mirror of
https://we.phorge.it/source/phorge.git
synced 2024-12-23 05:50:55 +01:00
No description
0fcff78253
Summary: Ref T13222. Users configure "Factor Configs", which say "I have an entry on my phone for TOTP secret key XYZ". Currently, these point at raw implementations -- always "TOTP" in practice. To support configuring available MFA types (like "no MFA") and adding MFA types that need some options set (like "Duo", which needs API keys), bind "Factor Configs" to a "Factor Provider" instead. In the future, several "Factors" will be available (TOTP, SMS, Duo, Postal Mail, ...). Administrators configure zero or more "MFA Providers" they want to use (e.g., "Duo" + here's my API key). Then users can add configs for these providers (e.g., "here's my Duo account"). Upshot: - Factor: a PHP subclass, implements the technical details of a type of MFA factor (TOTP, SMS, Duo, etc). - FactorProvider: a storage object, owned by administrators, configuration of a Factor that says "this should be available on this install", plus provides API keys, a human-readable name, etc. - FactorConfig: a storage object, owned by a user, says "I have a factor for provider X on my phone/whatever with secret key Q / my duo account is X / my address is Y". Couple of things not covered here: - Statuses for providers ("Disabled", "Deprecated") don't do anything yet, but you can't edit them anyway. - Some `bin/auth` tools need to be updated. - When no providers are configured, the MFA panel should probably vanish. - Documentation. Test Plan: - Ran migration with providers, saw configs point at the first provider. - Ran migration without providers, saw a provider created and configs pointed at it. - Added/removed factors and providers. Passed MFA gates. Spot-checked database for general sanity. Reviewers: amckinley Reviewed By: amckinley Subscribers: PHID-OPKG-gm6ozazyms6q6i22gyam Maniphest Tasks: T13222 Differential Revision: https://secure.phabricator.com/D19975 |
||
---|---|---|
bin | ||
conf | ||
externals | ||
resources | ||
scripts | ||
src | ||
support | ||
webroot | ||
.arcconfig | ||
.arclint | ||
.arcunit | ||
.editorconfig | ||
.gitignore | ||
LICENSE | ||
NOTICE | ||
README.md |
Phabricator is a collection of web applications which help software companies build better software.
Phabricator includes applications for:
- reviewing and auditing source code;
- hosting and browsing repositories;
- tracking bugs;
- managing projects;
- conversing with team members;
- assembling a party to venture forth;
- writing stuff down and reading it later;
- hiding stuff from coworkers; and
- also some other things.
You can learn more about the project (and find links to documentation and resources) at Phabricator.org
Phabricator is developed and maintained by Phacility.
SUPPORT RESOURCES
For resources on filing bugs, requesting features, reporting security issues, and getting other kinds of support, see Support Resources.
NO PULL REQUESTS!
We do not accept pull requests through GitHub. If you would like to contribute code, please read our Contributor's Guide.
LICENSE
Phabricator is released under the Apache 2.0 license except as otherwise noted.