diff options
| author | Jenny Shen <jenny.shen@shopify.com> | 2024-05-02 13:00:49 -0400 |
|---|---|---|
| committer | git <svn-admin@ruby-lang.org> | 2024-05-03 10:54:27 +0000 |
| commit | c1b11c50cbb24db01a7afbfcfa192fdd1d496058 (patch) | |
| tree | fb2732b1ce44ae86987b818681912d08d41033c8 | |
| parent | 7662e6fcd5f4901a3a0f34e2d54f8231599d52e2 (diff) | |
[rubygems/rubygems] Rename credential email to identifier in WebAuthn poller
https://github.com/rubygems/rubygems/commit/5e3e55f8bc
| -rw-r--r-- | lib/rubygems/gemcutter_utilities/webauthn_poller.rb | 4 | ||||
| -rw-r--r-- | test/rubygems/test_webauthn_poller.rb | 12 |
2 files changed, 14 insertions, 2 deletions
diff --git a/lib/rubygems/gemcutter_utilities/webauthn_poller.rb b/lib/rubygems/gemcutter_utilities/webauthn_poller.rb index 0fdd1d5bf4..fe3f163a88 100644 --- a/lib/rubygems/gemcutter_utilities/webauthn_poller.rb +++ b/lib/rubygems/gemcutter_utilities/webauthn_poller.rb @@ -69,8 +69,10 @@ module Gem::GemcutterUtilities rubygems_api_request(:get, "api/v1/webauthn_verification/#{webauthn_token}/status.json") do |request| if credentials.empty? request.add_field "Authorization", api_key + elsif credentials[:identifier] && credentials[:password] + request.basic_auth credentials[:identifier], credentials[:password] else - request.basic_auth credentials[:email], credentials[:password] + raise Gem::WebauthnVerificationError, "Provided missing credentials" end end end diff --git a/test/rubygems/test_webauthn_poller.rb b/test/rubygems/test_webauthn_poller.rb index 23290d8ea1..fd24081758 100644 --- a/test/rubygems/test_webauthn_poller.rb +++ b/test/rubygems/test_webauthn_poller.rb @@ -13,7 +13,7 @@ class WebauthnPollerTest < Gem::TestCase @fetcher = Gem::FakeFetcher.new Gem::RemoteFetcher.fetcher = @fetcher @credentials = { - email: "email@example.com", + identifier: "email@example.com", password: "password", } end @@ -121,4 +121,14 @@ class WebauthnPollerTest < Gem::TestCase assert_equal error.message, "Security device verification failed: The token in the link you used has either expired or been used already." end + + def test_poll_for_otp_missing_credentials + @credentials = { password: "password" } + + error = assert_raise Gem::WebauthnVerificationError do + Gem::GemcutterUtilities::WebauthnPoller.new({}, @host).poll_for_otp(@webauthn_url, @credentials) + end + + assert_equal error.message, "Security device verification failed: Provided missing credentials" + end end |