Diffusion Phabricator 8e5d9c6f0eb5

Allow MFA providers to be deprecated or disabled
8e5d9c6f0eb5
Actions

Tags

None

Referenced Files

None

Subscribers

None

Description

Allow MFA providers to be deprecated or disabled

Summary: Ref T13222. Providers can now be deprecated (existing factors still work, but users can't add new factors for the provider) or disabled (factors stop working, also can't add new ones).

Test Plan:

Enabled, deprecated, and disabled some providers.
Viewed provider detail, provider list.
Viewed MFA settings list.
Verified that I'm prompted for enabled + deprecated only at gates.
Tried to disable final provider, got an error.
Hit the MFA setup gate by enabling "Require MFA" with no providers, got a more useful message.
Immediately forced a user to the "MFA Setup Gate" by disabling their only active provider with another provider enabled ("We no longer support TOTP, you HAVE to finish Duo enrollment to continue starting Monday.").

Reviewers: amckinley

Reviewed By: amckinley

Maniphest Tasks: T13222

Differential Revision: https://secure.phabricator.com/D20031

Details

Provenance

epriestley	Authored on Jan 25 2019, 12:37 PM
epriestley	Pushed on Jan 28 2019, 5:29 PM

Reviewer

Differential Revision

D20031: Allow MFA providers to be deprecated or disabled

Parents

rP03ac59a87708: Don't put "spacePHID IN (...)" constraints in queries which will raise policy…

Branches

Unknown

Tags

Unknown

Tasks

T13222: 2018 Week 48-51 Bonus Content

Build Status

Buildable 21713
Build 29625: Run Core Tests

Event Timeline

epriestley committed rP8e5d9c6f0eb5: Allow MFA providers to be deprecated or disabled (authored by epriestley).Jan 28 2019, 5:29 PM

epriestley added a task: T13222: 2018 Week 48-51 Bonus Content.

Harbormaster completed building B21713: rP8e5d9c6f0eb5: Allow MFA providers to be deprecated or disabled.Jan 28 2019, 5:31 PM

Changes (15)

Path

Size

src/

__phutil_library_map__.php

applications/

auth/

constants/

PhabricatorAuthFactorProviderStatus.php

controller/

PhabricatorAuthNeedsMultiFactorController.php

mfa/

PhabricatorAuthFactorProviderListController.php

PhabricatorAuthFactorProviderViewController.php

editor/

PhabricatorAuthFactorProviderEditEngine.php

engine/

PhabricatorAuthSessionEngine.php

factor/

PhabricatorAuthFactor.php

PhabricatorSMSAuthFactor.php

query/

PhabricatorAuthFactorConfigQuery.php

storage/

PhabricatorAuthFactorConfig.php

PhabricatorAuthFactorProvider.php

xaction/

PhabricatorAuthFactorProviderStatusTransaction.php

people/

storage/

PhabricatorUser.php

settings/

panel/

PhabricatorMultiFactorSettingsPanel.php

rP8e5d9c6f0eb5

src/__phutil_library_map__.php

Loading...

src/applications/auth/constants/PhabricatorAuthFactorProviderStatus.php

Loading...

src/applications/auth/controller/PhabricatorAuthNeedsMultiFactorController.php

Loading...

src/applications/auth/controller/mfa/PhabricatorAuthFactorProviderListController.php

Loading...

src/applications/auth/controller/mfa/PhabricatorAuthFactorProviderViewController.php

Loading...

src/applications/auth/editor/PhabricatorAuthFactorProviderEditEngine.php

Loading...

src/applications/auth/engine/PhabricatorAuthSessionEngine.php

Loading...

src/applications/auth/factor/PhabricatorAuthFactor.php

Loading...

src/applications/auth/factor/PhabricatorSMSAuthFactor.php

Loading...

src/applications/auth/query/PhabricatorAuthFactorConfigQuery.php

Loading...

src/applications/auth/storage/PhabricatorAuthFactorConfig.php

Loading...

src/applications/auth/storage/PhabricatorAuthFactorProvider.php

Loading...

src/applications/auth/xaction/PhabricatorAuthFactorProviderStatusTransaction.php

Loading...

src/applications/people/storage/PhabricatorUser.php

Loading...

src/applications/settings/panel/PhabricatorMultiFactorSettingsPanel.php

Loading...