Skip to content
This repository has been archived by the owner on Dec 13, 2018. It is now read-only.

Rfc6238AuthenticationService should be in Security repository and make him public? #551

Closed
abcplex opened this issue Oct 27, 2015 · 12 comments
Closed

Rfc6238AuthenticationService should be in Security repository and make him public? #551

abcplex opened this issue Oct 27, 2015 · 12 comments
Labels
enhancement
Milestone
Backlog

Comments

@abcplex
Copy link

abcplex commented Oct 27, 2015

Rfc6238AuthenticationService class at https://github.com/aspnet/Identity/blob/85012bd0ac83548f7eab31f0585dae3836935d9d/src/Microsoft.AspNet.Identity/Rfc6238AuthenticationService.cs look like very useful. But I think it should in Security repo. Also it will be great if you guys can make this class public.
@HaoK
Copy link
Member

HaoK commented Oct 27, 2015

@blowdart thoughts?

@kevinchalet
Copy link
Contributor

FWIW: https://github.com/aspnet/DataProtection is also a good candidate for that.

@blowdart
Copy link
Member

Not data protection, no no no. It's a reasonable idea, it won't break anything as it's internal right now.

@Tratcher
Copy link
Member

@blowdart Should we do this, and if so, where?

@blowdart
Copy link
Member

Yes, and the Security namespace I feel.

@slaneyrw
Copy link

slaneyrw commented Nov 5, 2015

If it is moved then I'll get able to build a TOTP token provider to support the standard authenticator apps, like Google Authenticator. It is currently not possible to use the base provider that the Email and Phone token provider uses (TotpSecurityStampBasedTokenProvider) as it adds additional entropty ( UserModifier ) that I cannot easily override, but it also hardcodes the timestep at 3 minutes. All the authenticator apps use 30 seconds

@HaoK HaoK added this to the Backlog milestone Nov 12, 2015
@abcplex
Copy link
Author

abcplex commented Nov 30, 2017

@blowdart still not done?

@grahamehorner
Copy link

grahamehorner commented Dec 14, 2017
edited
Loading

I too would like this as it seems to be a very useful library without needing identity, also looking at the identity source the computation of the timestep is duplicated in a couple of areas when IMHO it should be a configurable parameters, I’ve created a proof of concept that I registered with DI IRFC6238 and updated identity to use the DI implementation seems to work for my needs 🤪

@mguinness
Copy link

mguinness commented Mar 6, 2018
edited
Loading

Any updates? Would probably also need Base32 class moved.

This being internal was discussed aspnet/Identity#1388 (comment).

@oferns
Copy link

oferns commented Mar 15, 2018

I too would like to see this

@grahamehorner
Copy link

@mguinness yes, Base32 should possibly move into the System.Text.Encoding namespace and have its own nupkg package if not be part of the corefx

@Eilon
Copy link
Member

Eilon commented Sep 27, 2018

Closing because we are not planning to make this a public API at this time. However, people are free to grab the code per the license and ship a library that way.

@Eilon Eilon closed this as completed Sep 27, 2018
@guylando guylando mentioned this issue Mar 9, 2019
Closed
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
enhancement
Projects
None yet
Milestone
Backlog
Development

No branches or pull requests
10 participants
@Eilon @blowdart @Tratcher @oferns @slaneyrw @grahamehorner @abcplex @HaoK @kevinchalet @mguinness