Handle not found error (#175)

Author: moubctez

.gitignore

@@ -5,3 +5,4 @@
 .envrc
 /node_modules
 .env
+.DS_Store

Cargo.lock

@@ -21,23 +21,24 @@ pub(super) async fn mfa_auth_callback(
 ) -> Result<PrivateCookieJar, ApiError> {
     info!("Processing MFA authentication callback");
     debug!(
-        "Received payload: state={}, flow_type={}",
+        "Received payload: state={}, flow_type={:?}",
         payload.state, payload.flow_type
     );
 
-    let flow_type = payload.flow_type.parse::<FlowType>().map_err(|err| {
-        warn!("Failed to parse flow type '{}': {err:?}", payload.flow_type);
-        ApiError::BadRequest("Invalid flow type".into())
-    })?;
-
-    if flow_type != FlowType::Mfa {
-        warn!("Invalid flow type for MFA callback: {flow_type:?}");
-        return Err(ApiError::BadRequest(
-            "Invalid flow type for MFA callback".into(),
-        ));
+    match payload.flow_type {
+        FlowType::Mfa => (),
+        FlowType::Enrollment => {
+            warn!(
+                "Invalid flow type for MFA callback: {:?}",
+                payload.flow_type
+            );
+            return Err(ApiError::BadRequest(
+                "Invalid flow type for MFA callback".into(),
+            ));
+        }
     }
 
-    debug!("Flow type validation passed: {flow_type:?}");
+    debug!("Flow type validation passed: {:?}", payload.flow_type);
 
     let nonce = private_cookies
         .get(NONCE_COOKIE_NAME)
@@ -78,7 +79,7 @@ pub(super) async fn mfa_auth_callback(
     let request = ClientMfaOidcAuthenticateRequest {
         code: payload.code,
         nonce,
-        callback_url: state.callback_url(&flow_type).to_string(),
+        callback_url: state.callback_url(&payload.flow_type).to_string(),
         state: payload.state,
     };
 

src/enterprise/handlers/desktop_client_mfa.rs

@@ -44,29 +44,18 @@ impl AuthInfo {
     }
 }
 
-#[derive(Deserialize, Debug, PartialEq, Eq)]
+#[derive(Deserialize, Debug)]
+#[serde(rename_all = "lowercase")]
 pub(crate) enum FlowType {
     Enrollment,
     Mfa,
 }
 
-impl std::str::FromStr for FlowType {
-    type Err = ();
-
-    fn from_str(s: &str) -> Result<Self, Self::Err> {
-        match s.to_lowercase().as_str() {
-            "enrollment" => Ok(FlowType::Enrollment),
-            "mfa" => Ok(FlowType::Mfa),
-            _ => Err(()),
-        }
-    }
-}
-
 #[derive(Deserialize, Debug)]
-struct RequestData {
+pub(crate) struct RequestData {
     state: Option<String>,
     #[serde(rename = "type")]
-    flow_type: String,
+    flow_type: FlowType,
 }
 
 /// Request external OAuth2/OpenID provider details from Defguard Core.
@@ -79,13 +68,8 @@ async fn auth_info(
 ) -> Result<(PrivateCookieJar, Json<AuthInfo>), ApiError> {
     debug!("Getting auth info for OAuth2/OpenID login");
 
-    let flow_type = request_data
-        .flow_type
-        .parse::<FlowType>()
-        .map_err(|()| ApiError::BadRequest("Invalid flow type".into()))?;
-
     let request = AuthInfoRequest {
-        redirect_url: state.callback_url(&flow_type).to_string(),
+        redirect_url: state.callback_url(&request_data.flow_type).to_string(),
         state: request_data.state,
     };
 
@@ -127,7 +111,7 @@ pub(super) struct AuthenticationResponse {
     pub(super) code: String,
     pub(super) state: String,
     #[serde(rename = "type")]
-    pub(super) flow_type: String,
+    pub(super) flow_type: FlowType,
 }
 
 #[derive(Serialize)]
@@ -143,15 +127,13 @@ async fn auth_callback(
     mut private_cookies: PrivateCookieJar,
     Json(payload): Json<AuthenticationResponse>,
 ) -> Result<(PrivateCookieJar, Json<CallbackResponseData>), ApiError> {
-    let flow_type = payload
-        .flow_type
-        .parse::<FlowType>()
-        .map_err(|()| ApiError::BadRequest("Invalid flow type".into()))?;
-
-    if flow_type != FlowType::Enrollment {
-        return Err(ApiError::BadRequest(
-            "Invalid flow type for OpenID enrollment callback".into(),
-        ));
+    match payload.flow_type {
+        FlowType::Enrollment => (),
+        FlowType::Mfa => {
+            return Err(ApiError::BadRequest(
+                "Invalid flow type for OpenID enrollment callback".into(),
+            ));
+        }
     }
 
     let nonce = private_cookies
@@ -176,7 +158,7 @@ async fn auth_callback(
     let request = AuthCallbackRequest {
         code: payload.code,
         nonce,
-        callback_url: state.callback_url(&flow_type).to_string(),
+        callback_url: state.callback_url(&payload.flow_type).to_string(),
     };
 
     let rx = state