Commit graph

929 commits

Author SHA1 Message Date
csteipp 65543e1f6c Fixup DB/uid handling for SUL wikis
We need to pass the db name to getConnection, in addition to wfGetLB.
Also, use core's CentralIdLookup for mapping local user to CentralId
when using a central DB for OATH secret storage.

Change-Id: I12a457633956a9a34dc5302ddcff468e31dd9cef
2016-04-06 17:52:34 -07:00
csteipp e79fd8ebc5 Delete users who didn't complete setup on upgrade
Users who started the "Enable two-factor" process, but never confirmed
their setup were stored in the database under the previous format.
After Ife5f1bae4ad65b66c5e20017cc43c0576b4aba19, we no longer look at
the is_validated column to see if the user confirmed their 2fa setup,
and instead only store users in the table who have confirmed.

Delete these users from the table when updating the table format.

Bug: T130892
Change-Id: I54a706043b44db50344d138207b472c35d00724e
2016-04-06 08:54:29 -07:00
Translation updater bot fb6f9ebf17 Localisation updates from https://translatewiki.net.
Change-Id: I1f0ac20dafa8ae40eae0667e4bb6f376d821ccbb
2016-04-03 23:22:23 +02:00
Darian Anthony Patrick ff233b3e97 Reintroduce TwoFactorIsEnabled hook
Production code in another extension depends on the existence of this
hook.

Bug: T131445
Change-Id: I3844150801f724f3eb217dc16c26cb76a58aedd8
2016-04-02 10:33:18 +00:00
Translation updater bot cfc7e3849f Localisation updates from https://translatewiki.net.
Change-Id: I8115023f19aab2126c7c0a54ec98cfb6facad983
2016-04-01 22:28:06 +02:00
Dpatrick 079877734c Merge "Encrypt password when stored in user session" 2016-03-31 22:19:23 +00:00
Translation updater bot cb3d55f37c Localisation updates from https://translatewiki.net.
Change-Id: I5b11fc314d4ae3df385259bfc478e524319de3be
2016-03-31 22:45:35 +02:00
csteipp 07f99656dc Fix i18n merge errors
Address comments by Raimond Spekking on
I39859cc59f1811de42b72f6167d332ea48812f97

Change-Id: Ib17f1a2f0e70e5fd286d7ea441b13f79da3743c5
2016-03-31 07:51:26 -07:00
jenkins-bot 1dd09985d0 Merge "Move token login to separate page" 2016-03-31 04:31:39 +00:00
csteipp a24d6adfbf Encrypt password when stored in user session
During the two-step login, users with OATH enabled need to have their
login details saved into their session while we prompt them for their
OATH code. This encrypts that data, so we don't write their user's
password into our session storage.

Change-Id: I9969871205ac5c438706df41ef1519cb4cd7a964
2016-03-30 21:23:48 -07:00
Translation updater bot 1c95cc53cd Localisation updates from https://translatewiki.net.
Change-Id: I9e6ab33a2722ed40cfd5e6ee95ac95731c3625fd
2016-03-30 22:41:05 +02:00
Tyler Anthony Romeo 1a8006317d Move token login to separate page
Rather than have an extraneous form on the login page,
move the token input to a separate page. The actual
logic for logging in is identical, the only difference
is that the token is added to the form data on a second
page request.

Bug: 53195
Change-Id: I39859cc59f1811de42b72f6167d332ea48812f97
2016-03-29 16:02:54 -07:00
Translation updater bot 25828bfd82 Localisation updates from https://translatewiki.net.
Change-Id: Ie0229f920eea9591bfca9b4b53d7fc70e61e2b9b
2016-03-29 22:38:09 +02:00
Translation updater bot 9fbf9d037a Localisation updates from https://translatewiki.net.
Change-Id: I1d1d8089142ce378f95eb0b326821da57864aa0b
2016-03-28 22:44:27 +02:00
Translation updater bot 5a98aff998 Localisation updates from https://translatewiki.net.
Change-Id: I8bff7a23ae61c5640079757c04b4c481add03a1f
2016-03-27 21:20:30 +02:00
Translation updater bot fe38684597 Localisation updates from https://translatewiki.net.
Change-Id: I7d94dbe7e7acef698e31c97eb8c31718009890d2
2016-03-24 22:37:49 +01:00
Tyler Romeo 4e9ad22469 Add user right for enabling two-factor auth
Make new right oathauth-enable that the user must have to enable two
factor authentication (disabling and logging in, of course, are still
allowed).

Bug: T100376
Change-Id: I18d43f8b2cf2c2ce9c2309a43961686498b5c999
2016-03-24 12:45:41 -07:00
jenkins-bot 5ffdd6078b Merge "Allow for using separate database for OATH creds" 2016-03-24 19:17:00 +00:00
Tyler Romeo 67c7dd10e7 Allow for using separate database for OATH creds
Add configuration variable for specifying what database the OATH
credentials are stored in, that way wikis that use CentralAuth can
centralize their two-factor authentication data as well.

Bug: T100374
Change-Id: I285e2fe29fee43ddc6c5a6e51823911d43c596f6
2016-03-24 12:03:23 -07:00
Paladox 41b9f5d2e7 Add grunt-contrib-jshint to npm
Change-Id: I6bcf5c2b98e918f675181c2fe283416f07cce982
2016-03-24 16:47:31 +00:00
Translation updater bot a161c3122c Localisation updates from https://translatewiki.net.
Change-Id: I37c58596e845f958a1337193fbabca36b843209a
2016-03-23 22:23:27 +01:00
Tyler Anthony Romeo 0c389f5025 Refactored special pages into HTMLForm and proxy
Made new class ProxySpecialPage, which acts as a
proxy object to another SpecialPage object that is
determined based on context information other than
the title.

Then Special:OATH has been split into two separate
special page classes (both FormSpecialPages using
HTMLForm) that are routed to by a ProxySpecialPage
object.

In addition, the form for enabling two-factor auth
has been refactored into vform style, with some
better instructions on how to enable two-factor
authentication.

Change-Id: Ib9117cbc9d7f044de9607db81a157e1b472b5ec0
2016-03-23 11:26:04 -07:00
jenkins-bot fc54f3cd6e Merge "Refactor extension key storage" 2016-03-23 04:20:37 +00:00
Tyler Anthony Romeo 89455cdfb2 Refactor extension key storage
This takes out the actual key information from
OATHUser and puts it into an OATHKey class, which OATHUser
depends on. This allows easily swapping keys in/out from
a user.

Change-Id: Ife5f1bae4ad65b66c5e20017cc43c0576b4aba19
2016-03-22 18:08:45 -07:00
Translation updater bot c51c60bfe4 Localisation updates from https://translatewiki.net.
Change-Id: I1d6912809c20f854ef5c417f2c96889c3c18fa13
2016-03-22 22:32:28 +01:00
Translation updater bot 7f82fbc7da Localisation updates from https://translatewiki.net.
Change-Id: I0497b07e506df76bb039b3222597274e5fdb83cc
2016-03-17 23:20:10 +01:00
Translation updater bot b682faa013 Localisation updates from https://translatewiki.net.
Change-Id: Ie29359fb73a217ca8ab196075d0562e88fdad780
2016-03-09 22:44:37 +01:00
Translation updater bot 84a401f76a Localisation updates from https://translatewiki.net.
Change-Id: Ib455947e7478c3bec8d48c721f1f48b4cb81975f
2016-03-08 22:43:37 +01:00
Siebrand Mazeland 44a170a4f4 Remove use of "successful" in strings
Change-Id: If9e32d42a56b85318ce4b7446db95db579f63e14
2016-03-07 12:47:59 +01:00
Paladox ac3a2a5fa5 Add composer.json for running phplint test
Change-Id: I307bbbb6d3fe2cf655196dd4c0d4fccd75aafe7e
2016-01-19 22:29:19 +00:00
Paladox eba51a1f28 Use HTTPS for the url
Change-Id: I3e70181ff28e45466d2559d884486183856a5c40
2016-01-19 22:15:23 +00:00
Reedy 69671756ed Add missing / to alias file
Change-Id: I4fdda307a74ba2a3ca04c32f6d43f66a8e0175a0
2016-01-19 22:07:57 +00:00
Kunal Mehta 6a0bba4579 build: Updating development dependencies
* grunt-jsonlint: 1.0.4 → 1.0.7

Change-Id: Ia5699aa386db70c9866d27fced6e4531cc271d80
2015-12-29 11:43:58 -08:00
victorbarbu 961dd687b9 Upgrade Extension:OATHAuth to the registration system
Bug: T87949
Change-Id: Id6217249c11922ab7d25b31375789c40d737600c
2015-12-20 22:30:58 +02:00
Translation updater bot 923d19797c Localisation updates from https://translatewiki.net.
Change-Id: Id87e8c8ec4301de9d447c044964e827100398bea
2015-12-11 23:52:34 +01:00
Gergő Tisza 3bb7cd6440 Fix QR code generation module dependency
Bug: T118511
Change-Id: Idf11e9a469f9e9faa342d82843cf06f7e47406c6
2015-11-16 00:40:29 -08:00
Kunal Mehta e743f45af7 Fix QR code generation by using ResourceLoader::makeInlineScript()
Untested, but a similar patch unbroke CodeReview (ad038c0625490be55).

Bug: T118511
Change-Id: I522e51ea77abdf88bd71bd24ecb7be570675c1e8
2015-11-12 15:34:21 -08:00
Translation updater bot 0cffacd291 Localisation updates from https://translatewiki.net.
Change-Id: I7017c58242147db295e75caeddbbb26e3b4dfc88
2015-10-22 22:02:03 +02:00
Siebrand Mazeland 88b2fea14f Update indentation to use tabs
Change-Id: I761d90d8758d3c7b3dd82ea9693a56b46655555a
2015-10-13 08:31:04 +02:00
Kunal Mehta 7a28c32c89 build: Updating development dependencies
* grunt-banana-checker: 0.2.2 → 0.4.0

Change-Id: I1483f9e93e0622300ce3335cff70c6d3006dff21
2015-10-11 11:53:55 -04:00
umherirrender 633472edf8 Replace deprecated $wgSpecialPageGroups
$wgSpecialPageGroups is deprecated since 1.21
override SpecialPage::getGroupName instead

Change-Id: I131cc6af6dd4a668426d47132a5fd1d3331766a2
2015-06-24 20:46:24 +02:00
Kunal Mehta dfa0b83f81 build: Configure banana-checker and jsonlint
Change-Id: Id3cef50dea13682bdb6a9fec847b20cb1a15a1ed
2015-06-19 21:58:30 -07:00
Translation updater bot 93ca9a4e04 Localisation updates from https://translatewiki.net.
Change-Id: Ib83fa5a3572d99dcc71340eab44aad2f3c600dbe
2015-06-14 21:08:32 +02:00
Translation updater bot 2898d3d37a Localisation updates from https://translatewiki.net.
Change-Id: I3eebcffdaedd2d481b97c639807fb9d8629fe67b
2015-06-05 21:08:48 +02:00
Translation updater bot 61cbc9d0a1 Localisation updates from https://translatewiki.net.
Change-Id: I7c92e83e2e3b4266eb10691b686709c35a350df6
2015-05-25 22:33:20 +02:00
jenkins-bot 955bd6563b Merge "Make authentication window leniency configurable" 2015-05-25 08:34:12 +00:00
Tyler Anthony Romeo 255443ab0a Make authentication window leniency configurable
Make window radius configurable by the system administrator, rather than
hardcoded.

Bug: 53194
Change-Id: I7fe1bfdfa1e7bfc07646a9704084977e17c65313
2015-05-25 09:53:54 +02:00
Translation updater bot 8ef4e1f3f7 Localisation updates from https://translatewiki.net.
Change-Id: I54f07aead0b62a86e8453e7474d0cf806b8fc47b
2015-05-24 23:04:25 +02:00
Translation updater bot 29d733f81a Localisation updates from https://translatewiki.net.
Change-Id: I113ca2995ac2a6ba0eea4d4437b76a51e36e5901
2015-05-24 00:11:12 +02:00
Tyler Anthony Romeo 1f7dae86fb Cache OATH tokens to avoid replay
Once a token is used, cache it in memcached
for a brief amount of time (specifically, until
the window in which it is valid ends). That way
once a token is used it cannot be re-used in
a replay attack.

Bug: 53196
Change-Id: I7b8e92875a573f3ac95e13c881ef85464bcecf85
2015-05-23 11:40:44 +00:00