From 22370f08ca900b60875778cd04978a67ae57faac Mon Sep 17 00:00:00 2001 From: vnugent Date: Tue, 1 Aug 2023 18:39:13 -0400 Subject: Latest updates, build configurations, and native compression --- .../src/Endpoints/LoginEndpoint.cs | 7 +------ .../src/MFA/UserMFAExtensions.cs | 15 ++++++++++++--- .../src/VNLib.Plugins.Essentials.Accounts.csproj | 2 +- 3 files changed, 14 insertions(+), 10 deletions(-) (limited to 'plugins/VNLib.Plugins.Essentials.Accounts/src') diff --git a/plugins/VNLib.Plugins.Essentials.Accounts/src/Endpoints/LoginEndpoint.cs b/plugins/VNLib.Plugins.Essentials.Accounts/src/Endpoints/LoginEndpoint.cs index 5b50cb2..0d10811 100644 --- a/plugins/VNLib.Plugins.Essentials.Accounts/src/Endpoints/LoginEndpoint.cs +++ b/plugins/VNLib.Plugins.Essentials.Accounts/src/Endpoints/LoginEndpoint.cs @@ -361,13 +361,8 @@ namespace VNLib.Plugins.Essentials.Accounts.Endpoints //Valid, complete } break; - case MFAType.PGP: - { } - break; default: - { - webm.Result = MFA_ERROR_MESSAGE; - } + webm.Result = MFA_ERROR_MESSAGE; return; } diff --git a/plugins/VNLib.Plugins.Essentials.Accounts/src/MFA/UserMFAExtensions.cs b/plugins/VNLib.Plugins.Essentials.Accounts/src/MFA/UserMFAExtensions.cs index e042799..0b52f54 100644 --- a/plugins/VNLib.Plugins.Essentials.Accounts/src/MFA/UserMFAExtensions.cs +++ b/plugins/VNLib.Plugins.Essentials.Accounts/src/MFA/UserMFAExtensions.cs @@ -120,7 +120,10 @@ namespace VNLib.Plugins.Essentials.Accounts.MFA using UnsafeMemoryHandle buffer = MemoryUtil.UnsafeAlloc(base32Secret.Length, true); ERRNO count = VnEncoding.TryFromBase32Chars(base32Secret, buffer); //Verify the TOTP using the decrypted secret - return count && VerifyTOTP(code, buffer.AsSpan(0, count), config.TOTPConfig); + bool isValid = count && VerifyTOTP(code, buffer.AsSpan(0, count), config.TOTPConfig); + //Zero out the buffer + MemoryUtil.InitializeBlock(buffer.Span); + return isValid; } private static bool VerifyTOTP(uint totpCode, ReadOnlySpan userSecret, TOTPConfig config) @@ -227,6 +230,12 @@ namespace VNLib.Plugins.Essentials.Accounts.MFA public static void PKISetUserKey(this IUser user, IReadOnlyDictionary? keyFields) { + if(keyFields == null) + { + user[USER_PKI_ENTRY] = null!; + return; + } + //Serialize the key data byte[] keyData = JsonSerializer.SerializeToUtf8Bytes(keyFields, Statics.SR_OPTIONS); @@ -294,7 +303,7 @@ namespace VNLib.Plugins.Essentials.Accounts.MFA /// The signed JWT upgrade message /// The stored base64 encoded signature from the session that requested an upgrade /// True if the upgrade was verified, not expired, and was recovered from the signed message, false otherwise - public static MFAUpgrade? RecoverUpgrade(this MFAConfig config, string upgradeJwtString, string base32Secret) + internal static MFAUpgrade? RecoverUpgrade(this MFAConfig config, string upgradeJwtString, string base32Secret) { //Parse jwt using JsonWebToken jwt = JsonWebToken.Parse(upgradeJwtString); @@ -340,7 +349,7 @@ namespace VNLib.Plugins.Essentials.Accounts.MFA /// The message from the user requesting the login /// A signed upgrade message the client will pass back to the server after the MFA verification /// - public static MfaUpgradeMessage? MFAGetUpgradeIfEnabled(this IUser user, MFAConfig? conf, LoginMessage login) + internal static MfaUpgradeMessage? MFAGetUpgradeIfEnabled(this IUser user, MFAConfig? conf, LoginMessage login) { //Webauthn config diff --git a/plugins/VNLib.Plugins.Essentials.Accounts/src/VNLib.Plugins.Essentials.Accounts.csproj b/plugins/VNLib.Plugins.Essentials.Accounts/src/VNLib.Plugins.Essentials.Accounts.csproj index c96900e..09423ed 100644 --- a/plugins/VNLib.Plugins.Essentials.Accounts/src/VNLib.Plugins.Essentials.Accounts.csproj +++ b/plugins/VNLib.Plugins.Essentials.Accounts/src/VNLib.Plugins.Essentials.Accounts.csproj @@ -43,7 +43,7 @@ all runtime; build; native; contentfiles; analyzers; buildtransitive - + -- cgit