1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-12-23 22:10:55 +01:00

Fix an issue where Duo validation could incorrectly apply to other factor types

See <https://discourse.phabricator-community.org/t/configuring-mfa-provider-totp-fails-for-missing-duo-only-options/2355>.

Test Plan: Created a TOTP provider; created a Duo provider (with missing and supplied values).
This commit is contained in:
epriestley 2019-02-03 06:36:49 -08:00
parent 7c795ab757
commit db1e123706
3 changed files with 17 additions and 1 deletions

View file

@ -27,6 +27,10 @@ final class PhabricatorAuthFactorProviderDuoCredentialTransaction
$actor = $this->getActor(); $actor = $this->getActor();
$errors = array(); $errors = array();
if (!$this->isDuoProvider($object)) {
return $errors;
}
$old_value = $this->generateOldValue($object); $old_value = $this->generateOldValue($object);
if ($this->isEmptyTextTransaction($old_value, $xactions)) { if ($this->isEmptyTextTransaction($old_value, $xactions)) {
$errors[] = $this->newRequiredError( $errors[] = $this->newRequiredError(

View file

@ -26,6 +26,10 @@ final class PhabricatorAuthFactorProviderDuoHostnameTransaction
public function validateTransactions($object, array $xactions) { public function validateTransactions($object, array $xactions) {
$errors = array(); $errors = array();
if (!$this->isDuoProvider($object)) {
return $errors;
}
$old_value = $this->generateOldValue($object); $old_value = $this->generateOldValue($object);
if ($this->isEmptyTextTransaction($old_value, $xactions)) { if ($this->isEmptyTextTransaction($old_value, $xactions)) {
$errors[] = $this->newRequiredError( $errors[] = $this->newRequiredError(

View file

@ -1,4 +1,12 @@
<?php <?php
abstract class PhabricatorAuthFactorProviderTransactionType abstract class PhabricatorAuthFactorProviderTransactionType
extends PhabricatorModularTransactionType {} extends PhabricatorModularTransactionType {
final protected function isDuoProvider(
PhabricatorAuthFactorProvider $provider) {
$duo_key = id(new PhabricatorDuoAuthFactor())->getFactorKey();
return ($provider->getProviderFactorKey() === $duo_key);
}
}