[PM-3382] User cannot select Email as a secondary 2FA option following SSO (#2719)

* [PM-3382] Update mobile client to receive and use SsoEmail2faSessionToken

* [PM-3382] Fix null 2fa email with local email on MP login.
This commit is contained in:
André Bispo 2023-09-06 10:26:11 +01:00 committed by GitHub
parent 6d4792bc24
commit f21fae7fea
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
5 changed files with 10 additions and 3 deletions

View file

@ -466,7 +466,8 @@ namespace Bit.App.Pages
{
Email = _authService.Email,
MasterPasswordHash = _authService.MasterPasswordHash,
DeviceIdentifier = await _appIdService.GetAppIdAsync()
DeviceIdentifier = await _appIdService.GetAppIdAsync(),
SsoEmail2FaSessionToken = _authService.SsoEmail2FaSessionToken
};
await _apiService.PostTwoFactorEmailAsync(request);
if (showLoading)

View file

@ -15,6 +15,7 @@ namespace Bit.Core.Abstractions
string Code { get; set; }
string CodeVerifier { get; set; }
string SsoRedirectUrl { get; set; }
string SsoEmail2FaSessionToken { get; set; }
TwoFactorProviderType? SelectedTwoFactorProviderType { get; set; }
Dictionary<TwoFactorProviderType, TwoFactorProvider> TwoFactorProviders { get; set; }
Dictionary<TwoFactorProviderType, Dictionary<string, object>> TwoFactorProvidersData { get; set; }

View file

@ -5,5 +5,6 @@
public string Email { get; set; }
public string MasterPasswordHash { get; set; }
public string DeviceIdentifier { get; set; }
public string SsoEmail2FaSessionToken { get; set; }
}
}

View file

@ -12,5 +12,7 @@ namespace Bit.Core.Models.Response
public MasterPasswordPolicyOptions MasterPasswordPolicy { get; set; }
[JsonProperty("CaptchaBypassToken")]
public string CaptchaToken { get; set; }
public string SsoEmail2faSessionToken { get; set; }
public string Email { get; set; }
}
}

View file

@ -124,6 +124,7 @@ namespace Bit.Core.Services
public string Code { get; set; }
public string CodeVerifier { get; set; }
public string SsoRedirectUrl { get; set; }
public string SsoEmail2FaSessionToken { get; set; }
public Dictionary<TwoFactorProviderType, TwoFactorProvider> TwoFactorProviders { get; set; }
public Dictionary<TwoFactorProviderType, Dictionary<string, object>> TwoFactorProvidersData { get; set; }
public TwoFactorProviderType? SelectedTwoFactorProviderType { get; set; }
@ -457,20 +458,21 @@ namespace Bit.Core.Services
if (result.TwoFactor)
{
// Two factor required.
Email = email;
Email = response.TwoFactorResponse.Email ?? email;
MasterPasswordHash = hashedPassword;
LocalMasterPasswordHash = localHashedPassword;
AuthRequestId = authRequestId;
Code = code;
CodeVerifier = codeVerifier;
SsoRedirectUrl = redirectUrl;
SsoEmail2FaSessionToken = response.TwoFactorResponse.SsoEmail2faSessionToken;
_masterKey = _setCryptoKeys ? masterKey : null;
_userKey = userKey2FA;
TwoFactorProvidersData = response.TwoFactorResponse.TwoFactorProviders2;
result.TwoFactorProviders = response.TwoFactorResponse.TwoFactorProviders2;
CaptchaToken = response.TwoFactorResponse.CaptchaToken;
_masterPasswordPolicy = response.TwoFactorResponse.MasterPasswordPolicy;
await _tokenService.ClearTwoFactorTokenAsync(email);
await _tokenService.ClearTwoFactorTokenAsync(Email);
return result;
}