bitwarden/browser
1
0
Fork 0
mirror of https://github.com/bitwarden/browser synced 2025-12-10 13:23:34 +00:00
Code Issues Releases Wiki Activity

fix(recover-two-factor-component) [PM-21153]: Update error handling for SSO-required 2FA recovery scenarios. (#17016)

Browse Source
This commit is contained in:
Dave
2025-11-03 11:04:44 -05:00
committed by GitHub
parent c6d759650b
commit 17e14009e2
1 changed files with 29 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

35
apps/web/src/app/auth/recover-two-factor.component.ts
View File

@@ -113,14 +113,37 @@ export class RecoverTwoFactorComponent implements OnInit {
await this.router.navigate(["/settings/security/two-factor"]); await this.router.navigate(["/settings/security/two-factor"]);
} catch (error: unknown) { } catch (error: unknown) {
if (error instanceof ErrorResponse) { if (error instanceof ErrorResponse) {
this.logService.error("Error logging in automatically: ", error.message); if (
error.message.includes(
if (error.message.includes("Two-step token is invalid")) { "Two-factor recovery has been performed. SSO authentication is required.",
this.formGroup.get("recoveryCode")?.setErrors({ )
invalidRecoveryCode: { message: this.i18nService.t("invalidRecoveryCode") }, ) {
// [PM-21153]: Organization users with as SSO requirement need to be able to recover 2FA,
// but still be bound by the SSO requirement to log in. Therefore, we show a success toast for recovering 2FA,
// but then inform them that they need to log in via SSO and redirect them to the login page.
// The response tested here is a specific message for this scenario from request validation.
this.toastService.showToast({
variant: "success",
title: "",
message: this.i18nService.t("twoStepRecoverDisabled"),
}); });
this.toastService.showToast({
variant: "error",
title: "",
message: this.i18nService.t("ssoLoginIsRequired"),
});
await this.router.navigate(["/login"]);
} else { } else {
this.validationService.showError(error.message); this.logService.error("Error logging in automatically: ", error.message);
if (error.message.includes("Two-step token is invalid")) {
this.formGroup.get("recoveryCode")?.setErrors({
invalidRecoveryCode: { message: this.i18nService.t("invalidRecoveryCode") },
});
} else {
this.validationService.showError(error.message);
}
} }
} else { } else {
this.logService.error("Error logging in automatically: ", error); this.logService.error("Error logging in automatically: ", error);