wikimedia/mediawiki-extensions-OATHAuth
1
0
Fork 0
mirror of https://gerrit.wikimedia.org/r/mediawiki/extensions/OATHAuth synced 2024-11-23 15:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge "ApiOATHValidate: Remove use of getModule()"

Browse source
This commit is contained in:
jenkins-bot 2024-11-06 14:55:21 +00:00 committed by Gerrit Code Review
parent b5bb50a0ae ffe501d64f
commit 1335d98592
1 changed files with 24 additions and 22 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

46
src/Api/Module/ApiOATHValidate.php
View file

@ -21,7 +21,6 @@ namespace MediaWiki\Extension\OATHAuth\Api\Module;
use MediaWiki\Api\ApiBase;
use MediaWiki\Api\ApiMain;
use MediaWiki\Api\ApiResult;
use MediaWiki\Extension\OATHAuth\IModule;
use MediaWiki\Extension\OATHAuth\OATHUserRepository;
use MediaWiki\Json\FormatJson;
use MediaWiki\Logger\LoggerFactory;
@ -77,30 +76,33 @@ class ApiOATHValidate extends ApiBase {
if ( $user->isNamed() ) {
$authUser = $this->oathUserRepository->findByUser( $user );
if ( $authUser ) {
$module = $authUser->getModule();
if ( $module instanceof IModule ) {
$data = [];
$decoded = FormatJson::decode( $params['data'], true );
if ( is_array( $decoded ) ) {
$data = $decoded;
if ( $authUser->isTwoFactorAuthEnabled() ) {
$result['enabled'] = true;
$data = [];
$decoded = FormatJson::decode( $params['data'], true );
if ( is_array( $decoded ) ) {
$data = $decoded;
}
foreach ( $authUser->getKeys() as $key ) {
if ( $key->verify( $data, $authUser ) !== false ) {
$result['valid'] = true;
break;
}
}
$result['enabled'] = $module->isEnabled( $authUser );
$result['valid'] = $module->verify( $authUser, $data ) !== false;
if ( !$result['valid'] ) {
// Increase rate limit counter for failed request
$user->pingLimiter( 'badoath' );
if ( !$result['valid'] ) {
// Increase rate limit counter for failed request
$user->pingLimiter( 'badoath' );
LoggerFactory::getInstance( 'authentication' )->info(
'OATHAuth user {user} failed OTP token/recovery code from {clientip}',
[
'user' => $user,
'clientip' => $user->getRequest()->getIP(),
]
);
}
LoggerFactory::getInstance( 'authentication' )->info(
'OATHAuth user {user} failed OTP token/recovery code from {clientip}',
[
'user' => $user,
'clientip' => $user->getRequest()->getIP(),
]
);
}
}
}