From 3f90d620b890d2b2daf38881667fdf7e14a528b2 Mon Sep 17 00:00:00 2001
From: Livio Amstutz <livio.a@gmail.com>
Date: Wed, 21 Apr 2021 13:23:05 +0200
Subject: [PATCH] fix: ignore otp.verified v1 event for usersessions (#1633)

* remove MFAOTPVerified from user session projection

* add tracing for VerifyOIDCClientSecret in commands

* fix test
---
 internal/command/project_application_oidc.go             | 5 ++++-
 internal/user/repository/view/model/user_session.go      | 3 +--
 internal/user/repository/view/model/user_session_test.go | 4 ++--
 3 files changed, 7 insertions(+), 5 deletions(-)

diff --git a/internal/command/project_application_oidc.go b/internal/command/project_application_oidc.go
index 68f64345aa..540c69eea0 100644
--- a/internal/command/project_application_oidc.go
+++ b/internal/command/project_application_oidc.go
@@ -170,7 +170,10 @@ func (c *Commands) ChangeOIDCApplicationSecret(ctx context.Context, projectID, a
 	return result, err
 }
 
-func (c *Commands) VerifyOIDCClientSecret(ctx context.Context, projectID, appID, secret string) error {
+func (c *Commands) VerifyOIDCClientSecret(ctx context.Context, projectID, appID, secret string) (err error) {
+	ctx, span := tracing.NewSpan(ctx)
+	defer func() { span.EndWithError(err) }()
+
 	app, err := c.getOIDCAppWriteModel(ctx, projectID, appID, "")
 	if err != nil {
 		return err
diff --git a/internal/user/repository/view/model/user_session.go b/internal/user/repository/view/model/user_session.go
index 541b7eff45..747dc552a7 100644
--- a/internal/user/repository/view/model/user_session.go
+++ b/internal/user/repository/view/model/user_session.go
@@ -120,8 +120,7 @@ func (v *UserSessionView) AppendEvent(event *models.Event) error {
 		if v.UserAgentID != data.UserAgentID {
 			v.PasswordVerification = time.Time{}
 		}
-	case es_model.MFAOTPVerified,
-		es_model.HumanMFAOTPVerified:
+	case es_model.HumanMFAOTPVerified:
 		data := new(es_model.OTPVerified)
 		err := data.SetData(event)
 		if err != nil {
diff --git a/internal/user/repository/view/model/user_session_test.go b/internal/user/repository/view/model/user_session_test.go
index 10ccb0646e..7b9270e1a2 100644
--- a/internal/user/repository/view/model/user_session_test.go
+++ b/internal/user/repository/view/model/user_session_test.go
@@ -119,7 +119,7 @@ func TestAppendEvent(t *testing.T) {
 			args: args{
 				event: &es_models.Event{
 					CreationDate: now(),
-					Type:         es_model.MFAOTPVerified,
+					Type:         es_model.HumanMFAOTPVerified,
 					Data:         nil,
 				},
 				userView: &UserSessionView{UserAgentID: "id"},
@@ -131,7 +131,7 @@ func TestAppendEvent(t *testing.T) {
 			args: args{
 				event: &es_models.Event{
 					CreationDate: now(),
-					Type:         es_model.MFAOTPVerified,
+					Type:         es_model.HumanMFAOTPVerified,
 					Data: func() []byte {
 						d, _ := json.Marshal(&es_model.OTPVerified{
 							UserAgentID: "id",