Skip to content
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
10 changes: 5 additions & 5 deletions services/brig/src/Brig/Data/User.hs
Original file line number Diff line number Diff line change
Expand Up @@ -31,7 +31,7 @@ module Brig.Data.User
reauthenticate,
filterActive,
isActivated,
isSSOUser,
isSamlUser,

-- * Lookups
lookupAccount,
Expand Down Expand Up @@ -211,16 +211,16 @@ reauthenticate u pw =
Just (Just pw', Ephemeral) -> maybeReAuth pw'
where
maybeReAuth pw' = case pw of
Nothing -> unlessM (isSSOUser u) $ throwE ReAuthMissingPassword
Nothing -> unlessM (isSamlUser u) $ throwE ReAuthMissingPassword
Just p ->
unless (verifyPassword p pw') $
throwE (ReAuthError AuthInvalidCredentials)

isSSOUser :: (MonadClient m, MonadReader Env m) => UserId -> m Bool
isSSOUser uid = do
isSamlUser :: (MonadClient m, MonadReader Env m) => UserId -> m Bool
isSamlUser uid = do
account <- lookupAccount uid
case userIdentity . accountUser =<< account of
Just SSOIdentity {} -> pure True
Just (SSOIdentity (UserSSOId _) _ _) -> pure True
_ -> pure False

insertAccount ::
Expand Down
2 changes: 1 addition & 1 deletion services/brig/src/Brig/User/Auth.hs
Original file line number Diff line number Diff line change
Expand Up @@ -288,7 +288,7 @@ revokeAccess ::
ExceptT AuthError m ()
revokeAccess u pw cc ll = do
lift $ Log.debug $ field "user" (toByteString u) . field "action" (Log.val "User.revokeAccess")
unlessM (Data.isSSOUser u) $ Data.authenticate u pw
unlessM (Data.isSamlUser u) $ Data.authenticate u pw
lift $ revokeCookies u cc ll

--------------------------------------------------------------------------------
Expand Down