Skip to content

Commit

Permalink
Remove useReAuthenticate's onAuthenticated parameter.
Browse files Browse the repository at this point in the history
  • Loading branch information
Joerger committed Dec 10, 2024
1 parent cabc639 commit 9255f6c
Show file tree
Hide file tree
Showing 3 changed files with 12 additions and 26 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -38,7 +38,7 @@ import { StepHeader } from 'design/StepSlider';

import { P } from 'design/Text/Text';

import auth from 'teleport/services/auth/auth';
import auth, { MfaChallengeScope } from 'teleport/services/auth/auth';
import useTeleport from 'teleport/useTeleport';

import {
Expand Down Expand Up @@ -84,7 +84,10 @@ export function AddAuthDeviceWizard({

const { attempt, clearAttempt, getMfaChallengeOptions, submitWithMfa } =
useReAuthenticate({
onAuthenticated: setPrivilegeToken,
challengeScope: MfaChallengeScope.MANAGE_DEVICES,
onMfaResponse: mfaResponse => {
auth.createPrivilegeToken(mfaResponse).then(setPrivilegeToken);
},
});

// Choose a new device type from the options available for the given 2fa type.
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -42,6 +42,7 @@ import {
ReauthenticateStep,
ReauthenticateStepProps,
} from './ReauthenticateStep';
import auth, { MfaChallengeScope } from 'teleport/services/auth/auth';

interface DeleteAuthDeviceWizardProps {
/** Device to be removed. */
Expand All @@ -60,7 +61,10 @@ export function DeleteAuthDeviceWizard({

const { attempt, clearAttempt, getMfaChallengeOptions, submitWithMfa } =
useReAuthenticate({
onAuthenticated: setPrivilegeToken,
challengeScope: MfaChallengeScope.MANAGE_DEVICES,
onMfaResponse: mfaResponse => {
auth.createPrivilegeToken(mfaResponse).then(setPrivilegeToken);
},
});

const [challengeOptions, getChallengeOptions] = useAsync(async () => {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -30,13 +30,6 @@ import {
MfaOption,
} from 'teleport/services/mfa';

// useReAuthenticate will have different "submit" behaviors depending on:
// - If prop field `onMfaResponse` is defined, after a user submits, the
// function `onMfaResponse` is called with the user's MFA response.
// - If prop field `onAuthenticated` is defined, after a user submits, the
// user's MFA response are submitted with the request to get a privilege
// token, and after successfully obtaining the token, the function
// `onAuthenticated` will be called with this token.
export default function useReAuthenticate(props: ReauthProps): ReauthState {
// Note that attempt state "success" is not used or required.
// After the user submits, the control is passed back
Expand All @@ -62,18 +55,6 @@ export default function useReAuthenticate(props: ReauthProps): ReauthState {
}
};

// TODO(Joerger): Replace onAuthenticated with onMfaResponse at call sites (/e).
if (props.onAuthenticated) {
// Creating privilege tokens always expects the MANAGE_DEVICES webauthn scope.
props.challengeScope = MfaChallengeScope.MANAGE_DEVICES;
props.onMfaResponse = mfaResponse => {
auth
.createPrivilegeToken(mfaResponse)
.then(props.onAuthenticated)
.catch(handleError);
};
}

async function getMfaChallenge() {
if (challenge) {
return challenge;
Expand Down Expand Up @@ -132,10 +113,8 @@ export default function useReAuthenticate(props: ReauthProps): ReauthState {
}

export type ReauthProps = {
challengeScope?: MfaChallengeScope;
onMfaResponse?(res: MfaChallengeResponse): void;
// TODO(Joerger): Remove in favor of onMfaResponse, make onMfaResponse required.
onAuthenticated?(privilegeTokenId: string): void;
challengeScope: MfaChallengeScope;
onMfaResponse(res: MfaChallengeResponse): void;
};

export type ReauthState = {
Expand Down

0 comments on commit 9255f6c

Please sign in to comment.