TheArchive/zitadel
1
0
Fork 0
mirror of https://github.com/zitadel/zitadel.git synced 2025-08-13 02:47:39 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat(api/v2): implement U2F session check (#6339)

Browse Source
This commit is contained in:
Tim Möhlmann
2023-08-11 18:36:18 +03:00
committed by GitHub
parent 4e0c3115fe
commit 86af67d1be
47 changed files with 1035 additions and 665 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
internal/command/user_human_webauthn.go
View File

@@ -24,7 +24,7 @@ func (c *Commands) getHumanU2FTokens(ctx context.Context, userID, resourceowner
if tokenReadModel.UserState == domain.UserStateDeleted {
return nil, caos_errs.ThrowNotFound(nil, "COMMAND-4M0ds", "Errors.User.NotFound")
}
return readModelToU2FTokens(tokenReadModel), nil
return readModelToWebAuthNTokens(tokenReadModel), nil
}
func (c *Commands) getHumanPasswordlessTokens(ctx context.Context, userID, resourceOwner string) ([]*domain.WebAuthNToken, error) {
@@ -36,7 +36,7 @@ func (c *Commands) getHumanPasswordlessTokens(ctx context.Context, userID, resou
if tokenReadModel.UserState == domain.UserStateDeleted {
return nil, caos_errs.ThrowNotFound(nil, "COMMAND-Mv9sd", "Errors.User.NotFound")
}
return readModelToPasswordlessTokens(tokenReadModel), nil
return readModelToWebAuthNTokens(tokenReadModel), nil
}
func (c *Commands) getHumanU2FLogin(ctx context.Context, userID, authReqID, resourceowner string) (*domain.WebAuthNLogin, error) {
@@ -454,12 +454,12 @@ func (c *Commands) finishWebAuthNLogin(ctx context.Context, userID, resourceOwne
if err != nil {
return nil, nil, 0, err
}
keyID, signCount, err := c.webauthnConfig.FinishLogin(ctx, human, webAuthN, credentialData, tokens...)
if err != nil && keyID == nil {
credential, err := c.webauthnConfig.FinishLogin(ctx, human, webAuthN, credentialData, tokens...)
if err != nil && (credential == nil || credential.ID == nil) {
return nil, nil, 0, err
}
_, token := domain.GetTokenByKeyID(tokens, keyID)
_, token := domain.GetTokenByKeyID(tokens, credential.ID)
if token == nil {
return nil, nil, 0, caos_errs.ThrowPreconditionFailed(nil, "COMMAND-3b7zs", "Errors.User.WebAuthN.NotFound")
}
@@ -470,7 +470,7 @@ func (c *Commands) finishWebAuthNLogin(ctx context.Context, userID, resourceOwne
}
userAgg := UserAggregateFromWriteModel(&writeModel.WriteModel)
return userAgg, token, signCount, nil
return userAgg, token, credential.Authenticator.SignCount, nil
}
func (c *Commands) HumanRemoveU2F(ctx context.Context, userID, webAuthNID, resourceOwner string) (*domain.ObjectDetails, error) {