Page MenuHomePhabricator

Add `bin/auth list-factors` and `bin/auth strip` to remove multi-factor auth

Authored by epriestley on Apr 30 2014, 11:57 AM.



Ref T4398. The major goals here is to let administrators strip auth factors in two cases:

  • A user lost their phone and needs access restored to their account; or
  • an install previously used an API-based factor like SMS, but want to stop supporting it (this isn't possible today).
Test Plan
  • Used bin/auth list-factors to show installed factors.
  • Used bin/auth strip with various mixtures of flags to selectively choose and strip factors from accounts.
  • Also ran bin/auth refresh to verify refreshing OAuth tokens works (small OAuth vs OAuth2 tweak).

Diff Detail

rP Phabricator
Lint Skipped
Unit Tests Skipped

Event Timeline

epriestley retitled this revision from to Add `bin/auth list-factors` and `bin/auth strip` to remove multi-factor auth.Apr 30 2014, 11:57 AM
epriestley updated this object.
epriestley edited the test plan for this revision. (Show Details)
epriestley added a reviewer: btrahan.
epriestley updated this revision to Diff 21144.
btrahan edited edge metadata.Apr 30 2014, 5:39 PM
btrahan accepted this revision.
This revision is now accepted and ready to land.Apr 30 2014, 5:39 PM
epriestley closed this revision.Apr 30 2014, 9:30 PM
epriestley updated this revision to Diff 21166.

Closed by commit rP535cfa3ebebe (authored by @epriestley).