Fix a regression in OIDC handling.

This commit is contained in:
John Livingston 2024-09-09 21:21:44 +02:00
parent edca1be70a
commit c561851bb6
No known key found for this signature in database
GPG Key ID: B17B5640CE66CDBC
3 changed files with 11 additions and 7 deletions

View File

@ -453,11 +453,11 @@ class ExternalAuthOIDC {
const encryptedArray = data.split(':')
const iv = Buffer.from(encryptedArray[0], outputEncoding)
const encrypted = Buffer.from(encryptedArray[1], outputEncoding)
const encrypted = encryptedArray[1]
const decipher = createDecipheriv(algorithm, this.secretKey, iv)
// FIXME: dismiss the "as any" below (dont understand why Typescript is not happy without)
return decipher.update(encrypted.toString(), outputEncoding, inputEncoding) + decipher.final(inputEncoding)
// here we must revert outputEncoding and inputEncoding, as were are decrypting.
return decipher.update(encrypted, outputEncoding, inputEncoding) + decipher.final(inputEncoding)
}
/**

View File

@ -452,11 +452,15 @@ export class LivechatProsodyAuth {
const encryptedArray = data.split(':')
const iv = Buffer.from(encryptedArray[0], outputEncoding)
const encrypted = Buffer.from(encryptedArray[1], outputEncoding)
const encrypted = encryptedArray[1]
const decipher = createDecipheriv(algorithm, this._secretKey, iv)
// FIXME: dismiss the "as any" below (dont understand why Typescript is not happy without)
return decipher.update(encrypted.toString(), outputEncoding, inputEncoding) + decipher.final(inputEncoding)
return decipher.update(
encrypted,
// here we must revert outputEncoding and inputEncoding, as were are decrypting.
outputEncoding,
inputEncoding
) + decipher.final(inputEncoding)
}
public static singleton (): LivechatProsodyAuth {

View File

@ -54,7 +54,7 @@ async function initOIDCRouter (options: RegisterServerOptions): Promise<Router>
const redirectUrl = await oidc.initAuthenticationProcess(req, res)
res.redirect(redirectUrl)
} catch (err) {
logger.error('[oidc router] Failed to process the OIDC callback: ' + (err as string))
logger.error('[oidc router] Failed to process the OIDC connect call: ' + (err as string))
next()
}
}