wikimedia/mediawiki-extensions-OATHAuth
1
0
Fork 0
mirror of https://gerrit.wikimedia.org/r/mediawiki/extensions/OATHAuth synced 2024-12-01 03:16:24 +00:00
Code Issues Packages Projects Releases Wiki Activity
1454 commits 11 branches 24 tags 23 MiB
Commit graph

18 commits

Author SHA1 Message Date
Taavi Väänänen c09ec34213
Make Key objects aware of their database IDs 
Bug: T242031
Depends-On: I1db9b04a42783b8b64ed69f1f950c794c8659209
Change-Id: I0d8d0a42ce627387949dbbbb32fc318088b3538e
 2024-03-02 18:53:00 +02:00
Taavi Väänänen 4fee32d2f3
Do not use Module when disabling OAuth for a user 
Bug: T242031
Change-Id: I4d4922b9e17d9272e59d6a8af3cb4e2acd48dd9f
 2023-12-22 00:54:53 +02:00
Reedy c56496d62f Various minor cleanup 
Change-Id: Idbf84a1f49f1afbd2d3a342cedd72895c5378bc6
 2023-10-10 23:29:21 +01:00
Kunal Mehta 329c3133d6 Send a notification when 2FA is disabled 
Notify users when 2FA is disabled on their account in case something was
fishy about it. This notification is a "system" notification that will
be displayed in the web UI and sent over email. It can't be opted out of
as a preference.

The notification links to Special:Preferences, where users can see their
2FA status and re-enable it if they want. A secondary help link goes to
[[mw:Help:Two-factor authentication]], but can be overridden by
adjusting the "oathauth-notifications-disable-helplink" message. The
notification text is different based on whether the user disabled 2FA on
their own, or an admin used the special page or a maint script to do it.

On Wikimedia wikis, we'll use the WikimediaMessages extension to
customize the messages.

The Echo (Notifications) extension is not required, this will gracefully
do nothing if it's not enabled.

Bug: T210075
Bug: T210963
Change-Id: I99077ea082b8483cc4fd77573a0d00fa98201f15
 2022-02-17 00:14:20 -08:00
DannyS712 e801672feb disableOATHAuthForUser: Use fatalError 
Bug: T268303
Change-Id: I93474a87e4263edfb46dce80e7216ec74a94580c
 2020-11-20 04:11:56 +00:00
libraryupgrader 5b1a07906a build: Updating mediawiki/mediawiki-codesniffer to 29.0.0 
The following sniffs are failing and were disabled:
* MediaWiki.Commenting.FunctionComment.MissingDocumentationPrivate
* MediaWiki.Commenting.FunctionComment.MissingParamName
* MediaWiki.Commenting.FunctionComment.MissingParamTag
* MediaWiki.Commenting.FunctionComment.MissingReturn

Additional changes:
* Also sorted "composer fix" command to run phpcbf last.

Change-Id: Idb1b91244e653b2ba2e27bceb3eba769577124a9
 2020-01-14 08:27:31 +00:00
Umherirrender 712fe51fd5 Use Maintenance::addDescription 
It is better to use a setter function than setting a property

Change-Id: Iea7f9ca69a3435e77101e05c60c3fb1ca6fe0501
 2019-08-19 20:00:48 +02:00
Dejan Savuljesku ea984e5c2b Refactor the extension to support multiple auth modules 
Please note, this patch requires a schema change before merging

Change-Id: I71286534d21d95083436d64d79811943c1a1d032
ERM: #14484
Bug: T218210
 2019-06-18 10:45:21 +00:00
Umherirrender 11ee994993 Use ::class for class name resolution 
Available since php5.5

Change-Id: Ibb6c84372ac5b82099536fea304fcdefd3693f60
 2019-03-03 02:05:56 +01:00
Gergő Tisza 30ed1852b2 Make disableOATHAuthForUser.php log out the affected user 
Bug: T189537
Change-Id: Ib8141aedd674ebbc7b103e1f2e8ba6bf99945b61
 2018-12-27 20:41:11 +00:00
Reedy 1871a9abe1 Re-instate "Add some logging of OATHAuth actions" 
This reverts commit 69b6292c12.

Bug: T151010
Change-Id: I6f610551bc4bd1e78c0282011b80a3f3e70b8885
 2018-12-18 17:34:37 +00:00
SBassett 69b6292c12 Revert "Add some logging of OATHAuth actions" 
This reverts commit 5acd2eed17.

Bug: T210643
Change-Id: I051cba39bf65f553dfeee9aaf7e9ca1155617dfc
 2018-11-28 22:50:12 +00:00
jenkins-bot eff7041be3 Merge "Add some logging of OATHAuth actions" 2018-11-16 18:40:01 +00:00
Umherirrender f8b629f39b Add method scope visibility 
Change-Id: I6f4d4acf4fcb4aab318ca217dd4e6185f383e27e
 2018-11-02 11:26:41 +01:00
Reedy 5acd2eed17 Add some logging of OATHAuth actions 
Logs:
* User enrolling in OATHAuth
* User un-enrolling in OATHAuth
* Scratch token used
* 2FA disabled via a maintenance script
* 2FA disabled via Special:DisableOATHForUser
* Logged in using OTP
* User attempted to enable 2FA using a scratch token
* User attempted to enable 2FA using an invalid OTP

Bug: T151010
Change-Id: Ie6ee610a11814616d34c3d9f5467a563f0db2df3
 2018-10-26 15:47:01 +00:00
Kunal Mehta 5de762d11e build: Updating mediawiki/mediawiki-codesniffer to 0.11.0 
Change-Id: I9cb1df1c9c56bbcb26c9606f33949185ba0235a4
 2017-08-11 00:08:50 -04:00
Kunal Mehta c02f2f13b5 build: Updating mediawiki/mediawiki-codesniffer to 0.10.0 
The following sniffs are failing and were disabled:
* MediaWiki.Commenting.FunctionComment.MissingParamComment
* MediaWiki.Commenting.FunctionComment.MissingParamTag
* MediaWiki.Commenting.FunctionComment.MissingReturn
* MediaWiki.Commenting.FunctionComment.ParamNameNoMatch
* MediaWiki.FunctionComment.Missing.Protected
* MediaWiki.FunctionComment.Missing.Public

Change-Id: I79250c955f70faf177ada5c7328576abed88011c
 2017-07-07 17:50:56 +02:00
Reedy d9f94e41e6 Add a maintenance script to disable oathauth for a username 
Change-Id: I230ce0eafc7576a84dd577dd594ed46236924688
 2017-07-04 20:58:31 +00:00