1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2025-01-08 05:41:01 +01:00

(stable) Fix an issue where Duo validation could incorrectly apply to other factor types

See <https://discourse.phabricator-community.org/t/configuring-mfa-provider-totp-fails-for-missing-duo-only-options/2355>.

Test Plan: Created a TOTP provider; created a Duo provider (with missing and supplied values).
This commit is contained in:
epriestley 2019-02-03 06:36:49 -08:00
parent c65ad751ab
commit 33ed2a390c
3 changed files with 17 additions and 1 deletions

View file

@ -27,6 +27,10 @@ final class PhabricatorAuthFactorProviderDuoCredentialTransaction
$actor = $this->getActor();
$errors = array();
if (!$this->isDuoProvider($object)) {
return $errors;
}
$old_value = $this->generateOldValue($object);
if ($this->isEmptyTextTransaction($old_value, $xactions)) {
$errors[] = $this->newRequiredError(

View file

@ -26,6 +26,10 @@ final class PhabricatorAuthFactorProviderDuoHostnameTransaction
public function validateTransactions($object, array $xactions) {
$errors = array();
if (!$this->isDuoProvider($object)) {
return $errors;
}
$old_value = $this->generateOldValue($object);
if ($this->isEmptyTextTransaction($old_value, $xactions)) {
$errors[] = $this->newRequiredError(

View file

@ -1,4 +1,12 @@
<?php
abstract class PhabricatorAuthFactorProviderTransactionType
extends PhabricatorModularTransactionType {}
extends PhabricatorModularTransactionType {
final protected function isDuoProvider(
PhabricatorAuthFactorProvider $provider) {
$duo_key = id(new PhabricatorDuoAuthFactor())->getFactorKey();
return ($provider->getProviderFactorKey() === $duo_key);
}
}