Page MenuHomePhabricator
Create Task
Maniphest T10603

Make AuthTemporaryTokens suitable for use as LFS tokens
Closed, ResolvedPublic
Actions

Description

We have an existing PhabricatorAuthTemporaryToken construct which is mostly usable for LFS tokens, but needs a few updates to improve flexibility and modularity.

(This possibly gives us part of a future attack on T10262, as well, and may represent a piece of Nuance authentication.)

Revisions and Commits

rP Phabricator
D15481rP772c658aac41 Convert one-time file access tokens to modular token types
D15480rP6ef4747e9da5 Convert OAuth1 handshake tokens to new modular temporary tokens
D15479rP33a95d44bdc7 Formally modularize MFA/TOTP tokens, provide a module panel for temporary tokens
D15478rPa837c3d73eaf Make temporary token storage/schema more flexible
D15476rP8e3ea4e034eb Use new modular temporary auth token constants in one-time login and password…
D15475rPcf15e0de4386 Modularize temporary token types

Related Objects
Search...

Event Timeline

epriestley created this task.Mar 16 2016, 12:15 PM
epriestley created this object with edit policy "All Users".
epriestley changed the edit policy from "All Users" to "Community (Project)".Mar 16 2016, 12:18 PM
epriestley added a revision: D15475: Modularize temporary token types.Mar 16 2016, 12:24 PM
epriestley added a revision: D15476: Use new modular temporary auth token constants in one-time login and password reset flows.Mar 16 2016, 12:37 PM
epriestley added a revision: D15478: Make temporary token storage/schema more flexible.Mar 16 2016, 1:14 PM
epriestley added a revision: D15479: Formally modularize MFA/TOTP tokens, provide a module panel for temporary tokens.Mar 16 2016, 1:26 PM
epriestley added a revision: D15480: Convert OAuth1 handshake tokens to new modular temporary tokens.Mar 16 2016, 1:56 PM
epriestley added a revision: D15481: Convert one-time file access tokens to modular token types.Mar 16 2016, 2:11 PM
epriestley closed this task as Resolved by committing rP772c658aac41: Convert one-time file access tokens to modular token types.Mar 16 2016, 4:33 PM
epriestley added a commit: rPcf15e0de4386: Modularize temporary token types.
epriestley added a commit: rP8e3ea4e034eb: Use new modular temporary auth token constants in one-time login and password….
epriestley added a commit: rPa837c3d73eaf: Make temporary token storage/schema more flexible.
epriestley added a commit: rP33a95d44bdc7: Formally modularize MFA/TOTP tokens, provide a module panel for temporary tokens.
epriestley added a commit: rP6ef4747e9da5: Convert OAuth1 handshake tokens to new modular temporary tokens.
epriestley added a commit: rP772c658aac41: Convert one-time file access tokens to modular token types.
epriestley mentioned this in T7789: Support Git Large File Storage.Mar 17 2016, 3:41 PM
Phabricator · Built by Phacility