Change IsTfaEnabled to IsTwoFactorEnabledAsync (#46258)

Also now public virtual

Author: cheng93

src/Identity/Core/src/PublicAPI.Unshipped.txt

@@ -1 +1,2 @@
 #nullable enable
+virtual Microsoft.AspNetCore.Identity.SignInManager<TUser>.IsTwoFactorEnabledAsync(TUser! user) -> System.Threading.Tasks.Task<bool>!

src/Identity/Core/src/SignInManager.cs

@@ -368,7 +368,7 @@ public virtual async Task<SignInResult> CheckPasswordSignInAsync(TUser user, str
         {
             var alwaysLockout = AppContext.TryGetSwitch("Microsoft.AspNetCore.Identity.CheckPasswordSignInAlwaysResetLockoutOnSuccess", out var enabled) && enabled;
             // Only reset the lockout when not in quirks mode if either TFA is not enabled or the client is remembered for TFA.
-            if (alwaysLockout || !await IsTfaEnabled(user) || await IsTwoFactorClientRememberedAsync(user))
+            if (alwaysLockout || !await IsTwoFactorEnabledAsync(user) || await IsTwoFactorClientRememberedAsync(user))
             {
                 await ResetLockout(user);
             }
@@ -741,7 +741,14 @@ internal async Task<ClaimsPrincipal> StoreRememberClient(TUser user)
         return new ClaimsPrincipal(rememberBrowserIdentity);
     }
 
-    private async Task<bool> IsTfaEnabled(TUser user)
+    /// <summary>
+    /// Check if the <paramref name="user"/> has two factor enabled.
+    /// </summary>
+    /// <param name="user"></param>
+    /// <returns>
+    /// The task object representing the asynchronous operation containing true if the user has two factor enabled.
+    /// </returns>
+    public virtual async Task<bool> IsTwoFactorEnabledAsync(TUser user)
         => UserManager.SupportsUserTwoFactor &&
         await UserManager.GetTwoFactorEnabledAsync(user) &&
         (await UserManager.GetValidTwoFactorProvidersAsync(user)).Count > 0;
@@ -757,7 +764,7 @@ await UserManager.GetTwoFactorEnabledAsync(user) &&
     /// <returns>Returns a <see cref="SignInResult"/></returns>
     protected virtual async Task<SignInResult> SignInOrTwoFactorAsync(TUser user, bool isPersistent, string? loginProvider = null, bool bypassTwoFactor = false)
     {
-        if (!bypassTwoFactor && await IsTfaEnabled(user))
+        if (!bypassTwoFactor && await IsTwoFactorEnabledAsync(user))
         {
             if (!await IsTwoFactorClientRememberedAsync(user))
             {

src/Identity/test/Identity.Test/SignInManagerTest.cs

@@ -424,6 +424,47 @@ public async Task TwoFactorAuthenticatorSignInFailWithoutLockout()
         auth.Verify();
     }
 
+    [Theory]
+    [InlineData(true, true, true)]
+    [InlineData(true, true, false)]
+    [InlineData(true, false, true)]
+    [InlineData(true, false, false)]
+    [InlineData(false, true, true)]
+    [InlineData(false, true, false)]
+    [InlineData(false, false, true)]
+    [InlineData(false, false, false)]
+    public async Task IsTwoFactorEnabled(bool userManagerSupportsTwoFactor, bool userTwoFactorEnabled, bool hasValidProviders)
+    {
+        // Setup
+        var user = new PocoUser { UserName = "Foo" };
+        var manager = SetupUserManager(user);
+        manager.Setup(m => m.SupportsUserTwoFactor).Returns(userManagerSupportsTwoFactor).Verifiable();
+        if (userManagerSupportsTwoFactor)
+        {
+            manager.Setup(m => m.GetTwoFactorEnabledAsync(user)).ReturnsAsync(userTwoFactorEnabled).Verifiable();
+            if (userTwoFactorEnabled)
+            {
+                manager
+                    .Setup(m => m.GetValidTwoFactorProvidersAsync(user))
+                    .ReturnsAsync(hasValidProviders ? new string[1] { "Fake" } : Array.Empty<string>())
+                    .Verifiable();
+            }
+        }
+
+        var context = new DefaultHttpContext();
+        var auth = MockAuth(context);
+        var helper = SetupSignInManager(manager.Object, context);
+
+        // Act
+        var result = await helper.IsTwoFactorEnabledAsync(user);
+
+        // Assert
+        var expected = userManagerSupportsTwoFactor && userTwoFactorEnabled && hasValidProviders;
+        Assert.Equal(expected, result);
+        manager.Verify();
+        auth.Verify();
+    }
+
     [Theory]
     [InlineData(true, true)]
     [InlineData(true, false)]