Member 2FA (#11889)

* Bugfix - Take ufprt from form data if the request has form content type, otherwise fallback to use the query

* External linking for members

* Changed migration to reuse old table

* removed unnecessary web.config files

* Cleanup

* Extracted class to own file

* Clean up

* Rollback changes to Umbraco.Web.UI.csproj

* Fixed migration for SqlCE

* Added 2fa for members

* Change notification handler to be on deleted

* Update src/Umbraco.Infrastructure/Security/MemberUserStore.cs

Co-authored-by: Mole <nikolajlauridsen@protonmail.ch>

* updated snippets

* Fixed issue with errors not shown on member linking

* fixed issue with errors

* clean up

* Fix issue where external logins could not be used to upgrade Umbraco, because the externalLogin table was expected to look different. (Like after the migration)

* Fixed issue in Ignore legacy column now using result column.

* Updated 2fa for members + publish notification when 2fa is requested.

* Changed so only Members out of box supports 2fa

* Cleanup

* rollback of csproj file, that should not have been changed

* Removed confirmed flag from db. It was not used.

Handle case where a user is signed up for 2fa, but the provider do not exist anymore. Then it is just ignored until it shows up again

Reintroduced ProviderName on interface, to ensure the class can be renamed safely

* Bugfix

* Registering DeleteTwoFactorLoginsOnMemberDeletedHandler

* Rollback nuget packages added by mistake

* Update src/Umbraco.Infrastructure/Services/Implement/TwoFactorLoginService.cs

Co-authored-by: Mole <nikolajlauridsen@protonmail.ch>

* Update src/Umbraco.Infrastructure/Persistence/Repositories/Implement/TwoFactorLoginRepository.cs

Co-authored-by: Mole <nikolajlauridsen@protonmail.ch>

* Added providername to snippet

Co-authored-by: Mole <nikolajlauridsen@protonmail.ch>

src/Umbraco.Infrastructure/Security/MemberUserStore.cs

@@ -29,6 +29,7 @@ namespace Umbraco.Cms.Core.Security
         private readonly IScopeProvider _scopeProvider;
         private readonly IPublishedSnapshotAccessor _publishedSnapshotAccessor;
         private readonly IExternalLoginWithKeyService _externalLoginService;
+        private readonly ITwoFactorLoginService _twoFactorLoginService;
 
         /// <summary>
         /// Initializes a new instance of the <see cref="MemberUserStore"/> class for the members identity store
@@ -37,7 +38,9 @@ namespace Umbraco.Cms.Core.Security
         /// <param name="mapper">The mapper for properties</param>
         /// <param name="scopeProvider">The scope provider</param>
         /// <param name="describer">The error describer</param>
+        /// <param name="publishedSnapshotAccessor">The published snapshot accessor</param>
         /// <param name="externalLoginService">The external login service</param>
+        /// <param name="twoFactorLoginService">The two factor login service</param>
         [ActivatorUtilitiesConstructor]
         public MemberUserStore(
             IMemberService memberService,
@@ -45,7 +48,8 @@ namespace Umbraco.Cms.Core.Security
             IScopeProvider scopeProvider,
             IdentityErrorDescriber describer,
             IPublishedSnapshotAccessor publishedSnapshotAccessor,
-            IExternalLoginWithKeyService externalLoginService
+            IExternalLoginWithKeyService externalLoginService,
+            ITwoFactorLoginService twoFactorLoginService
             )
             : base(describer)
         {
@@ -54,9 +58,10 @@ namespace Umbraco.Cms.Core.Security
             _scopeProvider = scopeProvider ?? throw new ArgumentNullException(nameof(scopeProvider));
             _publishedSnapshotAccessor = publishedSnapshotAccessor;
             _externalLoginService = externalLoginService;
+            _twoFactorLoginService = twoFactorLoginService;
         }
 
-        [Obsolete("Use ctor with IExternalLoginWithKeyService param")]
+        [Obsolete("Use ctor with IExternalLoginWithKeyService and ITwoFactorLoginService param")]
         public MemberUserStore(
             IMemberService memberService,
             IUmbracoMapper mapper,
@@ -64,19 +69,19 @@ namespace Umbraco.Cms.Core.Security
             IdentityErrorDescriber describer,
             IPublishedSnapshotAccessor publishedSnapshotAccessor,
             IExternalLoginService externalLoginService)
-            : this(memberService, mapper, scopeProvider, describer, publishedSnapshotAccessor, StaticServiceProvider.Instance.GetRequiredService<IExternalLoginWithKeyService>())
+            : this(memberService, mapper, scopeProvider, describer, publishedSnapshotAccessor, StaticServiceProvider.Instance.GetRequiredService<IExternalLoginWithKeyService>(), StaticServiceProvider.Instance.GetRequiredService<ITwoFactorLoginService>())
         {
 
         }
 
-        [Obsolete("Use ctor with IExternalLoginWithKeyService param")]
+        [Obsolete("Use ctor with IExternalLoginWithKeyService and ITwoFactorLoginService param")]
         public MemberUserStore(
             IMemberService memberService,
             IUmbracoMapper mapper,
             IScopeProvider scopeProvider,
             IdentityErrorDescriber describer,
             IPublishedSnapshotAccessor publishedSnapshotAccessor)
-            : this(memberService, mapper, scopeProvider, describer, publishedSnapshotAccessor, StaticServiceProvider.Instance.GetRequiredService<IExternalLoginWithKeyService>())
+            : this(memberService, mapper, scopeProvider, describer, publishedSnapshotAccessor, StaticServiceProvider.Instance.GetRequiredService<IExternalLoginWithKeyService>(), StaticServiceProvider.Instance.GetRequiredService<ITwoFactorLoginService>())
         {
 
         }
@@ -678,5 +683,34 @@ namespace Umbraco.Cms.Core.Security
             LoginOnly,
             FullSave
         }
+
+        /// <summary>
+        /// Overridden to support Umbraco's own data storage requirements
+        /// </summary>
+        /// <remarks>
+        /// The base class's implementation of this calls into FindTokenAsync, RemoveUserTokenAsync and AddUserTokenAsync, both methods will only work with ORMs that are change
+        /// tracking ORMs like EFCore.
+        /// </remarks>
+        /// <inheritdoc />
+        public override Task<string> GetTokenAsync(MemberIdentityUser user, string loginProvider, string name, CancellationToken cancellationToken)
+        {
+            cancellationToken.ThrowIfCancellationRequested();
+            ThrowIfDisposed();
+
+            if (user == null)
+            {
+                throw new ArgumentNullException(nameof(user));
+            }
+            IIdentityUserToken token = user.LoginTokens.FirstOrDefault(x => x.LoginProvider.InvariantEquals(loginProvider) && x.Name.InvariantEquals(name));
+
+            return Task.FromResult(token?.Value);
+        }
+
+        /// <inheritdoc />
+        public override async Task<bool> GetTwoFactorEnabledAsync(MemberIdentityUser user,
+            CancellationToken cancellationToken = default(CancellationToken))
+        {
+            return await _twoFactorLoginService.IsTwoFactorEnabledAsync(user.Key);
+        }
     }
 }