Mfa Flow Fixes 3.2.0 Release

JeremyTellier · JeremyTellier · commit e4a949ce10c1 · 2023-05-03T08:44:49.000-04:00
diff --git a/release-notes.md b/release-notes.md
@@ -1,3 +1,6 @@
+# Release 3.2.0
+* Fix the state of MFA as it changes through undeclared states
+
 # Release 3.1.9
 * Show the right selected identity fron the context menu
 * Auto pop MFA if needed
diff --git a/src/app-renderer.js b/src/app-renderer.js
@@ -373,6 +373,11 @@ var app = {
                     } else if (message.Action=="auth_challenge") {
                         ZitiIdentity.SetMfaState(message.Fingerprint, message.Successful);
                         ZitiIdentity.refresh();
+                        ZitiService.refresh();
+                    } else if (message.Action=="mfa_auth_status") {
+                        ZitiIdentity.SetMfaState(message.Fingerprint, message.Successful);
+                        ZitiIdentity.refresh();
+                        ZitiService.refresh();
                     }
                 }
             } else {
diff --git a/src/assets/scripts/identity.js b/src/assets/scripts/identity.js
@@ -40,17 +40,24 @@ var ZitiIdentity = {
                             app.showScreen("IdentityScreen");
                         }
                         ZitiIdentity.notified.push(id.FingerPrint);
+                        ZitiIdentity.refresh();
                     }
                 } else {
                     if ((id.MfaMinTimeoutRem-passed) <= 1200) {
                         if (!ZitiIdentity.timerNotified.includes(id.FingerPrint) && ZitiIdentity.notifiable.includes(id.FingerPrint)) {
-                            var message = locale.get("MfaWillTimeout").split("{{id}}").join(id.Name)+moment().add(passed, 'seconds').fromNow();
+                            var message = locale.get("MfaWillTimeout").split("{{id}}").join(id.Name)+moment().add(id.MfaMinTimeoutRem-passed, 'seconds').fromNow();
                             var notify = new Notification(locale.get("TimingOut"), { appID: locale.get("AppTitle"), body: message, tag: id.FingerPrint, icon: path.join(__dirname, '/assets/images/ziti-white.png') });
                             notify.onclick = function(e) {
                                 ZitiIdentity.select(e.target.tag);
                                 app.showScreen("IdentityScreen");
                             }
                             ZitiIdentity.timerNotified.push(id.FingerPrint);
+                            ZitiIdentity.refresh();
+                        }
+                    } else {
+                        if ((id.MfaMinTimeoutRem-passed) <= 0) {
+                            ZitiIdentity.data[i].MfaNeeded = true;
+                            ZitiIdentity.refresh();
                         }
                     }
                 }
@@ -206,9 +213,10 @@ var ZitiIdentity = {
                 if (item.MfaEnabled) {
                     var passed = moment.utc().diff(moment.utc(item.MfaLastUpdatedTime), "seconds");
                     if (item.MfaMaxTimeoutRem>-1) {
-                        if ((item.MfaMaxTimeoutRem-passed) <= 0) {
+                        if ((item.MfaMinTimeoutRem-passed) <= 0) {
                             status = "error";
-                            if (iconStatus!="mfa") iconStatus = "timed";
+                            iconStatus = "mfa";
+                            ZitiIdentity.data[i].MfaNeeded = true;
                         } else if ((item.MfaMinTimeoutRem-passed) <= 1200) {
                             status = "warning";
                             if (iconStatus!="mfa" && iconStatus!="timed") iconStatus = "timing";
@@ -230,7 +238,7 @@ var ZitiIdentity = {
                             let pc = service.PostureChecks[p];
                             if (!pc.IsPassing) {
                                 ZitiIdentity.data[i].PostureFailing = true;
-                                status = "warning";
+                                if (status=="") status = "warning";
                                 break;
                             }
                         }
@@ -295,6 +303,34 @@ var ZitiIdentity = {
             if (ZitiIdentity.data[i].FingerPrint==fingerprint) {
                 ZitiIdentity.data[i].MfaEnabled = true;
                 ZitiIdentity.data[i].MfaNeeded = !isSuccess;
+                if (isSuccess) {
+                    ZitiIdentity.data[i].MfaMinTimeoutRem = ZitiIdentity.data[i].MfaMinTimeout;
+                    ZitiIdentity.data[i].MfaMaxTimeoutRem = ZitiIdentity.data[i].MfaMaxTimeout;
+                    for (let j=0; j<ZitiService.data.length; j++) {
+                        if (ZitiIdentity.data[i].FingerPrint==fingerprint) {
+                            if (ZitiService.data[j].PostureChecks && ZitiService.data[j].PostureChecks.length>0) {
+                                for (let k=0; k<ZitiService.data[j].PostureChecks.length; k++) {
+                                    if (ZitiService.data[j].PostureChecks[k].Timeout>-1) {
+                                        ZitiService.data[j].PostureChecks[k].TimeoutRemaining = ZitiService.data[j].PostureChecks[k].Timeout;
+                                    }
+                                }
+                            }
+                            ZitiService.data[j].TimeoutRemaining = ZitiService.data[j].Timeout;
+                        }
+                    }
+                    if (ZitiIdentity.data[i].Services && ZitiIdentity.data[i].Services.length>0) {
+                        for (let j=0; j<ZitiIdentity.data[i].Services.length; j++) {
+                            if (ZitiIdentity.data[i].Services[j].PostureChecks && ZitiIdentity.data[i].Services[j].PostureChecks.length>0) {
+                                for (let k=0; k<ZitiIdentity.data[i].Services[j].PostureChecks.length; k++) {
+                                    if (ZitiIdentity.data[i].Services[j].PostureChecks[k].Timeout>-1) {
+                                        ZitiIdentity.data[i].Services[j].PostureChecks[k].TimeoutRemaining = ZitiService.data[j].PostureChecks[k].Timeout;
+                                    }
+                                }
+                            }
+                            ZitiIdentity.data[i].Services[j].TimeoutRemaining = ZitiIdentity.data[i].Services[j].Timeout;
+                        }
+                    }
+                }
                 break;
             }
         }
@@ -332,8 +368,26 @@ var ZitiIdentity = {
                 $("#MfaStatus").find(".label").html(locale.get("Authorize"));
                 $("#MfaToggle").addClass("disabled");
             } else {
-                $("#MfaStatus").find(".icon").addClass("connected");
-                $("#MfaStatus").find(".label").html(locale.get("RecoveryCodes"));
+
+
+                var passed = moment.utc().diff(moment.utc(item.MfaLastUpdatedTime), "seconds");
+                if ((item.MfaMinTimeoutRem-passed) <= 0) {
+                    for (var i=0; i<ZitiIdentity.data.length; i++) {
+                        if (ZitiIdentity.data[i].FingerPrint==id) {
+                            ZitiIdentity.data[i].MfaNeeded = true;
+                            break;
+                        }
+                    }
+                    $("#MfaStatus").find(".icon").addClass("authorize");
+                    $("#MfaStatus").find(".label").html(locale.get("Authorize"));
+                    $("#MfaToggle").addClass("disabled");
+                } else {
+
+                    $("#MfaStatus").find(".icon").addClass("connected");
+                    $("#MfaStatus").find(".label").html(locale.get("RecoveryCodes"));
+                }
+
+
             }
             $("#MfaStatus").addClass("open");
             // Calc Time since
diff --git a/src/assets/scripts/mfa.js b/src/assets/scripts/mfa.js
@@ -12,6 +12,7 @@ var mfa = {
         $("#AuthenticateButton").click(mfa.verify);
         $("#SaveCodesButton").click(mfa.save);
         $("#MfaStatus").click(mfa.showAuthenticate);
+        $("#MfaTimeout").click(mfa.showAuthenticate);
         $("#ReAuthenticateButton").click(mfa.authenticate);
         $("#RemoveMfaButton").click(mfa.remove);
         $("#RecoveryMfaButton").click(mfa.recoveryAuth);
diff --git a/src/assets/styles/ziti.css b/src/assets/styles/ziti.css
@@ -1864,6 +1864,16 @@ input, select {
     opacity: 0.7;
 }
 
+#MfaTimeout {
+    cursor: pointer;
+    transition: var(--transition);
+    opacity: 1.0;
+}
+
+#MfaTimeout:hover {
+    opacity: 0.8;
+}
+
 .mainalert .info, .posturealert .info {
     position: relative;
     display: inline-block;
@@ -2610,7 +2620,7 @@ element.style {
     display: inline-block;
     margin-top: 20px;
     width: 100%;
-    padding-bottom: 50px;
+    padding-bottom: 120px;
 }
 
 #ServiceList {
diff --git a/src/package.json b/src/package.json
@@ -1,7 +1,7 @@
 {
   "name": "zitidesktopedge",
   "productName": "Ziti Desktop Edge (Preview)",
-  "version": "3.1.9",
+  "version": "3.2.0",
   "homepage": "openziti.io",
   "description": "Ziti Desktop Edge Client",
   "main": "app.js",
diff --git a/version b/version
@@ -1 +1 @@
-3.1.9
+3.2.0

Original file line number	Diff line number	Diff line change
`@@ -373,6 +373,11 @@ var app = {`
`373`	`373`	`} else if (message.Action=="auth_challenge") {`
`374`	`374`	`ZitiIdentity.SetMfaState(message.Fingerprint, message.Successful);`
`375`	`375`	`ZitiIdentity.refresh();`
	`376`	`+ ZitiService.refresh();`
	`377`	`+ } else if (message.Action=="mfa_auth_status") {`
	`378`	`+ ZitiIdentity.SetMfaState(message.Fingerprint, message.Successful);`
	`379`	`+ ZitiIdentity.refresh();`
	`380`	`+ ZitiService.refresh();`
`376`	`381`	`}`
`377`	`382`	`}`
`378`	`383`	`} else {`
Original file line number	Diff line number	Diff line change
`@@ -1,7 +1,7 @@`
`1`	`1`	`{`
`2`	`2`	`"name": "zitidesktopedge",`
`3`	`3`	`"productName": "Ziti Desktop Edge (Preview)",`
`4`		`- "version": "3.1.9",`
	`4`	`+ "version": "3.2.0",`
`5`	`5`	`"homepage": "openziti.io",`
`6`	`6`	`"description": "Ziti Desktop Edge Client",`
`7`	`7`	`"main": "app.js",`