diff options
| author | Timshel <[email protected]> | 2024-07-25 20:25:44 +0200 |
|---|---|---|
| committer | GitHub <[email protected]> | 2024-07-25 20:25:44 +0200 |
| commit | f858523d928e6a17aee55bc7af7211934585cb80 (patch) | |
| tree | 4b3429350158a9ae82f0493c7af081ac78c206e6 /src | |
| parent | 529c39c6c5c9e41e562e85d5c80ded9e0c18e7d6 (diff) | |
| download | vaultwarden-f858523d928e6a17aee55bc7af7211934585cb80.tar.gz vaultwarden-f858523d928e6a17aee55bc7af7211934585cb80.zip | |
Duo: use the formatted db email (#4779)
Diffstat (limited to 'src')
| -rw-r--r-- | src/api/core/two_factor/duo_oidc.rs | 2 | ||||
| -rw-r--r-- | src/api/identity.rs | 4 |
2 files changed, 2 insertions, 4 deletions
diff --git a/src/api/core/two_factor/duo_oidc.rs b/src/api/core/two_factor/duo_oidc.rs index a0ce709c..9b7e7f12 100644 --- a/src/api/core/two_factor/duo_oidc.rs +++ b/src/api/core/two_factor/duo_oidc.rs @@ -423,8 +423,6 @@ pub async fn validate_duo_login( device_identifier: &str, conn: &mut DbConn, ) -> EmptyResult { - let email = &email.to_lowercase(); - // Result supplied to us by clients in the form "<authz code>|<state>" let split: Vec<&str> = two_factor_token.split('|').collect(); if split.len() != 2 { diff --git a/src/api/identity.rs b/src/api/identity.rs index b6621ce3..93ef80bc 100644 --- a/src/api/identity.rs +++ b/src/api/identity.rs @@ -524,12 +524,12 @@ async fn twofactor_auth( match CONFIG.duo_use_iframe() { true => { // Legacy iframe prompt flow - duo::validate_duo_login(data.username.as_ref().unwrap().trim(), twofactor_code, conn).await? + duo::validate_duo_login(&user.email, twofactor_code, conn).await? } false => { // OIDC based flow duo_oidc::validate_duo_login( - data.username.as_ref().unwrap().trim(), + &user.email, twofactor_code, data.client_id.as_ref().unwrap(), data.device_identifier.as_ref().unwrap(), |