Page MenuHomePhabricator

Add `bin/auth list-factors` and `bin/auth strip` to remove multi-factor auth
ClosedPublic

Authored by epriestley on Apr 30 2014, 11:57 AM.
Tags
None
Referenced Files
F14439339: D8909.id21166.diff
Thu, Dec 26, 4:10 AM
Unknown Object (File)
Wed, Dec 25, 7:53 AM
Unknown Object (File)
Thu, Dec 19, 7:44 AM
Unknown Object (File)
Wed, Dec 11, 6:57 AM
Unknown Object (File)
Wed, Dec 11, 6:57 AM
Unknown Object (File)
Wed, Dec 11, 5:39 AM
Unknown Object (File)
Wed, Dec 11, 4:55 AM
Unknown Object (File)
Tue, Dec 10, 3:06 PM
Subscribers

Details

Summary

Ref T4398. The major goals here is to let administrators strip auth factors in two cases:

  • A user lost their phone and needs access restored to their account; or
  • an install previously used an API-based factor like SMS, but want to stop supporting it (this isn't possible today).
Test Plan
  • Used bin/auth list-factors to show installed factors.
  • Used bin/auth strip with various mixtures of flags to selectively choose and strip factors from accounts.
  • Also ran bin/auth refresh to verify refreshing OAuth tokens works (small OAuth vs OAuth2 tweak).

Diff Detail

Repository
rP Phabricator
Lint
Lint Skipped
Unit
Tests Skipped

Event Timeline

epriestley retitled this revision from to Add `bin/auth list-factors` and `bin/auth strip` to remove multi-factor auth.
epriestley updated this object.
epriestley edited the test plan for this revision. (Show Details)
epriestley added a reviewer: btrahan.
btrahan edited edge metadata.
This revision is now accepted and ready to land.Apr 30 2014, 5:39 PM
epriestley updated this revision to Diff 21166.

Closed by commit rP535cfa3ebebe (authored by @epriestley).