Adding authenticator enrollment and verification to authentication client #695
Conversation
There was a problem hiding this comment.
Can we please stick to solving the issue at hand, and avoid introducing any unneccesary new-way of doing things (e.g. validationErrors, Required).
It's not that I have a problem with that approach, but I do not believe we should just add it for this one specific endpoint. Neither am I saying we should add it everywhere. But for the scope of this PR, we do not need it.
| { | ||
| throw new ArgumentNullException(nameof(request)); | ||
| } | ||
| if (!request.IsValid(out List<string> validationErrors)) |
There was a problem hiding this comment.
I am not sure I understand why we are suddenly starting to do this without any context.
src/Auth0.AuthenticationApi/Models/AssociateNewAuthenticatorResponse.cs
Outdated
Show resolved
Hide resolved
| public string AuthenticatorType { get; set; } | ||
|
|
||
| [JsonProperty("oob_channel")] | ||
| public string OobChannel { get; set; } |
There was a problem hiding this comment.
This is not as mentioned in the docs, as the docs mention oob_channels for the response. I think the code is correct, but the docs is not. I will need to verify this with the corresponding team.
There was a problem hiding this comment.
yeah I ran into it when first trying to test with postman.
src/Auth0.AuthenticationApi/Models/AssociateMfaAuthenticatorRequest.cs
Outdated
Show resolved
Hide resolved
src/Auth0.AuthenticationApi/Models/AssociateMfaAuthenticatorRequest.cs
Outdated
Show resolved
Hide resolved
Co-authored-by: Frederik Prijck <frederik.prijck@gmail.com>
| @@ -494,6 +522,22 @@ public Task<PushedAuthorizationRequestResponse> PushedAuthorizationRequestAsync( | |||
| cancellationToken: cancellationToken | |||
| ); | |||
| } | |||
|
|
|||
| /// <inheritdoc/> | |||
| public Task<AssociateMgaAuthenticatorResponse> AssociateMfaAuthenticatorAsync(AssociateMfaAuthenticatorRequest request, CancellationToken cancellationToken = default) | |||
There was a problem hiding this comment.
| public Task<AssociateMgaAuthenticatorResponse> AssociateMfaAuthenticatorAsync(AssociateMfaAuthenticatorRequest request, CancellationToken cancellationToken = default) | |
| public Task<AssociateMfaAuthenticatorResponse> AssociateMfaAuthenticatorAsync(AssociateMfaAuthenticatorRequest request, CancellationToken cancellationToken = default) |
| throw new ArgumentNullException(nameof(request)); | ||
| } | ||
|
|
||
| return connection.SendAsync<AssociateNewAuthenticatorResponse>( |
There was a problem hiding this comment.
| return connection.SendAsync<AssociateNewAuthenticatorResponse>( | |
| return connection.SendAsync<AssociateMfaAuthenticatorResponse>( |
| { | ||
| { "grant_type", "http://auth0.com/oauth/grant-type/mfa-oob" }, | ||
| { "client_id", request.ClientId }, | ||
| { "client_secret", request.ClientSecret }, |
There was a problem hiding this comment.
This is added through ApplyClientAuthentication
| { "client_secret", request.ClientSecret }, |
There was a problem hiding this comment.
Added a few review comments, but they do concern me. They show this PR has not been tested as it does not compile.
We will need to find time to validate all of these changes, which we currently can not prioritise.
Sorry about that, we moved to just using http client directly since this wasn't moving and we needed more than just these calls added. I only used the web interface and didn't re run the integration tests. I've run the tests again and they work.
Anyway there's no rush on this as again we are just making the calls using http client.
| @@ -494,6 +522,22 @@ public Task<PushedAuthorizationRequestResponse> PushedAuthorizationRequestAsync( | |||
| cancellationToken: cancellationToken | |||
| ); | |||
| } | |||
|
|
|||
| /// <inheritdoc/> | |||
| public Task<AssociateMgaAuthenticatorResponse> AssociateMfaAuthenticatorAsync(AssociateMfaAuthenticatorRequest request, CancellationToken cancellationToken = default) | |||
| { | ||
| { "grant_type", "http://auth0.com/oauth/grant-type/mfa-oob" }, | ||
| { "client_id", request.ClientId }, | ||
| { "client_secret", request.ClientSecret }, |
| throw new ArgumentNullException(nameof(request)); | ||
| } | ||
|
|
||
| return connection.SendAsync<AssociateNewAuthenticatorResponse>( |
Changes
Adding support for [/mfa/associate](The authentication client doesn't support mfa/associate) to authentication client
Adding support for /oauth/token verification with OOB to authentication client
Added new methods to authentication client to support the API endpoints
Added request/response classes
References
resolves #694
Testing
This change adds integration test coverage
This change has been tested on the latest version of the platform/language or why not
Checklist
I have read the Auth0 general contribution guidelines
I have read the Auth0 Code of Conduct
All existing and new tests complete without errors