privacyidea · nilsbehlen · Aug 5, 2022 · Aug 1, 2022 · Aug 2, 2022 · Aug 5, 2022
diff --git a/Tests/SDKTests.cs b/Tests/SDKTests.cs
@@ -256,4 +256,4 @@ public void TriggerChallenges()
             Assert.AreEqual(webAuthnSignRequest.Replace("\n", "").Replace(" ", ""), signRequest);
         }
     }
-}
+}
diff --git a/privacyIDEAADFSProvider/Adapter.cs b/privacyIDEAADFSProvider/Adapter.cs
@@ -22,6 +22,7 @@ public class Adapter : IAuthenticationAdapter, PILog
         private bool _enrollmentEnabled = false;
         private List<string> _enrollmentApps = new List<string>();
         private string _otpHint = "";
+        private string _preferredTokenType = "otp";
         private List<string> _forwardHeaders = new List<string>();
         private PrivacyIDEA _privacyIDEA;
         private bool _debuglog = false;
@@ -136,7 +137,10 @@ public IAdapterPresentation BeginAuthentication(Claim identityClaim, HttpListene
                 }
             }
 
-            form.Mode = "otp";
+            if (String.IsNullOrEmpty(form.Mode))
+            {
+                form.Mode = "otp";
+            }
             authContext.Data.Add("userid", username);
             authContext.Data.Add("domain", domain);
 
@@ -339,7 +343,7 @@ public void OnAuthenticationPipelineLoad(IAuthenticationMethodConfigData configD
             // Read the other defined keys into a dict
             List<string> configKeys = new List<string>(new string[]
             { "use_upn", "url", "disable_ssl", "tls_version", "enable_enrollment", "service_user", "service_pass", "service_realm",
-                "realm", "trigger_challenges", "send_empty_pass", "otp_hint", "forward_headers" });
+                "realm", "trigger_challenges", "send_empty_pass", "otp_hint", "forward_headers", "preferred_token_type" });
 
             var configDict = new Dictionary<string, string>();
             configKeys.ForEach(key =>
@@ -405,6 +409,7 @@ public void OnAuthenticationPipelineLoad(IAuthenticationMethodConfigData configD
                 this._privacyIDEA.SetServiceAccount(serviceUser, servicePass, GetFromDict(configDict, "service_realm"));
             }
             this._otpHint = GetFromDict(configDict, "otp_hint", "");
+            this._preferredTokenType = GetFromDict(configDict, "preferred_token_type", "otp");
             this._use_upn = GetFromDict(configDict, "use_upn", "0") == "1";
 
             this._enrollmentEnabled = GetFromDict(configDict, "enable_enrollment", "0") == "1";
@@ -462,6 +467,12 @@ private AdapterPresentationForm ExtractChallengeDataToForm(PIResponse response,
                 string webAuthnSignRequest = response.WebAuthnSignRequest();
                 form.WebAuthnSignRequest = webAuthnSignRequest;
             }
+
+            if (response.TriggeredTokenTypes().Contains(this._preferredTokenType))
+            {
+                form.Mode = this._preferredTokenType;
+            }
+
             return form;
         }
 

diff --git a/privacyIDEAADFSProvider/PrivacyIDEA.cs b/privacyIDEAADFSProvider/PrivacyIDEA.cs
@@ -378,7 +378,7 @@ private string SendRequest(string endpoint, Dictionary<string, string> parameter
                 foreach (var element in headers)
                 {
                     request.Headers.Add(element.Key, element.Value);
-                    Log("Forwarding headers: " + element.Key + " = " + element.Value); // todo rm
+                    Log("Forwarding headers: " + element.Key + " = " + element.Value);
                 }
             }