Public

Project privacy set to public. By default, its content is available to everyone (authenticated or not). Please note that more restrictive permissions might exist on some items.

stable

Clone or download

Read-only

Enrollment of a multi-factor authentication device based on TOTP can be saved

Download Browse

Even if it is not used yet, this contribution saves the enrollment of a MFA device in the DB. To test, you can access the page /plugins/mfa/enroll a base32 encoded value is displayed, it is the shared secret between the client and the server validating the TOTP codes. You can generate the TOTP code corresponding to the secret using the CLI tool oathtool (any other tool will work too) this way: oathtool --totp -b <secret> The plugin not being not available outside of a dev environnement and the contributor being lazy, no forgeupgrade is provided so please create the table by hand or just uninstall then reinstall the plugin. This is part of story #11649: protect my account with a TOTP code Change-Id: I13000cc56ca6eca75bd83e7164700768dcbe607b

+438 −40
Thomas Gerbet (tgerbet) 2018-07-20 15:44
Thomas Gerbet (tgerbet) 2018-08-23 16:30
8f7c15aa9ed29694932f3ccb2528391a38ec1e7e
3337d2ba1d47e007aa717a2b7f10d051840159f9
git #tuleap/stable/8f7c15aa9ed29694932f3ccb2528391a38ec1e7e

Modified Files

Side by side diff
Inline diff
Name
A plugins/mfa/db/install.sql +4 −0 Go to diff View file
A plugins/mfa/db/uninstall.sql +1 −0 Go to diff View file
M plugins/mfa/include/Enrollment/EnrollmentDisplayController.php +12 −2 Go to diff View file
M plugins/mfa/include/Enrollment/EnrollmentPresenter.php +9 −3 Go to diff View file
M plugins/mfa/include/Enrollment/EnrollmentRegisterController.php +18 −14 Go to diff View file
A plugins/mfa/include/Enrollment/TOTP/EnrollmentTOTPException.php +25 −0 Go to diff View file
A plugins/mfa/include/Enrollment/TOTP/EnrollmentTOTPMissingSessionSecretException.php +25 −0 Go to diff View file
A plugins/mfa/include/Enrollment/TOTP/InvalidTOTPCodeException.php +29 −0 Go to diff View file
A plugins/mfa/include/Enrollment/TOTP/TOTPEnroller.php +107 −0 Go to diff View file
A plugins/mfa/include/Enrollment/TOTP/TOTPEnrollmentDAO.php +45 −0 Go to diff View file
M plugins/mfa/include/OTP/TOTPValidator.php +5 −15 Go to diff View file
M plugins/mfa/include/mfaPlugin.class.php +23 −2 Go to diff View file
A plugins/mfa/phpunit/Enrollment/TOTP/TOTPEnrollerTest.php +113 −0 Go to diff View file
M plugins/mfa/phpunit/OTP/TOTPValidatorTest.php +4 −4 Go to diff View file
M plugins/mfa/site-content/fr_FR/LC_MESSAGES/tuleap-mfa.po +7 −0 Go to diff View file
M plugins/mfa/site-content/tuleap-mfa.pot +5 −0 Go to diff View file
M plugins/mfa/templates/enrollment.mustache +6 −0 Go to diff View file