[FIX] SSO not working with 2FA (TOTP) (#2978)

* Update AuthenticationWebView.js * Updated loginTOTP * Added validation * Update rocketchat.js * Update rocketchat.js * Update rocketchat.js * Update rocketchat.js * Fix resolve * Remove incognito * Fix totp being requested on webview Co-authored-by: Diego Mello <diegolmello@gmail.com>
2021-03-22 13:26:44 -04:00 · 2021-03-22 13:26:44 -04:00 · 8bc8a07e72
parent d7562f7b79
commit 8bc8a07e72
2 changed files with 25 additions and 13 deletions
--- a/app/lib/rocketchat.js
+++ b/app/lib/rocketchat.js
@ -465,18 +465,30 @@ const RocketChat = {
 				if (e.data?.error && (e.data.error === 'totp-required' || e.data.error === 'totp-invalid')) {
 					const { details } = e.data;
 					try {
-						reduxStore.dispatch(setUser({ username: params.user || params.username }));
+						const code = await twoFactor({ method: details?.method || 'totp', invalid: details?.error === 'totp-invalid' });
 						const code = await twoFactor({ method: details?.method || 'totp', invalid: e.data.error === 'totp-invalid' });
-						// Force normalized params for 2FA starting RC 3.9.0.
+						if (loginEmailPassword) {
-						const serverVersion = reduxStore.getState().server.version;
+							reduxStore.dispatch(setUser({ username: params.user || params.username }));
-						if (compareServerVersion(serverVersion, '3.9.0', methods.greaterThanOrEqualTo)) {
+
-							const user = params.user ?? params.username;
+							// Force normalized params for 2FA starting RC 3.9.0.
-							const password = params.password ?? params.ldapPass ?? params.crowdPassword;
+							const serverVersion = reduxStore.getState().server.version;
-							params = { user, password };
+							if (compareServerVersion(serverVersion, '3.9.0', methods.greaterThanOrEqualTo)) {
 								const user = params.user ?? params.username;
 								const password = params.password ?? params.ldapPass ?? params.crowdPassword;
 								params = { user, password };
 							}
 							return resolve(this.loginTOTP({ ...params, code: code?.twoFactorCode }, loginEmailPassword));
 						}
-						return resolve(this.loginTOTP({ ...params, code: code?.twoFactorCode }, loginEmailPassword));
+						return resolve(this.loginTOTP({
 							totp: {
 								login: {
 									...params
 								},
 								code: code?.twoFactorCode
 							}
 						}));
 					} catch {
 						// twoFactor was canceled
 						return reject();
@ -511,7 +523,7 @@ const RocketChat = {
 	},
 	async loginOAuthOrSso(params) {
-		const result = await this.login(params);
+		const result = await this.loginTOTP(params);
 		reduxStore.dispatch(loginRequest({ resume: result.token }));
 	},
--- a/app/views/AuthenticationWebView.js
+++ b/app/views/AuthenticationWebView.js
@ -71,7 +71,7 @@ class AuthenticationWebView extends React.PureComponent {
 		navigation.pop();
 	}
-	login = async(params) => {
+	login = (params) => {
 		const { logging } = this.state;
 		if (logging) {
 			return;
@ -80,7 +80,7 @@ class AuthenticationWebView extends React.PureComponent {
 		this.setState({ logging: true });
 		try {
-			await RocketChat.loginOAuthOrSso(params);
+			RocketChat.loginOAuthOrSso(params);
 		} catch (e) {
 			console.warn(e);
 		}
@ -89,7 +89,7 @@ class AuthenticationWebView extends React.PureComponent {
 	}
 	// eslint-disable-next-line react/sort-comp
-	debouncedLogin = debounce(params => this.login(params), 3000);
+	debouncedLogin = debounce(params => this.login(params), 3000, true);
 	tryLogin = debounce(async() => {
 		const { Accounts_Iframe_api_url, Accounts_Iframe_api_method } = this.props;