[PM-3333] Check for purged admin auth requests (#2671)

* [PM-3333] Check for purged admin auth requests Co-authored-by: Federico Maccaroni <fedemkr@gmail.com> --------- Co-authored-by: Federico Maccaroni <fedemkr@gmail.com>
2025-12-05 23:53:33 +00:00 · 2023-08-08 20:15:35 +01:00
parent 446b8c2d35
commit e9afc75f0a
2 changed files with 11 additions and 2 deletions
--- a/src/App/Pages/Accounts/LoginSsoPageViewModel.cs
+++ b/src/App/Pages/Accounts/LoginSsoPageViewModel.cs
@@ -246,6 +246,7 @@ namespace Bit.App.Pages
                        }
                        else
                        {
+                            await _stateService.SetPendingAdminAuthRequestAsync(null);
                            StartDeviceApprovalOptionsAction?.Invoke();
                        }
                    }
--- a/src/Core/Services/AuthService.cs
+++ b/src/Core/Services/AuthService.cs
@@ -610,8 +610,16 @@ namespace Bit.Core.Services
        }
        public async Task<PasswordlessLoginResponse> GetPasswordlessLoginRequestByIdAsync(string id)
        {
-            var response = await _apiService.GetAuthRequestAsync(id);
-            return await PopulateFingerprintPhraseAsync(response, await _stateService.GetEmailAsync());
+            try
+            {
+                var response = await _apiService.GetAuthRequestAsync(id);
+                return await PopulateFingerprintPhraseAsync(response, await _stateService.GetEmailAsync());
+            }
+            catch (ApiException ex) when (ex.Error?.StatusCode == System.Net.HttpStatusCode.NotFound)
+            {
+                // Thrown when request expires and purge job erases it from the db
+                return null;
+            }
        }

        /// <inheritdoc />