Page Menu
Home
Phabricator
Search
Configure Global Search
Log In
Files
F15459020
D19900.id47510.diff
No One
Temporary
Actions
View File
Edit File
Delete File
View Transforms
Subscribe
Mute Notifications
Award Token
Flag For Later
Size
4 KB
Referenced Files
None
Subscribers
None
D19900.id47510.diff
View Options
diff --git a/src/aphront/handler/PhabricatorHighSecurityRequestExceptionHandler.php b/src/aphront/handler/PhabricatorHighSecurityRequestExceptionHandler.php
--- a/src/aphront/handler/PhabricatorHighSecurityRequestExceptionHandler.php
+++ b/src/aphront/handler/PhabricatorHighSecurityRequestExceptionHandler.php
@@ -45,40 +45,65 @@
}
}
+ $is_upgrade = $throwable->getIsSessionUpgrade();
+
+ if ($is_upgrade) {
+ $title = pht('Enter High Security');
+ } else {
+ $title = pht('Provide MFA Credentials');
+ }
+
if ($is_wait) {
$submit = pht('Wait Patiently');
- } else {
+ } else if ($is_upgrade) {
$submit = pht('Enter High Security');
+ } else {
+ $submit = pht('Continue');
}
$dialog = id(new AphrontDialogView())
->setUser($viewer)
- ->setTitle(pht('Entering High Security'))
+ ->setTitle($title)
->setShortTitle(pht('Security Checkpoint'))
->setWidth(AphrontDialogView::WIDTH_FORM)
->addHiddenInput(AphrontRequest::TYPE_HISEC, true)
- ->setErrors(
- array(
- pht(
- 'You are taking an action which requires you to enter '.
- 'high security.'),
- ))
- ->appendParagraph(
- pht(
- 'High security mode helps protect your account from security '.
- 'threats, like session theft or someone messing with your stuff '.
- 'while you\'re grabbing a coffee. To enter high security mode, '.
- 'confirm your credentials.'))
- ->appendChild($form->buildLayoutView())
- ->appendParagraph(
- pht(
- 'Your account will remain in high security mode for a short '.
- 'period of time. When you are finished taking sensitive '.
- 'actions, you should leave high security.'))
->setSubmitURI($request->getPath())
->addCancelButton($throwable->getCancelURI())
->addSubmitButton($submit);
+ $form_layout = $form->buildLayoutView();
+
+ if ($is_upgrade) {
+ $dialog
+ ->setErrors(
+ array(
+ pht(
+ 'You are taking an action which requires you to enter '.
+ 'high security.'),
+ ))
+ ->appendParagraph(
+ pht(
+ 'High security mode helps protect your account from security '.
+ 'threats, like session theft or someone messing with your stuff '.
+ 'while you\'re grabbing a coffee. To enter high security mode, '.
+ 'confirm your credentials.'))
+ ->appendChild($form_layout)
+ ->appendParagraph(
+ pht(
+ 'Your account will remain in high security mode for a short '.
+ 'period of time. When you are finished taking sensitive '.
+ 'actions, you should leave high security.'));
+ } else {
+ $dialog
+ ->setErrors(
+ array(
+ pht(
+ 'You are taking an action which requires you to provide '.
+ 'multi-factor credentials.'),
+ ))
+ ->appendChild($form_layout);
+ }
+
$request_parameters = $request->getPassthroughRequestParameters(
$respect_quicksand = true);
foreach ($request_parameters as $key => $value) {
diff --git a/src/applications/auth/engine/PhabricatorAuthSessionEngine.php b/src/applications/auth/engine/PhabricatorAuthSessionEngine.php
--- a/src/applications/auth/engine/PhabricatorAuthSessionEngine.php
+++ b/src/applications/auth/engine/PhabricatorAuthSessionEngine.php
@@ -684,6 +684,7 @@
throw id(new PhabricatorAuthHighSecurityRequiredException())
->setCancelURI($cancel_uri)
+ ->setIsSessionUpgrade($upgrade_session)
->setFactors($factors)
->setFactorValidationResults($validation_results);
}
diff --git a/src/applications/auth/exception/PhabricatorAuthHighSecurityRequiredException.php b/src/applications/auth/exception/PhabricatorAuthHighSecurityRequiredException.php
--- a/src/applications/auth/exception/PhabricatorAuthHighSecurityRequiredException.php
+++ b/src/applications/auth/exception/PhabricatorAuthHighSecurityRequiredException.php
@@ -5,6 +5,7 @@
private $cancelURI;
private $factors;
private $factorValidationResults;
+ private $isSessionUpgrade;
public function setFactorValidationResults(array $results) {
assert_instances_of($results, 'PhabricatorAuthFactorResult');
@@ -35,4 +36,13 @@
return $this->cancelURI;
}
+ public function setIsSessionUpgrade($is_upgrade) {
+ $this->isSessionUpgrade = $is_upgrade;
+ return $this;
+ }
+
+ public function getIsSessionUpgrade() {
+ return $this->isSessionUpgrade;
+ }
+
}
File Metadata
Details
Attached
Mime Type
text/plain
Expires
Tue, Apr 1, 9:10 AM (2 d, 22 h ago)
Storage Engine
blob
Storage Format
Encrypted (AES-256-CBC)
Storage Handle
7674719
Default Alt Text
D19900.id47510.diff (4 KB)
Attached To
Mode
D19900: Improve UI messaging around "one-shot" vs "session upgrade" MFA
Attached
Detach File
Event Timeline
Log In to Comment