diff options
| author | Joram Wilander <jwawilander@gmail.com> | 2016-11-03 10:41:11 -0400 |
|---|---|---|
| committer | Christopher Speller <crspeller@gmail.com> | 2016-11-03 10:41:11 -0400 |
| commit | 0234f793f29a90572d2288b7b22b75cd5ab83648 (patch) | |
| tree | 76f67d1be0756c9186973f4db27a77643efcdfeb /api | |
| parent | 5b34ac6e1e4d24f51c754926305149b7986f38c4 (diff) | |
| download | chat-0234f793f29a90572d2288b7b22b75cd5ab83648.tar.gz chat-0234f793f29a90572d2288b7b22b75cd5ab83648.tar.bz2 chat-0234f793f29a90572d2288b7b22b75cd5ab83648.zip | |
EE: PLT-4512 Show secret in addition to QR code when activating MFA (#4427)
* EE: Update MFA to display secret for manual entry
* Width adjustments for secret (#4423)
* Add unit test
Diffstat (limited to 'api')
| -rw-r--r-- | api/user.go | 15 | ||||
| -rw-r--r-- | api/user_test.go | 6 |
2 files changed, 12 insertions, 9 deletions
diff --git a/api/user.go b/api/user.go index 2c00dd4c8..787039355 100644 --- a/api/user.go +++ b/api/user.go @@ -64,7 +64,7 @@ func InitUser() { BaseRoutes.NeedChannel.Handle("/users/autocomplete", ApiUserRequired(autocompleteUsersInChannel)).Methods("GET") BaseRoutes.Users.Handle("/mfa", ApiAppHandler(checkMfa)).Methods("POST") - BaseRoutes.Users.Handle("/generate_mfa_qr", ApiUserRequiredTrustRequester(generateMfaQrCode)).Methods("GET") + BaseRoutes.Users.Handle("/generate_mfa_secret", ApiUserRequiredTrustRequester(generateMfaSecret)).Methods("GET") BaseRoutes.Users.Handle("/update_mfa", ApiUserRequired(updateMfa)).Methods("POST") BaseRoutes.Users.Handle("/claim/email_to_oauth", ApiAppHandler(emailToOAuth)).Methods("POST") @@ -2306,7 +2306,7 @@ func resendVerification(c *Context, w http.ResponseWriter, r *http.Request) { } } -func generateMfaQrCode(c *Context, w http.ResponseWriter, r *http.Request) { +func generateMfaSecret(c *Context, w http.ResponseWriter, r *http.Request) { uchan := Srv.Store.User().Get(c.Session.UserId) var user *model.User @@ -2319,22 +2319,25 @@ func generateMfaQrCode(c *Context, w http.ResponseWriter, r *http.Request) { mfaInterface := einterfaces.GetMfaInterface() if mfaInterface == nil { - c.Err = model.NewLocAppError("generateMfaQrCode", "api.user.generate_mfa_qr.not_available.app_error", nil, "") + c.Err = model.NewLocAppError("generateMfaSecret", "api.user.generate_mfa_qr.not_available.app_error", nil, "") c.Err.StatusCode = http.StatusNotImplemented return } - img, err := mfaInterface.GenerateQrCode(user) + secret, img, err := mfaInterface.GenerateSecret(user) if err != nil { c.Err = err return } - w.Header().Del("Content-Type") // Content-Type will be set automatically by the http writer + resp := map[string]string{} + resp["qr_code"] = b64.StdEncoding.EncodeToString(img) + resp["secret"] = secret + w.Header().Set("Cache-Control", "no-cache") w.Header().Set("Pragma", "no-cache") w.Header().Set("Expires", "0") - w.Write(img) + w.Write([]byte(model.MapToJson(resp))) } func updateMfa(c *Context, w http.ResponseWriter, r *http.Request) { diff --git a/api/user_test.go b/api/user_test.go index 75e246ab3..5f7cc375d 100644 --- a/api/user_test.go +++ b/api/user_test.go @@ -1687,7 +1687,7 @@ func TestMeInitialLoad(t *testing.T) { } -func TestGenerateMfaQrCode(t *testing.T) { +func TestGenerateMfaSecret(t *testing.T) { th := Setup() Client := th.CreateClient() @@ -1701,13 +1701,13 @@ func TestGenerateMfaQrCode(t *testing.T) { Client.Logout() - if _, err := Client.GenerateMfaQrCode(); err == nil { + if _, err := Client.GenerateMfaSecret(); err == nil { t.Fatal("should have failed - not logged in") } Client.Login(user.Email, user.Password) - if _, err := Client.GenerateMfaQrCode(); err == nil { + if _, err := Client.GenerateMfaSecret(); err == nil { t.Fatal("should have failed - not licensed") } |