Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

TOTP execution exception [NoSuchElementException: None.get] #109

Closed
bravegag opened this issue Sep 27, 2019 · 4 comments
Closed

TOTP execution exception [NoSuchElementException: None.get] #109

bravegag opened this issue Sep 27, 2019 · 4 comments

Comments

@bravegag
Copy link
Contributor

@bravegag bravegag commented Sep 27, 2019

This occurs at totp.scala.html#l32 and it happens when the user enters an invalid or expired TOTP code (when the code is correct it works). The issue is due to the TotpController.view not populating the TotpForm "hidden fields" needed by the auth process.

This issue was originally reported in the Silhouette forum:
http://discourse.silhouette.rocks/t/execution-error-in-silhouette-seed-template/370

A patch will follow.

@bravegag

This comment has been minimized.

Copy link
Contributor Author

@bravegag bravegag commented Sep 27, 2019

The fix corresponds to the following two files:

bravegag@Zeus:~/code/play-silhouette-seed$ gits
On branch master
Your branch is up to date with 'origin/master'.

Changes not staged for commit:
  (use "git add <file>..." to update what will be committed)
  (use "git checkout -- <file>..." to discard changes in working directory)

	modified:   app/controllers/TotpController.scala
	modified:   conf/routes

no changes added to commit (use "git add" and/or "git commit -a")

and here goes the FIX content diff:

diff --git a/app/controllers/TotpController.scala b/app/controllers/TotpController.scala
index 6857441..9781df3 100644
--- a/app/controllers/TotpController.scala
+++ b/app/controllers/TotpController.scala
@@ -47,8 +47,8 @@ class TotpController @Inject() (
    * Views the `TOTP` page.
    * @return The result to display.
    */
-  def view = silhouette.UnsecuredAction.async { implicit request =>
-    Future.successful(Ok(views.html.totp(TotpForm.form)))
+  def view(userId: java.util.UUID, sharedKey: String, rememberMe: Boolean) = silhouette.UnsecuredAction.async { implicit request =>
+    Future.successful(Ok(views.html.totp(TotpForm.form.fill(TotpForm.Data(userId, sharedKey, rememberMe)))))
   }
 
   /**
@@ -94,7 +94,7 @@ class TotpController @Inject() (
           case _ => Future.successful(Redirect(routes.ApplicationController.index()).flashing("error" -> Messages("invalid.verification.code")))
         }.recover {
           case _: ProviderException =>
-            Redirect(routes.TotpController.view()).flashing("error" -> Messages("invalid.unexpected.totp"))
+            Redirect(routes.TotpController.view(user.userID, data.sharedKey, request.authenticator.cookieMaxAge.isDefined)).flashing("error" -> Messages("invalid.unexpected.totp"))
         }
       }
     )
@@ -108,14 +108,15 @@ class TotpController @Inject() (
     TotpForm.form.bindFromRequest.fold(
       form => Future.successful(BadRequest(views.html.totp(form))),
       data => {
+        val totpControllerRoute = routes.TotpController.view(data.userID, data.sharedKey, data.rememberMe)
         userService.retrieve(data.userID).flatMap {
           case Some(user) =>
             totpProvider.authenticate(data.sharedKey, data.verificationCode).flatMap {
               case Some(_) => authenticateUser(user, data.rememberMe)
-              case _ => Future.successful(Redirect(routes.TotpController.view()).flashing("error" -> Messages("invalid.verification.code")))
+              case _ => Future.successful(Redirect(totpControllerRoute).flashing("error" -> Messages("invalid.verification.code")))
             }.recover {
               case _: ProviderException =>
-                Redirect(routes.TotpController.view()).flashing("error" -> Messages("invalid.unexpected.totp"))
+                Redirect(totpControllerRoute).flashing("error" -> Messages("invalid.unexpected.totp"))
             }
           case None => Future.failed(new IdentityNotFoundException("Couldn't find user"))
         }
diff --git a/conf/routes b/conf/routes
index caf42d4..87db0e3 100644
--- a/conf/routes
+++ b/conf/routes
@@ -13,7 +13,7 @@ POST        /signUp                          controllers.SignUpController.submit
 GET         /signIn                          controllers.SignInController.view
 POST        /signIn                          controllers.SignInController.submit
 
-GET         /totp                            controllers.TotpController.view
+GET         /totp                            controllers.TotpController.view(userId: java.util.UUID, sharedKey: String, rememberMe: Boolean)
 GET         /enableTotp                      controllers.TotpController.enableTotp
 GET         /disableTotp                     controllers.TotpController.disableTotp
 POST        /totpSubmit                      controllers.TotpController.submit

I can't fork-PR because I forked this repo long time ago and have a lot of extensions that I don't want to lose. My bad.

@bravegag

This comment has been minimized.

Copy link
Contributor Author

@bravegag bravegag commented Sep 27, 2019

Here the zippped patch.

patch.zip

@akkie

This comment has been minimized.

Copy link
Member

@akkie akkie commented Sep 29, 2019

I can't fork-PR because I forked this repo long time ago and have a lot of extensions that I don't want to lose. My bad.

Normally you can use a branch in your clone that is based on the actual master of this repo. There is no need to reset your changes.

bravegag added a commit to bravegag/play-silhouette-seed that referenced this issue Sep 30, 2019
bravegag added a commit to bravegag/play-silhouette-seed that referenced this issue Oct 1, 2019
akkie added a commit that referenced this issue Oct 2, 2019
@akkie

This comment has been minimized.

Copy link
Member

@akkie akkie commented Oct 2, 2019

Fixed with #111

@akkie akkie closed this Oct 2, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
2 participants
You can’t perform that action at this time.