OpenSource/vaultwarden
OpenSource/vaultwarden
1
0
Fork 0
mirror of https://github.com/dani-garcia/vaultwarden.git synced 2024-11-22 07:06:23 +01:00
Code Issues Projects Releases Packages Wiki Activity

Use async verify for Yubikey (#4448)

Browse source
This commit is contained in:
Daniel García 2024-03-23 16:03:17 +01:00 committed by GitHub
parent 93636eb3c3
commit 2d98aa3045
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
1 changed files with 5 additions and 12 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

17
src/api/core/two_factor/yubikey.rs
View file

@ -1,7 +1,7 @@
use rocket::serde::json::Json; use rocket::serde::json::Json;
use rocket::Route; use rocket::Route;
use serde_json::Value; use serde_json::Value;
use yubico::{config::Config, verify}; use yubico::{config::Config, verify_async};
use crate::{ use crate::{
api::{ api::{
@ -74,13 +74,10 @@ async fn verify_yubikey_otp(otp: String) -> EmptyResult {
let config = Config::default().set_client_id(yubico_id).set_key(yubico_secret); let config = Config::default().set_client_id(yubico_id).set_key(yubico_secret);
match CONFIG.yubico_server() { match CONFIG.yubico_server() {
Some(server) => { Some(server) => verify_async(otp, config.set_api_hosts(vec![server])).await,
tokio::task::spawn_blocking(move || verify(otp, config.set_api_hosts(vec![server]))).await.unwrap() None => verify_async(otp, config).await,
}
None => tokio::task::spawn_blocking(move || verify(otp, config)).await.unwrap(),
} }
.map_res("Failed to verify OTP") .map_res("Failed to verify OTP")
.and(Ok(()))
} }
#[post("/two-factor/get-yubikey", data = "<data>")] #[post("/two-factor/get-yubikey", data = "<data>")]
@ -194,10 +191,6 @@ pub async fn validate_yubikey_login(response: &str, twofactor_data: &str) -> Emp
err!("Given Yubikey is not registered"); err!("Given Yubikey is not registered");
} }
let result = verify_yubikey_otp(response.to_owned()).await; verify_yubikey_otp(response.to_owned()).await.map_res("Failed to verify Yubikey against OTP server")?;
Ok(())
match result {
Ok(_answer) => Ok(()),
Err(_e) => err!("Failed to verify Yubikey against OTP server"),
}
} }