rename token errors to totpToken

5年前 · 6add79e990
--- a/bubble-server/src/main/java/bubble/resources/account/AuthResource.java
+++ b/bubble-server/src/main/java/bubble/resources/account/AuthResource.java
@@ -274,19 +274,19 @@ public class AuthResource {
            final String accountName = NameAndValue.find(data, DATA_ACCOUNT_NAME);
            final Account account = accountDAO.findById(accountName);
            if (caller != null && account != null && !caller.getUuid().equals(account.getUuid())) {
                return invalid("err.token.invalid");
                return invalid("err.totpToken.invalid");
            }
            if (caller == null && account == null) {
                return invalid("err.token.invalid");
                return invalid("err.totpToken.invalid");
            }
            caller = account;
        }
        final AccountMessage approval = messageService.approve(caller, getRemoteHost(req), token, data);
        if (approval == null) return invalid("err.token.invalid");
        if (approval == null) return invalid("err.totpToken.invalid");
        final Account account = validateCallerForApproveOrDeny(caller, approval, token);

        if (approval.getMessageType() == AccountMessageType.confirmation) {
            if (account == null) return invalid("err.token.invalid");
            if (account == null) return invalid("err.totpToken.invalid");
            if (approval.getAction() == AccountAction.login) {
                return ok(account.setToken(sessionDAO.create(account)));
            } else {
@@ -306,7 +306,7 @@ public class AuthResource {
        final Account account = accountDAO.findById(request.getAccount());
        if (account == null) return notFound(request.getAccount());
        if (caller != null) {
            if (!caller.getUuid().equals(account.getUuid())) return invalid("err.token.invalid");
            if (!caller.getUuid().equals(account.getUuid())) return invalid("err.totpToken.invalid");

            // authenticatorService requires the Account to have a token, or it will generate one
            account.setToken(caller.getToken());
--- a/bubble-server/src/main/java/bubble/service/AuthenticatorService.java
+++ b/bubble-server/src/main/java/bubble/service/AuthenticatorService.java
@@ -32,17 +32,17 @@ public class AuthenticatorService {
        if (authenticator == null) throw invalidEx("err.authenticator.notConfigured");

        final Integer code = request.intToken();
        if (code == null) throw invalidEx("err.token.invalid");
        if (code == null) throw invalidEx("err.totpToken.invalid");

        final String secret = authenticator.totpInfo().getKey();
        if (G_AUTH.authorize(secret, code)) {
            final String sessionToken = request.startSession() ? sessionDAO.create(account) : account.getToken();
            if (sessionToken == null) throw invalidEx("err.token.noSession");
            if (sessionToken == null) throw invalidEx("err.totpToken.noSession");
            getAuthenticatorTimes().set(sessionToken, String.valueOf(now()), EX, policy.getAuthenticatorTimeout()/1000);
            return sessionToken;

        } else {
            throw invalidEx("err.token.invalid");
            throw invalidEx("err.totpToken.invalid");
        }
    }

@@ -71,7 +71,7 @@ public class AuthenticatorService {
                default: throw invalidEx("err.actionTarget.invalid");
            }
        }
        if (!isAuthenticated(account.getToken())) throw invalidEx("err.token.invalid");
        if (!isAuthenticated(account.getToken())) throw invalidEx("err.totpToken.invalid");
    }

    public void flush(String sessionToken) { getAuthenticatorTimes().del(sessionToken); }
--- a/bubble-server/src/main/java/bubble/service/account/StandardAccountMessageService.java
+++ b/bubble-server/src/main/java/bubble/service/account/StandardAccountMessageService.java
@@ -210,7 +210,7 @@ public class StandardAccountMessageService implements AccountMessageService {
        String json = tokens.get(token);
        if (json == null) {
            log.warn("captureResponse("+type+"): regular token not found: "+token);
            throw invalidEx("err.token.invalid");
            throw invalidEx("err.totpToken.invalid");
        }

        if (NUMERIC_PATTERN.matcher(json).matches()) {
@@ -219,7 +219,7 @@ public class StandardAccountMessageService implements AccountMessageService {
            json = tokens.get(numericToken);
            if (json == null) {
                log.warn("captureResponse("+type+"): numeric token not found: "+numericToken+" (token="+token+")");
                throw invalidEx("err.token.invalid");
                throw invalidEx("err.totpToken.invalid");
            }
        }

@@ -237,7 +237,7 @@ public class StandardAccountMessageService implements AccountMessageService {
                .setTarget(amc.getMessage().getTarget());

        if (data != null && !getCompletionHandler(toCreate).validate(toCreate, data)) {
            throw invalidEx("err.token.invalid", type+" request was invalid", json(data));
            throw invalidEx("err.totpToken.invalid", type+" request was invalid", json(data));
        }

        final AccountMessage message = messageDAO.create(toCreate);
--- a/bubble-server/src/main/resources/message_templates/en_US/server/pre_auth/ResourceMessages.properties
+++ b/bubble-server/src/main/resources/message_templates/en_US/server/pre_auth/ResourceMessages.properties
@@ -81,9 +81,9 @@ err.timezone.length=Time zone is too long
 err.timezone.required=Time zone is required

 # Authenticator token errors
 err.token.invalid=Code is incorrect
 err.token.invalidActionTarget=Action target was invalid (expected 'account' or 'network')
 err.token.noSession=Session required for authenticator
 err.totpToken.invalid=Code is incorrect
 err.totpToken.invalidActionTarget=Action target was invalid (expected 'account' or 'network')
 err.totpToken.noSession=Session required for authenticator

 err.geoCodeService.notFound=GeoCode service not found
 err.geoLocateService.notFound=GeoLocation service not found
--- a/bubble-server/src/test/resources/models/tests/auth/account_crud.json
+++ b/bubble-server/src/test/resources/models/tests/auth/account_crud.json
@@ -140,7 +140,7 @@
    },
    "response": {
      "status": 422,
      "check": [ {"condition": "json.has('err.token.invalid')"} ]
      "check": [ {"condition": "json.has('err.totpToken.invalid')"} ]
    }
  },

--- a/bubble-server/src/test/resources/models/tests/auth/network_auth.json
+++ b/bubble-server/src/test/resources/models/tests/auth/network_auth.json
@@ -48,7 +48,7 @@
    "response": {
      "status": 422,
      "check": [
        {"condition": "json.has('err.token.invalid')"}
        {"condition": "json.has('err.totpToken.invalid')"}
      ]
    }
  },
@@ -105,7 +105,7 @@
    "response": {
      "status": 422,
      "check": [
        {"condition": "json.has('err.token.invalid')"}
        {"condition": "json.has('err.totpToken.invalid')"}
      ]
    }
  },
@@ -122,7 +122,7 @@
    "response": {
      "status": 422,
      "check": [
        {"condition": "json.has('err.token.invalid')"}
        {"condition": "json.has('err.totpToken.invalid')"}
      ]
    }
  },