X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=server%2Flib%2Fauth%2Foauth.ts;h=bc0d4301f082519a02a666d279c0e6bf5ad8c431;hb=37ff5005b47b9df2933a0b8812609a6c41faa170;hp=b541142a584d46fbc26ee430a6ed1c624418566f;hpb=56f47830758ff8e92abcfcc5f35d474ab12fe215;p=github%2FChocobozzz%2FPeerTube.git diff --git a/server/lib/auth/oauth.ts b/server/lib/auth/oauth.ts index b541142a5..bc0d4301f 100644 --- a/server/lib/auth/oauth.ts +++ b/server/lib/auth/oauth.ts @@ -9,12 +9,12 @@ import OAuth2Server, { UnsupportedGrantTypeError } from '@node-oauth/oauth2-server' import { randomBytesPromise } from '@server/helpers/core-utils' +import { isOTPValid } from '@server/helpers/otp' import { MOAuthClient } from '@server/types/models' import { sha1 } from '@shared/extra-utils' import { HttpStatusCode } from '@shared/models' import { OAUTH_LIFETIME, OTP } from '../../initializers/constants' import { BypassLogin, getClient, getRefreshToken, getUser, revokeToken, saveToken } from './oauth-model' -import { isOTPValid } from '@server/helpers/otp' class MissingTwoFactorError extends Error { code = HttpStatusCode.UNAUTHORIZED_401 @@ -95,14 +95,9 @@ async function handleOAuthToken (req: express.Request, options: { refreshTokenAu function handleOAuthAuthenticate ( req: express.Request, - res: express.Response, - authenticateInQuery = false + res: express.Response ) { - const options = authenticateInQuery - ? { allowBearerTokensInQueryString: true } - : {} - - return oAuthServer.authenticate(new Request(req), new Response(res), options) + return oAuthServer.authenticate(new Request(req), new Response(res)) } export { @@ -138,7 +133,7 @@ async function handlePasswordGrant (options: { throw new MissingTwoFactorError('Missing two factor header') } - if (isOTPValid({ secret: user.otpSecret, token: request.headers[OTP.HEADER_NAME] }) !== true) { + if (await isOTPValid({ encryptedSecret: user.otpSecret, token: request.headers[OTP.HEADER_NAME] }) !== true) { throw new InvalidTwoFactorError('Invalid two factor header') } }