Fix enableOTP handling to match docs: prioritize store, then extens…

…ion config (browserpass#308)
uninsane · Nov 22, 2022 · 21f3431 · 21f3431
1 parent 0fd15fd
commit 21f3431
Show file tree

Hide file tree

Showing 3 changed files with 26 additions and 25 deletions.
diff --git a/src/background.js b/src/background.js
@@ -450,7 +450,7 @@ async function fillFields(settings, login, fields) {
     // build focus or submit request
     let focusOrSubmitRequest = {
         origin: new BrowserpassURL(settings.tab.url).origin,
-        autoSubmit: getSetting("autoSubmit", login, settings),
+        autoSubmit: helpers.getSetting("autoSubmit", login, settings),
         filledFields: filledFields,
     };
 
@@ -561,25 +561,6 @@ async function getFullSettings() {
     return settings;
 }
 
-/**
- * Get most relevant setting value
- *
- * @param string key      Setting key
- * @param object login    Login object
- * @param object settings Settings object
- * @return object Setting value
- */
-function getSetting(key, login, settings) {
-    if (typeof login.settings[key] !== "undefined") {
-        return login.settings[key];
-    }
-    if (typeof settings.stores[login.store.id].settings[key] !== "undefined") {
-        return settings.stores[login.store.id].settings[key];
-    }
-
-    return settings[key];
-}
-
 /**
  * Deep copy an object
  *
@@ -743,7 +724,7 @@ async function handleMessage(settings, message, sendResponse) {
             }
             break;
         case "copyOTP":
-            if (settings.enableOTP) {
+            if (helpers.getSetting("enableOTP", message.login, settings)) {
                 try {
                     if (!message.login.fields.otp) {
                         throw new Exception("No OTP seed available");
@@ -815,8 +796,8 @@ async function handleMessage(settings, message, sendResponse) {
 
                 // copy OTP token after fill
                 if (
-                    settings.enableOTP &&
                     typeof message.login !== "undefined" &&
+                    helpers.getSetting("enableOTP", message.login, settings) &&
                     message.login.fields.hasOwnProperty("otp")
                 ) {
                     copyToClipboard(helpers.makeTOTP(message.login.fields.otp.params));
@@ -968,7 +949,7 @@ async function parseFields(settings, login) {
             if (key === "secret" && lines.length) {
                 login.fields.secret = lines[0];
             } else if (key === "login") {
-                const defaultUsername = getSetting("username", login, settings);
+                const defaultUsername = helpers.getSetting("username", login, settings);
                 login.fields[key] = defaultUsername || login.login.match(/([^\/]+)$/)[1];
             } else {
                 delete login.fields[key];
@@ -982,7 +963,7 @@ async function parseFields(settings, login) {
     }
 
     // preprocess otp
-    if (settings.enableOTP && login.fields.hasOwnProperty("otp")) {
+    if (helpers.getSetting("enableOTP", login, settings) && login.fields.hasOwnProperty("otp")) {
         if (login.fields.otp.match(/^otpauth:\/\/.+/i)) {
             // attempt to parse otp data as URI
             try {

diff --git a/src/helpers.js b/src/helpers.js
@@ -11,12 +11,32 @@ const BrowserpassURL = require("@browserpass/url");
 module.exports = {
     prepareLogins,
     filterSortLogins,
+    getSetting,
     ignoreFiles,
     makeTOTP,
 };
 
 //----------------------------------- Function definitions ----------------------------------//
 
+/**
+ * Get most relevant setting value
+ *
+ * @param string key      Setting key
+ * @param object login    Login object
+ * @param object settings Settings object
+ * @return object Setting value
+ */
+function getSetting(key, login, settings) {
+    if (typeof login.settings[key] !== "undefined") {
+        return login.settings[key];
+    }
+    if (typeof settings.stores[login.store.id].settings[key] !== "undefined") {
+        return settings.stores[login.store.id].settings[key];
+    }
+
+    return settings[key];
+}
+
 /**
  * Get the deepest available domain component of a path
  *

diff --git a/src/popup/detailsInterface.js b/src/popup/detailsInterface.js
@@ -103,7 +103,7 @@ function view(ctl, params) {
             ]),
             (() => {
                 if (
-                    this.settings.enableOTP &&
+                    helpers.getSetting("enableOTP", login, this.settings) &&
                     login.fields.otp &&
                     login.fields.otp.params.type === "totp"
                 ) {