Treat fediverse usernames as case-insensitive (#2155)
* treat fediverse usernames as case-insensitive for auth * add test for case insensitive, clean up duplicate import in federverse auth controller * fix test, there was an issue with state when all the tests were run
This commit is contained in:
parent
2ff5f31597
commit
e20985ecb4
@ -3,6 +3,7 @@ package fediverse
|
||||
import (
|
||||
"crypto/rand"
|
||||
"io"
|
||||
"strings"
|
||||
"time"
|
||||
)
|
||||
|
||||
@ -37,7 +38,7 @@ func RegisterFediverseOTP(accessToken, userID, userDisplayName, account string)
|
||||
Code: code,
|
||||
UserID: userID,
|
||||
UserDisplayName: userDisplayName,
|
||||
Account: account,
|
||||
Account: strings.ToLower(account),
|
||||
Timestamp: time.Now(),
|
||||
}
|
||||
pendingAuthRequests[accessToken] = r
|
||||
|
@ -1,6 +1,9 @@
|
||||
package fediverse
|
||||
|
||||
import "testing"
|
||||
import (
|
||||
"strings"
|
||||
"testing"
|
||||
)
|
||||
|
||||
const (
|
||||
accessToken = "fake-access-token"
|
||||
@ -58,3 +61,18 @@ func TestSingleOTPFlowRequest(t *testing.T) {
|
||||
t.Error("Second registration should not be permitted.")
|
||||
}
|
||||
}
|
||||
|
||||
func TestAccountCaseInsensitive(t *testing.T) {
|
||||
account := "Account"
|
||||
accessToken := "another-fake-access-token"
|
||||
r1, _ := RegisterFediverseOTP(accessToken, userID, userDisplayName, account)
|
||||
_, reg1 := ValidateFediverseOTP(accessToken, r1.Code)
|
||||
|
||||
// Simulate second auth with account in different case
|
||||
r2, _ := RegisterFediverseOTP(accessToken, userID, userDisplayName, strings.ToUpper(account))
|
||||
_, reg2 := ValidateFediverseOTP(accessToken, r2.Code)
|
||||
|
||||
if reg1.Account != reg2.Account {
|
||||
t.Errorf("Account names should be case-insensitive: %s %s", reg1.Account, reg2.Account)
|
||||
}
|
||||
}
|
||||
|
@ -7,7 +7,6 @@ import (
|
||||
|
||||
"github.com/owncast/owncast/activitypub"
|
||||
"github.com/owncast/owncast/auth"
|
||||
"github.com/owncast/owncast/auth/fediverse"
|
||||
fediverseauth "github.com/owncast/owncast/auth/fediverse"
|
||||
"github.com/owncast/owncast/controllers"
|
||||
"github.com/owncast/owncast/core/chat"
|
||||
@ -57,7 +56,7 @@ func VerifyFediverseOTPRequest(w http.ResponseWriter, r *http.Request) {
|
||||
return
|
||||
}
|
||||
accessToken := r.URL.Query().Get("accessToken")
|
||||
valid, authRegistration := fediverse.ValidateFediverseOTP(accessToken, req.Code)
|
||||
valid, authRegistration := fediverseauth.ValidateFediverseOTP(accessToken, req.Code)
|
||||
if !valid {
|
||||
w.WriteHeader(http.StatusForbidden)
|
||||
return
|
||||
|
Loading…
Reference in New Issue
Block a user