vaultwarden
/
bitwarden-estensione-browser
mirror of https://github.com/bitwarden/browser
1
0
Fork 0
Code Issues 1 Releases Wiki Activity

Add normalized state compare for CLI (#211)

This commit is contained in:
Chad Scharf 2020-11-23 16:45:09 -05:00 committed by GitHub
parent ea6fd5ac38
commit abb54f0073
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 14 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
src/cli/commands/login.command.ts
View File

@ -262,7 +262,7 @@ export class LoginCommand {
const code = url.searchParams.get('code'); const code = url.searchParams.get('code');
const receivedState = url.searchParams.get('state'); const receivedState = url.searchParams.get('state');
res.setHeader('Content-Type', 'text/html'); res.setHeader('Content-Type', 'text/html');
if (code != null && receivedState != null && receivedState === state) { if (code != null && receivedState != null && this.checkState(receivedState, state)) {
res.writeHead(200); res.writeHead(200);
res.end('<html><head><title>Success | Bitwarden CLI</title></head><body>' + res.end('<html><head><title>Success | Bitwarden CLI</title></head><body>' +
'<h1>Successfully authenticated with the Bitwarden CLI</h1>' + '<h1>Successfully authenticated with the Bitwarden CLI</h1>' +
@ -300,4 +300,17 @@ export class LoginCommand {
} }
}); });
} }
private checkState(state: string, checkState: string): boolean {
if (state === null || state === undefined) {
return false;
}
if (checkState === null || checkState === undefined) {
return false;
}
const stateSplit = state.split('_identifier=');
const checkStateSplit = checkState.split('_identifier=');
return stateSplit[0] === checkStateSplit[0];
}
} }