revi-archive/phorge-phorge
1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2025-01-21 04:01:30 +01:00
Code Issues Releases Wiki Activity
phorge-phorge/src/applications/auth/engine
History
epriestley c731508d74 Require MFA implementations to return a formal result object when validating factors 
Summary:
Ref T13222. See PHI873. Currently, MFA implementations return this weird sort of ad-hoc dictionary from validation, which is later used to render form/control stuff.

I want to make this more formal to handle token reuse / session binding cases, and let MFA factors share more code around challenges. Formalize this into a proper object instead of an ad-hoc bundle of properties.

Test Plan:
  - Answered a TOTP MFA prompt wrong (nothing, bad value).
  - Answered a TOTP MFA prompt properly.
  - Added new TOTP MFA, survived enrollment.

Reviewers: amckinley

Reviewed By: amckinley

Maniphest Tasks: T13222

Differential Revision: https://secure.phabricator.com/D19885
2018-12-17 06:59:46 -08:00
..
PhabricatorAuthInviteEngine.php Use PhutilInvalidStateException 2015-06-18 07:09:02 +10:00
PhabricatorAuthPasswordEngine.php Prevent users from selecting excessively bad passwords based on their username or email address 2018-11-06 12:44:07 -08:00
PhabricatorAuthSessionEngine.php Require MFA implementations to return a formal result object when validating factors 2018-12-17 06:59:46 -08:00
PhabricatorAuthSessionEngineExtension.php Add session and request hooks to PhabricatorAuthSessionEngine 2016-11-17 13:09:29 -08:00
PhabricatorAuthSessionEngineExtensionModule.php Redesign Config Application 2016-08-29 15:49:49 -07:00