fix: Add a code path for clients trying to use fallback auth

2026-01-21 12:24:48 -05:00 · 2026-01-21 12:24:48 -05:00 · 77c0f6e0c6
commit 77c0f6e0c6
parent c85e710760
1 changed files with 10 additions and 0 deletions
--- a/src/service/uiaa/mod.rs
+++ b/src/service/uiaa/mod.rs
@ -233,6 +233,16 @@ pub async fn try_auth(
 		| AuthData::Dummy(_) => {
 			uiaainfo.completed.push(AuthType::Dummy);
 		},
+		| AuthData::FallbackAcknowledgement(_) => {
+			// The client is checking if authentication has succeeded out-of-band. This is
+			// possible if the client is using "fallback auth" (see spec section
+			// 4.9.1.4), which we don't support (and probably never will, because it's a
+			// disgusting hack).
+
+			// Return early to tell the client that no, authentication did not succeed while
+			// it wasn't looking.
+			return Ok((false, uiaainfo));
+		},
 		| k => error!("type not supported: {:?}", k),
 	}