From f0742ab313d81ae59abba27492ec6d2c240323aa Mon Sep 17 00:00:00 2001 From: Ken Sternberg Date: Fri, 22 Dec 2023 13:52:05 -0800 Subject: [PATCH] web: do not parse the UUID The UUID -> Number -> UUID transformation was lossy and incorrect. This commit preserves the UUID as-is, but parses the inbound element into a number if the API being called (i.e. anything but Mobile) requires a number for its PK. --- web/src/connectors/authenticators.ts | 24 ++++++++++++++++++------ 1 file changed, 18 insertions(+), 6 deletions(-) diff --git a/web/src/connectors/authenticators.ts b/web/src/connectors/authenticators.ts index ab786f95c..aee284fb5 100644 --- a/web/src/connectors/authenticators.ts +++ b/web/src/connectors/authenticators.ts @@ -26,8 +26,10 @@ export const retrieveAuthenticatorsAdminAllList = (user: number) => api().authenticatorsAdminAllList({ user }); export async function destroyAuthenticatorDevice(deviceType: string, id: number | string) { - id = typeof id === "string" ? parseInt(id, 10) : id; deviceType = deviceType.toLowerCase(); + const uuid = id; + id = typeof id === "string" ? parseInt(id, 10) : id; + switch (deviceType) { case DeviceType.Duo: return api().authenticatorsDuoDestroy({ id }); @@ -39,8 +41,12 @@ export async function destroyAuthenticatorDevice(deviceType: string, id: number return api().authenticatorsStaticDestroy({ id }); case DeviceType.WebAuthn: return api().authenticatorsWebauthnDestroy({ id }); - case DeviceType.Mobile: - return api().authenticatorsMobileDestroy({ uuid: `${id}` }); + case DeviceType.Mobile: { + if (typeof uuid !== "string") { + throw new Error(`authenticatorMobile expects full UUID, received ${uuid}`); + } + return api().authenticatorsMobileDestroy({ uuid }); + } default: return exhaustiveGuard(deviceType); } @@ -51,8 +57,10 @@ export async function updateAuthenticatorDevice( id: number | string, device: Device, ) { - id = typeof id === "string" ? parseInt(id, 10) : id; deviceType = deviceType.toLowerCase(); + const uuid = id; + id = typeof id === "string" ? parseInt(id, 10) : id; + switch (deviceType) { case DeviceType.Duo: return api().authenticatorsDuoUpdate({ id, duoDeviceRequest: device }); @@ -64,8 +72,12 @@ export async function updateAuthenticatorDevice( return api().authenticatorsStaticUpdate({ id, staticDeviceRequest: device }); case DeviceType.WebAuthn: return api().authenticatorsWebauthnUpdate({ id, webAuthnDeviceRequest: device }); - case DeviceType.Mobile: - return api().authenticatorsMobileUpdate({ uuid: `${id}`, mobileDeviceRequest: device }); + case DeviceType.Mobile: { + if (typeof uuid !== "string") { + throw new Error(`authenticatorMobile expects full UUID, received ${uuid}`); + } + return api().authenticatorsMobileUpdate({ uuid, mobileDeviceRequest: device }); + } default: return exhaustiveGuard(deviceType); }