Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Change json response detection #361

Merged
merged 1 commit into from
Oct 31, 2024
+39 −27
Merged

Change json response detection #361

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
10 changes: 5 additions & 5 deletions internal/web/auth.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -462,7 +462,7 @@ func finishWebAuthnBinding(ctx echo.Context) error {
saveSession(sess, ctx)

addFlash(ctx, tr(ctx, "flash.auth.passkey-registred", passkeyName), "success")
return json(ctx, 200, []string{"OK"})
return json(ctx, []string{"OK"})
}

func beginWebAuthnLogin(ctx echo.Context) error {
Expand All @@ -476,7 +476,7 @@ func beginWebAuthnLogin(ctx echo.Context) error {
sess.Options.MaxAge = 5 * 60 // 5 minutes
saveSession(sess, ctx)

return json(ctx, 200, credsCreation)
return json(ctx, credsCreation)
}

func finishWebAuthnLogin(ctx echo.Context) error {
Expand All @@ -497,7 +497,7 @@ func finishWebAuthnLogin(ctx echo.Context) error {
delete(sess.Values, "webauthn_login_session")
saveSession(sess, ctx)

return json(ctx, 200, []string{"OK"})
return json(ctx, []string{"OK"})
}

func beginWebAuthnAssertion(ctx echo.Context) error {
Expand All @@ -517,7 +517,7 @@ func beginWebAuthnAssertion(ctx echo.Context) error {
sess.Options.MaxAge = 5 * 60 // 5 minutes
saveSession(sess, ctx)

return json(ctx, 200, credsCreation)
return json(ctx, credsCreation)
}

func finishWebAuthnAssertion(ctx echo.Context) error {
Expand Down Expand Up @@ -545,7 +545,7 @@ func finishWebAuthnAssertion(ctx echo.Context) error {
delete(sess.Values, "mfaID")
saveSession(sess, ctx)

return json(ctx, 200, []string{"OK"})
return json(ctx, []string{"OK"})
}

func beginTotp(ctx echo.Context) error {
Expand Down
18 changes: 11 additions & 7 deletions internal/web/server.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -218,14 +218,18 @@ func NewServer(isDev bool, sessionsPath string) *Server {
}

e.HTTPErrorHandler = func(er error, ctx echo.Context) {
if httpErr, ok := er.(*HTMLError); ok {
var httpErr *echo.HTTPError
if errors.As(er, &httpErr) {
acceptJson := strings.Contains(ctx.Request().Header.Get("Accept"), "application/json")
setData(ctx, "error", er)
if fatalErr := htmlWithCode(ctx, httpErr.Code, "error.html"); fatalErr != nil {
log.Fatal().Err(fatalErr).Send()
}
} else if httpErr, ok := er.(*JSONError); ok {
if fatalErr := json(ctx, httpErr.Code, httpErr); fatalErr != nil {
log.Fatal().Err(fatalErr).Send()
if acceptJson {
if fatalErr := jsonWithCode(ctx, httpErr.Code, httpErr); fatalErr != nil {
log.Fatal().Err(fatalErr).Send()
}
} else {
if fatalErr := htmlWithCode(ctx, httpErr.Code, "error.html"); fatalErr != nil {
log.Fatal().Err(fatalErr).Send()
}
}
} else {
log.Fatal().Err(er).Send()
Expand Down
18 changes: 7 additions & 11 deletions internal/web/util.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,14 +19,6 @@ import (

type dataTypeKey string

type HTMLError struct {
*echo.HTTPError
}

type JSONError struct {
*echo.HTTPError
}

const dataKey dataTypeKey = "data"

func setData(ctx echo.Context, key string, value any) {
Expand Down Expand Up @@ -54,7 +46,11 @@ func htmlWithCode(ctx echo.Context, code int, template string) error {
return ctx.Render(code, template, ctx.Request().Context().Value(dataKey))
}

func json(ctx echo.Context, code int, data any) error {
func json(ctx echo.Context, data any) error {
return jsonWithCode(ctx, 200, data)
}

func jsonWithCode(ctx echo.Context, code int, data any) error {
return ctx.JSON(code, data)
}

Expand All @@ -76,7 +72,7 @@ func errorRes(code int, message string, err error) error {
skipLogger.Error().Err(err).Msg(message)
}

return &HTMLError{&echo.HTTPError{Code: code, Message: message, Internal: err}}
return &echo.HTTPError{Code: code, Message: message, Internal: err}
}

func jsonErrorRes(code int, message string, err error) error {
Expand All @@ -85,7 +81,7 @@ func jsonErrorRes(code int, message string, err error) error {
skipLogger.Error().Err(err).Msg(message)
}

return &JSONError{&echo.HTTPError{Code: code, Message: message, Internal: err}}
return &echo.HTTPError{Code: code, Message: message, Internal: err}
}

func getUserLogged(ctx echo.Context) *db.User {
Expand Down
20 changes: 16 additions & 4 deletions public/webauthn.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,8 @@ function decodeBase64UrlToArrayBuffer(base64Url) {
}

async function bindPasskey() {
// @ts-ignore
const baseUrl = window.opengist_base_url || '';
let waitText = document.getElementById("login-passkey-wait");

try {
Expand All @@ -30,7 +32,10 @@ async function bindPasskey() {

let csrf = document.querySelector<HTMLInputElement>('form#webauthn input[name="_csrf"]').value

const beginResponse = await fetch('/webauthn/bind', {
const beginResponse = await fetch(`${baseUrl}/webauthn/bind`, {
headers: {
'Accept': 'application/json',
},
method: 'POST',
credentials: 'include',
body: new FormData(document.querySelector<HTMLFormElement>('form#webauthn'))
Expand All @@ -52,10 +57,11 @@ async function bindPasskey() {
throw new Error('Credential object is missing required properties');
}

const finishResponse = await fetch('/webauthn/bind/finish', {
const finishResponse = await fetch(`${baseUrl}/webauthn/bind/finish`, {
method: 'POST',
credentials: 'include',
headers: {
'Accept': 'application/json',
'Content-Type': 'application/json',
'X-CSRF-Token': csrf
},
Expand Down Expand Up @@ -84,14 +90,19 @@ async function bindPasskey() {
}

async function loginWithPasskey() {
// @ts-ignore
const baseUrl = window.opengist_base_url || '';
let waitText = document.getElementById("login-passkey-wait");

try {
this.classList.add('hidden');
waitText.classList.remove('hidden');

let csrf = document.querySelector<HTMLInputElement>('form#webauthn input[name="_csrf"]').value
const beginResponse = await fetch('/webauthn/' + loginMethod, {
const beginResponse = await fetch(`${baseUrl}/webauthn/${loginMethod}`, {
headers: {
'Accept': 'application/json',
},
method: 'POST',
credentials: 'include',
body: new FormData(document.querySelector<HTMLFormElement>('form#webauthn'))
Expand All @@ -115,10 +126,11 @@ async function loginWithPasskey() {
throw new Error('Credential object is missing required properties');
}

const finishResponse = await fetch('/webauthn/' + loginMethod + '/finish', {
const finishResponse = await fetch(`${baseUrl}/webauthn/${loginMethod}/finish`, {
method: 'POST',
credentials: 'include',
headers: {
'Accept': 'application/json',
'Content-Type': 'application/json',
'X-CSRF-Token': csrf
},
Expand Down
Loading