Upstream/bitwarden-mobile
1
0
Fork 0
mirror of https://github.com/bitwarden/mobile.git synced 2024-12-26 16:57:59 +01:00
Code Issues Projects Releases Wiki Activity

Feature/use hcaptcha if bot (#1476)

Browse Source 
* Add captcha to login models and methods

* Add captcha web auth to login

* Extract captcha to abstract base class

* Add Captcha to register

* Null out captcha token after each successful challenge

* Cancel > close
This commit is contained in:
Matt Gibson 2021-08-04 15:47:23 -04:00 committed by GitHub
parent 9042b1009e
commit 2f2fa8a25b
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
18 changed files with 322 additions and 42 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/App/Pages/Accounts/LoginPage.xaml
View File

@ -82,7 +82,7 @@
</Grid>
</StackLayout>
<StackLayout Padding="10, 0">
<Button Text="{u:I18n LogIn}" Clicked="LogIn_Clicked" />
<Button Text="{u:I18n LogIn}" Clicked="LogIn_Clicked" IsEnabled="{Binding LoginEnabled}"/>
</StackLayout>
</StackLayout>
</ScrollView>

60
src/App/Pages/Accounts/LoginPageViewModel.cs
View File

@ -8,10 +8,15 @@ using System;
using System.Threading.Tasks;
using Bit.App.Utilities;
using Xamarin.Forms;
using Newtonsoft.Json;
using System.Text;
using Xamarin.Essentials;
using System.Text.RegularExpressions;
using Bit.Core.Services;
namespace Bit.App.Pages
{
public class LoginPageViewModel : BaseViewModel
public class LoginPageViewModel : CaptchaProtectedViewModel
{
private const string Keys_RememberedEmail = "rememberedEmail";
private const string Keys_RememberEmail = "rememberEmail";
@ -22,10 +27,13 @@ namespace Bit.App.Pages
private readonly IStorageService _storageService;
private readonly IPlatformUtilsService _platformUtilsService;
private readonly IStateService _stateService;
private readonly IEnvironmentService _environmentService;
private readonly II18nService _i18nService;
private bool _showPassword;
private string _email;
private string _masterPassword;
private bool _loginEnabled = true;
public LoginPageViewModel()
{
@ -35,6 +43,8 @@ namespace Bit.App.Pages
_storageService = ServiceContainer.Resolve<IStorageService>("storageService");
_platformUtilsService = ServiceContainer.Resolve<IPlatformUtilsService>("platformUtilsService");
_stateService = ServiceContainer.Resolve<IStateService>("stateService");
_environmentService = ServiceContainer.Resolve<IEnvironmentService>("environmentService");
_i18nService = ServiceContainer.Resolve<II18nService>("i18nService");
PageTitle = AppResources.Bitwarden;
TogglePasswordCommand = new Command(TogglePassword);
@ -63,6 +73,16 @@ namespace Bit.App.Pages
set => SetProperty(ref _masterPassword, value);
}
public bool LoginEnabled {
get => _loginEnabled;
set => SetProperty(ref _loginEnabled, value);
}
public bool Loading
{
get => !LoginEnabled;
set => LoginEnabled = !value;
}
public Command LogInCommand { get; }
public Command TogglePasswordCommand { get; }
public string ShowPasswordIcon => ShowPassword ? "" : "";
@ -70,7 +90,12 @@ namespace Bit.App.Pages
public Action StartTwoFactorAction { get; set; }
public Action LogInSuccessAction { get; set; }
public Action CloseAction { get; set; }
protected override II18nService i18nService => _i18nService;
protected override IEnvironmentService environmentService => _environmentService;
protected override IDeviceActionService deviceActionService => _deviceActionService;
protected override IPlatformUtilsService platformUtilsService => _platformUtilsService;
public async Task InitAsync()
{
if (string.IsNullOrWhiteSpace(Email))
@ -115,9 +140,13 @@ namespace Bit.App.Pages
ShowPassword = false;
try
{
await _deviceActionService.ShowLoadingAsync(AppResources.LoggingIn);
var response = await _authService.LogInAsync(Email, MasterPassword);
MasterPassword = string.Empty;
if (!Loading)
{
await _deviceActionService.ShowLoadingAsync(AppResources.LoggingIn);
Loading = true;
}
var response = await _authService.LogInAsync(Email, MasterPassword, _captchaToken);
if (RememberEmail)
{
await _storageService.SaveAsync(Keys_RememberedEmail, Email);
@ -128,6 +157,24 @@ namespace Bit.App.Pages
}
await AppHelpers.ResetInvalidUnlockAttemptsAsync();
await _deviceActionService.HideLoadingAsync();
if (response.CaptchaNeeded)
{
if (await HandleCaptchaAsync(response.CaptchaSiteKey))
{
await LogInAsync();
_captchaToken = null;
return;
}
else
{
Loading = false;
return;
}
}
MasterPassword = string.Empty;
_captchaToken = null;
if (response.TwoFactor)
{
StartTwoFactorAction?.Invoke();
@ -142,6 +189,8 @@ namespace Bit.App.Pages
}
catch (ApiException e)
{
_captchaToken = null;
MasterPassword = string.Empty;
await _deviceActionService.HideLoadingAsync();
if (e?.Error != null)
{
@ -149,6 +198,7 @@ namespace Bit.App.Pages
AppResources.AnErrorHasOccurred);
}
}
Loading = false;
}
public void TogglePassword()

2
src/App/Pages/Accounts/RegisterPage.xaml
View File

@ -21,7 +21,7 @@
<ContentPage.ToolbarItems>
<ToolbarItem Text="{u:I18n Cancel}" Clicked="Close_Clicked" Order="Primary" Priority="-1" />
<ToolbarItem Text="{u:I18n Submit}" Clicked="Submit_Clicked" />
<ToolbarItem Text="{u:I18n Submit}" Clicked="Submit_Clicked" IsEnabled="{Binding SubmitEnabled}"/>
</ContentPage.ToolbarItems>
<ScrollView>

48
src/App/Pages/Accounts/RegisterPageViewModel.cs
View File

@ -12,14 +12,17 @@ using Xamarin.Forms;
namespace Bit.App.Pages
{
public class RegisterPageViewModel : BaseViewModel
public class RegisterPageViewModel : CaptchaProtectedViewModel
{
private readonly IDeviceActionService _deviceActionService;
private readonly II18nService _i18nService;
private readonly IEnvironmentService _environmentService;
private readonly IApiService _apiService;
private readonly ICryptoService _cryptoService;
private readonly IPlatformUtilsService _platformUtilsService;
private bool _showPassword;
private bool _acceptPolicies;
private bool _submitEnabled = true;
public RegisterPageViewModel()
{
@ -27,6 +30,8 @@ namespace Bit.App.Pages
_apiService = ServiceContainer.Resolve<IApiService>("apiService");
_cryptoService = ServiceContainer.Resolve<ICryptoService>("cryptoService");
_platformUtilsService = ServiceContainer.Resolve<IPlatformUtilsService>("platformUtilsService");
_i18nService = ServiceContainer.Resolve<II18nService>("i18nService");
_environmentService = ServiceContainer.Resolve<IEnvironmentService>("environmentService");
PageTitle = AppResources.CreateAccount;
TogglePasswordCommand = new Command(TogglePassword);
@ -55,6 +60,16 @@ namespace Bit.App.Pages
get => _acceptPolicies;
set => SetProperty(ref _acceptPolicies, value);
}
public bool SubmitEnabled
{
get => _submitEnabled;
set => SetProperty(ref _submitEnabled, value);
}
public bool Loading
{
get => !SubmitEnabled;
set => SubmitEnabled = !value;
}
public Thickness SwitchMargin
{
@ -76,6 +91,11 @@ namespace Bit.App.Pages
public Action RegistrationSuccess { get; set; }
public Action CloseAction { get; set; }
protected override II18nService i18nService => _i18nService;
protected override IEnvironmentService environmentService => _environmentService;
protected override IDeviceActionService deviceActionService => _deviceActionService;
protected override IPlatformUtilsService platformUtilsService => _platformUtilsService;
public async Task SubmitAsync()
{
if (Xamarin.Essentials.Connectivity.NetworkAccess == Xamarin.Essentials.NetworkAccess.None)
@ -145,15 +165,21 @@ namespace Bit.App.Pages
{
PublicKey = keys.Item1,
EncryptedPrivateKey = keys.Item2.EncryptedString
}
},
CaptchaResponse = _captchaToken,
};
// TODO: org invite?
try
{
await _deviceActionService.ShowLoadingAsync(AppResources.CreatingAccount);
if (!Loading)
{
await _deviceActionService.ShowLoadingAsync(AppResources.CreatingAccount);
Loading = true;
}
await _apiService.PostRegisterAsync(request);
await _deviceActionService.HideLoadingAsync();
Loading = false;
_platformUtilsService.ShowToast("success", null, AppResources.AccountCreated,
new System.Collections.Generic.Dictionary<string, object>
{
@ -163,7 +189,23 @@ namespace Bit.App.Pages
}
catch (ApiException e)
{
if (e?.Error != null && e.Error.CaptchaRequired)
{
if (await HandleCaptchaAsync(e.Error.CaptchaSiteKey))
{
await SubmitAsync();
_captchaToken = null;
return;
}
else
{
await _deviceActionService.HideLoadingAsync();
Loading = false;
return;
};
}
await _deviceActionService.HideLoadingAsync();
Loading = false;
if (e?.Error != null)
{
await _platformUtilsService.ShowDialogAsync(e.Error.GetSingleMessage(),

88
src/App/Pages/CaptchaProtectedViewModel.cs Normal file
View File

@ -0,0 +1,88 @@
using System;
using System.Text;
using System.Text.RegularExpressions;
using System.Threading.Tasks;
using Bit.App.Abstractions;
using Bit.App.Resources;
using Bit.Core.Abstractions;
using Newtonsoft.Json;
using Xamarin.Essentials;
using Xamarin.Forms;
namespace Bit.App.Pages
{
public abstract class CaptchaProtectedViewModel : BaseViewModel
{
protected abstract II18nService i18nService { get; }
protected abstract IEnvironmentService environmentService { get; }
protected abstract IDeviceActionService deviceActionService { get; }
protected abstract IPlatformUtilsService platformUtilsService { get; }
protected string _captchaToken = null;
protected async Task<bool> HandleCaptchaAsync(string CaptchaSiteKey)
{
var callbackUri = "bitwarden://captcha-callback";
var data = EncodeDataParameter(new
{
siteKey = CaptchaSiteKey,
locale = i18nService.Culture.TwoLetterISOLanguageName,
callbackUri = callbackUri,
captchaRequiredText = AppResources.CaptchaRequired,
});
var url = environmentService.WebVaultUrl + "/captcha-mobile-connector.html?" + "data=" + data +
"&parent=" + Uri.EscapeDataString(callbackUri) + "&v=1";
WebAuthenticatorResult authResult = null;
bool cancelled = false;
try
{
authResult = await WebAuthenticator.AuthenticateAsync(new Uri(url),
new Uri(callbackUri));
}
catch (TaskCanceledException)
{
await deviceActionService.HideLoadingAsync();
cancelled = true;
}
catch (Exception e)
{
// WebAuthenticator throws NSErrorException if iOS flow is cancelled - by setting cancelled to true
// here we maintain the appearance of a clean cancellation (we don't want to do this across the board
// because we still want to present legitimate errors). If/when this is fixed, we can remove this
// particular catch block (catching taskCanceledException above must remain)
// https://github.com/xamarin/Essentials/issues/1240
if (Device.RuntimePlatform == Device.iOS)
{
await deviceActionService.HideLoadingAsync();
cancelled = true;
}
}
if (cancelled == false && authResult != null &&
authResult.Properties.TryGetValue("token", out _captchaToken))
{
return true;
}
else
{
await platformUtilsService.ShowDialogAsync(AppResources.CaptchaFailed,
AppResources.CaptchaRequired);
return false;
}
}
private string EncodeDataParameter(object obj)
{
string EncodeMultibyte(Match match)
{
return Convert.ToChar(Convert.ToUInt32($"0x{match.Groups[1].Value}", 16)).ToString();
}
var escaped = Uri.EscapeDataString(JsonConvert.SerializeObject(obj));
var multiByteEscaped = Regex.Replace(escaped, "%([0-9A-F]{2})", EncodeMultibyte);
return Convert.ToBase64String(Encoding.UTF8.GetBytes(multiByteEscaped));
}
}
}

12
src/App/Resources/AppResources.Designer.cs generated
View File

@ -3550,5 +3550,17 @@ namespace Bit.App.Resources {
return ResourceManager.GetString("PasswordConfirmationDesc", resourceCulture);
}
}
public static string CaptchaRequired {
get {
return ResourceManager.GetString("CaptchaRequired", resourceCulture);
}
}
public static string CaptchaFailed {
get {
return ResourceManager.GetString("CaptchaFailed", resourceCulture);
}
}
}
}

6
src/App/Resources/AppResources.resx
View File

@ -2010,4 +2010,10 @@
<data name="PasswordConfirmationDesc" xml:space="preserve">
<value>This action is protected, to continue please re-enter your master password to verify your identity.</value>
</data>
<data name="CaptchaRequired" xml:space="preserve">
<value>Captcha Required</value>
</data>
<data name="CaptchaFailed" xml:space="preserve">
<value>Captcha Failed. Please try again.</value>
</data>
</root>

2
src/Core/Abstractions/IApiService.cs
View File

@ -30,7 +30,7 @@ namespace Bit.Core.Abstractions
Task<CipherResponse> PostCipherAsync(CipherRequest request);
Task<CipherResponse> PostCipherCreateAsync(CipherCreateRequest request);
Task<FolderResponse> PostFolderAsync(FolderRequest request);
Task<Tuple<IdentityTokenResponse, IdentityTwoFactorResponse>> PostIdentityTokenAsync(TokenRequest request);
Task<IdentityResponse> PostIdentityTokenAsync(TokenRequest request);
Task PostPasswordHintAsync(PasswordHintRequest request);
Task SetPasswordAsync(SetPasswordRequest request);
Task<PreloginResponse> PostPreloginAsync(PreloginRequest request);

2
src/Core/Abstractions/IAuthService.cs
View File

@ -21,7 +21,7 @@ namespace Bit.Core.Abstractions
bool AuthingWithSso();
bool AuthingWithPassword();
List<TwoFactorProvider> GetSupportedTwoFactorProviders();
Task<AuthResult> LogInAsync(string email, string masterPassword);
Task<AuthResult> LogInAsync(string email, string masterPassword, string captchaToken);
Task<AuthResult> LogInSsoAsync(string code, string codeVerifier, string redirectUrl);
Task<AuthResult> LogInCompleteAsync(string email, string masterPassword, TwoFactorProviderType twoFactorProvider, string twoFactorToken, bool? remember = null);
Task<AuthResult> LogInTwoFactorAsync(TwoFactorProviderType twoFactorProvider, string twoFactorToken, bool? remember = null);

2
src/Core/Models/Domain/AuthResult.cs
View File

@ -6,6 +6,8 @@ namespace Bit.Core.Models.Domain
public class AuthResult
{
public bool TwoFactor { get; set; }
public bool CaptchaNeeded => !string.IsNullOrWhiteSpace(CaptchaSiteKey);
public string CaptchaSiteKey { get; set; }
public bool ResetMasterPassword { get; set; }
public Dictionary<TwoFactorProviderType, Dictionary<string, object>> TwoFactorProviders { get; set; }
}

1
src/Core/Models/Request/RegisterRequest.cs
View File

@ -15,5 +15,6 @@ namespace Bit.Core.Models.Request
public Guid? OrganizationUserId { get; set; }
public KdfType? Kdf { get; set; }
public int? KdfIterations { get; set; }
public string CaptchaResponse { get; set; }
}
}

9
src/Core/Models/Request/TokenRequest.cs
View File

@ -16,10 +16,11 @@ namespace Bit.Core.Models.Request
public string Token { get; set; }
public TwoFactorProviderType? Provider { get; set; }
public bool? Remember { get; set; }
public string CaptchaToken { get; set; }
public DeviceRequest Device { get; set; }
public TokenRequest(string[] credentials, string[] codes, TwoFactorProviderType? provider, string token,
bool? remember, DeviceRequest device = null)
bool? remember, string captchaToken, DeviceRequest device = null)
{
if (credentials != null && credentials.Length > 1)
{
@ -36,6 +37,7 @@ namespace Bit.Core.Models.Request
Provider = provider;
Remember = remember;
Device = device;
CaptchaToken = captchaToken;
}
public Dictionary<string, string> ToIdentityToken(string clientId)
@ -77,6 +79,11 @@ namespace Bit.Core.Models.Request
obj.Add("twoFactorProvider", ((int)Provider.Value).ToString());
obj.Add("twoFactorRemember", Remember.GetValueOrDefault() ? "1" : "0");
}
if (CaptchaToken != null)
{
obj.Add("captchaResponse", CaptchaToken);
}
return obj;
}

6
src/Core/Models/Response/ErrorResponse.cs
View File

@ -30,6 +30,10 @@ namespace Bit.Core.Models.Response
var model = errorModel.ToObject<ErrorModel>();
Message = model.Message;
ValidationErrors = model.ValidationErrors;
CaptchaSiteKey = ValidationErrors.ContainsKey("HCaptcha_SiteKey") ?
ValidationErrors["HCaptcha_SiteKey"]?.FirstOrDefault() :
null;
CaptchaRequired = !string.IsNullOrWhiteSpace(CaptchaSiteKey);
}
else
{
@ -44,6 +48,8 @@ namespace Bit.Core.Models.Response
public string Message { get; set; }
public Dictionary<string, List<string>> ValidationErrors { get; set; }
public HttpStatusCode StatusCode { get; set; }
public string CaptchaSiteKey { get; set; }
public bool CaptchaRequired { get; set; } = false;
public string GetSingleMessage()
{

13
src/Core/Models/Response/IdentityCaptchaResponse.cs Normal file
View File

@ -0,0 +1,13 @@
using Bit.Core.Enums;
using Newtonsoft.Json;
using System.Collections.Generic;
namespace Bit.Core.Models.Response
{
public class IdentityCaptchaResponse
{
[JsonProperty("HCaptcha_SiteKey")]
public string SiteKey { get; set; }
}
}

50
src/Core/Models/Response/IdentityResponse.cs Normal file
View File

@ -0,0 +1,50 @@
using System.Net;
using Newtonsoft.Json.Linq;
namespace Bit.Core.Models.Response
{
public class IdentityResponse
{
public IdentityTokenResponse TokenResponse { get; }
public IdentityTwoFactorResponse TwoFactorResponse { get; }
public IdentityCaptchaResponse CaptchaResponse { get; }
public bool TwoFactorNeeded => TwoFactorResponse != null;
public bool FailedToParse { get; }
public IdentityResponse(HttpStatusCode httpStatusCode, JObject responseJObject)
{
var parsed = false;
if (responseJObject != null)
{
if (IsSuccessStatusCode(httpStatusCode))
{
TokenResponse = responseJObject.ToObject<IdentityTokenResponse>();
parsed = true;
}
else if (httpStatusCode == HttpStatusCode.BadRequest)
{
if (JObjectHasProperty(responseJObject, "TwoFactorProviders2"))
{
TwoFactorResponse = responseJObject.ToObject<IdentityTwoFactorResponse>();
parsed = true;
}
else if (JObjectHasProperty(responseJObject, "HCaptcha_SiteKey"))
{
CaptchaResponse = responseJObject.ToObject<IdentityCaptchaResponse>();
parsed = true;
}
}
}
FailedToParse = !parsed;
}
private bool IsSuccessStatusCode(HttpStatusCode httpStatusCode) =>
(int)httpStatusCode >= 200 && (int)httpStatusCode < 300;
private bool JObjectHasProperty(JObject jObject, string propertyName) =>
jObject.ContainsKey(propertyName) &&
jObject[propertyName] != null &&
(jObject[propertyName].HasValues || jObject[propertyName].Value<string>() != null);
}
}

3
src/Core/Models/Response/IdentityTwoFactorResponse.cs
View File

@ -1,4 +1,5 @@
using Bit.Core.Enums;
using Newtonsoft.Json;
using System.Collections.Generic;
namespace Bit.Core.Models.Response
@ -7,5 +8,7 @@ namespace Bit.Core.Models.Response
{
public List<TwoFactorProviderType> TwoFactorProviders { get; set; }
public Dictionary<TwoFactorProviderType, Dictionary<string, object>> TwoFactorProviders2 { get; set; }
[JsonProperty("CaptchaBypassToken")]
public string CaptchaToken { get; set; }
}
}

24
src/Core/Services/ApiService.cs
View File

@ -80,8 +80,7 @@ namespace Bit.Core.Services
#region Auth APIs
public async Task<Tuple<IdentityTokenResponse, IdentityTwoFactorResponse>> PostIdentityTokenAsync(
TokenRequest request)
public async Task<IdentityResponse> PostIdentityTokenAsync(TokenRequest request)
{
var requestMessage = new HttpRequestMessage
{
@ -109,23 +108,14 @@ namespace Bit.Core.Services
responseJObject = JObject.Parse(responseJsonString);
}
if (responseJObject != null)
var identityResponse = new IdentityResponse(response.StatusCode, responseJObject);
if (identityResponse.FailedToParse)
{
if (response.IsSuccessStatusCode)
{
return new Tuple<IdentityTokenResponse, IdentityTwoFactorResponse>(
responseJObject.ToObject<IdentityTokenResponse>(), null);
}
else if (response.StatusCode == HttpStatusCode.BadRequest &&
responseJObject.ContainsKey("TwoFactorProviders2") &&
responseJObject["TwoFactorProviders2"] != null &&
responseJObject["TwoFactorProviders2"].HasValues)
{
return new Tuple<IdentityTokenResponse, IdentityTwoFactorResponse>(
null, responseJObject.ToObject<IdentityTwoFactorResponse>());
}
throw new ApiException(new ErrorResponse(responseJObject, response.StatusCode, true));
}
throw new ApiException(new ErrorResponse(responseJObject, response.StatusCode, true));
return identityResponse;
}
public async Task RefreshIdentityTokenAsync()

34
src/Core/Services/AuthService.cs
View File

@ -92,6 +92,7 @@ namespace Bit.Core.Services
}
public string Email { get; set; }
public string CaptchaToken { get; set; }
public string MasterPasswordHash { get; set; }
public string LocalMasterPasswordHash { get; set; }
public string Code { get; set; }
@ -119,13 +120,14 @@ namespace Bit.Core.Services
TwoFactorProviders[TwoFactorProviderType.YubiKey].Description = _i18nService.T("YubiKeyDesc");
}
public async Task<AuthResult> LogInAsync(string email, string masterPassword)
public async Task<AuthResult> LogInAsync(string email, string masterPassword, string captchaToken)
{
SelectedTwoFactorProviderType = null;
var key = await MakePreloginKeyAsync(masterPassword, email);
var hashedPassword = await _cryptoService.HashPasswordAsync(masterPassword, key);
var localHashedPassword = await _cryptoService.HashPasswordAsync(masterPassword, key, HashPurpose.LocalAuthorization);
return await LogInHelperAsync(email, hashedPassword, localHashedPassword, null, null, null, key, null, null, null);
return await LogInHelperAsync(email, hashedPassword, localHashedPassword, null, null, null, key, null, null,
null, captchaToken);
}
public async Task<AuthResult> LogInSsoAsync(string code, string codeVerifier, string redirectUrl)
@ -138,7 +140,7 @@ namespace Bit.Core.Services
bool? remember = null)
{
return LogInHelperAsync(Email, MasterPasswordHash, LocalMasterPasswordHash, Code, CodeVerifier, SsoRedirectUrl, _key,
twoFactorProvider, twoFactorToken, remember);
twoFactorProvider, twoFactorToken, remember, CaptchaToken);
}
public async Task<AuthResult> LogInCompleteAsync(string email, string masterPassword,
@ -271,7 +273,8 @@ namespace Bit.Core.Services
private async Task<AuthResult> LogInHelperAsync(string email, string hashedPassword, string localHashedPassword,
string code, string codeVerifier, string redirectUrl, SymmetricCryptoKey key,
TwoFactorProviderType? twoFactorProvider = null, string twoFactorToken = null, bool? remember = null)
TwoFactorProviderType? twoFactorProvider = null, string twoFactorToken = null, bool? remember = null,
string captchaToken = null)
{
var storedTwoFactorToken = await _tokenService.GetTwoFactorTokenAsync(email);
var appId = await _appIdService.GetAppIdAsync();
@ -300,25 +303,30 @@ namespace Bit.Core.Services
if (twoFactorToken != null && twoFactorProvider != null)
{
request = new TokenRequest(emailPassword, codeCodeVerifier, twoFactorProvider, twoFactorToken, remember,
deviceRequest);
captchaToken, deviceRequest);
}
else if (storedTwoFactorToken != null)
{
request = new TokenRequest(emailPassword, codeCodeVerifier, TwoFactorProviderType.Remember,
storedTwoFactorToken, false, deviceRequest);
storedTwoFactorToken, false, captchaToken, deviceRequest);
}
else
{
request = new TokenRequest(emailPassword, codeCodeVerifier, null, null, false, deviceRequest);
request = new TokenRequest(emailPassword, codeCodeVerifier, null, null, false, captchaToken, deviceRequest);
}
var response = await _apiService.PostIdentityTokenAsync(request);
ClearState();
var result = new AuthResult { TwoFactor = response.Item2 != null };
var result = new AuthResult { TwoFactor = response.TwoFactorNeeded, CaptchaSiteKey = response.CaptchaResponse?.SiteKey };
if (result.CaptchaNeeded)
{
return result;
}
if (result.TwoFactor)
{
// Two factor required.
var twoFactorResponse = response.Item2;
Email = email;
MasterPasswordHash = hashedPassword;
LocalMasterPasswordHash = localHashedPassword;
@ -326,12 +334,13 @@ namespace Bit.Core.Services
CodeVerifier = codeVerifier;
SsoRedirectUrl = redirectUrl;
_key = _setCryptoKeys ? key : null;
TwoFactorProvidersData = twoFactorResponse.TwoFactorProviders2;
result.TwoFactorProviders = twoFactorResponse.TwoFactorProviders2;
TwoFactorProvidersData = response.TwoFactorResponse.TwoFactorProviders2;
result.TwoFactorProviders = response.TwoFactorResponse.TwoFactorProviders2;
CaptchaToken = response.TwoFactorResponse.CaptchaToken;
return result;
}
var tokenResponse = response.Item1;
var tokenResponse = response.TokenResponse;
result.ResetMasterPassword = tokenResponse.ResetMasterPassword;
if (tokenResponse.TwoFactorToken != null)
{
@ -374,6 +383,7 @@ namespace Bit.Core.Services
{
_key = null;
Email = null;
CaptchaToken = null;
MasterPasswordHash = null;
Code = null;
CodeVerifier = null;