clean up TODOs

src/Umbraco.Web.BackOffice/Extensions/UmbracoBuilderExtensions.cs

@@ -40,10 +40,15 @@ namespace Umbraco.Extensions
                 {
                     o.Cookie.Name = Core.Constants.Security.BackOfficeExternalAuthenticationType;
                     o.ExpireTimeSpan = TimeSpan.FromMinutes(5);
+                })
+                // Although we don't natively support this, we add it anyways so that if end-users implement the required logic
+                // they don't have to worry about manually adding this scheme or modifying the sign in manager
+                .AddCookie(Core.Constants.Security.BackOfficeTwoFactorAuthenticationType, o =>
+                {
+                    o.Cookie.Name = Core.Constants.Security.BackOfficeTwoFactorAuthenticationType;
+                    o.ExpireTimeSpan = TimeSpan.FromMinutes(5);
                 });
 
-            // TODO: Need to add more cookie options, see https://github.com/dotnet/aspnetcore/blob/3.0/src/Identity/Core/src/IdentityServiceCollectionExtensions.cs#L45
-
             builder.Services.ConfigureOptions<ConfigureBackOfficeCookieOptions>();
             return builder;
         }

src/Umbraco.Web.BackOffice/Security/BackOfficeExternalLoginProviders.cs

@@ -3,6 +3,7 @@ using System.Linq;
 
 namespace Umbraco.Web.BackOffice.Security
 {
+    /// <inheritdoc />
     public class BackOfficeExternalLoginProviders : IBackOfficeExternalLoginProviders
     {
         public BackOfficeExternalLoginProviders(IEnumerable<BackOfficeExternalLoginProvider> externalLogins)
@@ -12,22 +13,26 @@ namespace Umbraco.Web.BackOffice.Security
 
         private readonly IEnumerable<BackOfficeExternalLoginProvider> _externalLogins;
 
+        /// <inheritdoc />
         public BackOfficeExternalLoginProvider Get(string authenticationType)
         {
             return _externalLogins.FirstOrDefault(x => x.AuthenticationType == authenticationType);
         }
 
+        /// <inheritdoc />
         public string GetAutoLoginProvider()
         {
             var found = _externalLogins.Where(x => x.Options.AutoRedirectLoginToExternalProvider).ToList();
             return found.Count > 0 ? found[0].AuthenticationType : null;
         }
 
+        /// <inheritdoc />
         public IEnumerable<BackOfficeExternalLoginProvider> GetBackOfficeProviders()
         {
             return _externalLogins;
         }
 
+        /// <inheritdoc />
         public bool HasDenyLocalLogin()
         {
             var found = _externalLogins.Where(x => x.Options.DenyLocalLogin).ToList();

src/Umbraco.Web.BackOffice/Security/BackOfficeSignInManager.cs

@@ -51,14 +51,10 @@ namespace Umbraco.Web.Common.Security
             _globalSettings = globalSettings.Value;
         }
 
-        // TODO: Need to migrate more from Umbraco.Web.Security.BackOfficeSignInManager
-        // Things like dealing with auto-linking, cookie options, and a ton of other stuff. Some might not need to be ported but it
-        // will be a case by case basis.
-        // Have a look into RefreshSignInAsync since we might be able to use this new functionality for auto-cookie renewal in our middleware, though
+        // TODO: Have a look into RefreshSignInAsync since we might be able to use this new functionality for auto-cookie renewal in our middleware, though
         // i suspect it's taken care of already.
 
 
-
         /// <inheritdoc />
         public override async Task<SignInResult> PasswordSignInAsync(BackOfficeIdentityUser user, string password, bool isPersistent, bool lockoutOnFailure)
         {
@@ -201,8 +197,7 @@ namespace Umbraco.Web.Common.Security
 
             await Context.SignOutAsync(Constants.Security.BackOfficeAuthenticationType);
             await Context.SignOutAsync(Constants.Security.BackOfficeExternalAuthenticationType);
-            // TODO: Put this back in when we implement it
-            //await Context.SignOutAsync(Constants.Security.BackOfficeTwoFactorAuthenticationType);
+            await Context.SignOutAsync(Constants.Security.BackOfficeTwoFactorAuthenticationType);
         }
 
 

src/Umbraco.Web.BackOffice/Security/BackOfficeUserManager.cs

@@ -407,8 +407,6 @@ namespace Umbraco.Web.Common.Security
 
         public void RaiseLoginFailedEvent(IPrincipal currentUser, int userId) => OnLoginFailed(CreateArgs(AuditEvent.LoginFailed, currentUser, userId, string.Empty));
 
-        //public void RaiseInvalidLoginAttemptEvent(IPrincipal currentUser, string username) => OnLoginFailed(CreateArgs(AuditEvent.LoginFailed, currentUser, Constants.Security.SuperUserId, username));
-
         public void RaiseLoginRequiresVerificationEvent(IPrincipal currentUser, int userId) => OnLoginRequiresVerification(CreateArgs(AuditEvent.LoginRequiresVerification, currentUser, userId, string.Empty));
 
         public void RaiseLoginSuccessEvent(IPrincipal currentUser, int userId) => OnLoginSuccess(CreateArgs(AuditEvent.LoginSucces, currentUser, userId, string.Empty));

src/Umbraco.Web.BackOffice/Security/IBackOfficeExternalLoginProviders.cs

@@ -11,8 +11,17 @@ namespace Umbraco.Web.BackOffice.Security
     /// </summary>
     public interface IBackOfficeExternalLoginProviders
     {
+        /// <summary>
+        /// Get the <see cref="BackOfficeExternalLoginProvider"/> for the specified scheme
+        /// </summary>
+        /// <param name="authenticationType"></param>
+        /// <returns></returns>
         BackOfficeExternalLoginProvider Get(string authenticationType);
 
+        /// <summary>
+        /// Get all registered <see cref="BackOfficeExternalLoginProvider"/>
+        /// </summary>
+        /// <returns></returns>
         IEnumerable<BackOfficeExternalLoginProvider> GetBackOfficeProviders();
 
         /// <summary>