Skip to content

Commit 51a1612

Browse files
eisbilireisbilir
committed
use auth0 factors instead of tc otp
1 parent d8cf6a5 commit 51a1612

File tree

3 files changed

+22
-54
lines changed

3 files changed

+22
-54
lines changed

web-assets/auth0/dev-tenant/rules/custom.js

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -39,7 +39,6 @@ function (user, context, callback) {
3939
user.mfa_verified = res.result.content.mfaVerified;
4040
// TODO need to double sure about multiple result or no result
4141
let userId = res.result.content.id;
42-
user.userId = userId;
4342
let handle = res.result.content.handle;
4443
let roles = res.result.content.roles.map(function (role) {
4544
return role.roleName;

web-assets/auth0/prod-tenant/rules/DICE DID.js

Lines changed: 22 additions & 52 deletions
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,4 @@
1-
function (user, context, callback) {
1+
function DICE(user, context, callback) {
22
if (context.clientID === configuration.CLIENT_ACCOUNTS_LOGIN) {
33
console.log("rule:DICE DID:enter");
44
if (context.redirect) {
@@ -20,27 +20,13 @@ function (user, context, callback) {
2020
console.log("rule:DICE DID:User was redirected to the /continue endpoint");
2121
if (context.request.query.diceVerificationStatus === 'false') {
2222
return callback('Login Error: Credentials verification is failed.<br>Please contact with support <a href="mailto:support@topcoder.com">support@topcoder.com</a>.<br> Back to application ', user, context);
23-
} else if (context.request.query.otp) {
24-
request.post({
25-
url: 'https://api.' + configuration.DOMAIN + '/v3/users/checkOtp',
26-
json: {
27-
"param": {
28-
"userId": user.userId,
29-
"otp": context.request.query.otp
30-
}
31-
}
32-
}, function (error, response, body) {
33-
if (error) return callback(error, user, context);
34-
if (response.statusCode !== 200) {
35-
return callback('Login Error: Whoops! Something went wrong.', user, context);
36-
}
37-
if (body.result.content.verified === true) {
38-
return callback(null, user, context);
39-
} else {
40-
return callback('Login Error: wrong OTP', user, context);
41-
}
42-
});
43-
} else {
23+
} else if (context.request.query.otherMethods || _.isEmpty(user.multifactor)) {
24+
context.multifactor = {
25+
provider: 'any',
26+
allowRememberBrowser: false
27+
};
28+
return callback(null, user, context);
29+
} else if (context.request.query.code) {
4430
const jwt_decode = require('jwt-decode');
4531
request.post({
4632
url: 'https://tc-vcauth.diceid.com/vc/connect/token',
@@ -63,44 +49,24 @@ function (user, context, callback) {
6349
console.log("rule:DICE DID:credentials approved");
6450
return callback(null, user, context);
6551
});
52+
} else {
53+
return callback('Login Error: Whoops! Something went wrong.', user, context);
6654
}
6755
} else {
6856
const maxRetry = 2;
69-
const useOtp = function () {
70-
request.post({
71-
url: 'https://api.' + configuration.DOMAIN + '/v3/users/sendOtp',
72-
json: {
73-
"param": {
74-
"userId": user.userId
75-
}
76-
}
77-
}, function (error, response, body) {
78-
if (error) return callback(error, user, context);
79-
if (response.statusCode !== 200) {
80-
return callback('Login Error: Whoops! Something went wrong.', user, context);
81-
}
82-
console.log("rule:DICE DID: redirecting to OTP page");
83-
const hostName = _.get(context, "request.hostname", null);
84-
const otpCompletetUrl = "https://" + hostName + "/continue";
85-
const retUrl = _.get(context, "request.query.returnUrl", null);
86-
const otpRedirectUrl = configuration.CUSTOM_PAGES_BASE_URL +
87-
"/otp.html?formAction=" + otpCompletetUrl +
88-
"&returnUrl=" + retUrl;
89-
context.redirect = {
90-
url: otpRedirectUrl
91-
};
92-
return callback(null, user, context);
93-
});
94-
};
9557
const checkDiceHealth = function (attempt) {
9658
console.log("rule:DICE DID:checking dice health, attempt:" + attempt);
9759
request.get({
9860
url: 'https://tc-vcauth.diceid.com/.well-known/openid-configuration'
9961
}, function (error, response, body) {
10062
if (error || response.statusCode !== 200) {
10163
if (attempt >= maxRetry) {
102-
console.log("rule:DICE DID:dice services down, using otp flow...");
103-
useOtp();
64+
console.log("rule:DICE DID:dice services down, using other factors...");
65+
context.multifactor = {
66+
provider: 'any',
67+
allowRememberBrowser: false
68+
};
69+
return callback(null, user, context);
10470
} else {
10571
checkDiceHealth(attempt + 1);
10672
}
@@ -114,8 +80,12 @@ function (user, context, callback) {
11480
});
11581
};
11682
if (!global.ENABLE_2FA) {
117-
console.log("rule:DICE DID:dice switch disabled, using otp flow...");
118-
useOtp();
83+
console.log("rule:DICE DID:dice switch disabled, using other factors...");
84+
context.multifactor = {
85+
provider: 'any',
86+
allowRememberBrowser: false
87+
};
88+
return callback(null, user, context);
11989
} else {
12090
checkDiceHealth(1);
12191
}

web-assets/auth0/prod-tenant/rules/New-Account-App-Custom-Claims.js

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -36,7 +36,6 @@ function (user, context, callback) {
3636
user.mfa_verified = res.result.content.mfaVerified;
3737
// TODO need to double sure about multiple result or no result
3838
let userId = res.result.content.id;
39-
user.userId = userId;
4039
let handle = res.result.content.handle;
4140
let roles = res.result.content.roles.map(function (role) {
4241
return role.roleName;

0 commit comments

Comments
 (0)