mirror of
https://we.phorge.it/source/phorge.git
synced 2025-01-11 15:21:03 +01:00
Replace "Show Secret" in Passphrase with one-shot MFA
Summary: Depends on D20036. Ref T13222. Now that we support one-shot MFA, swap this from session MFA to one-shot MFA. Test Plan: Revealed a credential, was no longer left in high-security mode. Reviewers: amckinley Reviewed By: amckinley Maniphest Tasks: T13222 Differential Revision: https://secure.phabricator.com/D20037
This commit is contained in:
parent
d24e66724d
commit
44a0b3e83d
3 changed files with 13 additions and 6 deletions
|
@ -21,12 +21,8 @@ final class PassphraseCredentialRevealController
|
|||
return new Aphront404Response();
|
||||
}
|
||||
|
||||
$view_uri = '/K'.$credential->getID();
|
||||
$view_uri = $credential->getURI();
|
||||
|
||||
$token = id(new PhabricatorAuthSessionEngine())->requireHighSecuritySession(
|
||||
$viewer,
|
||||
$request,
|
||||
$view_uri);
|
||||
$is_locked = $credential->getIsLocked();
|
||||
|
||||
if ($is_locked) {
|
||||
|
@ -39,7 +35,7 @@ final class PassphraseCredentialRevealController
|
|||
->addCancelButton($view_uri);
|
||||
}
|
||||
|
||||
if ($request->isFormPost()) {
|
||||
if ($request->isFormOrHisecPost()) {
|
||||
$secret = $credential->getSecret();
|
||||
if (!$secret) {
|
||||
$body = pht('This credential has no associated secret.');
|
||||
|
@ -76,6 +72,7 @@ final class PassphraseCredentialRevealController
|
|||
|
||||
$editor = id(new PassphraseCredentialTransactionEditor())
|
||||
->setActor($viewer)
|
||||
->setCancelURI($view_uri)
|
||||
->setContinueOnNoEffect(true)
|
||||
->setContentSourceFromRequest($request)
|
||||
->applyTransactions($credential, $xactions);
|
||||
|
|
|
@ -52,6 +52,10 @@ final class PassphraseCredential extends PassphraseDAO
|
|||
return 'K'.$this->getID();
|
||||
}
|
||||
|
||||
public function getURI() {
|
||||
return '/'.$this->getMonogram();
|
||||
}
|
||||
|
||||
protected function getConfiguration() {
|
||||
return array(
|
||||
self::CONFIG_AUX_PHID => true,
|
||||
|
|
|
@ -30,4 +30,10 @@ final class PassphraseCredentialLookedAtTransaction
|
|||
return 'blue';
|
||||
}
|
||||
|
||||
public function shouldTryMFA(
|
||||
$object,
|
||||
PhabricatorApplicationTransaction $xaction) {
|
||||
return true;
|
||||
}
|
||||
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue