Commit d5f5e4c7 authored by ale's avatar ale
Browse files

Fix the enable OTP validation check on the secret

parent f148cd7b
Pipeline #25177 passed with stages
in 3 minutes and 39 seconds
......@@ -345,8 +345,10 @@ func (r *EnableOTPRequest) Sanitize() {
// Validate the request.
func (r *EnableOTPRequest) Validate(_ *RequestContext) error {
var err *ValidationError
// Only check if the client-side secret is set, skip otherwise.
if r.TOTPSecret != "" && len(r.TOTPSecret) != 16 {
// Only check if the client-side secret is set, skip otherwise. We
// don't really expect a bad value coming from the generator, so the
// length check is just for internal consistency.
if r.TOTPSecret != "" && (len(r.TOTPSecret) < 16 || len(r.TOTPSecret) > 48) {
err = newValidationError(err, "totp_secret", "bad value")
}
return err.orNil()
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment