If a password incidentally has 6 numbers at the end the module will assume that those 6 numbers are an otp code and hence the login will fail.
I'm not sure what the best approach to this is. A global setting to block otp only fixes this if no user uses 2fa.
Maybe best would be to try to auth first with the code and afterwards with the full supplied string/password.
like so on main.go line 247+:
if err != nil {
if hasOtpInPassword {
// we parsed the password and assumed the last 6 digits were an otp code... sadly they weren't
// so let's try again with the full password
accessToken, err = passwordCredentialsTokenEx(
oauth2Context,
oauth2Config,
fmt.Sprintf(config.UsernameFormat, username),
inputStdio,
"",
config.Scope,
extraParameters,
)
}
if err != nil {
log.Print(sid, strings.ReplaceAll(err.Error(), "\n", ". "))
os.Exit(2)
}
}
If a password incidentally has 6 numbers at the end the module will assume that those 6 numbers are an otp code and hence the login will fail.
I'm not sure what the best approach to this is. A global setting to block otp only fixes this if no user uses 2fa. Maybe best would be to try to auth first with the code and afterwards with the full supplied string/password.
like so on main.go line 247+: