mirror of
https://github.com/zitadel/zitadel.git
synced 2025-01-11 23:43:39 +00:00
99b2c33ccb
* feat: default custom message text * feat: org custom message text * feat: org custom message text * feat: custom messages query side * feat: default messages * feat: message text user fields * feat: check for inactive user * feat: fix send password reset * feat: fix custom org text * feat: add variables to docs * feat: custom text tests * feat: fix notifications * feat: add custom text feature * feat: add custom text feature * feat: feature in custom message texts * feat: add custom text feature in frontend * feat: merge main * feat: feature tests * feat: change phone message in setup * fix: remove unused code, add event translation * fix: merge main and fix problems * fix: english translation file * fix: migration versions * fix: setup * fix: custom login text * feat: add all possible custom texts for login * feat: iam login texts * feat: org login texts * feat: protos * fix: custom text in admin api * fix: add success login text * fix: docs * fix: add custom login texts to management api * fix: add sub messages to custom login texts * fix: setup custom texts * feat: get org login texts * feat: get org login texts * feat: handler in adminapi * feat: handlers in auth and admin * feat: render login texts * feat: custom login text * feat: add all login text keys * feat: handle correct login texts * feat: custom login texts in command side * feat: custom login texts in command side * feat: fix yaml file * feat: merge master and add confirmation text * feat: fix html * feat: read default login texts * feat: get default text files * feat: get custom texts org * feat: tests * feat: change translator handling * fix translator from authReq * feat: change h1 on login screens * feat: add custom login text for remove * feat: add custom login text for remove * feat: cache translation files * feat: cache translation files * feat: zitadel user in env var * feat: add registration user description * feat: better func naming * feat: tests * feat: add mutex to read file * feat: add mutex to read file * fix mutex for accessing translation map * fix: translation key Co-authored-by: Livio Amstutz <livio.a@gmail.com>
44 lines
1.1 KiB
Go
44 lines
1.1 KiB
Go
package domain
|
|
|
|
import (
|
|
"github.com/caos/zitadel/internal/crypto"
|
|
caos_errs "github.com/caos/zitadel/internal/errors"
|
|
es_models "github.com/caos/zitadel/internal/eventstore/v1/models"
|
|
"github.com/pquerna/otp"
|
|
"github.com/pquerna/otp/totp"
|
|
)
|
|
|
|
type OTP struct {
|
|
es_models.ObjectRoot
|
|
|
|
Secret *crypto.CryptoValue
|
|
SecretString string
|
|
Url string
|
|
State MFAState
|
|
}
|
|
|
|
func NewOTPKey(issuer, accountName string, cryptoAlg crypto.EncryptionAlgorithm) (*otp.Key, *crypto.CryptoValue, error) {
|
|
key, err := totp.Generate(totp.GenerateOpts{Issuer: issuer, AccountName: accountName})
|
|
if err != nil {
|
|
return nil, nil, err
|
|
}
|
|
encryptedSecret, err := crypto.Encrypt([]byte(key.Secret()), cryptoAlg)
|
|
if err != nil {
|
|
return nil, nil, err
|
|
}
|
|
return key, encryptedSecret, nil
|
|
}
|
|
|
|
func VerifyMFAOTP(code string, secret *crypto.CryptoValue, cryptoAlg crypto.EncryptionAlgorithm) error {
|
|
decrypt, err := crypto.DecryptString(secret, cryptoAlg)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
valid := totp.Validate(code, decrypt)
|
|
if !valid {
|
|
return caos_errs.ThrowInvalidArgument(nil, "EVENT-8isk2", "Errors.User.MFA.Provider0.InvalidCode")
|
|
}
|
|
return nil
|
|
}
|