From 546db0dc219c736a34336dab9f3411ee7b821fde Mon Sep 17 00:00:00 2001 From: kolaente Date: Thu, 9 Apr 2026 13:44:21 +0200 Subject: [PATCH] feat(auth): plumb totp passcode through openIdAuth action Allows the OpenIdAuth view to resubmit the OIDC callback with a TOTP passcode after a 412/1017 response from the backend. Refs GHSA-8jvc-mcx6-r4cg --- frontend/src/stores/auth.ts | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/frontend/src/stores/auth.ts b/frontend/src/stores/auth.ts index 8e8d5760e..e2576760f 100644 --- a/frontend/src/stores/auth.ts +++ b/frontend/src/stores/auth.ts @@ -238,17 +238,20 @@ export const useAuthStore = defineStore('auth', () => { } } - async function openIdAuth({provider, code}) { + async function openIdAuth({provider, code, totpPasscode}: {provider: string, code: string, totpPasscode?: string}) { const HTTP = HTTPFactory() setIsLoading(true) setLoggedInVia(null) const fullProvider: IProvider = configStore.auth.openidConnect.providers.find((p: IProvider) => p.key === provider) - const data = { + const data: Record = { code: code, redirect_url: getRedirectUrlFromCurrentFrontendPath(fullProvider), } + if (totpPasscode) { + data.totp_passcode = totpPasscode + } // Delete an eventually preexisting old token removeToken()