From 86ddbc7c8c05664886d3cbd6f484d2ff8afb0f1c Mon Sep 17 00:00:00 2001 From: lhhyung Date: Fri, 1 Nov 2024 12:46:56 +0900 Subject: [PATCH] refactor: Update MFA requirement to apply only for LOCAL auth_type --- src/spaceone/identity/manager/secret_manager.py | 5 ++++- src/spaceone/identity/service/token_service.py | 2 +- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/src/spaceone/identity/manager/secret_manager.py b/src/spaceone/identity/manager/secret_manager.py index e72ae62..649e815 100644 --- a/src/spaceone/identity/manager/secret_manager.py +++ b/src/spaceone/identity/manager/secret_manager.py @@ -131,7 +131,10 @@ def delete_user_secret(self, user_secret_id: str) -> None: def delete_user_secret_with_system_token(self, domain_id: str, user_secret_id: str) -> None: system_token = config.get_global("TOKEN") - self.secret_conn.dispatch("UserSecret.delete", {"user_secret_id": user_secret_id}, x_domain_id=domain_id, token=system_token) + self.secret_conn.dispatch("UserSecret.delete", + {"user_secret_id": user_secret_id}, + x_domain_id=domain_id, + token=system_token) def get_user_otp_secret_key(self, user_secret_id: str, domain_id: str = None) -> str: user_secret_info = self.get_user_secret_data(user_secret_id, domain_id) diff --git a/src/spaceone/identity/service/token_service.py b/src/spaceone/identity/service/token_service.py index 3c20598..91bc0b3 100644 --- a/src/spaceone/identity/service/token_service.py +++ b/src/spaceone/identity/service/token_service.py @@ -88,7 +88,7 @@ def issue(self, params: TokenIssueRequest) -> Union[TokenResponse, dict]: mfa_user_id = user_vo.user_id - if user_mfa.get("state", "DISABLED") == "ENABLED" and params.auth_type != "MFA": + if user_mfa.get("state", "DISABLED") == "ENABLED" and params.auth_type == "LOCAL": mfa_manager = MFAManager.get_manager_by_mfa_type(mfa_type) if mfa_type == "EMAIL": mfa_email = user_mfa["options"].get("email")