diff --git a/Socialvoid/Client/SocialvoidClient.cs b/Socialvoid/Client/SocialvoidClient.cs
index 8adf7b6..a2505d6 100644
--- a/Socialvoid/Client/SocialvoidClient.cs
+++ b/Socialvoid/Client/SocialvoidClient.cs
@@ -17,9 +17,11 @@
*/
using System;
+using System.Text;
using System.Net.Http;
using System.IO;
using Socialvoid.Security;
+using Socialvoid.Security.Otp;
using Socialvoid.JObjects;
using Socialvoid.Errors.ServerErrors;
using Socialvoid.Errors.AuthenticationErrors;
@@ -341,9 +343,18 @@ namespace Socialvoid.Client
///
/// Thrown if two-factor authentication is required.
///
- public virtual void AuthenticateUser(SessionIdentification sessionID,
- string username, string password, string otp = null)
+ public virtual void AuthenticateUser(string username, string password,
+ string otp = null, SessionIdentification sessionID = null)
{
+ if (sessionID == null && _session != null)
+ {
+ sessionID = new()
+ {
+ SessionID = _session.SessionID,
+ ClientPublicHash = PublicHash
+ };
+ }
+
JArgs args = new(){
{UsernameKey, username},
{PasswordKey, password},
@@ -357,12 +368,14 @@ namespace Socialvoid.Client
if (IsOtpValid(otp))
{
args.Add(OtpKey, otp);
+ sessionID.ChallengeAnswer = otp;
}
- else if (_should_otp && IsOtpValid(otp))
+ else if (_should_otp && IsOtpValid(_otp))
{
// after adding otp answer to args, don't forget to set
// _should_otp to false (and _otp to null).
args.Add(OtpKey, _otp);
+ sessionID.ChallengeAnswer = _otp;
_should_otp = false;
_otp = null;
}
@@ -384,7 +397,9 @@ namespace Socialvoid.Client
///
protected internal virtual string GetChallengeAnswer(string secret)
{
- return null;
+ var otp = new Totp(Encoding.UTF8.GetBytes(secret));
+ return KeyGeneration.GetSha1(otp.ComputeTotp() + PrivateHash);;
+ //return null;
}
#endregion
@@ -582,6 +597,7 @@ namespace Socialvoid.Client
return jresp;
}
+
#endregion
//-------------------------------------------------
}
diff --git a/Socialvoid/Security/Otp/KeyGeneration.cs b/Socialvoid/Security/Otp/KeyGeneration.cs
index 3cee5a8..0963eab 100644
--- a/Socialvoid/Security/Otp/KeyGeneration.cs
+++ b/Socialvoid/Security/Otp/KeyGeneration.cs
@@ -23,6 +23,7 @@
using System;
+using System.Text;
using System.Security.Cryptography;
namespace Socialvoid.Security.Otp
@@ -100,7 +101,7 @@ namespace Socialvoid.Security.Otp
DeriveKeyFromMaster(masterKey,
KeyUtilities.GetBigEndianBytes(serialNumber), mode);
- private static HashAlgorithm GetHashAlgorithmForMode(OtpHashMode mode)
+ internal static HashAlgorithm GetHashAlgorithmForMode(OtpHashMode mode)
{
switch(mode)
{
@@ -113,7 +114,7 @@ namespace Socialvoid.Security.Otp
}
}
- private static int LengthForMode(OtpHashMode mode)
+ internal static int LengthForMode(OtpHashMode mode)
{
switch(mode)
{
@@ -125,7 +126,17 @@ namespace Socialvoid.Security.Otp
return 20;
}
}
-
+ internal static string GetSha1(string value)
+ {
+ var data = Encoding.ASCII.GetBytes(value);
+ var hashData = new SHA1Managed().ComputeHash(data);
+ var hash = string.Empty;
+ foreach (var b in hashData)
+ {
+ hash += b.ToString("X2");
+ }
+ return hash;
+ }
#endregion
//-------------------------------------------------
}
diff --git a/Socialvoid/Security/SessionEstablished.cs b/Socialvoid/Security/SessionEstablished.cs
index 5144fdf..c3b0079 100644
--- a/Socialvoid/Security/SessionEstablished.cs
+++ b/Socialvoid/Security/SessionEstablished.cs
@@ -24,13 +24,13 @@ namespace Socialvoid.Security
/// since: v0.0.0
///
[JsonPropertyName("id")]
- public string SessionID { get; internal set; }
+ public string SessionID { get; set; }
///
/// The Public Hash of the client used when establishing the session.
/// since: v0.0.0
///
[JsonPropertyName("challenge")]
- internal string ChallengeSecret { get; set; }
+ public string ChallengeSecret { get; set; }
#endregion
//-------------------------------------------------
#region static field's Region
@@ -53,7 +53,7 @@ namespace Socialvoid.Security
///
///
///
- private SessionEstablished()
+ public SessionEstablished()
{
;// make is private, so user use `EstablishNew` static method.
}
diff --git a/Tests/Client/AuthenticateUser.cs b/Tests/Client/AuthenticateUser.cs
index 4f28111..1c9e67f 100644
--- a/Tests/Client/AuthenticateUser.cs
+++ b/Tests/Client/AuthenticateUser.cs
@@ -47,7 +47,7 @@ namespace Tests.Client
SocialvoidClient.GetClient(publicHash,
privateHash, platform, name, version);
myClient.CreateSession();
- myClient.AuthenticateUser(new(), "aliwoto", "12345678");
+ myClient.AuthenticateUser("aliwoto", "12345678");
}