Timshel
1 year ago
committed by
GitHub
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with
2 additions and
4 deletions
-
src/api/core/two_factor/duo_oidc.rs
-
src/api/identity.rs
|
|
@ -423,8 +423,6 @@ pub async fn validate_duo_login( |
|
|
device_identifier: &str, |
|
|
device_identifier: &str, |
|
|
conn: &mut DbConn, |
|
|
conn: &mut DbConn, |
|
|
) -> EmptyResult { |
|
|
) -> EmptyResult { |
|
|
let email = &email.to_lowercase(); |
|
|
|
|
|
|
|
|
|
|
|
// Result supplied to us by clients in the form "<authz code>|<state>"
|
|
|
// Result supplied to us by clients in the form "<authz code>|<state>"
|
|
|
let split: Vec<&str> = two_factor_token.split('|').collect(); |
|
|
let split: Vec<&str> = two_factor_token.split('|').collect(); |
|
|
if split.len() != 2 { |
|
|
if split.len() != 2 { |
|
|
|
|
|
@ -524,12 +524,12 @@ async fn twofactor_auth( |
|
|
match CONFIG.duo_use_iframe() { |
|
|
match CONFIG.duo_use_iframe() { |
|
|
true => { |
|
|
true => { |
|
|
// Legacy iframe prompt flow
|
|
|
// Legacy iframe prompt flow
|
|
|
duo::validate_duo_login(data.username.as_ref().unwrap().trim(), twofactor_code, conn).await? |
|
|
duo::validate_duo_login(&user.email, twofactor_code, conn).await? |
|
|
} |
|
|
} |
|
|
false => { |
|
|
false => { |
|
|
// OIDC based flow
|
|
|
// OIDC based flow
|
|
|
duo_oidc::validate_duo_login( |
|
|
duo_oidc::validate_duo_login( |
|
|
data.username.as_ref().unwrap().trim(), |
|
|
&user.email, |
|
|
twofactor_code, |
|
|
twofactor_code, |
|
|
data.client_id.as_ref().unwrap(), |
|
|
data.client_id.as_ref().unwrap(), |
|
|
data.device_identifier.as_ref().unwrap(), |
|
|
data.device_identifier.as_ref().unwrap(), |
|
|
|
