aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDaniel GarcĂ­a <[email protected]>2024-03-23 16:03:17 +0100
committerGitHub <[email protected]>2024-03-23 16:03:17 +0100
commit2d98aa304501b0f710d3a97ec854acdfc115228f (patch)
tree072125bbafc04f606883feec0d13dad969acaf19
parent93636eb3c3f3dda6211c2c47261218fcfe14cdaf (diff)
downloadvaultwarden-2d98aa304501b0f710d3a97ec854acdfc115228f.tar.gz
vaultwarden-2d98aa304501b0f710d3a97ec854acdfc115228f.zip
Use async verify for Yubikey (#4448)
-rw-r--r--src/api/core/two_factor/yubikey.rs17
1 files changed, 5 insertions, 12 deletions
diff --git a/src/api/core/two_factor/yubikey.rs b/src/api/core/two_factor/yubikey.rs
index ea43f36f..2b199dfd 100644
--- a/src/api/core/two_factor/yubikey.rs
+++ b/src/api/core/two_factor/yubikey.rs
@@ -1,7 +1,7 @@
use rocket::serde::json::Json;
use rocket::Route;
use serde_json::Value;
-use yubico::{config::Config, verify};
+use yubico::{config::Config, verify_async};
use crate::{
api::{
@@ -74,13 +74,10 @@ async fn verify_yubikey_otp(otp: String) -> EmptyResult {
let config = Config::default().set_client_id(yubico_id).set_key(yubico_secret);
match CONFIG.yubico_server() {
- Some(server) => {
- tokio::task::spawn_blocking(move || verify(otp, config.set_api_hosts(vec![server]))).await.unwrap()
- }
- None => tokio::task::spawn_blocking(move || verify(otp, config)).await.unwrap(),
+ Some(server) => verify_async(otp, config.set_api_hosts(vec![server])).await,
+ None => verify_async(otp, config).await,
}
.map_res("Failed to verify OTP")
- .and(Ok(()))
}
#[post("/two-factor/get-yubikey", data = "<data>")]
@@ -194,10 +191,6 @@ pub async fn validate_yubikey_login(response: &str, twofactor_data: &str) -> Emp
err!("Given Yubikey is not registered");
}
- let result = verify_yubikey_otp(response.to_owned()).await;
-
- match result {
- Ok(_answer) => Ok(()),
- Err(_e) => err!("Failed to verify Yubikey against OTP server"),
- }
+ verify_yubikey_otp(response.to_owned()).await.map_res("Failed to verify Yubikey against OTP server")?;
+ Ok(())
}