity;
7 | using Microsoft.AspNetCore.Mvc;
8 | using NetDevPack.Fido2.EntityFramework.Store.Store;
9 | using NetDevPack.Utilities;
10 | using System.Text.Json;
11 |
12 | namespace Fido2.Passwordless.Controllers
13 | {
14 | public class UsernamelessController : Controller
15 | {
16 | private UserManager