The issuer name is an optional but important feature that allows
the user to differentiate between different accounts used in the
same authenticator app. While we currently use a prefix in the
user account name, declaring an issuer makes it easier for the
user to differentiate.
Bug: T150596
Change-Id: I741dd671e79e0326dfe97bdaaf63b3997960d115
* Spelling in OATHAuthHooks::onRegistration comment
* Remove incorrect comment for OATHAuth::__construct
* Spelling in TOTPAuthenticationRequest class phpdoc
Change-Id: Iaf670a1b86e82b4684489371c8152b8055bff90e
Made new class ProxySpecialPage, which acts as a
proxy object to another SpecialPage object that is
determined based on context information other than
the title.
Then Special:OATH has been split into two separate
special page classes (both FormSpecialPages using
HTMLForm) that are routed to by a ProxySpecialPage
object.
In addition, the form for enabling two-factor auth
has been refactored into vform style, with some
better instructions on how to enable two-factor
authentication.
Change-Id: Ib9117cbc9d7f044de9607db81a157e1b472b5ec0
This takes out the actual key information from
OATHUser and puts it into an OATHKey class, which OATHUser
depends on. This allows easily swapping keys in/out from
a user.
Change-Id: Ife5f1bae4ad65b66c5e20017cc43c0576b4aba19
Once a token is used, cache it in memcached
for a brief amount of time (specifically, until
the window in which it is valid ends). That way
once a token is used it cannot be re-used in
a replay attack.
Bug: 53196
Change-Id: I7b8e92875a573f3ac95e13c881ef85464bcecf85
* Removed use of deprecated core features
* Made code style fixes
* Made pass phpcs-strict
* Fixed special page aliases
Change-Id: Iae2a0a7d6f0fb2ea5080795a06ae257af96dfaf6
Tokens are one time passwords. There's no strong reason to mask
them and listing it as a password field screws up many password
managers.
Change-Id: Iaf5446d80ec61ddec2403554b527781ab26493b3
Warning: Missing argument 1 for OATHUser::regenerateScratchTokens(), called in
/var/www/wiki/mediawiki/extensions/OATHAuth/OATHUser.php on line 42 and defined
in /var/www/wiki/mediawiki/extensions/OATHAuth/OATHUser.php on line 56
Change-Id: I52a683f9680661df5d506e48d83509f35b145e26
Notice: Undefined variable: reset in /var/www/wiki/mediawiki/extensions/OATHAuth/OATHUser.php on line 61
Setting it to 3, has the effect of doing the LDAP first and then the token,
which fits the user model
Order of boxes is Username, password, domain, token
These then have a tab index of 1, 2, 3, 2
Tabbing down takes you in the order username, password, token, labs, which is... irritating, to say the least!
Change-Id: Idabb70c963d16f2cd223c5d94e0211ccaf6fdedd