kenmirrors/ente
1
0
Fork 0
mirror of https://github.com/ente-io/ente.git synced 2025-08-08 23:39:30 +00:00
Code Issues Packages Projects Releases Wiki Activity

[passkey][mob] Validate sessionID

Browse Source
This commit is contained in:
Neeraj Gupta 2024-06-13 17:50:02 +05:30
parent a830b771f8
commit 867fdb7e2c
2 changed files with 18 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
auth/lib/ui/passkey_page.dart
View File

@ -91,8 +91,15 @@ class _PasskeyPageState extends State<PasskeyPage> {
showToast(context, 'Account is already configured.'); showToast(context, 'Account is already configured.');
return; return;
} }
final String? uri = Uri.parse(link).queryParameters['response']; final parsedUri = Uri.parse(link);
String base64String = uri!.toString(); final sessionID = parsedUri.queryParameters['passkeySessionID'];
if (sessionID != widget.sessionID) {
showToast(context, "Session ID mismatch");
_logger.warning('ignored deeplink: sessionID mismatch');
return;
}
final String? authResponse = parsedUri.queryParameters['response'];
String base64String = authResponse!.toString();
while (base64String.length % 4 != 0) { while (base64String.length % 4 != 0) {
base64String += '='; base64String += '=';
} }

11
mobile/lib/ui/account/passkey_page.dart
View File

@ -91,8 +91,15 @@ class _PasskeyPageState extends State<PasskeyPage> {
showToast(context, 'Account is already configured.'); showToast(context, 'Account is already configured.');
return; return;
} }
final String? uri = Uri.parse(link).queryParameters['response']; final parsedUri = Uri.parse(link);
String base64String = uri!.toString(); final sessionID = parsedUri.queryParameters['passkeySessionID'];
if (sessionID != widget.sessionID) {
showToast(context, "Session ID mismatch");
_logger.warning('ignored deeplink: sessionID mismatch');
return;
}
final String? authResponse = parsedUri.queryParameters['response'];
String base64String = authResponse!.toString();
while (base64String.length % 4 != 0) { while (base64String.length % 4 != 0) {
base64String += '='; base64String += '=';
} }