Merge pull request #1064 from lizduty/stateTokenJSON

add another regex for finding state tokens
Versent · May 31, 2023 · c00663f · c00663f
2 parents 1c426cc + 62d08d6
commit c00663f
Show file tree

Hide file tree

Showing 2 changed files with 21 additions and 5 deletions.
diff --git a/pkg/provider/okta/okta.go b/pkg/provider/okta/okta.go
@@ -607,12 +607,22 @@ func (oc *Client) getStateToken(req *http.Request, loginDetails *creds.LoginDeta
 }
 
 func getStateTokenFromOktaPageBody(responseBody string) (string, error) {
-	re := regexp.MustCompile("var stateToken = [\"|'](.*)[\"|'];")
-	match := re.FindStringSubmatch(responseBody)
-	if len(match) < 2 {
-		return "", errors.New("cannot find state token")
+	regexes := []*regexp.Regexp{
+		regexp.MustCompile("var stateToken = [\"|'](.*)[\"|'];"),
+		// Found on the "extra verification" page
+		// hiding in a Javascript object
+		regexp.MustCompile(`"stateToken":"([^"]*)"`),
 	}
-	return strings.Replace(match[1], `\x2D`, "-", -1), nil
+
+	for _, re := range regexes {
+		match := re.FindStringSubmatch(responseBody)
+		if len(match) >= 2 {
+			return strings.Replace(match[1], `\x2D`, "-", -1), nil
+		}
+	}
+
+	return "", errors.New("cannot find state token")
+
 }
 
 func parseMfaIdentifer(json string, arrayPosition int) (string, string, string) {

diff --git a/pkg/provider/okta/okta_test.go b/pkg/provider/okta/okta_test.go
@@ -53,6 +53,12 @@ func TestGetStateTokenFromOktaPageBody(t *testing.T) {
 			stateToken: "12345-6789",
 			err:        nil,
 		},
+		{
+			title:      "javascript state token inside JSON",
+			body:       `U0h8","stateToken":"c0ffeeda7e","helpLinks":{"help"`,
+			stateToken: "c0ffeeda7e",
+			err:        nil,
+		},
 	}
 	for _, test := range tests {
 		t.Run(test.title, func(t *testing.T) {