Refactor Reauthenticate components - follow up fixes (#50355)

* Capitalize MFA in deleteMfaDeviceRequest. * Fix/add TODOs for new mfa device management endpoints.
gravitational · Dec 17, 2024 · 1957489 · 1957489
1 parent 194850c
commit 1957489
Show file tree

Hide file tree

Showing 3 changed files with 5 additions and 4 deletions.
diff --git a/lib/web/apiserver.go b/lib/web/apiserver.go
@@ -917,8 +917,9 @@ func (h *Handler) bindDefaultEndpoints() {
 
 	// MFA private endpoints.
 	h.GET("/webapi/mfa/devices", h.WithAuth(h.getMFADevicesHandle))
-	h.DELETE("/webapi/mfa/devices", h.WithAuth(h.deleteMFADeviceHandle))
 	h.POST("/webapi/mfa/authenticatechallenge", h.WithAuth(h.createAuthenticateChallengeHandle))
+	// TODO(Joerger) v19.0.0: currently unused, WebUI can use these in v19 without backwards compatibility concerns.
+	h.DELETE("/webapi/mfa/devices", h.WithAuth(h.deleteMFADeviceHandle))
 	h.POST("/webapi/mfa/registerchallenge", h.WithAuth(h.createRegisterChallengeHandle))
 
 	h.POST("/webapi/mfa/devices", h.WithAuth(h.addMFADeviceHandle))

diff --git a/lib/web/mfa.go b/lib/web/mfa.go
@@ -75,7 +75,7 @@ func (h *Handler) deleteMFADeviceWithTokenHandle(w http.ResponseWriter, r *http.
 	return OK(), nil
 }
 
-type deleteMfaDeviceRequest struct {
+type deleteMFADeviceRequest struct {
 	// DeviceName is the name of the device to delete.
 	DeviceName string `json:"deviceName"`
 	// ExistingMFAResponse is an MFA challenge response from an existing device.
@@ -85,7 +85,7 @@ type deleteMfaDeviceRequest struct {
 
 // deleteMFADeviceHandle deletes an mfa device for the user defined in the `token`, given as a query parameter.
 func (h *Handler) deleteMFADeviceHandle(w http.ResponseWriter, r *http.Request, p httprouter.Params, c *SessionContext) (interface{}, error) {
-	var req deleteMfaDeviceRequest
+	var req deleteMFADeviceRequest
 	if err := httplib.ReadJSON(r, &req); err != nil {
 		return nil, trace.Wrap(err)
 	}

diff --git a/web/packages/teleport/src/Account/ManageDevices/wizards/AddAuthDeviceWizard.tsx b/web/packages/teleport/src/Account/ManageDevices/wizards/AddAuthDeviceWizard.tsx
@@ -101,7 +101,7 @@ export function AddAuthDeviceWizard({
   // TODO(Joerger): v19.0.0
   // A user without devices can register their first device without a privilege token
   // too, but the existing web register endpoint requires privilege token.
-  // We have a new endpoint "/v1/webapi/users/devices" which does not
+  // We have a new endpoint "/v1/webapi/mfa/registerchallenge" which does not
   // require token, but can't be used until v19 for backwards compatibility.
   // Once in use, we can leave privilege token empty here.
   useEffect(() => {