From 50987f7626feb88041ad9c59fbe3164913d266df Mon Sep 17 00:00:00 2001 From: Bernd Schoolmann Date: Tue, 19 Sep 2023 14:21:46 +0200 Subject: [PATCH] Fix login with multiple two-factor options --- agent/bitwarden/twofactor/twofactor.go | 16 ++++++++++++---- 1 file changed, 12 insertions(+), 4 deletions(-) diff --git a/agent/bitwarden/twofactor/twofactor.go b/agent/bitwarden/twofactor/twofactor.go index 2686ff4..2a7b409 100644 --- a/agent/bitwarden/twofactor/twofactor.go +++ b/agent/bitwarden/twofactor/twofactor.go @@ -25,20 +25,28 @@ func PerformSecondFactor(resp *TwoFactorResponse, cfg *config.Config) (TwoFactor result, err := Fido2TwoFactor(chall, creds, cfg) if err != nil { - return WebAuthn, nil, err + twofactorLog.Error("Error during FIDO2 two-factor authentication: %s", err) + //return WebAuthn, nil, err + } else { + return WebAuthn, []byte(result), err } - return WebAuthn, []byte(result), err } else { twofactorLog.Warn("WebAuthn is enabled for the account but goldwarden is not compiled with FIDO2 support") } } if _, isInMap := resp.TwoFactorProviders2[Authenticator]; isInMap { token, err := pinentry.GetPassword("Authenticator Second Factor", "Enter your two-factor auth code") - return Authenticator, []byte(token), err + if err != nil { + twofactorLog.Error("Error during authenticator two-factor authentication: %s", err) + } else { + return Authenticator, []byte(token), err + } } if _, isInMap := resp.TwoFactorProviders2[Email]; isInMap { token, err := pinentry.GetPassword("Email Second Factor", "Enter your two-factor auth code") - return Email, []byte(token), err + if err == nil { + return Email, []byte(token), err + } } return Authenticator, []byte{}, errors.New("no second factor available")