summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorTimshel <[email protected]>2024-07-25 20:25:44 +0200
committerGitHub <[email protected]>2024-07-25 20:25:44 +0200
commitf858523d928e6a17aee55bc7af7211934585cb80 (patch)
tree4b3429350158a9ae82f0493c7af081ac78c206e6
parent529c39c6c5c9e41e562e85d5c80ded9e0c18e7d6 (diff)
downloadvaultwarden-f858523d928e6a17aee55bc7af7211934585cb80.tar.gz
vaultwarden-f858523d928e6a17aee55bc7af7211934585cb80.zip
Duo: use the formatted db email (#4779)
-rw-r--r--src/api/core/two_factor/duo_oidc.rs2
-rw-r--r--src/api/identity.rs4
2 files changed, 2 insertions, 4 deletions
diff --git a/src/api/core/two_factor/duo_oidc.rs b/src/api/core/two_factor/duo_oidc.rs
index a0ce709c..9b7e7f12 100644
--- a/src/api/core/two_factor/duo_oidc.rs
+++ b/src/api/core/two_factor/duo_oidc.rs
@@ -423,8 +423,6 @@ pub async fn validate_duo_login(
device_identifier: &str,
conn: &mut DbConn,
) -> EmptyResult {
- let email = &email.to_lowercase();
-
// Result supplied to us by clients in the form "<authz code>|<state>"
let split: Vec<&str> = two_factor_token.split('|').collect();
if split.len() != 2 {
diff --git a/src/api/identity.rs b/src/api/identity.rs
index b6621ce3..93ef80bc 100644
--- a/src/api/identity.rs
+++ b/src/api/identity.rs
@@ -524,12 +524,12 @@ async fn twofactor_auth(
match CONFIG.duo_use_iframe() {
true => {
// Legacy iframe prompt flow
- duo::validate_duo_login(data.username.as_ref().unwrap().trim(), twofactor_code, conn).await?
+ duo::validate_duo_login(&user.email, twofactor_code, conn).await?
}
false => {
// OIDC based flow
duo_oidc::validate_duo_login(
- data.username.as_ref().unwrap().trim(),
+ &user.email,
twofactor_code,
data.client_id.as_ref().unwrap(),
data.device_identifier.as_ref().unwrap(),