欢迎来到雅狐站长网!
兔子CDN

C#教程

当前位置:主页 > 软件教程 > C#教程 >

c# 使用谷歌身份验证GoogleAuthenticator的示例

时间:2021-04-27 22:44:02|栏目:C#教程|点击:

此功能相当于给系统加了个令牌,只有输入对的一组数字才可以验证成功。类似于QQ令牌一样。

一丶创建最核心的一个类GoogleAuthenticator

此类包含了生成密钥,验证,将绑定密钥转为二维码。

public class GoogleAuthenticator
  {
    private readonly static DateTime _epoch = new DateTime(1970, 1, 1, 0, 0, 0, DateTimeKind.Utc);
    private TimeSpan DefaultClockDriftTolerance { get; set; }

    public GoogleAuthenticator()
    {
      DefaultClockDriftTolerance = TimeSpan.FromMinutes(5);
    }

    /// <summary>
    /// Generate a setup code for a Google Authenticator user to scan
    /// </summary>
    /// <param name="issuer">Issuer ID (the name of the system, i.e. 'MyApp'), can be omitted but not recommended https://github.com/google/google-authenticator/wiki/Key-Uri-Format </param>
    /// <param name="accountTitleNoSpaces">Account Title (no spaces)</param>
    /// <param name="accountSecretKey">Account Secret Key</param>
    /// <param name="QRPixelsPerModule">Number of pixels per QR Module (2 pixels give ~ 100x100px QRCode)</param>
    /// <returns>SetupCode object</returns>
    public SetupCode GenerateSetupCode(string issuer, string accountTitleNoSpaces, string accountSecretKey, int QRPixelsPerModule)
    {
      byte[] key = Encoding.UTF8.GetBytes(accountSecretKey);
      return GenerateSetupCode(issuer, accountTitleNoSpaces, key, QRPixelsPerModule);
    }

    /// <summary>
    /// Generate a setup code for a Google Authenticator user to scan
    /// </summary>
    /// <param name="issuer">Issuer ID (the name of the system, i.e. 'MyApp'), can be omitted but not recommended https://github.com/google/google-authenticator/wiki/Key-Uri-Format </param>
    /// <param name="accountTitleNoSpaces">Account Title (no spaces)</param>
    /// <param name="accountSecretKey">Account Secret Key as byte[]</param>
    /// <param name="QRPixelsPerModule">Number of pixels per QR Module (2 = ~120x120px QRCode)</param>
    /// <returns>SetupCode object</returns>
    public SetupCode GenerateSetupCode(string issuer, string accountTitleNoSpaces, byte[] accountSecretKey, int QRPixelsPerModule)
    {
      if (accountTitleNoSpaces == null) { throw new NullReferenceException("Account Title is null"); }
      accountTitleNoSpaces = RemoveWhitespace(accountTitleNoSpaces);
      string encodedSecretKey = Base32Encoding.ToString(accountSecretKey);
      string provisionUrl = null;
      provisionUrl = String.Format("otpauth://totp/{2}:{0}?secret={1}&issuer={2}", accountTitleNoSpaces, encodedSecretKey.Replace("=",""), UrlEncode(issuer));



      using (QRCodeGenerator qrGenerator = new QRCodeGenerator())
      using (QRCodeData qrCodeData = qrGenerator.CreateQrCode(provisionUrl, QRCodeGenerator.ECCLevel.M))
      using (QRCode qrCode = new QRCode(qrCodeData))
      using (Bitmap qrCodeImage = qrCode.GetGraphic(QRPixelsPerModule))
      using (MemoryStream ms = new MemoryStream())
      {
        qrCodeImage.Save(ms, System.Drawing.Imaging.ImageFormat.Png);

        return new SetupCode(accountTitleNoSpaces, encodedSecretKey, String.Format("data:image/png;base64,{0}", Convert.ToBase64String(ms.ToArray())));
      }

    }

    private static string RemoveWhitespace(string str)
    {
      return new string(str.Where(c => !Char.IsWhiteSpace(c)).ToArray());
    }

    private string UrlEncode(string value)
    {
      StringBuilder result = new StringBuilder();
      string validChars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789-_.~";

      foreach (char symbol in value)
      {
        if (validChars.IndexOf(symbol) != -1)
        {
          result.Append(symbol);
        }
        else
        {
          result.Append('%' + String.Format("{0:X2}", (int)symbol));
        }
      }

      return result.ToString().Replace(" ", "%20");
    }

    public string GeneratePINAtInterval(string accountSecretKey, long counter, int digits = 6)
    {
      return GenerateHashedCode(accountSecretKey, counter, digits);
    }

    internal string GenerateHashedCode(string secret, long iterationNumber, int digits = 6)
    {
      byte[] key = Encoding.UTF8.GetBytes(secret);
      return GenerateHashedCode(key, iterationNumber, digits);
    }

    internal string GenerateHashedCode(byte[] key, long iterationNumber, int digits = 6)
    {
      byte[] counter = BitConverter.GetBytes(iterationNumber);

      if (BitConverter.IsLittleEndian)
      {
        Array.Reverse(counter);
      }

      HMACSHA1 hmac = new HMACSHA1(key);

      byte[] hash = hmac.ComputeHash(counter);

      int offset = hash[hash.Length - 1] & 0xf;

      // Convert the 4 bytes into an integer, ignoring the sign.
      int binary =
        ((hash[offset] & 0x7f) << 24)
        | (hash[offset + 1] << 16)
        | (hash[offset + 2] << 8)
        | (hash[offset + 3]);

      int password = binary % (int)Math.Pow(10, digits);
      return password.ToString(new string('0', digits));
    }

    private long GetCurrentCounter()
    {
      return GetCurrentCounter(DateTime.UtcNow, _epoch, 30);
    }

    private long GetCurrentCounter(DateTime now, DateTime epoch, int timeStep)
    {
      return (long)(now - epoch).TotalSeconds / timeStep;
    }

    public bool ValidateTwoFactorPIN(string accountSecretKey, string twoFactorCodeFromClient)
    {
      return ValidateTwoFactorPIN(accountSecretKey, twoFactorCodeFromClient, DefaultClockDriftTolerance);
    }

    public bool ValidateTwoFactorPIN(string accountSecretKey, string twoFactorCodeFromClient, TimeSpan timeTolerance)
    {
      var codes = GetCurrentPINs(accountSecretKey, timeTolerance);
      return codes.Any(c => c == twoFactorCodeFromClient);
    }

    public string[] GetCurrentPINs(string accountSecretKey, TimeSpan timeTolerance)
    {
      List<string> codes = new List<string>();
      long iterationCounter = GetCurrentCounter();
      int iterationOffset = 0;

      if (timeTolerance.TotalSeconds > 30)
      {
        iterationOffset = Convert.ToInt32(timeTolerance.TotalSeconds / 30.00);
      }

      long iterationStart = iterationCounter - iterationOffset;
      long iterationEnd = iterationCounter + iterationOffset;

      for (long counter = iterationStart; counter <= iterationEnd; counter++)
      {
        codes.Add(GeneratePINAtInterval(accountSecretKey, counter));
      }

      return codes.ToArray();
    }
  }

上一篇:在C# 8中如何使用默认接口方法详解

栏    目:C#教程

下一篇:C#基于Twain协议调用扫描仪,设置多图像输出模式(Multi image output)

本文标题:c# 使用谷歌身份验证GoogleAuthenticator的示例

本文地址:http://www.cnzzww.cn/ccjiaocheng/56518.html

广告投放 | 联系我们 | 版权申明

重要申明:本站所有的文章、图片、评论等,均由网友发表或上传并维护或收集自网络,属个人行为,与本站立场无关。

如果侵犯了您的权利,请与我们联系,我们将在24小时内进行处理、任何非本站因素导致的法律后果,本站均不负任何责任。

联系QQ: | 邮箱:111#qq.com(#换成@)

Copyright © 2015-2020 雅狐站长网 版权所有 苏ICP备20040415号