-
Notifications
You must be signed in to change notification settings - Fork 166
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Adding authenticator enrollment and verification to authentication client #695
base: master
Are you sure you want to change the base?
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can we please stick to solving the issue at hand, and avoid introducing any unneccesary new-way of doing things (e.g. validationErrors, Required).
It's not that I have a problem with that approach, but I do not believe we should just add it for this one specific endpoint. Neither am I saying we should add it everywhere. But for the scope of this PR, we do not need it.
{ | ||
throw new ArgumentNullException(nameof(request)); | ||
} | ||
if (!request.IsValid(out List<string> validationErrors)) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I am not sure I understand why we are suddenly starting to do this without any context.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
removed this
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Added some additional suggestions to make it more consistent with what we have now.
This PR does need to be properly tested, so will be a bit slow before this will be merged.
src/Auth0.AuthenticationApi/Models/AssociateNewAuthenticatorResponse.cs
Outdated
Show resolved
Hide resolved
public string AuthenticatorType { get; set; } | ||
|
||
[JsonProperty("oob_channel")] | ||
public string OobChannel { get; set; } |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is not as mentioned in the docs, as the docs mention oob_channels
for the response. I think the code is correct, but the docs is not. I will need to verify this with the corresponding team.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
yeah I ran into it when first trying to test with postman.
src/Auth0.AuthenticationApi/Models/AssociateMfaAuthenticatorRequest.cs
Outdated
Show resolved
Hide resolved
src/Auth0.AuthenticationApi/Models/AssociateMfaAuthenticatorRequest.cs
Outdated
Show resolved
Hide resolved
Co-authored-by: Frederik Prijck <[email protected]>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Added a few review comments, but they do concern me. They show this PR has not been tested as it does not compile.
We will need to find time to validate all of these changes, which we currently can not prioritise.
@@ -494,6 +522,22 @@ public Task<PushedAuthorizationRequestResponse> PushedAuthorizationRequestAsync( | |||
cancellationToken: cancellationToken | |||
); | |||
} | |||
|
|||
/// <inheritdoc/> | |||
public Task<AssociateMgaAuthenticatorResponse> AssociateMfaAuthenticatorAsync(AssociateMfaAuthenticatorRequest request, CancellationToken cancellationToken = default) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
public Task<AssociateMgaAuthenticatorResponse> AssociateMfaAuthenticatorAsync(AssociateMfaAuthenticatorRequest request, CancellationToken cancellationToken = default) | |
public Task<AssociateMfaAuthenticatorResponse> AssociateMfaAuthenticatorAsync(AssociateMfaAuthenticatorRequest request, CancellationToken cancellationToken = default) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
made change
throw new ArgumentNullException(nameof(request)); | ||
} | ||
|
||
return connection.SendAsync<AssociateNewAuthenticatorResponse>( |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
return connection.SendAsync<AssociateNewAuthenticatorResponse>( | |
return connection.SendAsync<AssociateMfaAuthenticatorResponse>( |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
made change
{ | ||
{ "grant_type", "http://auth0.com/oauth/grant-type/mfa-oob" }, | ||
{ "client_id", request.ClientId }, | ||
{ "client_secret", request.ClientSecret }, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is added through ApplyClientAuthentication
{ "client_secret", request.ClientSecret }, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
made change
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Added a few review comments, but they do concern me. They show this PR has not been tested as it does not compile.
We will need to find time to validate all of these changes, which we currently can not prioritise.
Sorry about that, we moved to just using http client directly since this wasn't moving and we needed more than just these calls added. I only used the web interface and didn't re run the integration tests. I've run the tests again and they work.
Anyway there's no rush on this as again we are just making the calls using http client.
@@ -494,6 +522,22 @@ public Task<PushedAuthorizationRequestResponse> PushedAuthorizationRequestAsync( | |||
cancellationToken: cancellationToken | |||
); | |||
} | |||
|
|||
/// <inheritdoc/> | |||
public Task<AssociateMgaAuthenticatorResponse> AssociateMfaAuthenticatorAsync(AssociateMfaAuthenticatorRequest request, CancellationToken cancellationToken = default) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
made change
{ | ||
{ "grant_type", "http://auth0.com/oauth/grant-type/mfa-oob" }, | ||
{ "client_id", request.ClientId }, | ||
{ "client_secret", request.ClientSecret }, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
made change
throw new ArgumentNullException(nameof(request)); | ||
} | ||
|
||
return connection.SendAsync<AssociateNewAuthenticatorResponse>( |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
made change
Changes
Adding support for [/mfa/associate](The authentication client doesn't support mfa/associate) to authentication client
Adding support for /oauth/token verification with OOB to authentication client
Added new methods to authentication client to support the API endpoints
Added request/response classes
References
resolves #694
Testing
This change adds integration test coverage
This change has been tested on the latest version of the platform/language or why not
Checklist
I have read the Auth0 general contribution guidelines
I have read the Auth0 Code of Conduct
All existing and new tests complete without errors