feat(GODT-2908): Fix HV submission

Both method and token are required. Also expose a `GetUserWithHV` function since it is possible to trigger HV after successful login. It's advised that all clients get the user details after login to handle this workflow.
ProtonMail · Oct 17, 2023 · d275edd · d275edd
1 parent 8f03c5a
commit d275edd
Show file tree

Hide file tree

Showing 3 changed files with 26 additions and 13 deletions.
diff --git a/hv.go b/hv.go
@@ -0,0 +1,15 @@
+package proton
+
+import (
+	"strings"
+
+	"github.com/go-resty/resty/v2"
+)
+
+func addHVToRequest(req *resty.Request, hv *APIHVDetails) *resty.Request {
+	if hv == nil {
+		return req
+	}
+
+	return req.SetHeader(hvPMTokenHeaderField, hv.Token).SetHeader(hvPMTokenType, strings.Join(hv.Methods, ","))
+}
diff --git a/manager_auth.go b/manager_auth.go
@@ -5,7 +5,6 @@ import (
 	"context"
 	"encoding/base64"
 	"errors"
-
 	"github.com/ProtonMail/go-srp"
 	"github.com/ProtonMail/gopenpgp/v2/crypto"
 	"github.com/go-resty/resty/v2"
@@ -29,10 +28,10 @@ func (m *Manager) NewClientWithRefresh(ctx context.Context, uid, ref string) (*C
 }
 
 func (m *Manager) NewClientWithLogin(ctx context.Context, username string, password []byte) (*Client, Auth, error) {
-	return m.NewClientWithLoginWithHVToken(ctx, username, password, "")
+	return m.NewClientWithLoginWithHVToken(ctx, username, password, nil)
 }
 
-func (m *Manager) NewClientWithLoginWithHVToken(ctx context.Context, username string, password []byte, hvToken string) (*Client, Auth, error) {
+func (m *Manager) NewClientWithLoginWithHVToken(ctx context.Context, username string, password []byte, hv *APIHVDetails) (*Client, Auth, error) {
 	info, err := m.AuthInfo(ctx, AuthInfoReq{Username: username})
 	if err != nil {
 		return nil, Auth{}, err
@@ -53,7 +52,7 @@ func (m *Manager) NewClientWithLoginWithHVToken(ctx context.Context, username st
 		ClientProof:     base64.StdEncoding.EncodeToString(proofs.ClientProof),
 		ClientEphemeral: base64.StdEncoding.EncodeToString(proofs.ClientEphemeral),
 		SRPSession:      info.SRPSession,
-	}, hvToken)
+	}, hv)
 	if err != nil {
 		return nil, Auth{}, err
 	}
@@ -94,17 +93,12 @@ func (m *Manager) AuthModulus(ctx context.Context) (AuthModulus, error) {
 	return res, nil
 }
 
-func (m *Manager) auth(ctx context.Context, req AuthReq, hvToken string) (Auth, error) {
+func (m *Manager) auth(ctx context.Context, req AuthReq, hv *APIHVDetails) (Auth, error) {
 	var res struct {
 		Auth
 	}
 
-	request := m.r(ctx)
-	if len(hvToken) != 0 {
-		request = request.SetHeader(hvPMTokenHeaderField, hvToken).SetHeader(hvPMTokenType, "captcha")
-	}
-
-	if _, err := request.SetBody(req).SetResult(&res).Post("/auth/v4"); err != nil {
+	if _, err := addHVToRequest(m.r(ctx), hv).SetBody(req).SetResult(&res).Post("/auth/v4"); err != nil {
 		return Auth{}, err
 	}
 

diff --git a/user.go b/user.go
@@ -9,12 +9,16 @@ import (
 )
 
 func (c *Client) GetUser(ctx context.Context) (User, error) {
+	return c.GetUserWithHV(ctx, nil)
+}
+
+func (c *Client) GetUserWithHV(ctx context.Context, hv *APIHVDetails) (User, error) {
 	var res struct {
 		User User
 	}
 
-	if err := c.do(ctx, func(r *resty.Request) (*resty.Response, error) {
-		return r.SetResult(&res).Get("/core/v4/users")
+	if _, err := c.doRes(ctx, func(r *resty.Request) (*resty.Response, error) {
+		return addHVToRequest(r, hv).SetResult(&res).Get("/core/v4/users")
 	}); err != nil {
 		return User{}, err
 	}