Associate and Disassociate MFA factors for OOBSMS, OOBEmail and TOTP …

…Authenticator
jezzsantos · Nov 15, 2024 · 547b2ea · 547b2ea
1 parent 0af16d2
commit 547b2ea
Show file tree

Hide file tree

Showing 18 changed files with 809 additions and 227 deletions.
diff --git a/iac/AzureSQLServer-Seed-Eventing-Generic.sql b/iac/AzureSQLServer-Seed-Eventing-Generic.sql
@@ -405,7 +405,7 @@ CREATE TABLE [dbo].[MfaAuthenticator]
     [BarCodeUri]            [nvarchar](max) NULL,
     [CompletionState]       [nvarchar](max) NULL,
     [IsActive]              [bit]           NULL,
-    [IsCompleted]           [bit]           NULL,
+    [State]                 [nvarchar](max) NULL,
     [OobChannelValue]       [nvarchar](max) NULL,
     [OobCode]               [nvarchar](max) NULL,
     [PasswordCredentialId]  [nvarchar](100) NULL,

diff --git a/src/.idea/.idea.SaaStack/.idea/prettier.xml b/src/.idea/.idea.SaaStack/.idea/prettier.xml
diff --git a/src/Domain.Events.Shared/Identities/PasswordCredentials/MfaAuthenticatorAdded.cs b/src/Domain.Events.Shared/Identities/PasswordCredentials/MfaAuthenticatorAdded.cs
@@ -0,0 +1,26 @@
+using Domain.Common;
+using Domain.Common.ValueObjects;
+using Domain.Shared.Identities;
+using JetBrains.Annotations;
+
+namespace Domain.Events.Shared.Identities.PasswordCredentials;
+
+public sealed class MfaAuthenticatorAdded : DomainEvent
+{
+    public MfaAuthenticatorAdded(Identifier id) : base(id)
+    {
+    }
+
+    [UsedImplicitly]
+    public MfaAuthenticatorAdded()
+    {
+    }
+
+    public string? AuthenticatorId { get; set; }
+
+    public required bool IsActive { get; set; }
+
+    public required MfaAuthenticatorType Type { get; set; }
+
+    public required string UserId { get; set; }
+}
diff --git a/src/Domain.Events.Shared/Identities/PasswordCredentials/MfaAuthenticatorAssociated.cs b/src/Domain.Events.Shared/Identities/PasswordCredentials/MfaAuthenticatorAssociated.cs
@@ -16,12 +16,10 @@ public MfaAuthenticatorAssociated()
     {
     }
 
-    public string? AuthenticatorId { get; set; }
+    public required string AuthenticatorId { get; set; }
 
     public string? BarCodeUri { get; set; }
 
-    public required bool IsActive { get; set; }
-
     public string? OobChannelValue { get; set; }
 
     public string? OobCode { get; set; }

diff --git a/...dentials/MfaAuthenticatorDisassociated.cs → ...ordCredentials/MfaAuthenticatorRemoved.cs b/...dentials/MfaAuthenticatorDisassociated.cs → ...ordCredentials/MfaAuthenticatorRemoved.cs
@@ -5,14 +5,14 @@
 
 namespace Domain.Events.Shared.Identities.PasswordCredentials;
 
-public sealed class MfaAuthenticatorDisassociated : DomainEvent
+public sealed class MfaAuthenticatorRemoved : DomainEvent
 {
-    public MfaAuthenticatorDisassociated(Identifier id) : base(id)
+    public MfaAuthenticatorRemoved(Identifier id) : base(id)
     {
     }
 
     [UsedImplicitly]
-    public MfaAuthenticatorDisassociated()
+    public MfaAuthenticatorRemoved()
     {
     }
 

diff --git a/src/IdentityApplication/PasswordCredentialsApplication.Mfa.cs b/src/IdentityApplication/PasswordCredentialsApplication.Mfa.cs
@@ -84,7 +84,7 @@ async Task<Result<Error>> OnAssociate(MfaAuthenticator associatedAuthenticator)
         {
             await Task.CompletedTask;
 
-            switch (associatedAuthenticator.Type.Value)
+            switch (associatedAuthenticator.Type)
             {
                 case MfaAuthenticatorType.OobSms:
                     return await _userNotificationsService.NotifyPasswordMfaOobSmsAsync(caller,
@@ -371,7 +371,7 @@ public static AssociatedPasswordCredentialMfaAuthenticator ToAssociatedAuthentic
     {
         return new AssociatedPasswordCredentialMfaAuthenticator
         {
-            Type = authenticator.Type.Value.ToEnum<MfaAuthenticatorType, PasswordCredentialMfaAuthenticatorType>(),
+            Type = authenticator.Type.ToEnum<MfaAuthenticatorType, PasswordCredentialMfaAuthenticatorType>(),
             RecoveryCodes = credential.MfaAuthenticators.GetRecoveryCodes(),
             BarCodeUri = authenticator.BarCodeUri,
             OobCode = authenticator.OobCode
@@ -384,7 +384,7 @@ public static List<PasswordCredentialMfaAuthenticator> ToMfaAuthenticators(this
             .Select(auth => new PasswordCredentialMfaAuthenticator
             {
                 Id = auth.Id,
-                Type = auth.Type.Value.ToEnumOrDefault(PasswordCredentialMfaAuthenticatorType.None),
+                Type = auth.Type.ToEnumOrDefault(PasswordCredentialMfaAuthenticatorType.None),
                 IsActive = auth.IsActive
             })
             .ToList();

diff --git a/src/IdentityApplication/Persistence/ReadModels/MfaAuthenticator.cs b/src/IdentityApplication/Persistence/ReadModels/MfaAuthenticator.cs
@@ -1,6 +1,7 @@
 using Application.Persistence.Common;
 using Common;
 using Domain.Shared.Identities;
+using IdentityDomain;
 using QueryAny;
 
 namespace IdentityApplication.Persistence.ReadModels;
@@ -14,8 +15,6 @@ public class MfaAuthenticator : ReadModelEntity
 
     public bool IsActive { get; set; }
 
-    public bool IsCompleted { get; set; }
-
     public Optional<string> OobChannelValue { get; set; }
 
     public Optional<string> OobCode { get; set; }
@@ -24,6 +23,8 @@ public class MfaAuthenticator : ReadModelEntity
 
     public Optional<string> SecretHash { get; set; }
 
+    public MfaAuthenticatorState State { get; set; }
+
     public MfaAuthenticatorType Type { get; set; } = MfaAuthenticatorType.None;
 
     public Optional<string> UserId { get; set; }