mirror of
https://gerrit.wikimedia.org/r/mediawiki/extensions/OATHAuth
synced 2024-11-14 11:17:50 +00:00
329c3133d6
Notify users when 2FA is disabled on their account in case something was fishy about it. This notification is a "system" notification that will be displayed in the web UI and sent over email. It can't be opted out of as a preference. The notification links to Special:Preferences, where users can see their 2FA status and re-enable it if they want. A secondary help link goes to [[mw:Help:Two-factor authentication]], but can be overridden by adjusting the "oathauth-notifications-disable-helplink" message. The notification text is different based on whether the user disabled 2FA on their own, or an admin used the special page or a maint script to do it. On Wikimedia wikis, we'll use the WikimediaMessages extension to customize the messages. The Echo (Notifications) extension is not required, this will gracefully do nothing if it's not enabled. Bug: T210075 Bug: T210963 Change-Id: I99077ea082b8483cc4fd77573a0d00fa98201f15
197 lines
4.1 KiB
JSON
197 lines
4.1 KiB
JSON
{
|
|
"name": "OATHAuth",
|
|
"version": "0.5.0",
|
|
"author": [
|
|
"Ryan Lane",
|
|
"Robert Vogel <vogel@hallowelt.com>",
|
|
"Dejan Savuljesku <savuljesku@hallowelt.com>"
|
|
],
|
|
"url": "https://www.mediawiki.org/wiki/Extension:OATHAuth",
|
|
"descriptionmsg": "oathauth-desc",
|
|
"type": "other",
|
|
"requires": {
|
|
"MediaWiki": ">= 1.37.0"
|
|
},
|
|
"license-name": "GPL-2.0-or-later AND GPL-3.0-or-later",
|
|
"attributes": {
|
|
"OATHAuth": {
|
|
"Modules": {
|
|
"totp": "\\MediaWiki\\Extension\\OATHAuth\\Module\\TOTP::factory"
|
|
}
|
|
}
|
|
},
|
|
"AutoloadNamespaces": {
|
|
"MediaWiki\\Extension\\OATHAuth\\": "src/"
|
|
},
|
|
"TestAutoloadNamespaces": {
|
|
"MediaWiki\\Extension\\OATHAuth\\Tests\\": "tests/phpunit/"
|
|
},
|
|
"AuthManagerAutoConfig": {
|
|
"secondaryauth": {
|
|
"OATHSecondaryAuthenticationProvider": {
|
|
"class": "\\MediaWiki\\Extension\\OATHAuth\\Auth\\SecondaryAuthenticationProvider",
|
|
"sort": 50
|
|
}
|
|
}
|
|
},
|
|
"ServiceWiringFiles": [
|
|
"ServiceWiring.php"
|
|
],
|
|
"ExtensionMessagesFiles": {
|
|
"OATHAuthAlias": "OATHAuth.alias.php"
|
|
},
|
|
"Hooks": {
|
|
"AuthChangeFormFields": "main",
|
|
"LoadExtensionSchemaUpdates": "\\MediaWiki\\Extension\\OATHAuth\\Hook\\LoadExtensionSchemaUpdates\\UpdateTables::callback",
|
|
"GetPreferences": "main",
|
|
"getUserPermissionsErrors": "main",
|
|
"UserEffectiveGroups": "main",
|
|
"UserGetRights": "main",
|
|
"BeforeCreateEchoEvent": "\\MediaWiki\\Extension\\OATHAuth\\Notifications\\Manager::onBeforeCreateEchoEvent"
|
|
},
|
|
"HookHandlers": {
|
|
"main": {
|
|
"class": "\\MediaWiki\\Extension\\OATHAuth\\Hook\\HookHandler",
|
|
"services": [
|
|
"OATHUserRepository",
|
|
"PermissionManager",
|
|
"MainConfig",
|
|
"UserGroupManager"
|
|
]
|
|
}
|
|
},
|
|
"MessagesDirs": {
|
|
"OATHAuth": [
|
|
"i18n",
|
|
"i18n/api"
|
|
]
|
|
},
|
|
"config": {
|
|
"OATHAuthWindowRadius": {
|
|
"value": 4
|
|
},
|
|
"OATHAuthDatabase": {
|
|
"value": false
|
|
},
|
|
"OATHAuthAccountPrefix": {
|
|
"value": false
|
|
},
|
|
"OATHExclusiveRights": {
|
|
"value": []
|
|
},
|
|
"OATHRequiredForGroups": {
|
|
"value": []
|
|
}
|
|
},
|
|
"ResourceModules": {
|
|
"ext.oath.totp.showqrcode": {
|
|
"scripts": [
|
|
"totp/jquery.qrcode.js",
|
|
"totp/qrcode.js",
|
|
"totp/ext.oath.showqrcode.js"
|
|
],
|
|
"targets": [
|
|
"desktop",
|
|
"mobile"
|
|
]
|
|
},
|
|
"ext.oath.totp.showqrcode.styles": {
|
|
"styles": [
|
|
"totp/ext.oath.showqrcode.styles.css"
|
|
],
|
|
"targets": [
|
|
"desktop",
|
|
"mobile"
|
|
]
|
|
}
|
|
},
|
|
"ResourceFileModulePaths": {
|
|
"localBasePath": "modules",
|
|
"remoteExtPath": "OATHAuth/modules"
|
|
},
|
|
"SpecialPages": {
|
|
"DisableOATHForUser": {
|
|
"class": "\\MediaWiki\\Extension\\OATHAuth\\Special\\DisableOATHForUser",
|
|
"services": [
|
|
"OATHUserRepository",
|
|
"UserFactory"
|
|
]
|
|
},
|
|
"OATHManage": {
|
|
"class": "\\MediaWiki\\Extension\\OATHAuth\\Special\\OATHManage",
|
|
"services": [
|
|
"OATHUserRepository",
|
|
"OATHAuth"
|
|
]
|
|
},
|
|
"VerifyOATHForUser": {
|
|
"class": "\\MediaWiki\\Extension\\OATHAuth\\Special\\VerifyOATHForUser",
|
|
"services": [
|
|
"OATHUserRepository",
|
|
"UserFactory"
|
|
]
|
|
}
|
|
},
|
|
"AvailableRights": [
|
|
"oathauth-enable",
|
|
"oathauth-api-all",
|
|
"oathauth-disable-for-user",
|
|
"oathauth-verify-user",
|
|
"oathauth-view-log"
|
|
],
|
|
"GroupPermissions": {
|
|
"*": {
|
|
"oathauth-disable-for-user": false,
|
|
"oathauth-view-log": false
|
|
},
|
|
"user": {
|
|
"oathauth-enable": true
|
|
},
|
|
"sysop": {
|
|
"oathauth-disable-for-user": true,
|
|
"oathauth-verify-user": true,
|
|
"oathauth-view-log": true
|
|
}
|
|
},
|
|
"GrantPermissions": {
|
|
"oath": {
|
|
"oathauth-api-all": true,
|
|
"oathauth-verify-user": true
|
|
}
|
|
},
|
|
"GrantPermissionGroups": {
|
|
"oath": "authentication"
|
|
},
|
|
"APIModules": {
|
|
"oathvalidate": "\\MediaWiki\\Extension\\OATHAuth\\Api\\Module\\ApiOATHValidate"
|
|
},
|
|
"APIMetaModules": {
|
|
"oath": "\\MediaWiki\\Extension\\OATHAuth\\Api\\Module\\ApiQueryOATH"
|
|
},
|
|
"RateLimits": {
|
|
"badoath": {
|
|
"&can-bypass": false,
|
|
"user": [ 10, 60 ],
|
|
"user-global": [ 10, 60 ]
|
|
}
|
|
},
|
|
"ReauthenticateTime": {
|
|
"oathauth-enable": 60
|
|
},
|
|
"load_composer_autoloader": true,
|
|
"LogTypes": [ "oath" ],
|
|
"LogNames": {
|
|
"oath": "oath-log-name"
|
|
},
|
|
"LogHeaders": {
|
|
"oath": "oath-log-header"
|
|
},
|
|
"LogActionsHandlers": {
|
|
"oath/*": "LogFormatter"
|
|
},
|
|
"LogRestrictions": {
|
|
"oath": "oathauth-view-log"
|
|
},
|
|
"manifest_version": 2
|
|
}
|