From f176b752c37088e9fe5e4addde602dd12bdfe03d Mon Sep 17 00:00:00 2001 From: Todd Martin Date: Sat, 22 Mar 2025 14:01:39 -0400 Subject: [PATCH] Added access code --- .../login-via-auth-request.component.html | 110 ++++++++++-------- .../login-via-auth-request.component.ts | 30 +++-- 2 files changed, 78 insertions(+), 62 deletions(-) diff --git a/libs/auth/src/angular/login-via-auth-request/login-via-auth-request.component.html b/libs/auth/src/angular/login-via-auth-request/login-via-auth-request.component.html index 22cf8320036..1678b16ee3e 100644 --- a/libs/auth/src/angular/login-via-auth-request/login-via-auth-request.component.html +++ b/libs/auth/src/angular/login-via-auth-request/login-via-auth-request.component.html @@ -1,57 +1,65 @@ -
- -

- {{ "notificationSentDevicePart1" | i18n }} - {{ "notificationSentDeviceAnchor" | i18n }}. {{ "notificationSentDevicePart2" | i18n }} -

-

- {{ "notificationSentDeviceComplete" | i18n }} -

+ +
+ +
+ -
{{ "fingerprintPhraseHeader" | i18n }}
- {{ fingerprintPhrase }} + +
+ +

+ {{ "notificationSentDevicePart1" | i18n }} + {{ "notificationSentDeviceAnchor" | i18n }}. {{ "notificationSentDevicePart2" | i18n }} +

+

+ {{ "notificationSentDeviceComplete" | i18n }} +

- +
{{ "fingerprintPhraseHeader" | i18n }}
+ {{ fingerprintPhrase }} -
- {{ "needAnotherOptionV1" | i18n }}  - {{ - "viewAllLogInOptions" | i18n - }} -
- + - -

{{ "youWillBeNotifiedOnceTheRequestIsApproved" | i18n }}

+
+ {{ "needAnotherOptionV1" | i18n }}  + {{ + "viewAllLogInOptions" | i18n + }} +
+ -
{{ "fingerprintPhraseHeader" | i18n }}
- {{ fingerprintPhrase }} + +

{{ "youWillBeNotifiedOnceTheRequestIsApproved" | i18n }}

-
- {{ "troubleLoggingIn" | i18n }}  - {{ - "viewAllLogInOptions" | i18n - }} -
- -
+
{{ "fingerprintPhraseHeader" | i18n }}
+ {{ fingerprintPhrase }} + +
+ {{ "troubleLoggingIn" | i18n }}  + {{ + "viewAllLogInOptions" | i18n + }} +
+ +
+ diff --git a/libs/auth/src/angular/login-via-auth-request/login-via-auth-request.component.ts b/libs/auth/src/angular/login-via-auth-request/login-via-auth-request.component.ts index 6e4ecbab97a..e1960f8c43d 100644 --- a/libs/auth/src/angular/login-via-auth-request/login-via-auth-request.component.ts +++ b/libs/auth/src/angular/login-via-auth-request/login-via-auth-request.component.ts @@ -68,6 +68,7 @@ export class LoginViaAuthRequestComponent implements OnInit, OnDestroy { private accessCode: string | undefined = undefined; private authStatus: AuthenticationStatus | undefined = undefined; private showResendNotificationTimeoutSeconds = 12; + private loading = true; protected backToRoute = "/login"; protected clientType: ClientType; @@ -110,13 +111,14 @@ export class LoginViaAuthRequestComponent implements OnInit, OnDestroy { this.authRequestService.authRequestPushNotification$ .pipe(takeUntilDestroyed()) .subscribe((requestId) => { + this.loading = true; this.processAuthRequestResponse(requestId).catch((e: Error) => { this.toastService.showToast({ variant: "error", title: this.i18nService.t("error"), message: e.message, }); - + this.loading = false; this.logService.error("Failed to use approved auth request: " + e.message); }); }); @@ -149,6 +151,7 @@ export class LoginViaAuthRequestComponent implements OnInit, OnDestroy { } else { await this.initStandardAuthRequestFlow(); } + this.loading = false; } private async initAdminAuthRequestFlow(): Promise { @@ -199,6 +202,7 @@ export class LoginViaAuthRequestComponent implements OnInit, OnDestroy { this.loginViaAuthRequestCacheService.getCachedLoginViaAuthRequestView(); if (cachedAuthRequest) { + this.logService.info("Found cached auth request."); if (!cachedAuthRequest.id) { this.logService.error( "No id on the cached auth request when in the standard auth request flow.", @@ -286,12 +290,6 @@ export class LoginViaAuthRequestComponent implements OnInit, OnDestroy { cachedAuthRequest: LoginViaAuthRequestView, ): Promise { if (cachedAuthRequest) { - // Grab the cached information and store it back in component state. - // We don't need the public key for handling the authentication request because - // the verifyAndHandleApprovedAuthReq function will receive the public key back - // from the looked up auth request and all we need is to make sure that - // we can use the cached private key that is associated with it. - if (!this.email) { this.logService.error("Email not defined when handling an existing auth request."); return; @@ -302,6 +300,11 @@ export class LoginViaAuthRequestComponent implements OnInit, OnDestroy { return; } + if (!cachedAuthRequest.accessCode) { + this.logService.error("No access code on the cached auth request."); + return; + } + const privateKey = Utils.fromB64ToArray(cachedAuthRequest.privateKey); // Re-derive the user's fingerprint phrase @@ -314,12 +317,16 @@ export class LoginViaAuthRequestComponent implements OnInit, OnDestroy { derivedPublicKeyArrayBuffer, ); - // Request still pending response from admin set keypair and create hub connection - // so that any approvals will be received via push notification + // We don't need the public key for handling the authentication request because + // the processAuthRequestResponse function will receive the public key back + // from the looked up auth request, and all we need is to make sure that + // we can use the cached private key that is associated with it. this.authRequestKeyPair = { privateKey: privateKey, publicKey: undefined, }; + + this.accessCode = cachedAuthRequest.accessCode; } } @@ -517,13 +524,14 @@ export class LoginViaAuthRequestComponent implements OnInit, OnDestroy { } catch (error) { // If the request no longer exists, we treat it as if it's been answered (and denied). if (error instanceof ErrorResponse && error.statusCode === HttpStatusCode.NotFound) { + authRequestResponse = null; + } else { this.logService.error(error.message); - throw new Error(error.message); } } if (authRequestResponse === undefined) { - throw new Error("Auth reqeust response not generated"); + throw new Error("Auth request response not generated"); } return authRequestResponse;