Commit graph

28 commits

Author SHA1 Message Date
Dejan Savuljesku ea984e5c2b Refactor the extension to support multiple auth modules
Please note, this patch requires a schema change before merging

Change-Id: I71286534d21d95083436d64d79811943c1a1d032
ERM: #14484
Bug: T218210
2019-06-18 10:45:21 +00:00
Amir Sarabadani 808df6dc55 Add private logging when user disables 2fa for someone else
It's better that we add for when someone enables or disables for self too
But that can be done in a follow-up patch

Bug: T180896
Change-Id: Ic173ebb7e39d22e40fea23c2b906d246adef1e05
2019-04-12 12:10:43 +00:00
Reedy bac94daedb Replace hotp.php with composer library
Adds jakobo/hotp-php 1.0.0

Change-Id: Ifeb43a5e20cd868b35182d4233cdcab154354f84
Depends-On: I6e34c6dcc79fb46496fe63b16064500a5ef3bc43
2019-04-11 17:05:16 +00:00
Reedy 24e4510cf3 Replace base32.php with composer library
Add christian-riesen/base32 1.3.1

Change-Id: I6c8c62bde48ac5793c09d9f0ee7dabf3f4c485ee
Depends-On: If549500ba8aa8c4dbf7bfa43b5f4165e0a39d1f0
2019-04-11 11:45:39 +00:00
MarcoAurelio 1ab2f4538c Rename 'user-not-found' to 'oathauth-user-not-found'
Extension messages keys should bear the extension name in the key or an
abbreviation of it to avoid conflicts with other extensions' message
keys.

Bug: T216415
Change-Id: Ibd2f533968d57beb5e25bb99a777af192ffff09a
2019-04-04 23:00:14 +00:00
Kunal Mehta bd842b527c Upgrade to newer phan
Bug: T216931
Change-Id: I7617593141b3a646113e033fdbb1e9c102975a69
2019-03-17 11:38:10 -07:00
jenkins-bot 472e0f1559 Merge "Give users 10 scratch tokens" 2018-12-27 21:31:22 +00:00
Reedy 1871a9abe1 Re-instate "Add some logging of OATHAuth actions"
This reverts commit 69b6292c12.

Bug: T151010
Change-Id: I6f610551bc4bd1e78c0282011b80a3f3e70b8885
2018-12-18 17:34:37 +00:00
Reedy 24ac546e9d Give users 10 scratch tokens
Bug: T211831
Change-Id: I6b89fd091ec2e9abcb7be31a64962c1ceef4b58c
2018-12-12 23:40:12 +00:00
SBassett 69b6292c12 Revert "Add some logging of OATHAuth actions"
This reverts commit 5acd2eed17.

Bug: T210643
Change-Id: I051cba39bf65f553dfeee9aaf7e9ca1155617dfc
2018-11-28 22:50:12 +00:00
jenkins-bot eff7041be3 Merge "Add some logging of OATHAuth actions" 2018-11-16 18:40:01 +00:00
jenkins-bot b08fc68591 Merge "Make Special:DisableOATHForUser require reauthentication" 2018-11-07 14:22:33 +00:00
Umherirrender f8b629f39b Add method scope visibility
Change-Id: I6f4d4acf4fcb4aab318ca217dd4e6185f383e27e
2018-11-02 11:26:41 +01:00
Reedy e41fcfbeb4 Make Special:DisableOATHForUser require reauthentication
Change-Id: I4007239a76e34e395d7dcad3f788451ceb585e08
2018-10-26 15:47:47 +00:00
Reedy 5acd2eed17 Add some logging of OATHAuth actions
Logs:
* User enrolling in OATHAuth
* User un-enrolling in OATHAuth
* Scratch token used
* 2FA disabled via a maintenance script
* 2FA disabled via Special:DisableOATHForUser
* Logged in using OTP
* User attempted to enable 2FA using a scratch token
* User attempted to enable 2FA using an invalid OTP

Bug: T151010
Change-Id: Ie6ee610a11814616d34c3d9f5467a563f0db2df3
2018-10-26 15:47:01 +00:00
Amir Sarabadani a95802a14e Add SpecialDisableOATHForUser
Bug: T195207
Change-Id: I695a376e15e8a95a02849a6ec67b882228852ef8
2018-10-26 14:52:44 +00:00
James D. Forrester 3546c62f19 Drop pre-MW1.32 Special:Preferences (non-OOUI) compatability
Depends-On: I65b89385c3ec28ef01b86dd933dae3801e503631
Change-Id: Id9c840e979b723806883bb3e63d7f2f691fea629
2018-10-04 00:52:06 +00:00
James D. Forrester 2b7aa6ecad Make the preferences links into OOUI buttons when available
Change-Id: I87f665304f3bfc4ac63ca32ba28f0e37b79440f5
2018-09-10 08:35:06 -07:00
Zoranzoki21 f6073e0a99 Fix "seperated" typo in code
Bug: T201491
Change-Id: Iaf07ea60d478f8ff9298082b53e375fb0e21b706
2018-08-25 17:02:59 +00:00
Max Semenik a4f0de6b8d MWCryptRand::generate() is deprecated
Change-Id: I7cd7a145265abe1bcb036c9b7d34201729b569b8
2018-07-17 00:21:09 -07:00
Reedy 7324af639b Remove extra parameters to MWCryptRand::generate() calls
Fixes phan failures

Change-Id: Ie501c277a68cd05877985ee1f2360a03b9989ebe
2018-06-11 19:49:39 +01:00
libraryupgrader 9ece6cb8df build: Updating mediawiki/mediawiki-codesniffer to 20.0.0
Change-Id: I2594bf73b9dbbb4fa07b55cd2126d5e2bce7aaab
2018-05-26 05:10:39 +00:00
Amir Sarabadani de3956da87 Use interface for typehinting
It's actually a phan error:
https://integration.wikimedia.org/ci/job/mwext-php70-phan-docker/6666/console

Change-Id: Ie6389df30e4ee46d5af4c2b744627c46436b9b75
2018-05-20 19:44:50 +02:00
Kunal Mehta 146b26349a Make licensing explicit, add missing GPL file headers
Since this repository has multi-licensed code, add GPL v2+ file headers
to code that had no licensing blocks to make it obvious which files
carry which license.

And add "AND GPL-3.0-or-later" to extension.json's license-name property
to make it clear that this extension does have code that isn't
redistributable under GPL v2.

Change-Id: Id3059fb9596527ef054bec9d89a28f1ccbe2113d
2018-04-10 18:29:26 -07:00
jenkins-bot 7003d796fb Merge "Add phan configuration" 2018-04-11 00:09:32 +00:00
Kunal Mehta bb593ab8ed Clarify specific BSD license used for hotp.php
Also submitted upstream at <https://github.com/Jakobo/hotp-php/pull/5>.

Change-Id: Iade0299c6f917dd1d19043b416d19c46bf34b078
2018-04-09 11:10:07 -07:00
Kunal Mehta 6e74fa9fba Add phan configuration
Change-Id: I80852cc4ac4ea0bff3b07b2468216eb53271e250
2018-04-09 00:56:37 -07:00
Kunal Mehta 7451a5df33 Move classes to includes/
Change-Id: I2d2a917e5a22f88dc644eb3c33f775642728e1f4
2018-04-09 00:51:39 -07:00