diff options
| author | James Elliott <james-d-elliott@users.noreply.github.com> | 2023-01-25 20:36:40 +1100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2023-01-25 20:36:40 +1100 |
| commit | 65705a646dfd31e4477af3ffb35c584eb49346a4 (patch) | |
| tree | 882b5df73348c5fc6471e57ef6787c4b04cb68f4 /internal/handlers/handler_register_duo_device.go | |
| parent | 78064dec2e9b48308b71ff8862b27e6f8ded5d56 (diff) | |
feat(server): customizable authz endpoints (#4296)
This allows users to customize the authz endpoints.
Closes #2753, Fixes #3716
Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
Diffstat (limited to 'internal/handlers/handler_register_duo_device.go')
| -rw-r--r-- | internal/handlers/handler_register_duo_device.go | 62 |
1 files changed, 44 insertions, 18 deletions
diff --git a/internal/handlers/handler_register_duo_device.go b/internal/handlers/handler_register_duo_device.go index 8182cbdce..ca93950e6 100644 --- a/internal/handlers/handler_register_duo_device.go +++ b/internal/handlers/handler_register_duo_device.go @@ -8,21 +8,31 @@ import ( "github.com/authelia/authelia/v4/internal/duo" "github.com/authelia/authelia/v4/internal/middlewares" "github.com/authelia/authelia/v4/internal/model" + "github.com/authelia/authelia/v4/internal/session" "github.com/authelia/authelia/v4/internal/utils" ) // DuoDevicesGET handler for retrieving available devices and capabilities from duo api. func DuoDevicesGET(duoAPI duo.API) middlewares.RequestHandler { return func(ctx *middlewares.AutheliaCtx) { - userSession := ctx.GetSession() + var ( + userSession session.UserSession + err error + ) + + if userSession, err = ctx.GetSession(); err != nil { + ctx.Error(fmt.Errorf("failed to get session data: %w", err), messageMFAValidationFailed) + return + } + values := url.Values{} values.Set("username", userSession.Username) ctx.Logger.Debugf("Starting Duo PreAuth for %s", userSession.Username) - result, message, devices, enrollURL, err := DuoPreAuth(ctx, duoAPI) + result, message, devices, enrollURL, err := DuoPreAuth(ctx, &userSession, duoAPI) if err != nil { - ctx.Error(fmt.Errorf("duo PreAuth API errored: %s", err), messageMFAValidationFailed) + ctx.Error(fmt.Errorf("duo PreAuth API errored: %w", err), messageMFAValidationFailed) return } @@ -80,39 +90,55 @@ func DuoDevicesGET(duoAPI duo.API) middlewares.RequestHandler { // DuoDevicePOST update the user preferences regarding Duo device and method. func DuoDevicePOST(ctx *middlewares.AutheliaCtx) { - device := DuoDeviceBody{} + bodyJSON := DuoDeviceBody{} - err := ctx.ParseBody(&device) - if err != nil { + var ( + userSession session.UserSession + err error + ) + + if err = ctx.ParseBody(&bodyJSON); err != nil { ctx.Error(err, messageMFAValidationFailed) return } - if !utils.IsStringInSlice(device.Method, duo.PossibleMethods) { - ctx.Error(fmt.Errorf("unknown method '%s', it should be one of %s", device.Method, strings.Join(duo.PossibleMethods, ", ")), messageMFAValidationFailed) + if !utils.IsStringInSlice(bodyJSON.Method, duo.PossibleMethods) { + ctx.Error(fmt.Errorf("unknown method '%s', it should be one of %s", bodyJSON.Method, strings.Join(duo.PossibleMethods, ", ")), messageMFAValidationFailed) return } - userSession := ctx.GetSession() - ctx.Logger.Debugf("Save new preferred Duo device and method of user %s to %s using %s", userSession.Username, device.Device, device.Method) - err = ctx.Providers.StorageProvider.SavePreferredDuoDevice(ctx, model.DuoDevice{Username: userSession.Username, Device: device.Device, Method: device.Method}) + if userSession, err = ctx.GetSession(); err != nil { + ctx.Error(err, messageMFAValidationFailed) + return + } + + ctx.Logger.Debugf("Save new preferred Duo device and method of user %s to %s using %s", userSession.Username, bodyJSON.Device, bodyJSON.Method) + err = ctx.Providers.StorageProvider.SavePreferredDuoDevice(ctx, model.DuoDevice{Username: userSession.Username, Device: bodyJSON.Device, Method: bodyJSON.Method}) if err != nil { - ctx.Error(fmt.Errorf("unable to save new preferred Duo device and method: %s", err), messageMFAValidationFailed) + ctx.Error(fmt.Errorf("unable to save new preferred Duo device and method: %w", err), messageMFAValidationFailed) return } ctx.ReplyOK() } -// SecondFactorDuoDeviceDelete deletes the useres preferred Duo device and method. -func SecondFactorDuoDeviceDelete(ctx *middlewares.AutheliaCtx) { - userSession := ctx.GetSession() +// DuoDeviceDELETE deletes the useres preferred Duo device and method. +func DuoDeviceDELETE(ctx *middlewares.AutheliaCtx) { + var ( + userSession session.UserSession + err error + ) + + if userSession, err = ctx.GetSession(); err != nil { + ctx.Error(fmt.Errorf("unable to get session to delete preferred Duo device and method: %w", err), messageMFAValidationFailed) + return + } + ctx.Logger.Debugf("Deleting preferred Duo device and method of user %s", userSession.Username) - err := ctx.Providers.StorageProvider.DeletePreferredDuoDevice(ctx, userSession.Username) - if err != nil { - ctx.Error(fmt.Errorf("unable to delete preferred Duo device and method: %s", err), messageMFAValidationFailed) + if err = ctx.Providers.StorageProvider.DeletePreferredDuoDevice(ctx, userSession.Username); err != nil { + ctx.Error(fmt.Errorf("unable to delete preferred Duo device and method: %w", err), messageMFAValidationFailed) return } |