From deeb5ebdbd59956f5f6cf1bfa989ef41c9af9720 Mon Sep 17 00:00:00 2001 From: Jonathan Druart Date: Tue, 6 Jun 2023 10:42:20 +0200 Subject: [PATCH] Bug 33904: Fix 2FA registration when library name has non-latin characters MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit If the library name contains non-latin characters, the 2FA registration process will fail with a JS alert coming from a 500 server-side. The problem is that Auth::GoogleAuth is expecting an already UTF8 encoded string. We should set the encoding correctly to make Auth::GoogleAuth deal with the URL escaping internally correctly, then decode on our own (in the REST API controller) Test plan: * Modify your logged in library name and add some non-latin characters (eg. "my ❤ library") * Turn on TwoFactorAuthentication * Go to your account > More > Manage 2FA * Click the enable button => Notice that you see the QR code and that both "issuer" and "key id" entries display the library name correctly. * Test the whole 2FA process, confirm that the library name is correctly displayed on the app you are using. Signed-off-by: Martin Renvoize Signed-off-by: Katrin Fischer Signed-off-by: Tomas Cohen Arazi --- Koha/Auth/TwoFactorAuth.pm | 2 +- Koha/REST/V1/TwoFactorAuth.pm | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/Koha/Auth/TwoFactorAuth.pm b/Koha/Auth/TwoFactorAuth.pm index 5cd6d13ac7..6937ab9060 100644 --- a/Koha/Auth/TwoFactorAuth.pm +++ b/Koha/Auth/TwoFactorAuth.pm @@ -75,7 +75,7 @@ sub new { Koha::Exceptions::MissingParameter->throw("No secret passed or patron has no secret"); } - my $issuer = $patron->library->branchname; + my $issuer = Encode::encode_utf8($patron->library->branchname); my $key_id = sprintf "%s_%s", $issuer, ( $patron->email || $patron->userid ); diff --git a/Koha/REST/V1/TwoFactorAuth.pm b/Koha/REST/V1/TwoFactorAuth.pm index f9f199f74b..29679a544c 100644 --- a/Koha/REST/V1/TwoFactorAuth.pm +++ b/Koha/REST/V1/TwoFactorAuth.pm @@ -98,8 +98,8 @@ sub registration { { patron => $patron, secret => $secret } ); my $response = { - issuer => $auth->issuer, - key_id => $auth->key_id, + issuer => Encode::decode_utf8($auth->issuer), + key_id => Encode::decode_utf8($auth->key_id), qr_code => $auth->qr_code, secret32 => $auth->secret32, -- 2.39.5