3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-08-03 16:59:22 +02:00
Code Issues Projects Releases Packages Wiki Activity

device: add generic methods for working with user+session devices (#3710)

Browse source
This commit is contained in:
Caleb Doxsey 2022-10-28 08:41:12 -06:00 committed by GitHub
parent 6a9d6e45e1
commit 3f9dfbef76
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
5 changed files with 75 additions and 36 deletions
Download patch file Download diff file Expand all files Collapse all files

8
authenticate/handlers/webauthn/webauthn.go
View file

@ -324,7 +324,7 @@ func (h *Handler) handleRegister(w http.ResponseWriter, r *http.Request, state *
}
// save the user
u.DeviceCredentialIds = append(u.DeviceCredentialIds, deviceCredential.GetId())
u.AddDeviceCredentialID(deviceCredential.GetId())
_, err = databroker.Put(ctx, state.Client, u)
if err != nil {
return err
@ -356,7 +356,7 @@ func (h *Handler) handleUnregister(w http.ResponseWriter, r *http.Request, state
}
// ensure we only allow removing a device credential the user owns
if !containsString(u.GetDeviceCredentialIds(), deviceCredentialID) {
if !u.HasDeviceCredentialID(deviceCredentialID) {
return errInvalidDeviceCredential
}
@ -373,14 +373,14 @@ func (h *Handler) handleUnregister(w http.ResponseWriter, r *http.Request, state
}
// remove the credential from the user
u.DeviceCredentialIds = removeString(u.DeviceCredentialIds, deviceCredentialID)
u.RemoveDeviceCredentialID(deviceCredentialID)
_, err = databroker.Put(ctx, state.Client, u)
if err != nil {
return err
}
// remove the credential from the session
state.Session.DeviceCredentials = removeSessionDeviceCredential(state.Session.DeviceCredentials, deviceCredentialID)
state.Session.RemoveDeviceCredentialID(deviceCredentialID)
return h.saveSessionAndRedirect(w, r, state, urlutil.GetAbsoluteURL(r).ResolveReference(&url.URL{
Path: "/.pomerium",
}).String())