diff --git a/.gitignore b/.gitignore
index 679efe25..ca9e9f70 100644
--- a/.gitignore
+++ b/.gitignore
@@ -329,3 +329,4 @@ ASALocalRun/
# MFractors (Xamarin productivity tool) working folder
.mfractor/
+*.db
diff --git a/Neos.IdentityServer 3.1/Neos.IdentityServer.Common.Admin/Neos.IdentityServer.MultiFactor.Admin.DataContracts.cs b/Neos.IdentityServer 3.1/Neos.IdentityServer.Common.Admin/Neos.IdentityServer.MultiFactor.Admin.DataContracts.cs
index db3aaf0a..0fff46c6 100644
--- a/Neos.IdentityServer 3.1/Neos.IdentityServer.Common.Admin/Neos.IdentityServer.MultiFactor.Admin.DataContracts.cs
+++ b/Neos.IdentityServer 3.1/Neos.IdentityServer.Common.Admin/Neos.IdentityServer.MultiFactor.Admin.DataContracts.cs
@@ -1146,7 +1146,9 @@ namespace Neos.IdentityServer.MultiFactor.Administration
public string Origin { get; set; }
public bool DirectLogin { get; set; }
public bool UseNickNames { get; set; }
-
+ public string ForbiddenBrowsers { get; set; }
+ public string InitiatedBrowsers { get; set; }
+ public string NoCounterBrowsers { get; set; }
///
/// Kind Property
@@ -1180,6 +1182,9 @@ namespace Neos.IdentityServer.MultiFactor.Administration
this.PinRequirements = otp.PinRequirements;
this.FullyQualifiedImplementation = otp.FullQualifiedImplementation;
this.Parameters = otp.Parameters.Data;
+ this.ForbiddenBrowsers = otp.Configuration.ForbiddenBrowsers;
+ this.InitiatedBrowsers = otp.Configuration.InitiatedBrowsers;
+ this.NoCounterBrowsers = otp.Configuration.NoCounterBrowsers;
this.Timeout = otp.Configuration.Timeout;
this.TimestampDriftTolerance = otp.Configuration.TimestampDriftTolerance;
@@ -1210,6 +1215,9 @@ namespace Neos.IdentityServer.MultiFactor.Administration
otp.UseNickNames = this.UseNickNames;
otp.FullQualifiedImplementation = this.FullyQualifiedImplementation;
otp.Parameters.Data = this.Parameters;
+ otp.Configuration.ForbiddenBrowsers = ForbiddenBrowsers;
+ otp.Configuration.InitiatedBrowsers = InitiatedBrowsers;
+ otp.Configuration.NoCounterBrowsers = NoCounterBrowsers;
otp.Configuration.Timeout = this.Timeout;
otp.Configuration.TimestampDriftTolerance = this.TimestampDriftTolerance;
diff --git a/Neos.IdentityServer 3.1/Neos.IdentityServer.Common.Admin/Properties/AssemblyInfo.cs b/Neos.IdentityServer 3.1/Neos.IdentityServer.Common.Admin/Properties/AssemblyInfo.cs
index f3d4d87f..1cbce29d 100644
--- a/Neos.IdentityServer 3.1/Neos.IdentityServer.Common.Admin/Properties/AssemblyInfo.cs
+++ b/Neos.IdentityServer 3.1/Neos.IdentityServer.Common.Admin/Properties/AssemblyInfo.cs
@@ -53,7 +53,7 @@ using System.Runtime.Versioning;
// en utilisant '*', comme indiqué ci-dessous :
// [assembly: AssemblyVersion("1.0.*")]
[assembly: AssemblyVersion("3.0.0.0")]
-[assembly: AssemblyFileVersion("3.1.2111.1")]
+[assembly: AssemblyFileVersion("3.1.2112.0")]
[assembly: AssemblyInformationalVersion("3.0.0.0")]
[assembly: NeutralResourcesLanguageAttribute("en")]
diff --git a/Neos.IdentityServer 3.1/Neos.IdentityServer.Common/Neos.IdentityServer.MultiFactor.Utilities.cs b/Neos.IdentityServer 3.1/Neos.IdentityServer.Common/Neos.IdentityServer.MultiFactor.Utilities.cs
index 788e7e3d..65a841e1 100644
--- a/Neos.IdentityServer 3.1/Neos.IdentityServer.Common/Neos.IdentityServer.MultiFactor.Utilities.cs
+++ b/Neos.IdentityServer 3.1/Neos.IdentityServer.Common/Neos.IdentityServer.MultiFactor.Utilities.cs
@@ -4012,32 +4012,27 @@ namespace Neos.IdentityServer.MultiFactor
///
/// CheckForUserAgent method implementation
///
- internal static void CheckForUserAgent(MFAConfig config, AuthenticationContext usercontext, string userplatform)
+ internal static void CheckForUserAgent(MFAConfig config, AuthenticationContext usercontext, string useragent)
{
- string platform = userplatform;
- usercontext.Platform = userplatform;
- if (!string.IsNullOrEmpty(platform))
+ usercontext.BrowserDetected = useragent;
+ if (!string.IsNullOrEmpty(useragent))
{
- if (platform.ToLower().Contains("safari"))
- {
- usercontext.DirectLogin = false;
- return;
- }
- if (platform.ToLower().Contains("trident/7.0") || platform.ToLower().Contains("msie"))
+ if (CheckForbiddenBrowsers(config.WebAuthNProvider.Configuration, usercontext))
{
usercontext.BioNotSupported = true;
usercontext.DirectLogin = false;
return;
}
- if (IsApplePlatForm(usercontext))
+ if (CheckInitiatedBrowsers(config.WebAuthNProvider.Configuration, usercontext))
{
+ usercontext.BioNotSupported = false;
usercontext.DirectLogin = false;
return;
}
- // else "Android", "Chrome OS", "Linux", "Windows", or "Unknown"
}
else
{
+ usercontext.BioNotSupported = false;
usercontext.DirectLogin = false;
return;
}
@@ -4046,40 +4041,85 @@ namespace Neos.IdentityServer.MultiFactor
}
///
- /// IsAppleDevice method implmentation
+ /// BrowserDetection method implmentation
+ /// Checking userAgent browser's value. userAgentData is not supported by many browsers
///
- internal static bool IsAppleDevice(AuthenticationContext usercontext)
+ internal static string BrowserDetection(string useragent)
{
- if (usercontext.Platform.ToLower().Contains("safari"))
+ if (useragent.ToLower().IndexOf("firefox") > -1)
+ return "Firefox";
+ if (useragent.ToLower().IndexOf("samsungbrowser") > -1)
+ return "Samsung";
+ if (useragent.ToLower().IndexOf("cldc") > -1)
+ return "Nokia";
+ if ((useragent.ToLower().IndexOf("opera") > -1) || (useragent.ToUpper().IndexOf("OPR") > -1))
+ return "Opera";
+ if ((useragent.ToLower().IndexOf("trident") > -1) || (useragent.ToLower().IndexOf("msie") > -1) || (useragent.ToLower().IndexOf("windows phone") > -1))
+ return "IE";
+ if (useragent.ToLower().IndexOf("edge") > -1)
+ return "EdgeLegacy";
+ if (useragent.ToLower().IndexOf("edg") > -1)
+ return "Edge";
+ if (useragent.ToLower().IndexOf("chrome") > -1)
+ return "Chrome";
+ if (useragent.ToLower().IndexOf("safari") > -1)
+ return "Safari";
+ return "Unknown";
+ }
+
+ ///
+ /// CheckForbiddenBrowsers method implmentation
+ ///
+ private static bool CheckForbiddenBrowsers(WebAuthNProviderConfig config, AuthenticationContext usercontext)
+ {
+ string[] data = config.ForbiddenBrowsers.Split(';');
+ foreach (string s in data)
{
-#if psysuck
- Log.WriteEntry("Detected Safari", EventLogEntryType.Warning, 101);
-#endif
- return true;
- }
- if (IsApplePlatForm(usercontext))
- {
-#if psysuck
- Log.WriteEntry("Detected Apple Platform", EventLogEntryType.Warning, 101);
-#endif
- return true;
+ string x = s.Trim();
+ if (string.IsNullOrEmpty(x))
+ continue;
+ if (x.StartsWith("#"))
+ continue;
+ if (usercontext.BrowserDetected.ToLower().Equals(x.ToLower()))
+ return true;
}
return false;
}
///
- /// IsApplePlatForm method implmentation
+ /// CheckInitiatedBrowsers method implementation
///
- private static bool IsApplePlatForm(AuthenticationContext usercontext)
+ private static bool CheckInitiatedBrowsers(WebAuthNProviderConfig config, AuthenticationContext usercontext)
{
- if (!string.IsNullOrEmpty(usercontext.Platform))
+ string[] data = config.InitiatedBrowsers.Split(';');
+ foreach (string s in data)
{
- if (usercontext.Platform.ToLower().Equals("ios") || usercontext.Platform.ToLower().Equals("macos") || usercontext.Platform.ToLower().Equals("osx"))
+ string x = s.Trim();
+ if (string.IsNullOrEmpty(x))
+ continue;
+ if (x.StartsWith("#"))
+ continue;
+ if (usercontext.BrowserDetected.ToLower().Equals(x.ToLower()))
return true;
- if (usercontext.Platform.ToLower().Contains("macintosh") || usercontext.Platform.ToLower().Contains("iphone") || usercontext.Platform.ToLower().Contains("ipad") || usercontext.Platform.ToLower().Contains("ipod"))
+ }
+ return false;
+ }
+
+ ///
+ /// IsNoCounterDevice method implmentation
+ ///
+ internal static bool IsNoCounterDevice(WebAuthNProviderConfig config, AuthenticationContext usercontext)
+ {
+ string[] data = config.NoCounterBrowsers.Split(';');
+ foreach (string s in data)
+ {
+ string x = s.Trim();
+ if (string.IsNullOrEmpty(x))
+ continue;
+ if (x.StartsWith("#"))
+ continue;
+ if (usercontext.BrowserDetected.ToLower().Equals(x.ToLower()))
return true;
- if (usercontext.Platform.ToLower().Equals("mac os x") || usercontext.Platform.ToLower().Equals("macintel") || usercontext.Platform.ToLower().Equals("mac_powerpc") || usercontext.Platform.ToLower().Equals("mac_68k"))
- return true;
}
return false;
}
diff --git a/Neos.IdentityServer 3.1/Neos.IdentityServer.Common/Properties/AssemblyInfo.cs b/Neos.IdentityServer 3.1/Neos.IdentityServer.Common/Properties/AssemblyInfo.cs
index a5f53335..3e1a1b64 100644
--- a/Neos.IdentityServer 3.1/Neos.IdentityServer.Common/Properties/AssemblyInfo.cs
+++ b/Neos.IdentityServer 3.1/Neos.IdentityServer.Common/Properties/AssemblyInfo.cs
@@ -53,7 +53,7 @@ using System.Runtime.Versioning;
// en utilisant '*', comme ci-dessous :
// [assembly: AssemblyVersion("1.0.*")]
[assembly: AssemblyVersion("3.0.0.0")]
-[assembly: AssemblyFileVersion("3.1.2111.1")]
+[assembly: AssemblyFileVersion("3.1.2112.0")]
[assembly: AssemblyInformationalVersion("3.0.0.0")]
[assembly: NeutralResourcesLanguageAttribute("en")]
diff --git a/Neos.IdentityServer 3.1/Neos.IdentityServer.Console.NativeResources/Win32Project1.rc b/Neos.IdentityServer 3.1/Neos.IdentityServer.Console.NativeResources/Win32Project1.rc
index 6657df26..5a4bc10c 100644
Binary files a/Neos.IdentityServer 3.1/Neos.IdentityServer.Console.NativeResources/Win32Project1.rc and b/Neos.IdentityServer 3.1/Neos.IdentityServer.Console.NativeResources/Win32Project1.rc differ
diff --git a/Neos.IdentityServer 3.1/Neos.IdentityServer.Console/Properties/AssemblyInfo.cs b/Neos.IdentityServer 3.1/Neos.IdentityServer.Console/Properties/AssemblyInfo.cs
index 7218076b..16106847 100644
--- a/Neos.IdentityServer 3.1/Neos.IdentityServer.Console/Properties/AssemblyInfo.cs
+++ b/Neos.IdentityServer 3.1/Neos.IdentityServer.Console/Properties/AssemblyInfo.cs
@@ -52,7 +52,7 @@ using System.Runtime.Versioning;
// en utilisant '*', comme indiqué ci-dessous :
// [assembly: AssemblyVersion("1.0.*")]
[assembly: AssemblyVersion("3.0.0.0")]
-[assembly: AssemblyFileVersion("3.1.2111.1")]
+[assembly: AssemblyFileVersion("3.1.2112.0")]
[assembly: AssemblyInformationalVersion("3.0.0.0")]
[assembly: NeutralResourcesLanguageAttribute("en")]
diff --git a/Neos.IdentityServer 3.1/Neos.IdentityServer.Deployment/Properties/AssemblyInfo.cs b/Neos.IdentityServer 3.1/Neos.IdentityServer.Deployment/Properties/AssemblyInfo.cs
index f65c9baf..57d463e9 100644
--- a/Neos.IdentityServer 3.1/Neos.IdentityServer.Deployment/Properties/AssemblyInfo.cs
+++ b/Neos.IdentityServer 3.1/Neos.IdentityServer.Deployment/Properties/AssemblyInfo.cs
@@ -49,4 +49,4 @@ using System.Runtime.InteropServices;
// by using the '*' as shown below:
// [assembly: AssemblyVersion("1.0.*")]
[assembly: AssemblyVersion("3.0.0.0")]
-[assembly: AssemblyFileVersion("3.1.2111.1")]
+[assembly: AssemblyFileVersion("3.1.2112.0")]
diff --git a/Neos.IdentityServer 3.1/Neos.IdentityServer.MultiFactor.Cmdlets/Neos.IdentityServer.Multifactor.Cmdlets.DataContracts.cs b/Neos.IdentityServer 3.1/Neos.IdentityServer.MultiFactor.Cmdlets/Neos.IdentityServer.Multifactor.Cmdlets.DataContracts.cs
index 3d92906c..329b01ae 100644
--- a/Neos.IdentityServer 3.1/Neos.IdentityServer.MultiFactor.Cmdlets/Neos.IdentityServer.Multifactor.Cmdlets.DataContracts.cs
+++ b/Neos.IdentityServer 3.1/Neos.IdentityServer.MultiFactor.Cmdlets/Neos.IdentityServer.Multifactor.Cmdlets.DataContracts.cs
@@ -2186,6 +2186,21 @@ namespace MFA
///
public bool UseNickNames { get; set; }
+ ///
+ /// Browsers can't use biometric authentication (eg: IE).
+ ///
+ public string ForbiddenBrowsers { get; set; }
+
+ ///
+ /// Operating Systems that can use biometric authentication with user initiated action (eg: Safari for TouchID and FaceID).
+ ///
+ public string InitiatedBrowsers { get; set; }
+
+ ///
+ /// Browsers that require that the counter is always 0 (eg: Safari for TouchID and FaceID).
+ ///
+ public string NoCounterBrowsers { get; set; }
+
///
/// explicit operator from PSConfigBiometricProvider
///
@@ -2207,6 +2222,10 @@ namespace MFA
UseNickNames = otp.UseNickNames,
FullQualifiedImplementation = otp.FullyQualifiedImplementation,
Parameters = otp.Parameters,
+ ForbiddenBrowsers = otp.ForbiddenBrowsers,
+ InitiatedBrowsers = otp.InitiatedBrowsers,
+ NoCounterBrowsers = otp.NoCounterBrowsers,
+
Timeout = otp.Timeout,
TimestampDriftTolerance = otp.TimestampDriftTolerance,
ChallengeSize = otp.ChallengeSize,
@@ -2240,6 +2259,9 @@ namespace MFA
UseNickNames = otp.UseNickNames,
FullyQualifiedImplementation = otp.FullQualifiedImplementation,
Parameters = otp.Parameters,
+ ForbiddenBrowsers = otp.ForbiddenBrowsers,
+ InitiatedBrowsers = otp.InitiatedBrowsers,
+ NoCounterBrowsers = otp.NoCounterBrowsers,
Timeout = otp.Timeout,
TimestampDriftTolerance = otp.TimestampDriftTolerance,
diff --git a/Neos.IdentityServer 3.1/Neos.IdentityServer.MultiFactor.Cmdlets/Properties/AssemblyInfo.cs b/Neos.IdentityServer 3.1/Neos.IdentityServer.MultiFactor.Cmdlets/Properties/AssemblyInfo.cs
index a25cb3fc..9fcd7577 100644
--- a/Neos.IdentityServer 3.1/Neos.IdentityServer.MultiFactor.Cmdlets/Properties/AssemblyInfo.cs
+++ b/Neos.IdentityServer 3.1/Neos.IdentityServer.MultiFactor.Cmdlets/Properties/AssemblyInfo.cs
@@ -53,7 +53,7 @@ using System.Runtime.Versioning;
// en utilisant '*', comme indiqué ci-dessous :
// [assembly: AssemblyVersion("1.0.*")]
[assembly: AssemblyVersion("3.0.0.0")]
-[assembly: AssemblyFileVersion("3.1.2111.1")]
+[assembly: AssemblyFileVersion("3.1.2112.0")]
[assembly: AssemblyInformationalVersion("3.0.0.0")]
[assembly: NeutralResourcesLanguageAttribute("en")]
diff --git a/Neos.IdentityServer 3.1/Neos.IdentityServer.MultiFactor.DataTypes/Neos.IdentityServer.MultiFactor.DataTypes.cs b/Neos.IdentityServer 3.1/Neos.IdentityServer.MultiFactor.DataTypes/Neos.IdentityServer.MultiFactor.DataTypes.cs
index 23cd5847..4c67472d 100644
--- a/Neos.IdentityServer 3.1/Neos.IdentityServer.MultiFactor.DataTypes/Neos.IdentityServer.MultiFactor.DataTypes.cs
+++ b/Neos.IdentityServer 3.1/Neos.IdentityServer.MultiFactor.DataTypes/Neos.IdentityServer.MultiFactor.DataTypes.cs
@@ -1143,24 +1143,24 @@ namespace Neos.IdentityServer.MultiFactor
}
///
- /// Platform
+ /// BrowserDetected
///
- [DataMember(Name = "Platform")]
- public string Platform
+ [DataMember(Name = "BrowserDetected")]
+ public string BrowserDetected
{
get
{
- if (_context.Data.ContainsKey("_authctxplatform") && _context.Data["_authctxplatform"] != null)
- return _context.Data["_authctxplatform"].ToString();
+ if (_context.Data.ContainsKey("_authctxbrowser") && _context.Data["_authctxbrowser"] != null)
+ return _context.Data["_authctxbrowser"].ToString();
else
return string.Empty;
}
set
{
- if (_context.Data.ContainsKey("_authctxplatform"))
- _context.Data["_authctxplatform"] = value;
+ if (_context.Data.ContainsKey("_authctxbrowser"))
+ _context.Data["_authctxbrowser"] = value;
else
- _context.Data.Add("_authctxplatform", value);
+ _context.Data.Add("_authctxbrowser", value);
}
}
}
diff --git a/Neos.IdentityServer 3.1/Neos.IdentityServer.MultiFactor.DataTypes/Neos.IdentityServer.MultiFactor.Hosts.cs b/Neos.IdentityServer 3.1/Neos.IdentityServer.MultiFactor.DataTypes/Neos.IdentityServer.MultiFactor.Hosts.cs
index 77f37862..f78de433 100644
--- a/Neos.IdentityServer 3.1/Neos.IdentityServer.MultiFactor.DataTypes/Neos.IdentityServer.MultiFactor.Hosts.cs
+++ b/Neos.IdentityServer 3.1/Neos.IdentityServer.MultiFactor.DataTypes/Neos.IdentityServer.MultiFactor.Hosts.cs
@@ -1856,6 +1856,16 @@ namespace Neos.IdentityServer.MultiFactor
_origin = value;
}
}
+
+ [XmlAttribute("ForbiddenBrowsers")]
+ public string ForbiddenBrowsers { get; set; } = "ie;samsung;nokia";
+
+ [XmlAttribute("InitiatedBrowsers")]
+ public string InitiatedBrowsers { get; set; } = "safari;unknown";
+
+ [XmlAttribute("NoCounterBrowsers")]
+ public string NoCounterBrowsers { get; set; } = "safari;unknown";
+
}
///
diff --git a/Neos.IdentityServer 3.1/Neos.IdentityServer.MultiFactor.DataTypes/Neos.IdentiyServer.Data.Interfaces.cs b/Neos.IdentityServer 3.1/Neos.IdentityServer.MultiFactor.DataTypes/Neos.IdentiyServer.Data.Interfaces.cs
index 703ad20e..351f51fe 100644
--- a/Neos.IdentityServer 3.1/Neos.IdentityServer.MultiFactor.DataTypes/Neos.IdentiyServer.Data.Interfaces.cs
+++ b/Neos.IdentityServer 3.1/Neos.IdentityServer.MultiFactor.DataTypes/Neos.IdentiyServer.Data.Interfaces.cs
@@ -256,6 +256,8 @@ namespace Neos.IdentityServer.MultiFactor
string ServerName { get; set; }
string ServerIcon { get; set; }
string Origin { get; set; }
+ string ForbiddenBrowsers { get; set; }
+ string InitiatedBrowsers { get; set; }
}
///
diff --git a/Neos.IdentityServer 3.1/Neos.IdentityServer.MultiFactor.DataTypes/Properties/AssemblyInfo.cs b/Neos.IdentityServer 3.1/Neos.IdentityServer.MultiFactor.DataTypes/Properties/AssemblyInfo.cs
index 06106c8f..49e98e7c 100644
--- a/Neos.IdentityServer 3.1/Neos.IdentityServer.MultiFactor.DataTypes/Properties/AssemblyInfo.cs
+++ b/Neos.IdentityServer 3.1/Neos.IdentityServer.MultiFactor.DataTypes/Properties/AssemblyInfo.cs
@@ -50,7 +50,7 @@ using System.Runtime.Versioning;
// Révision
//
[assembly: AssemblyVersion("3.0.0.0")]
-[assembly: AssemblyFileVersion("3.1.2111.1")]
+[assembly: AssemblyFileVersion("3.1.2112.0")]
[assembly: AssemblyInformationalVersion("3.0.0.0")]
[assembly: NeutralResourcesLanguageAttribute("en")]
diff --git a/Neos.IdentityServer 3.1/Neos.IdentityServer.MultiFactor.NotificationHub/Properties/AssemblyInfo.cs b/Neos.IdentityServer 3.1/Neos.IdentityServer.MultiFactor.NotificationHub/Properties/AssemblyInfo.cs
index 805aff1a..692aecb6 100644
--- a/Neos.IdentityServer 3.1/Neos.IdentityServer.MultiFactor.NotificationHub/Properties/AssemblyInfo.cs
+++ b/Neos.IdentityServer 3.1/Neos.IdentityServer.MultiFactor.NotificationHub/Properties/AssemblyInfo.cs
@@ -52,7 +52,7 @@ using System.Runtime.Versioning;
// en utilisant '*', comme indiqué ci-dessous :
// [assembly: AssemblyVersion("1.0.*")]
[assembly: AssemblyVersion("3.0.0.0")]
-[assembly: AssemblyFileVersion("3.1.2111.1")]
+[assembly: AssemblyFileVersion("3.1.2112.0")]
[assembly: AssemblyInformationalVersion("3.0.0.0")]
[assembly: NeutralResourcesLanguageAttribute("en")]
diff --git a/Neos.IdentityServer 3.1/Neos.IdentityServer.MultiFactor.Notifications/Properties/AssemblyInfo.cs b/Neos.IdentityServer 3.1/Neos.IdentityServer.MultiFactor.Notifications/Properties/AssemblyInfo.cs
index bfbbcd3f..11fcf5ca 100644
--- a/Neos.IdentityServer 3.1/Neos.IdentityServer.MultiFactor.Notifications/Properties/AssemblyInfo.cs
+++ b/Neos.IdentityServer 3.1/Neos.IdentityServer.MultiFactor.Notifications/Properties/AssemblyInfo.cs
@@ -52,7 +52,7 @@ using System.Runtime.Versioning;
// en utilisant '*', comme indiqué ci-dessous :
// [assembly: AssemblyVersion("1.0.*")]
[assembly: AssemblyVersion("3.0.0.0")]
-[assembly: AssemblyFileVersion("3.1.2111.1")]
+[assembly: AssemblyFileVersion("3.1.2112.0")]
[assembly: AssemblyInformationalVersion("3.0.0.0")]
[assembly: NeutralResourcesLanguageAttribute("en")]
diff --git a/Neos.IdentityServer 3.1/Neos.IdentityServer.MultiFactor.SAS.Azure/Properties/AssemblyInfo.cs b/Neos.IdentityServer 3.1/Neos.IdentityServer.MultiFactor.SAS.Azure/Properties/AssemblyInfo.cs
index 7bb389e1..0aee5c4b 100644
--- a/Neos.IdentityServer 3.1/Neos.IdentityServer.MultiFactor.SAS.Azure/Properties/AssemblyInfo.cs
+++ b/Neos.IdentityServer 3.1/Neos.IdentityServer.MultiFactor.SAS.Azure/Properties/AssemblyInfo.cs
@@ -52,7 +52,7 @@ using System.Runtime.Versioning;
// Vous pouvez spécifier toutes les valeurs ou indiquer les numéros de build et de révision par défaut
// en utilisant '*', comme indiqué ci-dessous :
[assembly: AssemblyVersion("3.0.0.0")]
-[assembly: AssemblyFileVersion("3.1.2111.1")]
+[assembly: AssemblyFileVersion("3.1.2112.0")]
[assembly: AssemblyInformationalVersion("3.0.0.0")]
[assembly: NeutralResourcesLanguageAttribute("en")]
diff --git a/Neos.IdentityServer 3.1/Neos.IdentityServer.MultiFactor.Security/Properties/AssemblyInfo.cs b/Neos.IdentityServer 3.1/Neos.IdentityServer.MultiFactor.Security/Properties/AssemblyInfo.cs
index 0f9de818..f2c0221c 100644
--- a/Neos.IdentityServer 3.1/Neos.IdentityServer.MultiFactor.Security/Properties/AssemblyInfo.cs
+++ b/Neos.IdentityServer 3.1/Neos.IdentityServer.MultiFactor.Security/Properties/AssemblyInfo.cs
@@ -51,7 +51,7 @@ using System.Runtime.InteropServices;
// en utilisant '*', comme indiqué ci-dessous :
// [assembly: AssemblyVersion("1.0.*")]
[assembly: AssemblyVersion("3.0.0.0")]
-[assembly: AssemblyFileVersion("3.1.2111.1")]
+[assembly: AssemblyFileVersion("3.1.2112.0")]
[assembly: AssemblyInformationalVersion("3.0.0.0")]
[assembly: NeutralResourcesLanguageAttribute("en")]
diff --git a/Neos.IdentityServer 3.1/Neos.IdentityServer.MultiFactor.WebAuthN.Common/Properties/AssemblyInfo.cs b/Neos.IdentityServer 3.1/Neos.IdentityServer.MultiFactor.WebAuthN.Common/Properties/AssemblyInfo.cs
index 83230aee..8d9b76a3 100644
--- a/Neos.IdentityServer 3.1/Neos.IdentityServer.MultiFactor.WebAuthN.Common/Properties/AssemblyInfo.cs
+++ b/Neos.IdentityServer 3.1/Neos.IdentityServer.MultiFactor.WebAuthN.Common/Properties/AssemblyInfo.cs
@@ -34,5 +34,5 @@ using System.Runtime.InteropServices;
// en utilisant '*', comme indiqué ci-dessous :
// [assembly: AssemblyVersion("1.0.*")]
[assembly: AssemblyVersion("3.0.0.0")]
-[assembly: AssemblyFileVersion("3.1.2111.1")]
+[assembly: AssemblyFileVersion("3.1.2112.0")]
[assembly: NeutralResourcesLanguageAttribute("en")]
diff --git a/Neos.IdentityServer 3.1/Neos.IdentityServer.MultiFactor.WebAuthN.Core/Properties/AssemblyInfo.cs b/Neos.IdentityServer 3.1/Neos.IdentityServer.MultiFactor.WebAuthN.Core/Properties/AssemblyInfo.cs
index 182871f2..f9473ef2 100644
--- a/Neos.IdentityServer 3.1/Neos.IdentityServer.MultiFactor.WebAuthN.Core/Properties/AssemblyInfo.cs
+++ b/Neos.IdentityServer 3.1/Neos.IdentityServer.MultiFactor.WebAuthN.Core/Properties/AssemblyInfo.cs
@@ -34,5 +34,5 @@ using System.Runtime.InteropServices;
// en utilisant '*', comme indiqué ci-dessous :
// [assembly: AssemblyVersion("1.0.*")]
[assembly: AssemblyVersion("3.0.0.0")]
-[assembly: AssemblyFileVersion("3.1.2111.1")]
+[assembly: AssemblyFileVersion("3.1.2112.0")]
[assembly: NeutralResourcesLanguageAttribute("en")]
diff --git a/Neos.IdentityServer 3.1/Neos.IdentityServer.MultiFactor.WebAuthN.Provider/Neos.IdentityServer.MultiFactor.Providers.WebAuthN.cs b/Neos.IdentityServer 3.1/Neos.IdentityServer.MultiFactor.WebAuthN.Provider/Neos.IdentityServer.MultiFactor.Providers.WebAuthN.cs
index e35058a3..9eaf0f02 100644
--- a/Neos.IdentityServer 3.1/Neos.IdentityServer.MultiFactor.WebAuthN.Provider/Neos.IdentityServer.MultiFactor.Providers.WebAuthN.cs
+++ b/Neos.IdentityServer 3.1/Neos.IdentityServer.MultiFactor.WebAuthN.Provider/Neos.IdentityServer.MultiFactor.Providers.WebAuthN.cs
@@ -42,6 +42,11 @@ namespace Neos.IdentityServer.MultiFactor.WebAuthN
public MFAConfig Config { get; set; }
public bool DirectLogin { get; private set; }
public int ChallengeSize { get; private set; }
+ public string ForbiddenBrowsers { get; private set; }
+ public string ForbiddenOperatingSystems { get; private set; }
+ public string InitiatedBrowsers { get; private set; }
+ public string InitiatedOperatingSystems { get; private set; }
+ public string NoCounterBrowsers { get; private set; }
public string ConveyancePreference { get; private set; }
public string Attachement { get; private set; }
public bool Extentions { get; private set; }
@@ -395,6 +400,9 @@ namespace Neos.IdentityServer.MultiFactor.WebAuthN
UserVerificationRequirement = param.Options.UserVerificationRequirement.ToEnum();
RequireResidentKey = param.Options.RequireResidentKey;
ChallengeSize = param.Configuration.ChallengeSize;
+ ForbiddenBrowsers = param.Configuration.ForbiddenBrowsers;
+ InitiatedBrowsers = param.Configuration.InitiatedBrowsers;
+ NoCounterBrowsers = param.Configuration.NoCounterBrowsers;
Fido2Configuration fido = new Fido2Configuration()
{
ServerDomain = param.Configuration.ServerDomain,
@@ -823,14 +831,13 @@ namespace Neos.IdentityServer.MultiFactor.WebAuthN
throw new Exception("Unknown credentials");
}
- // Check Replay
AuthenticatorData authData = new AuthenticatorData(clientResponse.Response.AuthenticatorData);
- bool isapple = Utilities.IsAppleDevice(ctx);
+ bool isnocount = Utilities.IsNoCounterDevice(this.Config.WebAuthNProvider.Configuration, ctx);
uint authCounter = 0;
uint storedCounter = 0;
- if (!isapple)
+ if (!isnocount)
{
authCounter = authData.SignCount;
storedCounter = creds.SignatureCounter;
@@ -851,12 +858,10 @@ namespace Neos.IdentityServer.MultiFactor.WebAuthN
// Apple counter always 0
AssertionVerificationResult res = _webathn.SetAssertionResult(clientResponse, options, creds.PublicKey, storedCounter, callback).Result;
- if (!isapple)
+ if (!isnocount)
RuntimeRepository.UpdateCounter(Config, user, res.CredentialId, res.Counter);
else
- {
RuntimeRepository.UpdateCounter(Config, user, res.CredentialId, 0);
- }
if (!authData.UserPresent || !authData.UserVerified)
{
@@ -917,7 +922,7 @@ namespace Neos.IdentityServer.MultiFactor.WebAuthN
return (int)AuthenticationResponseKind.Error;
}
}
-#endregion
+ #endregion
}
diff --git a/Neos.IdentityServer 3.1/Neos.IdentityServer.MultiFactor.WebAuthN.Provider/Properties/AssemblyInfo.cs b/Neos.IdentityServer 3.1/Neos.IdentityServer.MultiFactor.WebAuthN.Provider/Properties/AssemblyInfo.cs
index 592ed984..79599f07 100644
--- a/Neos.IdentityServer 3.1/Neos.IdentityServer.MultiFactor.WebAuthN.Provider/Properties/AssemblyInfo.cs
+++ b/Neos.IdentityServer 3.1/Neos.IdentityServer.MultiFactor.WebAuthN.Provider/Properties/AssemblyInfo.cs
@@ -34,6 +34,6 @@ using System.Runtime.InteropServices;
// en utilisant '*', comme indiqué ci-dessous :
// [assembly: AssemblyVersion("1.0.*")]
[assembly: AssemblyVersion("3.0.0.0")]
-[assembly: AssemblyFileVersion("3.1.2111.1")]
+[assembly: AssemblyFileVersion("3.1.2112.0")]
[assembly: NeutralResourcesLanguageAttribute("en")]
diff --git a/Neos.IdentityServer 3.1/Neos.IdentityServer.MultiFactor.WixSetup/Product.wxs b/Neos.IdentityServer 3.1/Neos.IdentityServer.MultiFactor.WixSetup/Product.wxs
index bf831cef..400db6d9 100644
--- a/Neos.IdentityServer 3.1/Neos.IdentityServer.MultiFactor.WixSetup/Product.wxs
+++ b/Neos.IdentityServer 3.1/Neos.IdentityServer.MultiFactor.WixSetup/Product.wxs
@@ -1,6 +1,6 @@
-
+
diff --git a/Neos.IdentityServer 3.1/Neos.IdentityServer.MultiFactor/Neos.IdentityServer.MultiFactor.BasePresentation.cs b/Neos.IdentityServer 3.1/Neos.IdentityServer.MultiFactor/Neos.IdentityServer.MultiFactor.BasePresentation.cs
index d964c189..eb630185 100644
--- a/Neos.IdentityServer 3.1/Neos.IdentityServer.MultiFactor/Neos.IdentityServer.MultiFactor.BasePresentation.cs
+++ b/Neos.IdentityServer 3.1/Neos.IdentityServer.MultiFactor/Neos.IdentityServer.MultiFactor.BasePresentation.cs
@@ -670,6 +670,7 @@ namespace Neos.IdentityServer.MultiFactor
_holders.Add(new PlaceHolders() { TagName = "##MANAGEACCOUNT##", FiledName = "manageaccount" });
_holders.Add(new PlaceHolders() { TagName = "##OPTIONITEM##", FiledName = "optionitem" });
_holders.Add(new PlaceHolders() { TagName = "##PLATFORM##", FiledName = "userplatform" });
+ _holders.Add(new PlaceHolders() { TagName = "##AGENT##", FiledName = "useragent" });
_holders.Add(new PlaceHolders() { TagName = "##LANGUAGE##", FiledName = "userlanguage" });
}
}
@@ -1261,7 +1262,7 @@ namespace Neos.IdentityServer.MultiFactor
result += "" + CR;
result += "" + CR;
- result += "" + CR;
+ result += "" + CR;
result += "" + CR;
result += "" + CR;
return result;
@@ -1273,27 +1274,17 @@ namespace Neos.IdentityServer.MultiFactor
string result = "