func()

in pkg/provider/aad/aad.go [503:559]

• 50 lines of code
• 11 McCabe index (conditional complexity)

func (ac *Client) processMfaBeginAuth(mfas []userProof, convergedResponse *ConvergedResponse) (mfaResponse, error) {
	var res *http.Response
	var err error
	var mfaResp mfaResponse
	var req *http.Request

	mfa := mfas[0]
	switch ac.idpAccount.MFA {
	case "Auto":
		for _, v := range mfas {
			if v.IsDefault {
				mfa = v
				break
			}
		}
	default:
		for _, v := range mfas {
			if v.AuthMethodID == ac.idpAccount.MFA {
				mfa = v
				break
			}
		}
	}
	mfaReqObj := mfaRequest{
		AuthMethodID: mfa.AuthMethodID,
		Method:       "BeginAuth",
		Ctx:          convergedResponse.SCtx,
		FlowToken:    convergedResponse.SFT,
	}
	mfaReqJson, err := json.Marshal(mfaReqObj)
	if err != nil {
		return mfaResp, errors.Wrap(err, "failed to build MFA BeginAuth request body")
	}

	req, err = http.NewRequest("POST", convergedResponse.URLBeginAuth, strings.NewReader(string(mfaReqJson)))
	if err != nil {
		return mfaResp, errors.Wrap(err, "error building MFA BeginAuth request")
	}

	req.Header.Add("Content-Type", "application/json")

	res, err = ac.client.Do(req)
	if err != nil {
		return mfaResp, errors.Wrap(err, "error retrieving MFA BeginAuth results")
	}

	err = json.NewDecoder(res.Body).Decode(&mfaResp)
	if err != nil {
		return mfaResp, errors.Wrap(err, "error decoding MFA BeginAuth results")
	}

	if !mfaResp.Success {
		return mfaResp, fmt.Errorf("MFA BeginAuth result is not success: %v", mfaResp.Message)
	}

	return mfaResp, nil
}