Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix(user_auth_method): make id option in auth select #5213

Merged
merged 2 commits into from
Jul 4, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion crates/api_models/src/user.rs
Original file line number Diff line number Diff line change
Expand Up @@ -377,5 +377,5 @@ pub struct AuthIdQueryParam {

#[derive(Debug, serde::Deserialize, serde::Serialize)]
pub struct AuthSelectRequest {
pub id: String,
pub id: Option<String>,
}
41 changes: 29 additions & 12 deletions crates/router/src/core/user.rs
Original file line number Diff line number Diff line change
Expand Up @@ -2306,21 +2306,38 @@ pub async fn terminate_auth_select(
.change_context(UserErrors::InternalServerError)?
.into();

let user_authentication_method = state
.store
.get_user_authentication_method_by_id(&req.id)
.await
.to_not_found_response(UserErrors::InvalidUserAuthMethodOperation)?;
if let Some(id) = &req.id {
let user_authentication_method = state
.store
.get_user_authentication_method_by_id(id)
.await
.to_not_found_response(UserErrors::InvalidUserAuthMethodOperation)?;

let current_flow = domain::CurrentFlow::new(user_token, domain::SPTFlow::AuthSelect.into())?;
let mut next_flow = current_flow.next(user_from_db.clone(), &state).await?;
let current_flow =
domain::CurrentFlow::new(user_token, domain::SPTFlow::AuthSelect.into())?;
let mut next_flow = current_flow.next(user_from_db.clone(), &state).await?;

// Skip SSO if continue with password(TOTP)
if next_flow.get_flow() == domain::UserFlow::SPTFlow(domain::SPTFlow::SSO)
&& !utils::user::is_sso_auth_type(&user_authentication_method.auth_type)
{
next_flow = next_flow.skip(user_from_db, &state).await?;
// Skip SSO if continue with password(TOTP)
if next_flow.get_flow() == domain::UserFlow::SPTFlow(domain::SPTFlow::SSO)
&& !utils::user::is_sso_auth_type(&user_authentication_method.auth_type)
{
next_flow = next_flow.skip(user_from_db, &state).await?;
}
let token = next_flow.get_token(&state).await?;

return auth::cookies::set_cookie_response(
user_api::TokenResponse {
token: token.clone(),
token_type: next_flow.get_flow().into(),
},
token,
);
}

// Giving totp token for hyperswtich users when no id is present in the request body
let current_flow = domain::CurrentFlow::new(user_token, domain::SPTFlow::AuthSelect.into())?;
let mut next_flow = current_flow.next(user_from_db.clone(), &state).await?;
next_flow = next_flow.skip(user_from_db, &state).await?;
let token = next_flow.get_token(&state).await?;

auth::cookies::set_cookie_response(
Expand Down
Loading