Commit graph

1502 commits

Author SHA1 Message Date
Translation updater bot 218e235bbf Localisation updates from https://translatewiki.net.
Change-Id: I7fdb108fcd960e13a7a04bacd2b8643352b78015
2023-12-29 19:22:32 +01:00
Translation updater bot 82fb985ab8 Localisation updates from https://translatewiki.net.
Change-Id: I54e8721d41801ca548ddeed6ad1e1515df054102
2023-12-28 14:50:13 +01:00
Taavi Väänänen 93b7dfc3ed
TOTP: Cleanup uses of getFirstKey, getModule
Bug: T242031
Change-Id: Ibaa6515421c86168412b0bb30ae5655774304326
2023-12-28 12:20:03 +02:00
Taavi Väänänen d71e0a1952
TOTP: Remove getConfig()
I'm not finding any traces on what this is needed for.

Change-Id: Idffd03e2ae1dd747d3d141f6db0563bccd69c9eb
2023-12-28 12:16:40 +02:00
Reedy 70f5d3a056 TOTPEnableForm: Remove unused variable
Follows-Up: Ifc84d86648e8437577536fa7c50ea1a4f8ac248c
Change-Id: I21688a163534dc276f2a7c7e9054ce4f3ef19b2e
2023-12-27 14:33:14 +00:00
jenkins-bot b68254ee6f Merge "TOTPEnableForm: Reorder manual step and improve oathauth-step2alt" 2023-12-27 11:30:01 +00:00
jenkins-bot 27e274723d Merge "TOTPEnableForm: Display issuer in manual account name" 2023-12-27 11:28:37 +00:00
Reedy f773fa040c TOTPEnableForm: Reorder manual step and improve oathauth-step2alt
Bug: T226060
Change-Id: I332c3cd53d5ba3351c5316a1cf67485b513520bb
2023-12-26 22:40:23 +00:00
Reedy a8e6966cb0 TOTPEnableForm: Display issuer in manual account name
Bug: T226060
Change-Id: Ifc84d86648e8437577536fa7c50ea1a4f8ac248c
2023-12-26 22:35:01 +00:00
Reedy c9b9c9601d en.json: Improve oathauth-scratchtokens
* Replace "phone" with "device"
* Advise users to mark scratch tokens as used upon usage
* Advice users they're for emergency usage when no access to device

Bug: T150564
Bug: T150868
Bug: T174937
Change-Id: Icd11a4fe00dd63430640ed9d01bc1c30f3c7ca88
2023-12-26 22:00:51 +00:00
Derk-Jan Hartman 55b465c196 Provide an alt label to the SVG qr code
The raw svg was represented to a11y dom as 256x256 images (due to
the 'use'). Convert the raw SVG to a base64 encoded img data uri and
provide it with an alt attribute describing the function.

While the qr code is duplicate with the 'manual' code below it, it is
not decorative so should not suppress alt. It's a big image and if
you use touch interaction, it would create a big blank spot. It is
useful to know for users that the QR code is there.

The img wrapping should also make the SVG usage slightly safer. It
avoids any potential remote resource usage from inside the SVG. While
this is not a direct danger right now, compromised php packages can
happen, and this limits the impact in that case.

Bug: T151550
Change-Id: I568927ace95a1fdf9cd7990bc7de8461718aa1c1
2023-12-26 14:46:45 +00:00
Translation updater bot d91b15187c Localisation updates from https://translatewiki.net.
Change-Id: I1a81dfffab785722aaf78c0eabfb8feae9daa50d
2023-12-26 14:43:16 +01:00
Taavi Väänänen 095f91815b
notifications: Store number of keys in notification data
We want to customize the message depending on the number of active
devices, for example "an authentication device was removed" vs
"two-factor has been disabled".

Bug: T353962
Change-Id: Iaeb119a7cc6c264c4e49edeb3a88453786547021
2023-12-25 13:48:56 +02:00
Taavi Väänänen 97abce5e90
Call OATHAuthUser::disable() in UserRepository::remove()
Ensures that the database and the user object will stay in sync.

Change-Id: I36ed361594e24dfdb96e23fc5b04fa342ece6df5
2023-12-25 13:19:58 +02:00
jenkins-bot 0d35e253bf Merge "OATHUserRepository: add method to create and persist a key" 2023-12-22 18:09:20 +00:00
Translation updater bot 9c5cd5d4fa Localisation updates from https://translatewiki.net.
Change-Id: Ic1529b55c30ad7d6db79533363526c1ea3f356ce
2023-12-22 17:46:31 +01:00
Taavi Väänänen 11d47134db
OATHUserRepository: add method to create and persist a key
This means that when keys will be ID-aware, a key object can be
immutable (instead of creating it without an ID and adding it in
persist()).

Change-Id: Ie1286ed71871dcedb2bd7d8d373f944be6691064
2023-12-22 17:07:52 +02:00
Taavi Väänänen 064308c1b9 OATHUser: throw when adding an invalid key instead of failing silently
Something will go wrong sooner or later if this fails silently.

Change-Id: I5c4ffec481b2c62e1c8cc68c379667641084c23b
2023-12-22 11:48:09 +00:00
Amir Sarabadani 5c41b2a8e6 Schema: Use virtual domain updater
That simplifies a lot of stuff

Bug: T314908
Change-Id: I2985c755a2302e7cc7c8ec55041f7e5d8192e4a7
2023-12-22 02:17:35 +00:00
Reedy 57505f1976 Drop DB updates from pre MW 1.35
updateDatabaseValueFormat and updateTOTPToMultipleKeys are from 1.34:
Iaf9facb54cd9693f20ed2f48d22b076c4b626705
I71286534d21d95083436d64d79811943c1a1d032

updateTOTPScratchTokensToArray is from 1.36:
Ie8de059888363bf1cea4f0b268a46faaa5671904

Change-Id: I6de64d95b2e4b132d321b6f8f0129c476ef00f7f
2023-12-22 00:42:50 +00:00
Taavi Väänänen 809576b671
ApiQueryOATH: do not use module to check enablement
Bug: T242031
Change-Id: Icafde71f6e58b24e8917b42a28b8f398aa28df20
2023-12-22 00:55:37 +02:00
Taavi Väänänen 1df74c2e2b
Replace more users of getModule() for enabled checks
Bug: T242031
Change-Id: I602b5c0cf36096a7fc41116874e776277bf6f833
2023-12-22 00:55:21 +02:00
Taavi Väänänen 4fee32d2f3
Do not use Module when disabling OAuth for a user
Bug: T242031
Change-Id: I4d4922b9e17d9272e59d6a8af3cb4e2acd48dd9f
2023-12-22 00:54:53 +02:00
Translation updater bot dded5a9b16 Localisation updates from https://translatewiki.net.
Change-Id: I287ee8b390929a41796e4d7d366a53523f5084a8
2023-12-21 19:45:41 +01:00
Translation updater bot 02dc78f4d8 Localisation updates from https://translatewiki.net.
Change-Id: I0d804c19c10d8306bced6efd2a6174c19040d684
2023-12-18 18:18:24 +01:00
jenkins-bot 04efc392c1 Merge "Switch from client- to server-side generated QR codes" 2023-12-17 17:00:04 +00:00
Translation updater bot 1533d0ab13 Localisation updates from https://translatewiki.net.
Change-Id: Id913eb075b342b48396e16c2cb2921486a0a60cc
2023-12-13 08:41:31 +01:00
Sam Wilson fbe2f875c4 Switch from client- to server-side generated QR codes
Use the same PHP library as UrlShortener (endroid/qr-code) to
generate QR codes, rather than the out-of-date JS library.

Bug: T348590
Change-Id: I560ac1b384e249aad1866752deac753c764ec553
2023-12-13 13:25:20 +08:00
Taavi Väänänen 972c9bc00f
Migrate callers of Database::delete() to DeleteQueryBuilder
Change-Id: I34e3cf4115a47726e79f76dbfc57c315c751e393
2023-12-06 07:41:27 -08:00
Taavi Väänänen b0f61d93ec
Migrate callers of Database::update() to UpdateQueryBuilder
Change-Id: I4094be019ea40bf3023e7d3fa7b25a58e7f12cb8
2023-12-06 07:40:58 -08:00
Taavi Väänänen 033f9192ee
Migrate callers of Database::insert() to InsertQueryBuilder
Bug: T351905
Change-Id: I298f3807b68d042b2fa92bca789dd6a2b271d4c8
2023-12-06 07:40:53 -08:00
Taavi Väänänen f2c34614de
Migrate callers of Database::select() to SelectQueryBuilder
Bug: T312419
Change-Id: I4ae02984b4ad5e017b29b1482962af837573a9e0
2023-12-06 07:08:11 -08:00
Taavi Väänänen 2f3632f680
tables: Fix typo in oath
Change-Id: If55220b4bc3faf259cf750a90bfc1975193c151e
2023-12-06 07:08:10 -08:00
Taavi Väänänen 94782641cf
Convert to a virtual domain
Bug: T348484
Change-Id: I1ab23dfdf32e6965cac4e6c5736abbbf606c1c92
2023-12-06 07:08:10 -08:00
Translation updater bot 696baac521 Localisation updates from https://translatewiki.net.
Change-Id: I74ab682fd350bece9e1e2793b51f50904540b633
2023-12-04 09:05:03 +01:00
Translation updater bot 8d973d26fc Localisation updates from https://translatewiki.net.
Change-Id: Ifde735794ec0fe2a138a6695d3e0d4fb3a11f809
2023-11-29 08:31:29 +01:00
anterdc99 6abbbb9cd5
Add new special page alias for Traditional Chinese (zh-hant)
What: Added a new Traditional Chinese special page alias "OATH驗證".

Why:
* Space or underscore shouldn't appear, it may cause difficulties on typing,
  especially when it is inconsistent with the alias in Simplified Chinese.
  The underscore in current version was introduced in the commit a08848f.
* "認證" should match "certification", not "authentication", the proper name for
  "authentication" in Traditional Chinese should be "驗證" instead.
  Reference: https://zh.wikipedia.org/wiki/多重要素驗證
* For compatibility, I added the new alias, instead of changing.

Bug: T352000
Change-Id: Ib4c653a80aa65ae6cc847fa116376e0200d9b17d
2023-11-27 17:28:07 +08:00
Translation updater bot 0ac6a903c1 Localisation updates from https://translatewiki.net.
Change-Id: I9309ad7726a32f39bb8db4e10889c7c0dc293fe3
2023-11-23 11:56:58 +01:00
Reedy 1559e32ae9 OATHUserRepository: Minor cleanup/fixes
* Don't use namespace on already imported Manager class
* Fix oauth mention to oathauth

Follows-Up: I6aa69c089340434737b55201b80398708a70c355
Change-Id: Id43fc3cffee589c6d04281edeb778c011dfecda4
2023-11-21 18:11:23 +00:00
Translation updater bot 07b96202d9 Localisation updates from https://translatewiki.net.
Change-Id: Ic8585c482261d0657d7bb283c47f0168edd6806b
2023-11-21 08:29:34 +01:00
Translation updater bot bd8ac779fe Localisation updates from https://translatewiki.net.
Change-Id: If6a80d3b063b6b1ed9159d0a2824ebfbc2036c0d
2023-11-15 15:43:50 +01:00
Translation updater bot a0f4e6794b Localisation updates from https://translatewiki.net.
Change-Id: I70425b50b750d00336ffd56d4169a4d901935fc9
2023-11-13 08:41:43 +01:00
Reedy 4484acf5eb Add missing oathauth-notifications-(dis|en)able-primary messages
Bug: T210075
Bug: T210963
Bug: T301987
Bug: T326073
Change-Id: If4fe85ebc5e7fdd1ec22ede14a9b88bbcda13228
Follows-Up: I99077ea082b8483cc4fd77573a0d00fa98201f15
Follows-Up: I0fe32b735e34753442ec9811ea41d15b76999d87
2023-11-08 17:45:15 +00:00
Gergő Tisza 651cc7d8db
Declare grant risk levels
Bug: T290790
Depends-On: Ib7a195c167f82e686c4ede45388957f9988bf75d
Change-Id: Ic3493adbf012f2f6f9c7fc9598a7aba93fab18ed
2023-11-02 21:15:03 -07:00
Translation updater bot cfd6196770 Localisation updates from https://translatewiki.net.
Change-Id: Ia72bc4fd91700d53a504b902700069f1d220b7f8
2023-10-24 09:38:12 +02:00
Umherirrender 9efeb791d1 Replace empty() with a null coalesce
empty() should only be used to suppress errors
Found by a new phan plugin (T234237)

Change-Id: I91bff6a35611ecb498e10eace1ad6da6604aed4f
2023-10-22 00:28:46 +02:00
jenkins-bot a7f754c978 Merge "Drop support for old device schema" 2023-10-17 18:07:53 +00:00
Taavi Väänänen 4af2cd2a00 Drop support for old device schema
Bug: T242031
Change-Id: Ib5de429f16b597867624a5a3cdfdac99b96c8bf5
2023-10-11 21:06:45 +00:00
Reedy f2080c1bb9 Fix remaining PHPCS exclusions
Add some return type hints on private methods in OATHManage

Change-Id: I8580348f5460b59c21bfca07b7c4cb92ea6be43f
2023-10-10 23:59:00 +00:00
Reedy c56496d62f Various minor cleanup
Change-Id: Idbf84a1f49f1afbd2d3a342cedd72895c5378bc6
2023-10-10 23:29:21 +01:00