HomePhabricator
Diffusion Phabricator c731508d748a

Require MFA implementations to return a formal result object when validating…
c731508d748a
Actions

Description

Require MFA implementations to return a formal result object when validating factors

Summary:
Ref T13222. See PHI873. Currently, MFA implementations return this weird sort of ad-hoc dictionary from validation, which is later used to render form/control stuff.

I want to make this more formal to handle token reuse / session binding cases, and let MFA factors share more code around challenges. Formalize this into a proper object instead of an ad-hoc bundle of properties.

Test Plan:

  • Answered a TOTP MFA prompt wrong (nothing, bad value).
  • Answered a TOTP MFA prompt properly.
  • Added new TOTP MFA, survived enrollment.

Reviewers: amckinley

Reviewed By: amckinley

Maniphest Tasks: T13222

Differential Revision: https://secure.phabricator.com/D19885

Details

Provenance
epriestleyAuthored on Dec 13 2018, 8:34 PM
epriestleyPushed on Dec 17 2018, 2:59 PM
Reviewer
amckinley
Differential Revision
D19885: Require MFA implementations to return a formal result object when validating factors
Parents
rP54b952df5d14: Fix weird gap/spacing on user "Manage" page
Branches
Unknown
Tags
Unknown
Tasks
T13222: 2018 Week 48-51 Bonus Content
Build Status
Buildable 21351
Build 29058: Run Core Tests

Changes (6)

PathSize
src/
applications/
auth/
engine/
exception/
factor/

rPc731508d748a

View Options

src/__phutil_library_map__.php

Loading...
View Options

src/applications/auth/engine/PhabricatorAuthSessionEngine.php

Loading...
View Options

src/applications/auth/exception/PhabricatorAuthHighSecurityRequiredException.php

Loading...
View Options

src/applications/auth/factor/PhabricatorAuthFactor.php

Loading...
View Options

src/applications/auth/factor/PhabricatorAuthFactorResult.php

Loading...
View Options

src/applications/auth/factor/PhabricatorTOTPAuthFactor.php

Loading...
Phabricator · Built by Phacility