Commit graph

8 commits

Author SHA1 Message Date
Taavi Väänänen 6ef3d2418a
Database-level support for multiple auth devices
This adds new database tables to support storing multiple authentication
factors for a single user. The current approach taken is to use a single
database row per 2fa method and key. The current module/key abstraction
will have to be updated to support having multiple module types for a
single user (for example for having a separate module for recovery
codes), but this patch does not address that and instead keeps the
existing limitations, however the needed updates for that should be
doable with this database schema.

I've decided to add a new table instead of modifying the existing
oathauth_users table. This is mainly because adding an auto_increment
column to the existing table would be difficult, but also allows us to
update the table definition to follow MW conventions (namely the column
name prefixes). I've also used the opportunity to normalize the device
types onto a separate table.

The migration stage variable is set to SCHEMA_COMPAT_NEW so that
third-party wikis can use update.php normally and don't have to adjust
anything. This means that it needs to be manually set to _OLD on
wmf-config before merging this patch.

Since we're already working with the database schema, this add a new,
currently unused column for the creation data, so that T242847 will not
require a new schema change.

Bug: T242031
Bug: T242847
Change-Id: I6aa69c089340434737b55201b80398708a70c355
2023-02-24 15:33:00 +02:00
Taavi Väänänen e3d07eb0ae
Add separate OATHAuthDatabase service
Add a simple service to access the central database to decrease code
repetition.

Change-Id: Ib33000f4d44d77da31cc375e374cb595ad23bcbd
2023-01-30 14:16:37 +02:00
Taavi Väänänen c0da90be2b
Add separate OATHAuthModuleRegistry service
This new service is separated from the previous OATHAuth class to give
the service a more accurate name. Also removed unnecessary injected
services and do some other minor cleanup.

Change-Id: I8d5fbc7594b69168dc0c8bfade1ac172a5aeef6f
2023-01-01 21:17:04 +02:00
Taavi Väänänen f3382dd3d1
OATHUserRepository: rely less on global state
Inject more stuff into OATHUserRepository properly. Also done other misc
cleanup on that class.

Change-Id: I194345974146517c8216a81330cd930534d655e4
2023-01-01 01:59:22 +02:00
libraryupgrader c54975b884 build: Updating dependencies
composer:
* mediawiki/mediawiki-codesniffer: 35.0.0 → 36.0.0
* php-parallel-lint/php-parallel-lint: 1.2.0 → 1.3.0

npm:
* grunt: 1.3.0 → 1.4.0
* lodash: 4.17.19 → 4.17.21
  * https://npmjs.com/advisories/1673 (CVE-2021-23337)
* hosted-git-info: 3.0.7 → 3.0.8
  * https://npmjs.com/advisories/1677 (CVE-2021-23362)
* postcss: 7.0.35 → 8.2.15
  * https://npmjs.com/advisories/1693 (CVE-2021-23368)

Change-Id: I0ad0eba98f23846f5baa3a10433331356229fca8
2021-05-12 03:37:53 +00:00
libraryupgrader 5b1a07906a build: Updating mediawiki/mediawiki-codesniffer to 29.0.0
The following sniffs are failing and were disabled:
* MediaWiki.Commenting.FunctionComment.MissingDocumentationPrivate
* MediaWiki.Commenting.FunctionComment.MissingParamName
* MediaWiki.Commenting.FunctionComment.MissingParamTag
* MediaWiki.Commenting.FunctionComment.MissingReturn

Additional changes:
* Also sorted "composer fix" command to run phpcbf last.

Change-Id: Idb1b91244e653b2ba2e27bceb3eba769577124a9
2020-01-14 08:27:31 +00:00
James D. Forrester 76b859e36c build: Upgrade mediawiki-codesniffer to v28.0.0
Change-Id: Ie64f06dcec14b87a87db0ef03931196aeea41404
2019-10-11 10:58:52 -07:00
rvogel b9f768e20a Refactor includes to src #2
Bug: T218210

Change-Id: I079e6e819c079b68bbfecdac0d873b26d4e16e86
2019-07-04 13:36:13 +00:00
Renamed from includes/ServiceWiring.php (Browse further)