From ce719a3fa4b2559c234f545b3795f51d263ae88f Mon Sep 17 00:00:00 2001 From: Livio Spring Date: Fri, 13 Oct 2023 17:45:38 +0300 Subject: [PATCH] fix(notification): get origin from all relevant events and fix nil pointer (#6726) --- internal/notification/handlers/origin.go | 9 ++++--- internal/notification/types/user_email.go | 2 +- internal/notification/types/user_phone.go | 3 ++- internal/repository/session/session.go | 18 ++++++++----- internal/repository/user/human_mfa_otp.go | 33 ++++++++++++++++------- internal/repository/user/human_phone.go | 19 ++++++++----- 6 files changed, 57 insertions(+), 27 deletions(-) diff --git a/internal/notification/handlers/origin.go b/internal/notification/handlers/origin.go index a807edd2d3..915e1fed1e 100644 --- a/internal/notification/handlers/origin.go +++ b/internal/notification/handlers/origin.go @@ -2,9 +2,10 @@ package handlers import ( "context" - "fmt" "net/url" + "github.com/zitadel/logging" + "github.com/zitadel/zitadel/internal/api/authz" http_utils "github.com/zitadel/zitadel/internal/api/http" "github.com/zitadel/zitadel/internal/errors" @@ -18,11 +19,13 @@ type OriginEvent interface { } func (n *NotificationQueries) Origin(ctx context.Context, e eventstore.Event) (context.Context, error) { + var origin string originEvent, ok := e.(OriginEvent) if !ok { - return ctx, errors.ThrowInternal(fmt.Errorf("event of type %T doesn't implement OriginEvent", e), "NOTIF-3m9fs", "Errors.Internal") + logging.Errorf("event of type %T doesn't implement OriginEvent", e) + } else { + origin = originEvent.TriggerOrigin() } - origin := originEvent.TriggerOrigin() if origin != "" { originURL, err := url.Parse(origin) if err != nil { diff --git a/internal/notification/types/user_email.go b/internal/notification/types/user_email.go index 7cb3498e4d..152b630769 100644 --- a/internal/notification/types/user_email.go +++ b/internal/notification/types/user_email.go @@ -33,7 +33,7 @@ func generateEmail( if err != nil { return err } - if emailChannels.Len() == 0 { + if emailChannels == nil || emailChannels.Len() == 0 { return errors.ThrowPreconditionFailed(nil, "MAIL-83nof", "Errors.Notification.Channels.NotPresent") } return emailChannels.HandleMessage(message) diff --git a/internal/notification/types/user_phone.go b/internal/notification/types/user_phone.go index 50b7f86375..6eb3314cda 100644 --- a/internal/notification/types/user_phone.go +++ b/internal/notification/types/user_phone.go @@ -4,6 +4,7 @@ import ( "context" "github.com/zitadel/logging" + "github.com/zitadel/zitadel/internal/errors" "github.com/zitadel/zitadel/internal/eventstore" "github.com/zitadel/zitadel/internal/notification/messages" @@ -21,7 +22,7 @@ func generateSms( number := "" smsChannels, twilioConfig, err := channels.SMS(ctx) logging.OnError(err).Error("could not create sms channel") - if smsChannels.Len() == 0 { + if smsChannels == nil || smsChannels.Len() == 0 { return errors.ThrowPreconditionFailed(nil, "PHONE-w8nfow", "Errors.Notification.Channels.NotPresent") } if err == nil { diff --git a/internal/repository/session/session.go b/internal/repository/session/session.go index 1966c178eb..106b205183 100644 --- a/internal/repository/session/session.go +++ b/internal/repository/session/session.go @@ -312,9 +312,10 @@ func NewTOTPCheckedEvent( type OTPSMSChallengedEvent struct { eventstore.BaseEvent `json:"-"` - Code *crypto.CryptoValue `json:"code"` - Expiry time.Duration `json:"expiry"` - CodeReturned bool `json:"codeReturned,omitempty"` + Code *crypto.CryptoValue `json:"code"` + Expiry time.Duration `json:"expiry"` + CodeReturned bool `json:"codeReturned,omitempty"` + TriggeredAtOrigin string `json:"triggerOrigin,omitempty"` } func (e *OTPSMSChallengedEvent) Data() interface{} { @@ -329,6 +330,10 @@ func (e *OTPSMSChallengedEvent) SetBaseEvent(base *eventstore.BaseEvent) { e.BaseEvent = *base } +func (e *OTPSMSChallengedEvent) TriggerOrigin() string { + return e.TriggeredAtOrigin +} + func NewOTPSMSChallengedEvent( ctx context.Context, aggregate *eventstore.Aggregate, @@ -342,9 +347,10 @@ func NewOTPSMSChallengedEvent( aggregate, OTPSMSChallengedType, ), - Code: code, - Expiry: expiry, - CodeReturned: codeReturned, + Code: code, + Expiry: expiry, + CodeReturned: codeReturned, + TriggeredAtOrigin: http.ComposedOrigin(ctx), } } diff --git a/internal/repository/user/human_mfa_otp.go b/internal/repository/user/human_mfa_otp.go index 52d5ad7a0c..d3dd2824cd 100644 --- a/internal/repository/user/human_mfa_otp.go +++ b/internal/repository/user/human_mfa_otp.go @@ -5,6 +5,7 @@ import ( "encoding/json" "time" + "github.com/zitadel/zitadel/internal/api/http" "github.com/zitadel/zitadel/internal/eventstore" "github.com/zitadel/zitadel/internal/crypto" @@ -279,8 +280,9 @@ func NewHumanOTPSMSRemovedEvent( type HumanOTPSMSCodeAddedEvent struct { eventstore.BaseEvent `json:"-"` - Code *crypto.CryptoValue `json:"code,omitempty"` - Expiry time.Duration `json:"expiry,omitempty"` + Code *crypto.CryptoValue `json:"code,omitempty"` + Expiry time.Duration `json:"expiry,omitempty"` + TriggeredAtOrigin string `json:"triggerOrigin,omitempty"` *AuthRequestInfo } @@ -296,6 +298,10 @@ func (e *HumanOTPSMSCodeAddedEvent) SetBaseEvent(event *eventstore.BaseEvent) { e.BaseEvent = *event } +func (e *HumanOTPSMSCodeAddedEvent) TriggerOrigin() string { + return e.TriggeredAtOrigin +} + func NewHumanOTPSMSCodeAddedEvent( ctx context.Context, aggregate *eventstore.Aggregate, @@ -309,9 +315,10 @@ func NewHumanOTPSMSCodeAddedEvent( aggregate, HumanOTPSMSCodeAddedType, ), - Code: code, - Expiry: expiry, - AuthRequestInfo: info, + Code: code, + Expiry: expiry, + TriggeredAtOrigin: http.ComposedOrigin(ctx), + AuthRequestInfo: info, } } @@ -473,8 +480,9 @@ func NewHumanOTPEmailRemovedEvent( type HumanOTPEmailCodeAddedEvent struct { eventstore.BaseEvent `json:"-"` - Code *crypto.CryptoValue `json:"code,omitempty"` - Expiry time.Duration `json:"expiry,omitempty"` + Code *crypto.CryptoValue `json:"code,omitempty"` + Expiry time.Duration `json:"expiry,omitempty"` + TriggeredAtOrigin string `json:"triggerOrigin,omitempty"` *AuthRequestInfo } @@ -490,6 +498,10 @@ func (e *HumanOTPEmailCodeAddedEvent) SetBaseEvent(event *eventstore.BaseEvent) e.BaseEvent = *event } +func (e *HumanOTPEmailCodeAddedEvent) TriggerOrigin() string { + return e.TriggeredAtOrigin +} + func NewHumanOTPEmailCodeAddedEvent( ctx context.Context, aggregate *eventstore.Aggregate, @@ -503,9 +515,10 @@ func NewHumanOTPEmailCodeAddedEvent( aggregate, HumanOTPEmailCodeAddedType, ), - Code: code, - Expiry: expiry, - AuthRequestInfo: info, + Code: code, + Expiry: expiry, + AuthRequestInfo: info, + TriggeredAtOrigin: http.ComposedOrigin(ctx), } } diff --git a/internal/repository/user/human_phone.go b/internal/repository/user/human_phone.go index c6586c54e5..135b8f899b 100644 --- a/internal/repository/user/human_phone.go +++ b/internal/repository/user/human_phone.go @@ -5,6 +5,7 @@ import ( "encoding/json" "time" + "github.com/zitadel/zitadel/internal/api/http" "github.com/zitadel/zitadel/internal/crypto" "github.com/zitadel/zitadel/internal/domain" "github.com/zitadel/zitadel/internal/errors" @@ -149,9 +150,10 @@ func HumanPhoneVerificationFailedEventMapper(event *repository.Event) (eventstor type HumanPhoneCodeAddedEvent struct { eventstore.BaseEvent `json:"-"` - Code *crypto.CryptoValue `json:"code,omitempty"` - Expiry time.Duration `json:"expiry,omitempty"` - CodeReturned bool `json:"code_returned,omitempty"` + Code *crypto.CryptoValue `json:"code,omitempty"` + Expiry time.Duration `json:"expiry,omitempty"` + CodeReturned bool `json:"code_returned,omitempty"` + TriggeredAtOrigin string `json:"triggerOrigin,omitempty"` } func (e *HumanPhoneCodeAddedEvent) Data() interface{} { @@ -162,6 +164,10 @@ func (e *HumanPhoneCodeAddedEvent) UniqueConstraints() []*eventstore.EventUnique return nil } +func (e *HumanPhoneCodeAddedEvent) TriggerOrigin() string { + return e.TriggeredAtOrigin +} + func NewHumanPhoneCodeAddedEvent( ctx context.Context, aggregate *eventstore.Aggregate, @@ -183,9 +189,10 @@ func NewHumanPhoneCodeAddedEventV2( aggregate, HumanPhoneCodeAddedType, ), - Code: code, - Expiry: expiry, - CodeReturned: codeReturned, + Code: code, + Expiry: expiry, + CodeReturned: codeReturned, + TriggeredAtOrigin: http.ComposedOrigin(ctx), } }