teraßyte Posted March 9 Posted March 9 There is some unused code in the Authy handler file /system/MFA/Authy/Handler.php in the verifyApiKey() function at the end of the file: public static function verifyApiKey( $val ) { try { return \IPS\Http\Url::external("https://api.authy.com/protected/json/app/details")->setQueryString( 'api_key', $val )->request()->get()->decodeJson(); } catch ( \IPS\Http\Request\Exception $e ) { throw new \DomainException( $e->getMessage() ); } if ( !$response['success'] ) { throw new \DomainException( $response['message'] ); } } The IF after the TRY/CATCH is never executed, it either returns inside the TRY or throws an exception in the CATCH: if ( !$response['success'] ) { throw new \DomainException( $response['message'] ); } It can be removed. SeNioR- 1
Jim M Posted March 10 Posted March 10 Thank you for bringing this issue to our attention! I can confirm this should be further reviewed and I have logged an internal bug report for our development team to investigate and address as necessary, in a future maintenance release.
Recommended Posts