Add more factor details to the Settings factor list

Summary: Depends on D20033. Ref T13222. Flesh this UI out a bit, and provide bit-strength information for TOTP. Also, stop users from adding multiple SMS factors since this is pointless (they all always text your primary contact number). Test Plan: {F6156245} {F6156246} Reviewers: amckinley Reviewed By: amckinley Maniphest Tasks: T13222 Differential Revision: https://secure.phabricator.com/D20034
2025-01-22 20:51:10 +01:00 · 2019-01-25 09:50:02 -08:00 · 2019-01-25 09:50:02 -08:00 · bce44385e1
commit bce44385e1
parent 2dd8a0fc69
5 changed files with 69 additions and 0 deletions
--- a/src/applications/auth/factor/PhabricatorAuthFactor.php
+++ b/src/applications/auth/factor/PhabricatorAuthFactor.php
@ -3,6 +3,7 @@
 abstract class PhabricatorAuthFactor extends Phobject {

  abstract public function getFactorName();
+  abstract public function getFactorShortName();
  abstract public function getFactorKey();
  abstract public function getFactorCreateHelp();
  abstract public function getFactorDescription();
@ -66,6 +67,13 @@ abstract class PhabricatorAuthFactor extends Phobject {
    return null;
  }

+  public function getConfigurationListDetails(
+    PhabricatorAuthFactorConfig $config,
+    PhabricatorAuthFactorProvider $provider,
+    PhabricatorUser $viewer) {
+    return null;
+  }
+
  /**
   * Is this a factor which depends on the user's contact number?
   *
@ -524,4 +532,15 @@ abstract class PhabricatorAuthFactor extends Phobject {
    return $request->validateCSRF();
  }

+  final protected function loadConfigurationsForProvider(
+    PhabricatorAuthFactorProvider $provider,
+    PhabricatorUser $user) {
+
+    return id(new PhabricatorAuthFactorConfigQuery())
+      ->setViewer($user)
+      ->withUserPHIDs(array($user->getPHID()))
+      ->withFactorProviderPHIDs(array($provider->getPHID()))
+      ->execute();
+  }
+
 }
--- a/src/applications/auth/factor/PhabricatorSMSAuthFactor.php
+++ b/src/applications/auth/factor/PhabricatorSMSAuthFactor.php
@ -8,6 +8,10 @@ final class PhabricatorSMSAuthFactor
  }

  public function getFactorName() {
+    return pht('Text Message (SMS)');
+  }
+
+  public function getFactorShortName() {
    return pht('SMS');
  }

@ -75,6 +79,10 @@ final class PhabricatorSMSAuthFactor
      return false;
    }

+    if ($this->loadConfigurationsForProvider($provider, $user)) {
+      return false;
+    }
+
    return true;
  }

@ -96,6 +104,16 @@ final class PhabricatorSMSAuthFactor
          ));
    }

+    if ($this->loadConfigurationsForProvider($provider, $user)) {
+      $messages[] = id(new PHUIInfoView())
+        ->setSeverity(PHUIInfoView::SEVERITY_WARNING)
+        ->setErrors(
+          array(
+            pht(
+              'You already have SMS authentication attached to your account.'),
+          ));
+    }
+
    return $messages;
  }

--- a/src/applications/auth/factor/PhabricatorTOTPAuthFactor.php
+++ b/src/applications/auth/factor/PhabricatorTOTPAuthFactor.php
@ -10,6 +10,10 @@ final class PhabricatorTOTPAuthFactor extends PhabricatorAuthFactor {
    return pht('Mobile Phone App (TOTP)');
  }

+  public function getFactorShortName() {
+    return pht('TOTP');
+  }
+
  public function getFactorCreateHelp() {
    return pht(
      'Allow users to attach a mobile authenticator application (like '.
@ -38,6 +42,15 @@ final class PhabricatorTOTPAuthFactor extends PhabricatorAuthFactor {
      'to add a new TOTP code, continue to the next step.');
  }

+  public function getConfigurationListDetails(
+    PhabricatorAuthFactorConfig $config,
+    PhabricatorAuthFactorProvider $provider,
+    PhabricatorUser $viewer) {
+
+    $bits = strlen($config->getFactorSecret()) * 8;
+    return pht('%d-Bit Secret', $bits);
+  }
+
  public function processAddFactorForm(
    PhabricatorAuthFactorProvider $provider,
    AphrontFormView $form,
--- a/src/applications/auth/storage/PhabricatorAuthFactorProvider.php
+++ b/src/applications/auth/storage/PhabricatorAuthFactorProvider.php
@ -126,6 +126,15 @@ final class PhabricatorAuthFactorProvider
    return $this->getFactor()->getConfigurationCreateDescription($this, $user);
  }

+  public function getConfigurationListDetails(
+    PhabricatorAuthFactorConfig $config,
+    PhabricatorUser $viewer) {
+    return $this->getFactor()->getConfigurationListDetails(
+      $config,
+      $this,
+      $viewer);
+  }
+

 /* -(  PhabricatorApplicationTransactionInterface  )------------------------- */

--- a/src/applications/settings/panel/PhabricatorMultiFactorSettingsPanel.php
+++ b/src/applications/settings/panel/PhabricatorMultiFactorSettingsPanel.php
@ -77,6 +77,8 @@ final class PhabricatorMultiFactorSettingsPanel
        ->setIcon("{$status_icon} {$status_color}")
        ->setTooltip(pht('Provider: %s', $status->getName()));

+      $details = $provider->getConfigurationListDetails($factor, $viewer);
+
      $rows[] = array(
        $icon,
        javelin_tag(
@ -86,7 +88,9 @@ final class PhabricatorMultiFactorSettingsPanel
            'sigil' => 'workflow',
          ),
          $factor->getFactorName()),
+        $provider->getFactor()->getFactorShortName(),
        $provider->getDisplayName(),
+        $details,
        phabricator_datetime($factor->getDateCreated(), $viewer),
        javelin_tag(
          'a',
@ -107,6 +111,8 @@ final class PhabricatorMultiFactorSettingsPanel
        null,
        pht('Name'),
        pht('Type'),
+        pht('Provider'),
+        pht('Details'),
        pht('Created'),
        null,
      ));
@ -115,6 +121,8 @@ final class PhabricatorMultiFactorSettingsPanel
        null,
        'wide pri',
        null,
+        null,
+        null,
        'right',
        'action',
      ));
@ -125,6 +133,8 @@ final class PhabricatorMultiFactorSettingsPanel
        true,
        false,
        false,
+        false,
+        false,
        true,
      ));