TheArchive/zitadel
1
0
Fork 0
mirror of https://github.com/zitadel/zitadel.git synced 2025-02-28 19:37:24 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: pass necessary webauthn data through events (#1544)

Browse Source
This commit is contained in:
Livio Amstutz 2021-04-07 14:19:01 +02:00 committed by GitHub
parent f889b85d42
commit b96d158484
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 15 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
internal/command/user_human_webauthn.go
View File

@ -43,7 +43,7 @@ func (c *Commands) getHumanU2FLogin(ctx context.Context, userID, authReqID, reso
if err != nil {
return nil, err
}
if tokenReadModel.State == domain.UserStateDeleted {
if tokenReadModel.State == domain.UserStateUnspecified || tokenReadModel.State == domain.UserStateDeleted {
return nil, caos_errs.ThrowNotFound(nil, "COMMAND-5m88U", "Errors.User.NotFound")
}
return &domain.WebAuthNLogin{
@ -62,11 +62,16 @@ func (c *Commands) getHumanPasswordlessLogin(ctx context.Context, userID, authRe
if err != nil {
return nil, err
}
if tokenReadModel.State == domain.UserStateDeleted {
if tokenReadModel.State == domain.UserStateUnspecified || tokenReadModel.State == domain.UserStateDeleted {
return nil, caos_errs.ThrowNotFound(nil, "COMMAND-fm84R", "Errors.User.NotFound")
}
return &domain.WebAuthNLogin{
Challenge: tokenReadModel.Challenge,
ObjectRoot: models.ObjectRoot{
AggregateID: tokenReadModel.AggregateID,
},
Challenge: tokenReadModel.Challenge,
AllowedCredentialIDs: tokenReadModel.AllowedCredentialIDs,
UserVerification: tokenReadModel.UserVerification,
}, nil
}

10
internal/command/user_human_webauthn_model.go
View File

@ -361,9 +361,11 @@ func (rm *HumanU2FLoginReadModel) Query() *eventstore.SearchQueryBuilder {
type HumanPasswordlessLoginReadModel struct {
eventstore.WriteModel
AuthReqID string
Challenge string
State domain.UserState
AuthReqID string
Challenge string
AllowedCredentialIDs [][]byte
UserVerification domain.UserVerificationRequirement
State domain.UserState
}
func NewHumanPasswordlessLoginReadModel(userID, authReqID, resourceOwner string) *HumanPasswordlessLoginReadModel {
@ -395,6 +397,8 @@ func (wm *HumanPasswordlessLoginReadModel) Reduce() error {
switch e := event.(type) {
case *user.HumanPasswordlessBeginLoginEvent:
wm.Challenge = e.Challenge
wm.AllowedCredentialIDs = e.AllowedCredentialIDs
wm.UserVerification = e.UserVerification
wm.State = domain.UserStateActive
case *user.UserRemovedEvent:
wm.State = domain.UserStateDeleted