remember two factor token

src/Core/Enums/TwoFactorProviderType.cs

@@ -6,6 +6,7 @@
         Email = 1,
         Duo = 2,
         YubiKey = 3,
-        U2f = 4
+        U2f = 4,
+        Remember = 5
     }
 }

src/Core/Identity/TwoFactorRememberTokenProvider.cs

@@ -0,0 +1,21 @@
+using Microsoft.AspNetCore.Identity;
+using Bit.Core.Models.Table;
+using Microsoft.Extensions.Options;
+using Microsoft.AspNetCore.DataProtection;
+
+namespace Bit.Core.Identity
+{
+    public class TwoFactorRememberTokenProvider : DataProtectorTokenProvider<User>
+    {
+        private readonly GlobalSettings _globalSettings;
+
+        public TwoFactorRememberTokenProvider(
+            IDataProtectionProvider dataProtectionProvider,
+            IOptions<TwoFactorRememberTokenProviderOptions> options)
+            : base(dataProtectionProvider, options)
+        { }
+    }
+
+    public class TwoFactorRememberTokenProviderOptions : DataProtectionTokenProviderOptions
+    { }
+}

src/Core/IdentityServer/ResourceOwnerPasswordValidator.cs

@@ -38,6 +38,7 @@ namespace Bit.Core.IdentityServer
         {
             var twoFactorToken = context.Request.Raw["TwoFactorToken"]?.ToString();
             var twoFactorProvider = context.Request.Raw["TwoFactorProvider"]?.ToString();
+            var twoFactorRemember = context.Request.Raw["TwoFactorRemember"]?.ToString() == "1";
             var twoFactorRequest = !string.IsNullOrWhiteSpace(twoFactorToken) && !string.IsNullOrWhiteSpace(twoFactorProvider);
 
             if(!string.IsNullOrWhiteSpace(context.UserName))
@@ -63,7 +64,8 @@ namespace Bit.Core.IdentityServer
                         if(!twoFactorRequest || await VerifyTwoFactor(user, twoFactorProviderType, twoFactorToken))
                         {
                             var device = await SaveDeviceAsync(user, context);
-                            BuildSuccessResult(user, context, device);
+                            await BuildSuccessResultAsync(user, context, device, twoFactorRequest,
+                                twoFactorProviderType, twoFactorRemember);
                             return;
                         }
                     }
@@ -74,7 +76,8 @@ namespace Bit.Core.IdentityServer
             BuildErrorResult(twoFactorRequest, context);
         }
 
-        private void BuildSuccessResult(User user, ResourceOwnerPasswordValidationContext context, Device device)
+        private async Task BuildSuccessResultAsync(User user, ResourceOwnerPasswordValidationContext context, Device device,
+            bool twoFactorRequest, TwoFactorProviderType twoFactorProviderType, bool twoFactorRemember)
         {
             var claims = new List<Claim>();
 
@@ -94,6 +97,12 @@ namespace Bit.Core.IdentityServer
                 customResponse.Add("Key", user.Key);
             }
 
+            if(twoFactorRequest && twoFactorRemember)
+            {
+                var token = await _userManager.GenerateTwoFactorTokenAsync(user, TwoFactorProviderType.Remember.ToString());
+                customResponse.Add("TwoFactorToken", token);
+            }
+
             context.Result = new GrantValidationResult(user.Id.ToString(), "Application",
                 identityProvider: "bitwarden",
                 claims: claims.Count > 0 ? claims : null,
@@ -167,6 +176,7 @@ namespace Bit.Core.IdentityServer
                 case TwoFactorProviderType.Duo:
                 case TwoFactorProviderType.YubiKey:
                 case TwoFactorProviderType.U2f:
+                case TwoFactorProviderType.Remember:
                     return await _userManager.VerifyTwoFactorTokenAsync(user, type.ToString(), token);
                 case TwoFactorProviderType.Email:
                     return await _userService.VerifyTwoFactorEmailAsync(user, token);

src/Core/Utilities/ServiceCollectionExtensions.cs

@@ -14,6 +14,7 @@ using Microsoft.AspNetCore.Identity;
 using Microsoft.Extensions.Configuration;
 using Microsoft.Extensions.DependencyInjection;
 using Microsoft.WindowsAzure.Storage;
+using System;
 using SqlServerRepos = Bit.Core.Repositories.SqlServer;
 
 namespace Bit.Core.Utilities
@@ -71,6 +72,11 @@ namespace Bit.Core.Utilities
         {
             services.AddTransient<ILookupNormalizer, LowerInvariantLookupNormalizer>();
 
+            services.Configure<TwoFactorRememberTokenProviderOptions>(options =>
+            {
+                options.TokenLifespan = TimeSpan.FromDays(30);
+            });
+
             var identityBuilder = services.AddIdentity<User, Role>(options =>
             {
                 options.User = new UserOptions
@@ -102,6 +108,7 @@ namespace Bit.Core.Utilities
                 .AddTokenProvider<YubicoOtpTokenProvider>(TwoFactorProviderType.YubiKey.ToString())
                 .AddTokenProvider<DuoWebTokenProvider>(TwoFactorProviderType.Duo.ToString())
                 .AddTokenProvider<U2fTokenProvider>(TwoFactorProviderType.U2f.ToString())
+                .AddTokenProvider<TwoFactorRememberTokenProvider>(TwoFactorProviderType.Remember.ToString())
                 .AddTokenProvider<EmailTokenProvider<User>>(TokenOptions.DefaultEmailProvider);
 
             return identityBuilder;