Fix telnyx auth api response parsing

This is clearly a terrible bug that would authenticate anyone regardles of if they input the correct code. I'm not sure if the API changed out from under me, or more likley I templated this in and didn't follow up to finish it.
althea-net · Sep 18, 2024 · 3b3fde3 · 3b3fde3
1 parent 6a705db
commit 3b3fde3
Showing 1 changed file with 25 additions and 2 deletions.
diff --git a/rita_client_registration/src/lib.rs b/rita_client_registration/src/lib.rs
@@ -8,7 +8,7 @@ use std::{
 };
 
 use althea_types::{ExitClientIdentity, Identity, WgKey};
-use awc::error::SendRequestError;
+use awc::error::{JsonPayloadError, SendRequestError};
 use clarity::Address;
 use phonenumber::PhoneNumber;
 use serde::{Deserialize, Serialize};
@@ -60,6 +60,14 @@ impl Display for TextApiError {
 
 impl Error for TextApiError {}
 
+impl From<JsonPayloadError> for TextApiError {
+    fn from(value: JsonPayloadError) -> Self {
+        TextApiError::InternalServerError {
+            error: value.to_string(),
+        }
+    }
+}
+
 impl From<SendRequestError> for TextApiError {
     fn from(value: SendRequestError) -> Self {
         TextApiError::SendRequestError { error: value }
@@ -301,6 +309,13 @@ pub struct TelnyxSmsAuthCheck {
     code: String,
 }
 
+/// Response code is either accepted or rejected
+#[derive(Debug, Deserialize)]
+pub struct TelnyxSmsAuthResponse {
+    pub phone_number: PhoneNumber,
+    pub response_code: String,
+}
+
 /// Posts to the validation endpoint with the code, will return success if the code
 /// is the same as the one sent to the user
 pub async fn check_sms_auth_result(
@@ -316,6 +331,7 @@ pub async fn check_sms_auth_result(
         number
     );
 
+
     let client = awc::Client::default();
     match client
         .post(check_url)
@@ -326,7 +342,14 @@ pub async fn check_sms_auth_result(
         })
         .await
     {
-        Ok(a) => Ok(a.status().is_success()),
+        Ok(mut a) => {
+            let response = a.json::<TelnyxSmsAuthResponse>().await?;
+            if response.response_code == "accepted" {
+                Ok(true)
+            } else {
+                Ok(false)
+            }
+        },
         Err(e) => {
             error!("Failed to verify code with {:?}", e);
             Err(e.into())