diff --git a/lib/api/2fa/u2f.js b/lib/api/2fa/u2f.js index d73f1112..0076549b 100644 --- a/lib/api/2fa/u2f.js +++ b/lib/api/2fa/u2f.js @@ -3,12 +3,21 @@ const Joi = require('joi'); const ObjectID = require('mongodb').ObjectID; -const U2F_ERRORS = new Map([ - [1, 'Unknown error'], - [2, 'Bad request'], - [3, 'Client configuration is not supported'], - [4, 'The presented device is not eligible for this request'], - [5, 'Timeout reached while waiting for key'] +const U2F_ERROR_CODES = { + OK: 0, + OTHER_ERROR: 1, + BAD_REQUEST: 2, + CONFIGURATION_UNSUPPORTED: 3, + DEVICE_INELIGIBLE: 4, + TIMEOUT: 5 +}; + +const U2F_ERROR_MESSAGES = new Map([ + [U2F_ERROR_CODES.OTHER_ERROR, 'Unknown error'], + [U2F_ERROR_CODES.BAD_REQUEST, 'Bad request'], + [U2F_ERROR_CODES.CONFIGURATION_UNSUPPORTED, 'Client configuration is not supported'], + [U2F_ERROR_CODES.DEVICE_INELIGIBLE, 'The presented device is not eligible for this request'], + [U2F_ERROR_CODES.TIMEOUT, 'Timeout reached while waiting for key'] ]); module.exports = (db, server, userHandler) => { @@ -57,17 +66,6 @@ module.exports = (db, server, userHandler) => { return next(); }); }); - /* -var t = { - registrationData: - 'BQSp4XE8GaJNIHEpWRa6sVkKeIcCqr2ODhi9FL9b4ac70ttiKH9I4rK6Y7eV9HVFQX78T_YyYhXL89__bZxmjX4TQJQZHupSA74vy9WPHjnBA69G1tfLfjQ4nFxiscGneMh2PTBzPjUyKBlHJkg_WJtVCThL2Lbc5WQ8ziU37c52uLEwggJEMIIBLqADAgECAgRVYr6gMAsGCSqGSIb3DQEBCzAuMSwwKgYDVQQDEyNZdWJpY28gVTJGIFJvb3QgQ0EgU2VyaWFsIDQ1NzIwMDYzMTAgFw0xNDA4MDEwMDAwMDBaGA8yMDUwMDkwNDAwMDAwMFowKjEoMCYGA1UEAwwfWXViaWNvIFUyRiBFRSBTZXJpYWwgMTQzMjUzNDY4ODBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABEszH3c9gUS5mVy-RYVRfhdYOqR2I2lcvoWsSCyAGfLJuUZ64EWw5m8TGy6jJDyR_aYC4xjz_F2NKnq65yvRQwmjOzA5MCIGCSsGAQQBgsQKAgQVMS4zLjYuMS40LjEuNDE0ODIuMS41MBMGCysGAQQBguUcAgEBBAQDAgUgMAsGCSqGSIb3DQEBCwOCAQEArBbZs262s6m3bXWUs09Z9Pc-28n96yk162tFHKv0HSXT5xYU10cmBMpypXjjI-23YARoXwXn0bm-BdtulED6xc_JMqbK-uhSmXcu2wJ4ICA81BQdPutvaizpnjlXgDJjq6uNbsSAp98IStLLp7fW13yUw-vAsWb5YFfK9f46Yx6iakM3YqNvvs9M9EUJYl_VrxBJqnyLx2iaZlnpr13o8NcsKIJRdMUOBqt_ageQg3ttsyq_3LyoNcu7CQ7x8NmeCGm_6eVnZMQjDmwFdymwEN4OxfnM5MkcKCYhjqgIGruWkVHsFnJa8qjZXneVvKoiepuUQyDEJ2GcqvhU2YKY1zBEAiBKahEVX1Kw2X6rL1kKeskPU-fNqwqLo5S1ylHDcesRpgIgPNg0uHVswZquH6YLfUSNUKg_bYBGXOxHKWH5qNl2bB4', - version: 'U2F_V2', - challenge: '2kbypDmNIkM6-oaVKjB7ZN1J1jiyzoU8WxLGX8yVUpY', - clientData: - 'eyJ0eXAiOiJuYXZpZ2F0b3IuaWQuZmluaXNoRW5yb2xsbWVudCIsImNoYWxsZW5nZSI6IjJrYnlwRG1OSWtNNi1vYVZLakI3Wk4xSjFqaXl6b1U4V3hMR1g4eVZVcFkiLCJvcmlnaW4iOiJodHRwczovL2xvY2FsaG9zdDozMDAwIiwiY2lkX3B1YmtleSI6InVudXNlZCJ9' -}; - - */ // Send response from U2F key server.post('/users/:user/2fa/u2f/enable', (req, res, next) => { @@ -109,9 +107,20 @@ var t = { } if (result.value.errorCode) { + let error; + + switch (result.value.errorCode) { + case U2F_ERROR_CODES.DEVICE_INELIGIBLE: + error = 'U2F token is already registered'; + break; + default: + error = U2F_ERROR_MESSAGES.get(result.value.errorCode) || 'Unknown error code' + result.value.errorCode; + } + res.json({ - error: U2F_ERRORS.get(result.value.errorCode) || 'Unknown error' + error }); + return next(); } @@ -285,9 +294,20 @@ var t = { } if (result.value.errorCode) { + let error; + + switch (result.value.errorCode) { + case U2F_ERROR_CODES.DEVICE_INELIGIBLE: + error = 'U2F token is not registered'; + break; + default: + error = U2F_ERROR_MESSAGES.get(result.value.errorCode) || 'Unknown error code' + result.value.errorCode; + } + res.json({ - error: U2F_ERRORS.get(result.value.errorCode) || 'Unknown error' + error }); + return next(); }