From 9cdb1409c012b0b8e706b36e8474d36c2fdf75c9 Mon Sep 17 00:00:00 2001 From: Developer 02 Date: Thu, 6 Feb 2025 19:31:50 +0100 Subject: [PATCH] =?UTF-8?q?feat(TFARegController):=20Try-Catch=20zur=20Met?= =?UTF-8?q?hode=20reg'e=20hinzugef=C3=BCgt.=20=20-=20Ausnahme=20ist=20so?= =?UTF-8?q?=20eingestellt,=20dass=20sie=20protokolliert=20wird.?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../Extensions/DTOExtensions.cs | 22 ------ .../Controllers/HomeController.cs | 5 +- .../Controllers/TFARegController.cs | 72 ++++++++++--------- .../Views/Home/EnvelopeLocked.cshtml | 2 +- 4 files changed, 43 insertions(+), 58 deletions(-) delete mode 100644 EnvelopeGenerator.Application/Extensions/DTOExtensions.cs diff --git a/EnvelopeGenerator.Application/Extensions/DTOExtensions.cs b/EnvelopeGenerator.Application/Extensions/DTOExtensions.cs deleted file mode 100644 index f1cd28ca..00000000 --- a/EnvelopeGenerator.Application/Extensions/DTOExtensions.cs +++ /dev/null @@ -1,22 +0,0 @@ -using EnvelopeGenerator.Application.DTOs.Receiver; -using EnvelopeGenerator.Extensions; -using Newtonsoft.Json; - -namespace EnvelopeGenerator.Application.Extensions -{ - public static class DTOExtensions - { - public static bool IsTotpSecretExpired(this ReceiverReadDto dto, int minutesBeforeExpiration = 30) - => dto.TotpExpiration < DateTime.Now.AddMinutes(minutesBeforeExpiration * -1); - - public static bool IsTotpSecretInvalid(this ReceiverReadDto dto, int minutesBeforeExpiration = 30) - => dto.IsTotpSecretExpired(minutesBeforeExpiration) || dto.TotpSecretkey is null; - - public static bool IsTotpSecretValid(this ReceiverReadDto dto, int minutesBeforeExpiration = 30) - => !dto.IsTotpSecretInvalid(minutesBeforeExpiration); - - public static bool IsTotpValid(this ReceiverReadDto dto, string totp) => dto.TotpSecretkey is null ? throw new ArgumentNullException(nameof(dto), $"TotpSecretkey of DTO cannot validate without TotpSecretkey. Dto: {JsonConvert.SerializeObject(dto)}") : totp.IsValidTotp(dto.TotpSecretkey); - - public static bool IsTotpInvalid(this ReceiverReadDto dto, string totp) => !dto.IsTotpValid(totp: totp); - } -} \ No newline at end of file diff --git a/EnvelopeGenerator.Web/Controllers/HomeController.cs b/EnvelopeGenerator.Web/Controllers/HomeController.cs index edc2091c..9cc2ff8c 100644 --- a/EnvelopeGenerator.Web/Controllers/HomeController.cs +++ b/EnvelopeGenerator.Web/Controllers/HomeController.cs @@ -197,12 +197,11 @@ public class HomeController : ViewControllerBase if (er_secret.Envelope!.TFAEnabled) { var rcv = er_secret.Receiver; - if (rcv.IsTotpSecretInvalid()) + if (rcv.TotpSecretkey is null) { rcv.TotpSecretkey = _authenticator.GenerateTotpSecretKey(); rcv.TotpExpiration = DateTime.Now.AddMonths(1); await _rcvService.UpdateAsync(rcv); - await _mailService.SendTFAQrCodeAsync(er_secret); } return await TFAViewAsync(auth.UserSelectSMS, er_secret, envelopeReceiverId); } @@ -229,7 +228,7 @@ public class HomeController : ViewControllerBase [NonAction] private async Task HandleAuthenticatorAsync(Auth auth, EnvelopeReceiverSecretDto er_secret, string envelopeReceiverId) { - if (er_secret.Receiver!.IsTotpInvalid(totp: auth.AuthenticatorCode!)) + if (er_secret.Receiver!.TotpSecretkey is null) { Response.StatusCode = StatusCodes.Status401Unauthorized; ViewData["ErrorMessage"] = _localizer[WebKey.WrongAccessCode].Value; diff --git a/EnvelopeGenerator.Web/Controllers/TFARegController.cs b/EnvelopeGenerator.Web/Controllers/TFARegController.cs index ac22c14a..17968fd4 100644 --- a/EnvelopeGenerator.Web/Controllers/TFARegController.cs +++ b/EnvelopeGenerator.Web/Controllers/TFARegController.cs @@ -31,48 +31,56 @@ public class TFARegController : ViewControllerBase [HttpGet("{envelopeReceiverId}")] public async Task Reg(string envelopeReceiverId) { - envelopeReceiverId = _sanitizer.Sanitize(envelopeReceiverId); - (string? uuid, string? signature) = envelopeReceiverId.DecodeEnvelopeReceiverId(); - - if (uuid is null || signature is null) + try { - _logger.LogEnvelopeError(uuid: uuid, signature: signature, message: _localizer[WebKey.WrongEnvelopeReceiverId]); - return Unauthorized(); - } + envelopeReceiverId = _sanitizer.Sanitize(envelopeReceiverId); + (string? uuid, string? signature) = envelopeReceiverId.DecodeEnvelopeReceiverId(); - var er_secret_res = await _envRcvService.ReadWithSecretByUuidSignatureAsync(uuid: uuid, signature: signature); + if (uuid is null || signature is null) + { + _logger.LogEnvelopeError(uuid: uuid, signature: signature, message: _localizer[WebKey.WrongEnvelopeReceiverId]); + return Unauthorized(); + } - if (er_secret_res.IsFailed) - { - _logger.LogNotice(er_secret_res.Notices); - return this.ViewEnvelopeNotFound(); - } - var er_secret = er_secret_res.Data; + var er_secret_res = await _envRcvService.ReadWithSecretByUuidSignatureAsync(uuid: uuid, signature: signature); - if (!er_secret.Envelope!.TFAEnabled) - return Unauthorized(); + if (er_secret_res.IsFailed) + { + _logger.LogNotice(er_secret_res.Notices); + return this.ViewEnvelopeNotFound(); + } + var er_secret = er_secret_res.Data; - var rcv = er_secret.Receiver; + if (!er_secret.Envelope!.TFAEnabled) + return Unauthorized(); - // Generate QR code as base 64 - rcv!.TotpSecretkey = _authenticator.GenerateTotpSecretKey(); - rcv.TotpExpiration = DateTime.Now.AddMonths(1); - await _rcvService.UpdateAsync(rcv); - var totp_qr_64 = _authenticator.GenerateTotpQrCode(userEmail: rcv.EmailAddress, secretKey: rcv.TotpSecretkey).ToBase64String(); + var rcv = er_secret.Receiver; - // Calculate RFA registiration deadline - if(rcv.TfaRegDeadline is null) - { - rcv.TfaRegDeadline = _params.Deadline; + // Generate QR code as base 64 + rcv!.TotpSecretkey = _authenticator.GenerateTotpSecretKey(); + rcv.TotpExpiration = DateTime.Now.AddMonths(1); await _rcvService.UpdateAsync(rcv); - } - else if(rcv.TfaRegDeadline <= DateTime.Now) - return View("_Expired"); + var totp_qr_64 = _authenticator.GenerateTotpQrCode(userEmail: rcv.EmailAddress, secretKey: rcv.TotpSecretkey).ToBase64String(); + + // Calculate RFA registiration deadline + if (rcv.TfaRegDeadline is null) + { + rcv.TfaRegDeadline = _params.Deadline; + await _rcvService.UpdateAsync(rcv); + } + else if (rcv.TfaRegDeadline <= DateTime.Now) + return View("_Expired"); - ViewData["RegDeadline"] = rcv.TfaRegDeadline; + ViewData["RegDeadline"] = rcv.TfaRegDeadline; - ViewData["TotpQR64"] = totp_qr_64; + ViewData["TotpQR64"] = totp_qr_64; - return View(); + return View(); + } + catch(Exception ex) + { + _logger.LogEnvelopeError(envelopeReceiverId: envelopeReceiverId, exception: ex, message: _localizer[WebKey.UnexpectedError]); + return this.ViewInnerServiceError(); + } } } \ No newline at end of file diff --git a/EnvelopeGenerator.Web/Views/Home/EnvelopeLocked.cshtml b/EnvelopeGenerator.Web/Views/Home/EnvelopeLocked.cshtml index ef7772aa..2e5f6148 100644 --- a/EnvelopeGenerator.Web/Views/Home/EnvelopeLocked.cshtml +++ b/EnvelopeGenerator.Web/Views/Home/EnvelopeLocked.cshtml @@ -32,7 +32,7 @@

@_localizer[WebKey.Formats.LockedTitle.Format(codeKeyName)]

- @if (tfaRegDeadline is not null && tfaRegDeadline > DateTime.Now) + @if (viaAuthenticator && (tfaRegDeadline is null || tfaRegDeadline > DateTime.Now)) {