stable
Clone or download
This contribution allows to test that an enrollment that has been saved in the DB can be used to authenticate the user. The goal is to provide a test endpoint without having the full multi-factor authentication pipeline in place but once Tuleap has it, this test endpoint will be removed. To test, you first need to enroll yourself: go to the page /plugins/mfa/enroll, a base32 encoded value is displayed, it is the shared secret between the client and the server validating the TOTP codes. You can generate the TOTP code corresponding to the secret using the CLI tool oathtool (any other tool will work too) this way: oathtool --totp -b <secret> After the enrollment, you can access the page /plugins/mfa/enroll/test. With the secret key you have saved, you can can generate a new code. This code should be recognized as valid. This is part of story #11649: protect my account with a TOTP code Change-Id: I66d6d7bec934c3fbb4cf0a359772b5f7b7d835e9
Modified Files
Name | ||||
---|---|---|---|---|
A | plugins/mfa/include/Enrollment/TOTP/NotFoundTOTPEnrollmentException.php | +29 | −0 | Go to diff View file |
M | plugins/mfa/include/Enrollment/TOTP/TOTPEnrollmentDAO.php | +11 | −0 | Go to diff View file |
A | plugins/mfa/include/Enrollment/TOTP/TOTPRetriever.php | +65 | −0 | Go to diff View file |
A | plugins/mfa/include/Enrollment/TrialAuthenticationDisplayController.php | +64 | −0 | Go to diff View file |
A | plugins/mfa/include/Enrollment/TrialAuthenticationVerifierController.php | +76 | −0 | Go to diff View file |
M | plugins/mfa/include/mfaPlugin.class.php | +19 | −0 | Go to diff View file |
A | plugins/mfa/templates/trial_enrollment.mustache | +7 | −0 | Go to diff View file |