mirror of
https://github.com/gravitational/teleport
synced 2024-10-20 17:23:22 +00:00
Change generic headless error. (#23331)
This commit is contained in:
parent
16f93c6aa9
commit
b94893c968
|
@ -162,6 +162,9 @@ func (s *Server) AuthenticateUser(ctx context.Context, req AuthenticateUserReque
|
|||
}
|
||||
|
||||
var (
|
||||
// authenticateHeadlessError is the generic error returned for failed headless
|
||||
// authentication attempts.
|
||||
authenticateHeadlessError = trace.AccessDenied("headless authentication failed")
|
||||
// authenticateWebauthnError is the generic error returned for failed WebAuthn
|
||||
// authentication attempts.
|
||||
authenticateWebauthnError = trace.AccessDenied("invalid Webauthn response")
|
||||
|
@ -171,9 +174,6 @@ var (
|
|||
// invalidUserpass2FError is the error for when either the provided username,
|
||||
// password, or second factor is incorrect.
|
||||
invalidUserPass2FError = trace.AccessDenied("invalid username, password or second factor")
|
||||
// invalidHeadlessAuthenticationError is the generic error returned for failed headless
|
||||
// authentication attempts.
|
||||
invalidHeadlessAuthenticationError = trace.AccessDenied("invalid Headless authentication")
|
||||
)
|
||||
|
||||
// IsInvalidLocalCredentialError checks if an error resulted from an incorrect username,
|
||||
|
@ -208,12 +208,12 @@ func (s *Server) authenticateUser(ctx context.Context, req AuthenticateUserReque
|
|||
mfaDevice, err := s.authenticateHeadless(ctx, req)
|
||||
if err != nil {
|
||||
log.Debugf("Headless Authentication for user %q failed while waiting for approval: %v", user, err)
|
||||
return nil, "", trace.Wrap(invalidHeadlessAuthenticationError)
|
||||
return nil, "", trace.Wrap(authenticateHeadlessError)
|
||||
}
|
||||
authenticateFn = func() (*types.MFADevice, error) {
|
||||
return mfaDevice, nil
|
||||
}
|
||||
authErr = invalidHeadlessAuthenticationError
|
||||
authErr = authenticateHeadlessError
|
||||
case req.Webauthn != nil:
|
||||
authenticateFn = func() (*types.MFADevice, error) {
|
||||
mfaResponse := &proto.MFAAuthenticateResponse{
|
||||
|
|
Loading…
Reference in a new issue