wikimedia/mediawiki-extensions-OATHAuth
1
0
Fork 0
mirror of https://gerrit.wikimedia.org/r/mediawiki/extensions/OATHAuth synced 2024-09-24 10:49:57 +00:00
Code Issues Packages Projects Releases Wiki Activity
331 commits 273 branches 5 tags 19 MiB
Commit graph

110 commits

Author SHA1 Message Date
Translation updater bot 7374d6740f Localisation updates from https://translatewiki.net. 
Change-Id: I201e7deb6ae9df3e211be01af071295f0a47a8bf
 2016-11-29 22:23:25 +01:00
Translation updater bot bc24aa63a3 Localisation updates from https://translatewiki.net. 
Change-Id: I4261e2ad85dde546e78dd59a8be76631836d92f6
 2016-11-28 22:30:22 +01:00
Translation updater bot e92097d375 Localisation updates from https://translatewiki.net. 
Change-Id: I855db4b2d62c50d701673067045f92039f4bfdbe
 2016-11-27 22:30:42 +01:00
Translation updater bot e0d8b84e2e Localisation updates from https://translatewiki.net. 
Change-Id: I83c0bbe57cb4898f0f7e0528fbf0320fee90bf30
 2016-11-25 22:52:16 +01:00
Translation updater bot fc87866530 Localisation updates from https://translatewiki.net. 
Change-Id: I1c5b9698a22b45897bb76187eb881dd58fc0c19d
 2016-11-24 22:21:14 +01:00
Translation updater bot 4500b4a257 Localisation updates from https://translatewiki.net. 
Change-Id: Idc34e1e770203b719661b74e3b103c8aca5a064e
 2016-11-22 23:25:43 +01:00
Translation updater bot a25bd92061 Localisation updates from https://translatewiki.net. 
Change-Id: I2f9a19c619f6495090dfabc2698828355ae4ee2b
 2016-11-21 22:41:00 +01:00
Translation updater bot d538555366 Localisation updates from https://translatewiki.net. 
Change-Id: Id06612a31df71c502d000e87317a48a645ee1897
 2016-11-20 22:20:00 +01:00
Translation updater bot a2811f3cd8 Localisation updates from https://translatewiki.net. 
Change-Id: I31df306260cb8b3faf2e5016a13eb5f636804a32
 2016-11-19 22:07:35 +01:00
Translation updater bot 7dea978967 Localisation updates from https://translatewiki.net. 
Change-Id: Id9398a726b88c0e52e20a2434fca5cae67eb6114
 2016-11-18 22:15:50 +01:00
Translation updater bot 29a310f5eb Localisation updates from https://translatewiki.net. 
Change-Id: I654a945028f7673735c4df29e486ca279ead40b0
 2016-11-17 22:54:29 +01:00
MarcoAurelio 0ac5c0fb71 Make OATHAuth messages use consistent "two-factor authentication" wording 
Bug: T150597
Change-Id: I0fed5a9b3fd747b6f2f71834c0bfe9dc88bbefb8
 2016-11-17 11:19:11 +01:00
Reedy 8e70c98ed7 Rename openstackmanager- to oathauth- 
Change-Id: If0378e0c0a3fc08de410be0d0e39273df1002391
 2016-11-16 22:49:31 +00:00
Translation updater bot 49a7f75244 Localisation updates from https://translatewiki.net. 
Change-Id: I5097d595eda9f16b5ee69d9377af1e50fd3263f7
 2016-11-15 22:57:09 +01:00
Translation updater bot 044d469af2 Localisation updates from https://translatewiki.net. 
Change-Id: I23b091e822c4a3b27383b4591b33626009e3f1eb
 2016-11-14 22:57:29 +01:00
Translation updater bot 0e0a6c95d8 Localisation updates from https://translatewiki.net. 
Change-Id: I5c8e5e443d8f12e8822b2f4c6d8b5816c718cc0e
 2016-11-13 22:50:13 +01:00
Translation updater bot dffa6b689f Localisation updates from https://translatewiki.net. 
Change-Id: Id51db40cfe516ca52e84ce9cdc655dafd36c8d82
 2016-11-12 22:55:22 +01:00
Translation updater bot e785a0f891 Localisation updates from https://translatewiki.net. 
Change-Id: I2cd8706e96f2c2bfc5b49380300f6a072c8424b1
 2016-11-03 23:32:06 +01:00
Translation updater bot e4d6061cbf Localisation updates from https://translatewiki.net. 
Change-Id: I49df9415bac6212938f90acb1ed8621f14a505ac
 2016-11-01 22:47:09 +01:00
Translation updater bot 56523b60cc Localisation updates from https://translatewiki.net. 
Change-Id: I9c3aefda7209f4b01d3bc1ffcfb1fdf5336bd1bf
 2016-10-25 23:15:42 +02:00
Translation updater bot 647b68c0fc Localisation updates from https://translatewiki.net. 
Change-Id: Ibcb0a0657db806c066c11f0557a88dd36fba1a47
 2016-10-22 22:46:35 +02:00
Translation updater bot a82d4aedd9 Localisation updates from https://translatewiki.net. 
Change-Id: I465baf8d66a8b705366fd36d26eb5d8aa1eaa03d
 2016-10-18 22:38:34 +02:00
Translation updater bot 1164ea58fc Localisation updates from https://translatewiki.net. 
Change-Id: I50d84ab53301a197afd149a87baf93b1c93e99b5
 2016-10-17 22:34:18 +02:00
Translation updater bot 6cfec6bb04 Localisation updates from https://translatewiki.net. 
Change-Id: I2c90c532207ef106e2c893e67d8cefd5334ed5bf
 2016-10-13 22:51:40 +02:00
jenkins-bot 7c11b39942 Merge "Apply rate limits to all token verifications" 2016-10-12 00:07:35 +00:00
jenkins-bot 10ca80f08b Merge "Add an api action to validate an OATH token" 2016-10-12 00:02:19 +00:00
Translation updater bot 745d8a0179 Localisation updates from https://translatewiki.net. 
Change-Id: If7eeee8717eb0bdd16d36622922797295e518f41
 2016-10-10 22:27:58 +02:00
Translation updater bot 905045abc3 Localisation updates from https://translatewiki.net. 
Change-Id: I9f44cc8750d00109d7a8d6a5f2e0999fde550ffd
 2016-10-09 22:53:34 +02:00
jenkins-bot e4003d99d6 Merge "Add a query meta api option to check for OATH" 2016-10-08 00:44:39 +00:00
Bryan Davis a6b60d2465 Apply rate limits to all token verifications 
Extend the token validation failure checks introduced in I4884f6e to the
other interactions where OATHAuthKey::verifyToken is used.

Depends-On: Ia3add8bbbab0307f036e9b77e752c382da3a0d04
Change-Id: Icbe5cdf561c683dc971a099d61cedff311b26b43
 2016-10-07 17:24:32 -07:00
Bryan Davis 36c523ab23 Add an api action to validate an OATH token 
Add a new internal action=oathvalidate Action API module that can be
used to validate an OATH token collected from a user. Using the module
requires the 'oathauth-api-all' permission introduced in I4884f6e.

Attempts to call the action for a given user are rate limited to only
allow 10 failures per minute using the new 'badoath' key.

The check is primarily useful as an internal network service in an
environment where MediaWiki and other applications are sharing the same
backing authentication store (e.g. LDAP) and the non-MediaWiki
applications would like to respect the OATH protections enabled on the
MediaWiki install.

Complete usage in an LDAP shared auth environment would look something
like:
* Authenticate a user with the LDAP server via auth-bind
* Call action=query&meta=oath as a privileged user to check for OATH
  protection.
* If OATH is active for the account, prompt the user for their current
  OATH token.
* Call action=oathvalidate as a privileged user to validate the token.
* If validation succeeds, complete authentication.
* If validation fails, do not authenticate the user.

Bug: T144712
Change-Id: I1b18d9f3b99364fc47c760bdfc2047c1cbb5c04a
 2016-10-07 16:55:50 -07:00
Bryan Davis 766e18bca1 Add a query meta api option to check for OATH 
Add a new internal action=query&meta=oath Action API module that can be
used to check for OATH protection on a given user account. Using the
module requires a new 'oathauth-api-all' permission which is not granted
to any group by default. The permission is also added to the new
'oath' grant so that it can be used via OAuth and bot passwords.

Use of this API is security sensitive and should not be granted lightly.
Configuring a special 'oathauth' user group to grant the needed
'oathauth-api-all' permission is recommended.

This check is primarily useful as an internal network service in an
environment where MediaWiki and other applications are sharing the same
backing authentication store (e.g. LDAP) and the non-MediaWiki
applications would like to respect the OATH protections enabled on the
MediaWiki install.

Bug: T144712
Change-Id: I4884f6efdfa42db82c25eadb70c7aefa98c370e9
 2016-10-07 12:10:18 -07:00
Translation updater bot 00c8e5338c Localisation updates from https://translatewiki.net. 
Change-Id: I60dd1befac5dc36205db2f5bc3574fa7c496ab16
 2016-10-05 22:43:08 +02:00
Translation updater bot 69506832f0 Localisation updates from https://translatewiki.net. 
Change-Id: I554f993eb9618e78f218991fc055c774c7052346
 2016-08-17 22:40:18 +02:00
Translation updater bot 57e3f9dc24 Localisation updates from https://translatewiki.net. 
Change-Id: Ica4440bb1aaa56ad3f03fe8f79c9b165b5b6bf1e
 2016-08-08 22:33:45 +02:00
Translation updater bot fc051bc05c Localisation updates from https://translatewiki.net. 
Change-Id: I623e2a0557fd9fc0ff57085c47bda4fcb7eda6e3
 2016-07-21 22:58:30 +02:00
Translation updater bot ea689f5d2a Localisation updates from https://translatewiki.net. 
Change-Id: I77817bd893810391acb502fca85d33e7eb55ce40
 2016-07-01 23:24:55 +02:00
Translation updater bot d2d3697633 Localisation updates from https://translatewiki.net. 
Change-Id: Ic1be648a908693328f0273fefa67c0c95e8be3e5
 2016-06-26 14:19:07 +02:00
Translation updater bot a5c444d64e Localisation updates from https://translatewiki.net. 
Change-Id: I90c756dca597df34afb9d920490ec3135c3ee33a
 2016-06-25 14:54:47 +02:00
Translation updater bot ebf96d3484 Localisation updates from https://translatewiki.net. 
Change-Id: I8642cb55ddef7ecbb4fee677a68865d8fff8643a
 2016-06-24 11:13:41 +02:00
Translation updater bot 23700f0d28 Localisation updates from https://translatewiki.net. 
Change-Id: Ib5c91bf3c441ae9c35cf034e3b22c4c0d606fc0c
 2016-06-21 23:31:04 +02:00
Translation updater bot 04ba11bf3a Localisation updates from https://translatewiki.net. 
Change-Id: I4215be1d92514c1c2c418e23dc00f15569c07cc8
 2016-06-18 22:47:39 +02:00
Translation updater bot cdce14b143 Localisation updates from https://translatewiki.net. 
Change-Id: I8d3c874594758bd784c386fc34ebc696862e46b8
 2016-06-17 22:30:34 +02:00
Translation updater bot be61d58740 Localisation updates from https://translatewiki.net. 
Change-Id: Ie7c37eafa53b7ad3d2f63df0c4a86e8e2c2e0dcf
 2016-06-15 22:37:02 +02:00
Translation updater bot e90196325a Localisation updates from https://translatewiki.net. 
Change-Id: I74da4777405f214fc38d086a1098b9016e8dba78
 2016-06-10 22:18:39 +02:00
Translation updater bot 71a049cc64 Localisation updates from https://translatewiki.net. 
Change-Id: I6dde00bcf1c7fd3777adc7796e108c871c8d0bc6
 2016-06-09 22:39:34 +02:00
Translation updater bot cfcfe47081 Localisation updates from https://translatewiki.net. 
Change-Id: I43bc4e6eaf0e913ceb6e2c5e454cc5a1b99b09cb
 2016-06-07 22:45:10 +02:00
Translation updater bot 47b7dd8019 Localisation updates from https://translatewiki.net. 
Change-Id: Ie8a83530c9435d7f3a829882065c69ab92ff9787
 2016-06-06 22:59:19 +02:00
Translation updater bot 853bc6ca00 Localisation updates from https://translatewiki.net. 
Change-Id: Id8b4cdc210412ae8001c6f1d03ef912cc5e93591
 2016-06-05 22:21:54 +02:00
Translation updater bot 847a4b9209 Localisation updates from https://translatewiki.net. 
Change-Id: I91f32000206bc70b62744f28343a9cc56fa87568
 2016-06-04 22:24:01 +02:00