clone/vikunja
1
0
Fork 0
mirror of https://github.com/go-vikunja/vikunja.git synced 2026-04-30 00:46:38 +00:00
Code Issues Packages Projects Releases Wiki Activity

refactor(auth): add TOTPPasscode to OIDC Callback payload

Browse Source 
Prepares the OIDC callback struct to carry a TOTP passcode so the
handler can enforce 2FA for users with TOTP enabled. No behaviour
change yet.

Refs GHSA-8jvc-mcx6-r4cg
This commit is contained in:
kolaente
2026-04-09 13:08:32 +02:00
committed by kolaente
parent c03d682f48
commit 2b980be20d
1 changed files with 4 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
pkg/modules/auth/openid/openid.go
View File

@@ -47,6 +47,10 @@ type Callback struct {
Code string `query:"code" json:"code"`
Scope string `query:"scope" json:"scope"`
RedirectURL string `json:"redirect_url"`
// TOTPPasscode is required when the resolved user has TOTP enabled.
// Clients must restart the OIDC flow and populate this field after
// receiving a 412 with error code 1017. See GHSA-8jvc-mcx6-r4cg.
TOTPPasscode string `json:"totp_passcode"`
}
// Provider is the structure of an OpenID Connect provider