nhyatt/bitwarden
1
0
Fork 0
mirror of https://github.com/bitwarden/server.git synced 2025-05-22 12:04:27 -05:00
Code

send redacted email on 2fa login

Browse Source
This commit is contained in:
Kyle Spearrin 2017-06-24 11:50:20 -04:00
parent 59b8438a0f
commit f4fa990cb1
1 changed files with 39 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

39
src/Core/IdentityServer/ResourceOwnerPasswordValidator.cs
View File

@ -212,6 +212,7 @@ namespace Bit.Core.IdentityServer
{ {
case TwoFactorProviderType.Duo: case TwoFactorProviderType.Duo:
case TwoFactorProviderType.U2f: case TwoFactorProviderType.U2f:
case TwoFactorProviderType.Email:
var token = await _userManager.GenerateTwoFactorTokenAsync(user, type.ToString()); var token = await _userManager.GenerateTwoFactorTokenAsync(user, type.ToString());
if(type == TwoFactorProviderType.Duo) if(type == TwoFactorProviderType.Duo)
{ {
@ -228,12 +229,50 @@ namespace Bit.Core.IdentityServer
["Challenges"] = token ["Challenges"] = token
}; };
} }
else if(type == TwoFactorProviderType.Email)
{
return new Dictionary<string, object>
{
["Email"] = RedactEmail((string)provider.MetaData["Email"])
};
}
return null; return null;
default: default:
return null; return null;
} }
} }
private static string RedactEmail(string email)
{
var emailParts = email.Split('@');
string shownPart = null;
if(emailParts[0].Length > 2 && emailParts[0].Length <= 4)
{
shownPart = emailParts[0].Substring(0, 1);
}
else if(emailParts[0].Length > 4)
{
shownPart = emailParts[0].Substring(0, 2);
}
else
{
shownPart = string.Empty;
}
string redactedPart = null;
if(emailParts[0].Length > 4)
{
redactedPart = new string('*', emailParts[0].Length - 2);
}
else
{
redactedPart = new string('*', emailParts[0].Length - shownPart.Length);
}
return $"{shownPart}{redactedPart}@{emailParts[1]}";
}
private async Task<Device> SaveDeviceAsync(User user, ResourceOwnerPasswordValidationContext context) private async Task<Device> SaveDeviceAsync(User user, ResourceOwnerPasswordValidationContext context)
{ {
var device = GetDeviceFromRequest(context); var device = GetDeviceFromRequest(context);