Paths

Table of Contentst

Diffusion Phabricator d22495a820c6

Make external link/refresh use provider IDs, switch external account MFA to one…
d22495a820c6
Actions

Tags

None

Referenced Files

None

Subscribers

None

Description

Make external link/refresh use provider IDs, switch external account MFA to one-shot

Summary:
Depends on D20113. Ref T6703. Continue moving toward a future where multiple copies of a given type of provider may exist.

Switch MFA from session-MFA at the start to one-shot MFA at the actual link action.

Add one-shot MFA to the unlink action. This theoretically prevents an attacker from unlinking an account while you're getting coffee, registering alIce which they control, adding a copy of your profile picture, and then trying to trick you into writing a private note with your personal secrets or something.

Test Plan: Linked and unlinked accounts. Refreshed account. Unlinked, then registered a new account. Unlinked, then relinked to my old account.

Reviewers: amckinley

Reviewed By: amckinley

Maniphest Tasks: T6703

Differential Revision: https://secure.phabricator.com/D20117

Details

Provenance

epriestley	Authored on Feb 7 2019, 1:12 AM
epriestley	Pushed on Feb 12 2019, 11:18 PM

Reviewer

Differential Revision

D20117: Make external link/refresh use provider IDs, switch external account MFA to one-shot

Parents

rPe5ee656fff0c: Make external account unlinking use account IDs, not "providerType +…

Branches

Unknown

Tags

Unknown

Tasks

T6703: Allow multiple copies of the same auth provider type

Build Status

Buildable 21974
Build 30010: Run Core Tests

Event Timeline

epriestley committed rPd22495a820c6: Make external link/refresh use provider IDs, switch external account MFA to one… (authored by epriestley).Feb 12 2019, 11:18 PM

epriestley added a task: T6703: Allow multiple copies of the same auth provider type.

Harbormaster completed building B21974: rPd22495a820c6: Make external link/refresh use provider IDs, switch external account MFA to one….Feb 12 2019, 11:20 PM

Changes (8)

Path

Size

src/

applications/

auth/

application/

PhabricatorAuthApplication.php

controller/

PhabricatorAuthConfirmLinkController.php

PhabricatorAuthController.php

PhabricatorAuthLinkController.php

PhabricatorAuthUnlinkController.php

query/

PhabricatorExternalAccountQuery.php

people/

controller/

PhabricatorPeopleProfilePictureController.php

settings/

panel/

PhabricatorExternalAccountsSettingsPanel.php

rPd22495a820c6

src/applications/auth/application/PhabricatorAuthApplication.php

Loading...

src/applications/auth/controller/PhabricatorAuthConfirmLinkController.php

Loading...

src/applications/auth/controller/PhabricatorAuthController.php

Loading...

src/applications/auth/controller/PhabricatorAuthLinkController.php

Loading...

src/applications/auth/controller/PhabricatorAuthUnlinkController.php

Loading...

src/applications/auth/query/PhabricatorExternalAccountQuery.php

Loading...

src/applications/people/controller/PhabricatorPeopleProfilePictureController.php

Loading...

src/applications/settings/panel/PhabricatorExternalAccountsSettingsPanel.php

Loading...