mirror of
https://gerrit.wikimedia.org/r/mediawiki/extensions/OATHAuth
synced 2024-12-04 20:58:25 +00:00
TOTPKey: Add better fallback attempts to find a useable cache
Bug: T330086
Change-Id: Iee5e2d95ef365c9f1767491d3a7008b7bd0eabdb
(cherry picked from commit 547da1a0c1
)
This commit is contained in:
parent
670163e8f8
commit
b74222dce8
|
@ -21,6 +21,7 @@ namespace MediaWiki\Extension\OATHAuth\Key;
|
|||
|
||||
use Base32\Base32;
|
||||
use DomainException;
|
||||
use EmptyBagOStuff;
|
||||
use Exception;
|
||||
use jakobo\HOTP\HOTP;
|
||||
use MediaWiki\Extension\OATHAuth\IAuthKey;
|
||||
|
@ -29,6 +30,7 @@ use MediaWiki\Extension\OATHAuth\OATHUserRepository;
|
|||
use MediaWiki\Logger\LoggerFactory;
|
||||
use MediaWiki\MediaWikiServices;
|
||||
use MWException;
|
||||
use ObjectCache;
|
||||
use Psr\Log\LoggerInterface;
|
||||
|
||||
/**
|
||||
|
@ -143,10 +145,17 @@ class TOTPKey implements IAuthKey {
|
|||
|
||||
// Prevent replay attacks
|
||||
$store = MediaWikiServices::getInstance()->getMainObjectStash();
|
||||
|
||||
if ( $store instanceof EmptyBagOStuff ) {
|
||||
// Try and find some usable cache if the MainObjectStash isn't useful
|
||||
$store = ObjectCache::getLocalServerInstance( CACHE_ANYTHING );
|
||||
}
|
||||
|
||||
$uid = MediaWikiServices::getInstance()
|
||||
->getCentralIdLookupFactory()
|
||||
->getLookup()
|
||||
->centralIdFromLocalUser( $user->getUser() );
|
||||
|
||||
$key = $store->makeKey( 'oathauth-totp', 'usedtokens', $uid );
|
||||
$lastWindow = (int)$store->get( $key );
|
||||
|
||||
|
|
Loading…
Reference in a new issue