<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head><meta http-equiv="content-type" content="text/html; charset=utf-8" />
<title>[6759] sites/trunk/wordpress.org/public_html/wp-content/plugins/wporg-two-factor: 2FA: Enable Email, Slack, and Backup Codes as the backup 2FA method.</title>
</head>
<body>
<style type="text/css"><!--
#msg dl.meta { border: 1px #006 solid; background: #369; padding: 6px; color: #fff; }
#msg dl.meta dt { float: left; width: 6em; font-weight: bold; }
#msg dt:after { content:':';}
#msg dl, #msg dt, #msg ul, #msg li, #header, #footer, #logmsg { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; }
#msg dl a { font-weight: bold}
#msg dl a:link { color:#fc3; }
#msg dl a:active { color:#ff0; }
#msg dl a:visited { color:#cc6; }
h3 { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; font-weight: bold; }
#msg pre { overflow: auto; background: #ffc; border: 1px #fa0 solid; padding: 6px; }
#logmsg { background: #ffc; border: 1px #fa0 solid; padding: 1em 1em 0 1em; }
#logmsg p, #logmsg pre, #logmsg blockquote { margin: 0 0 1em 0; }
#logmsg p, #logmsg li, #logmsg dt, #logmsg dd { line-height: 14pt; }
#logmsg h1, #logmsg h2, #logmsg h3, #logmsg h4, #logmsg h5, #logmsg h6 { margin: .5em 0; }
#logmsg h1:first-child, #logmsg h2:first-child, #logmsg h3:first-child, #logmsg h4:first-child, #logmsg h5:first-child, #logmsg h6:first-child { margin-top: 0; }
#logmsg ul, #logmsg ol { padding: 0; list-style-position: inside; margin: 0 0 0 1em; }
#logmsg ul { text-indent: -1em; padding-left: 1em; }#logmsg ol { text-indent: -1.5em; padding-left: 1.5em; }
#logmsg > ul, #logmsg > ol { margin: 0 0 1em 0; }
#logmsg pre { background: #eee; padding: 1em; }
#logmsg blockquote { border: 1px solid #fa0; border-left-width: 10px; padding: 1em 1em 0 1em; background: white;}
#logmsg dl { margin: 0; }
#logmsg dt { font-weight: bold; }
#logmsg dd { margin: 0; padding: 0 0 0.5em 0; }
#logmsg dd:before { content:'\00bb';}
#logmsg table { border-spacing: 0px; border-collapse: collapse; border-top: 4px solid #fa0; border-bottom: 1px solid #fa0; background: #fff; }
#logmsg table th { text-align: left; font-weight: normal; padding: 0.2em 0.5em; border-top: 1px dotted #fa0; }
#logmsg table td { text-align: right; border-top: 1px dotted #fa0; padding: 0.2em 0.5em; }
#logmsg table thead th { text-align: center; border-bottom: 1px solid #fa0; }
#logmsg table th.Corner { text-align: left; }
#logmsg hr { border: none 0; border-top: 2px dashed #fa0; height: 1px; }
#header, #footer { color: #fff; background: #636; border: 1px #300 solid; padding: 6px; }
#patch { width: 100%; }
#patch h4 {font-family: verdana,arial,helvetica,sans-serif;font-size:10pt;padding:8px;background:#369;color:#fff;margin:0;}
#patch .propset h4, #patch .binary h4 {margin:0;}
#patch pre {padding:0;line-height:1.2em;margin:0;}
#patch .diff {width:100%;background:#eee;padding: 0 0 10px 0;overflow:auto;}
#patch .propset .diff, #patch .binary .diff {padding:10px 0;}
#patch span {display:block;padding:0 10px;}
#patch .modfile, #patch .addfile, #patch .delfile, #patch .propset, #patch .binary, #patch .copfile {border:1px solid #ccc;margin:10px 0;}
#patch ins {background:#dfd;text-decoration:none;display:block;padding:0 10px;}
#patch del {background:#fdd;text-decoration:none;display:block;padding:0 10px;}
#patch .lines, .info {color:#888;background:#fff;}
--></style>
<div id="msg">
<dl class="meta" style="font-size: 105%">
<dt style="float: left; width: 6em; font-weight: bold">Revision</dt> <dd><a style="font-weight: bold" href="http://meta.trac.wordpress.org/changeset/6759">6759</a><script type="application/ld+json">{"@context":"http://schema.org","@type":"EmailMessage","description":"Review this Commit","action":{"@type":"ViewAction","url":"http://meta.trac.wordpress.org/changeset/6759","name":"Review Commit"}}</script></dd>
<dt style="float: left; width: 6em; font-weight: bold">Author</dt> <dd>dd32</dd>
<dt style="float: left; width: 6em; font-weight: bold">Date</dt> <dd>2018-02-26 07:06:12 +0000 (Mon, 26 Feb 2018)</dd>
</dl>
<pre style='padding-left: 1em; margin: 2em 0; border-left: 2px solid #ccc; line-height: 1.25; font-size: 105%; font-family: sans-serif'>2FA: Enable Email, Slack, and Backup Codes as the backup 2FA method.
See <a href="http://meta.trac.wordpress.org/ticket/77">#77</a>.</pre>
<h3>Modified Paths</h3>
<ul>
<li><a href="#sitestrunkwordpressorgpublic_htmlwpcontentpluginswporgtwofactorprovidersclasswporgtwofactorbackupcodesphp">sites/trunk/wordpress.org/public_html/wp-content/plugins/wporg-two-factor/providers/class-wporg-two-factor-backup-codes.php</a></li>
<li><a href="#sitestrunkwordpressorgpublic_htmlwpcontentpluginswporgtwofactorprovidersclasswporgtwofactoremailphp">sites/trunk/wordpress.org/public_html/wp-content/plugins/wporg-two-factor/providers/class-wporg-two-factor-email.php</a></li>
<li><a href="#sitestrunkwordpressorgpublic_htmlwpcontentpluginswporgtwofactorprovidersclasswporgtwofactorprimaryphp">sites/trunk/wordpress.org/public_html/wp-content/plugins/wporg-two-factor/providers/class-wporg-two-factor-primary.php</a></li>
<li><a href="#sitestrunkwordpressorgpublic_htmlwpcontentpluginswporgtwofactorprovidersclasswporgtwofactorsecondaryphp">sites/trunk/wordpress.org/public_html/wp-content/plugins/wporg-two-factor/providers/class-wporg-two-factor-secondary.php</a></li>
<li><a href="#sitestrunkwordpressorgpublic_htmlwpcontentpluginswporgtwofactorprovidersclasswporgtwofactorslackphp">sites/trunk/wordpress.org/public_html/wp-content/plugins/wporg-two-factor/providers/class-wporg-two-factor-slack.php</a></li>
<li><a href="#sitestrunkwordpressorgpublic_htmlwpcontentpluginswporgtwofactorwporgtwofactorphp">sites/trunk/wordpress.org/public_html/wp-content/plugins/wporg-two-factor/wporg-two-factor.php</a></li>
</ul>
</div>
<div id="patch">
<h3>Diff</h3>
<a id="sitestrunkwordpressorgpublic_htmlwpcontentpluginswporgtwofactorprovidersclasswporgtwofactorbackupcodesphp"></a>
<div class="modfile"><h4 style="background-color: #eee; color: inherit; margin: 1em 0; padding: 1.3em; font-size: 115%">Modified: sites/trunk/wordpress.org/public_html/wp-content/plugins/wporg-two-factor/providers/class-wporg-two-factor-backup-codes.php</h4>
<pre class="diff"><span>
<span class="info" style="display: block; padding: 0 10px; color: #888">--- sites/trunk/wordpress.org/public_html/wp-content/plugins/wporg-two-factor/providers/class-wporg-two-factor-backup-codes.php 2018-02-26 07:02:08 UTC (rev 6758)
+++ sites/trunk/wordpress.org/public_html/wp-content/plugins/wporg-two-factor/providers/class-wporg-two-factor-backup-codes.php 2018-02-26 07:06:12 UTC (rev 6759)
</span><span class="lines" style="display: block; padding: 0 10px; color: #888">@@ -17,4 +17,8 @@
</span><span class="cx" style="display: block; padding: 0 10px"> return $instance;
</span><span class="cx" style="display: block; padding: 0 10px"> }
</span><span class="cx" style="display: block; padding: 0 10px">
</span><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+ public function validate_authentication( $user, $code = '' ) {
+ return $this->validate_code( $user, $code );
+ }
+
</ins><span class="cx" style="display: block; padding: 0 10px"> }
</span><span class="cx" style="display: block; padding: 0 10px">\ No newline at end of file
</span></span></pre></div>
<a id="sitestrunkwordpressorgpublic_htmlwpcontentpluginswporgtwofactorprovidersclasswporgtwofactoremailphp"></a>
<div class="modfile"><h4 style="background-color: #eee; color: inherit; margin: 1em 0; padding: 1.3em; font-size: 115%">Modified: sites/trunk/wordpress.org/public_html/wp-content/plugins/wporg-two-factor/providers/class-wporg-two-factor-email.php</h4>
<pre class="diff"><span>
<span class="info" style="display: block; padding: 0 10px; color: #888">--- sites/trunk/wordpress.org/public_html/wp-content/plugins/wporg-two-factor/providers/class-wporg-two-factor-email.php 2018-02-26 07:02:08 UTC (rev 6758)
+++ sites/trunk/wordpress.org/public_html/wp-content/plugins/wporg-two-factor/providers/class-wporg-two-factor-email.php 2018-02-26 07:06:12 UTC (rev 6759)
</span><span class="lines" style="display: block; padding: 0 10px; color: #888">@@ -17,6 +17,14 @@
</span><span class="cx" style="display: block; padding: 0 10px"> return $instance;
</span><span class="cx" style="display: block; padding: 0 10px"> }
</span><span class="cx" style="display: block; padding: 0 10px">
</span><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+ public function validate_authentication( $user, $code = '' ) {
+ if ( ! isset( $user->ID ) || ! $code ) {
+ return false;
+ }
+
+ return $this->validate_token( $user->ID, $code );
+ }
+
</ins><span class="cx" style="display: block; padding: 0 10px"> /**
</span><span class="cx" style="display: block; padding: 0 10px"> * Generate and email the user token.
</span><span class="cx" style="display: block; padding: 0 10px"> *
</span></span></pre></div>
<a id="sitestrunkwordpressorgpublic_htmlwpcontentpluginswporgtwofactorprovidersclasswporgtwofactorprimaryphp"></a>
<div class="modfile"><h4 style="background-color: #eee; color: inherit; margin: 1em 0; padding: 1.3em; font-size: 115%">Modified: sites/trunk/wordpress.org/public_html/wp-content/plugins/wporg-two-factor/providers/class-wporg-two-factor-primary.php</h4>
<pre class="diff"><span>
<span class="info" style="display: block; padding: 0 10px; color: #888">--- sites/trunk/wordpress.org/public_html/wp-content/plugins/wporg-two-factor/providers/class-wporg-two-factor-primary.php 2018-02-26 07:02:08 UTC (rev 6758)
+++ sites/trunk/wordpress.org/public_html/wp-content/plugins/wporg-two-factor/providers/class-wporg-two-factor-primary.php 2018-02-26 07:06:12 UTC (rev 6759)
</span><span class="lines" style="display: block; padding: 0 10px; color: #888">@@ -23,4 +23,14 @@
</span><span class="cx" style="display: block; padding: 0 10px"> public function get_label() {
</span><span class="cx" style="display: block; padding: 0 10px"> return _x( 'Time Based One-Time Password (Google Authenticator, Authy, etc)', 'Provider Label', 'wporg' );
</span><span class="cx" style="display: block; padding: 0 10px"> }
</span><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+
+ public function validate_authentication( $user, $code = '' ) {
+ $key = get_user_meta( $user->ID, self::SECRET_META_KEY, true );
+
+ if ( ! $code ) {
+ $code = $_REQUEST['authcode'];
+ }
+
+ return $this->is_valid_authcode( $key, $code );
+ }
</ins><span class="cx" style="display: block; padding: 0 10px"> }
</span><span class="cx" style="display: block; padding: 0 10px">\ No newline at end of file
</span></span></pre></div>
<a id="sitestrunkwordpressorgpublic_htmlwpcontentpluginswporgtwofactorprovidersclasswporgtwofactorsecondaryphp"></a>
<div class="modfile"><h4 style="background-color: #eee; color: inherit; margin: 1em 0; padding: 1.3em; font-size: 115%">Modified: sites/trunk/wordpress.org/public_html/wp-content/plugins/wporg-two-factor/providers/class-wporg-two-factor-secondary.php</h4>
<pre class="diff"><span>
<span class="info" style="display: block; padding: 0 10px; color: #888">--- sites/trunk/wordpress.org/public_html/wp-content/plugins/wporg-two-factor/providers/class-wporg-two-factor-secondary.php 2018-02-26 07:02:08 UTC (rev 6758)
+++ sites/trunk/wordpress.org/public_html/wp-content/plugins/wporg-two-factor/providers/class-wporg-two-factor-secondary.php 2018-02-26 07:06:12 UTC (rev 6759)
</span><span class="lines" style="display: block; padding: 0 10px; color: #888">@@ -1,10 +1,7 @@
</span><span class="cx" style="display: block; padding: 0 10px"> <?php
</span><span class="cx" style="display: block; padding: 0 10px">
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">-require_once __DIR__ . '/class-wporg-two-factor-backup-codes.php';
</del><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+class WPORG_Two_Factor_Secondary extends Two_Factor_Provider { // When it's a proper wrapper.
</ins><span class="cx" style="display: block; padding: 0 10px">
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">-class WPORG_Two_Factor_Secondary extends WPORG_Two_Factor_Backup_Codes { // Temporarily
-// class WPORG_Two_Factor_Secondary extends Two_Factor_Provider { // When it's a proper wrapper.
-
</del><span class="cx" style="display: block; padding: 0 10px"> /**
</span><span class="cx" style="display: block; padding: 0 10px"> * Ensures only one instance of this class exists in memory at any one time.
</span><span class="cx" style="display: block; padding: 0 10px"> *
</span><span class="lines" style="display: block; padding: 0 10px; color: #888">@@ -23,17 +20,175 @@
</span><span class="cx" style="display: block; padding: 0 10px"> return _x( 'Backup Method', 'Provider Label', 'wporg' );
</span><span class="cx" style="display: block; padding: 0 10px"> }
</span><span class="cx" style="display: block; padding: 0 10px">
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">- // protected $providers = [];
</del><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+ public function authentication_page( $user ) {
+ if ( ! $user ) {
+ return;
+ }
</ins><span class="cx" style="display: block; padding: 0 10px">
</span><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+ $this->send_codes_to_user( $user );
+
+ require_once( ABSPATH . '/wp-admin/includes/template.php' );
+
+ $email_enabled = isset( $this->providers['WPORG_Two_Factor_Email'] ) && $this->providers['WPORG_Two_Factor_Email']->is_available_for_user( $user );
+ $slack_enabled = isset( $this->providers['WPORG_Two_Factor_Slack'] ) && $this->providers['WPORG_Two_Factor_Slack']->is_available_for_user( $user );
+
+ if ( $email_enabled && $slack_enabled ) {
+ echo '<p>' . __( 'Enter the verification code sent to your Email, Slack, or a printed backup code.', 'wporg' ) . '</p>';
+ } elseif ( $email_enabled ) {
+ echo '<p>' . __( 'Enter the verification code sent to your Email, or a printed backup code.', 'wporg' ) . '</p>';
+ } else {
+ echo '<p>' . __( 'Enter a printed backup code.', 'wporg' ) . '</p>';
+ }
+ ?>
+
+ <p>
+ <label for="authcode"><?php esc_html_e( 'Verification Code:', 'wporg' ); ?></label>
+ <input type="tel" name="two-factor-backup-code" id="authcode" class="input" value="" size="20" pattern="[0-9]*" />
+ <?php submit_button( __( 'Authenticate', 'wporg' ) ); ?>
+ </p>
+
+ <?php if ( $email_enabled || $slack_enabled ) { ?>
+ <p class="two-factor-email-resend">
+ <input type="submit" class="button" name="two-factor-backup-resend" value="<?php esc_attr_e( 'Resend Code', 'wporg' ); ?>" />
+ </p>
+ <?php } ?>
+
+ <script type="text/javascript">
+ setTimeout( function(){
+ var d;
+ try{
+ d = document.getElementById('authcode');
+ d.value = '';
+ d.focus();
+ } catch(e){}
+ }, 200);
+ </script>
+ <?php
+ }
+
+ function is_available_for_user( $user ) { return true; }
+
+ protected $providers = [];
+
</ins><span class="cx" style="display: block; padding: 0 10px"> protected function __construct() {
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">- /*
</del><span class="cx" style="display: block; padding: 0 10px"> $providers = [
</span><span class="cx" style="display: block; padding: 0 10px"> 'WPORG_Two_Factor_Email' => __DIR__ . '/class-wporg-two-factor-email.php',
</span><span class="cx" style="display: block; padding: 0 10px"> 'WPORG_Two_Factor_Backup_Codes' => __DIR__ . '/class-wporg-two-factor-backup-codes.php',
</span><span class="cx" style="display: block; padding: 0 10px"> 'WPORG_Two_Factor_Slack' => __DIR__ . '/class-wporg-two-factor-slack.php'
</span><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+ ];
+ $providers = apply_filters( 'wporg_two_factor_secondary_providers', $providers );
</ins><span class="cx" style="display: block; padding: 0 10px">
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">- ];
- */
</del><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+ // Add some CSS for this clss.
+ add_action( 'login_head', [ $this, 'add_styles' ] );
+
+ foreach ( $providers as $class => $path ) {
+ include_once( $path );
+
+ if ( class_exists( $class ) ) {
+ try {
+ $this->providers[ $class ] = call_user_func( array( $class, 'get_instance' ) );
+ } catch ( Exception $e ) {
+ unset( $this->providers[ $class ] );
+ }
+ }
+ }
+
</ins><span class="cx" style="display: block; padding: 0 10px"> return parent::__construct();
</span><span class="cx" style="display: block; padding: 0 10px"> }
</span><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+
+ // Add some specific styles for this class.
+ public function add_styles() {
+ if ( isset( $_GET['provider'] ) && $_GET['provider'] === __CLASS__ ) {
+ echo '<style>
+ body.login-action-backup_2fa .backup-methods-wrap {
+ display: none;
+ }
+ body.login-action-backup_2fa input[name="two-factor-backup-resend"] {
+
+ }
+ </style>';
+ }
+ }
+
+ public function pre_process_authentication( $user ) {
+ if ( isset( $_REQUEST['two-factor-backup-resend'] ) ) {
+ return $this->send_codes_to_user( $user, true );
+ }
+
+ return false;
+ }
+
+ // Send codes to the user based on the providers available.
+ //
+ protected function send_codes_to_user( $user, $resend = false ) {
+ $result = false;
+
+ if (
+ isset( $this->providers['WPORG_Two_Factor_Email'] ) &&
+ $this->providers['WPORG_Two_Factor_Email']->is_available_for_user( $user )
+ ) {
+ if (
+ $resend |
+ ! $this->providers['WPORG_Two_Factor_Email']->user_has_token( $user->ID )
+ ) {
+ $result = true;
+ $this->providers['WPORG_Two_Factor_Email']->generate_and_email_token( $user );
+ }
+ }
+
+ if (
+ isset( $this->providers['WPORG_Two_Factor_Slack'] ) &&
+ $this->providers['WPORG_Two_Factor_Slack']->is_available_for_user( $user )
+ ) {
+ if (
+ $resend ||
+ ! $this->providers['WPORG_Two_Factor_Slack']->user_has_token( $user->ID )
+ ) {
+ $result = true;
+ $this->providers['WPORG_Two_Factor_Slack']->generate_and_slack_token( $user );
+ }
+ }
+
+ return $result;
+ }
+
+ function validate_authentication( $user ) {
+ if ( empty( $_POST['two-factor-backup-code'] ) ) {
+ return false;
+ }
+
+ $backup_code = $_POST['two-factor-backup-code'];
+
+ $authenticated = false;
+
+ foreach ( $this->providers as $provider ) {
+ if (
+ $provider->is_available_for_user( $user ) &&
+ $provider->validate_authentication( $user, $backup_code )
+ ) {
+ $authenticated = true;
+ break;
+ }
+ }
+
+ // Also check the Primary method for the user just in case.
+ $primary_provider = WPORG_Two_Factor_Primary::get_instance();
+ if (
+ ! $authenticated &&
+ $primary_provider->is_available_for_user( $user ) &&
+ $primary_provider->validate_authentication( $user, $backup_code )
+ ) {
+ $authenticated = true;
+ }
+
+ if ( $authenticated ) {
+ foreach ( $this->providers as $provider ) {
+ if ( is_callable( [ $provider, 'delete_token' ] ) ) {
+ $provider->delete_token( $user->ID );
+ }
+ }
+ }
+
+ return $authenticated;
+ }
</ins><span class="cx" style="display: block; padding: 0 10px"> }
</span></span></pre></div>
<a id="sitestrunkwordpressorgpublic_htmlwpcontentpluginswporgtwofactorprovidersclasswporgtwofactorslackphp"></a>
<div class="modfile"><h4 style="background-color: #eee; color: inherit; margin: 1em 0; padding: 1.3em; font-size: 115%">Modified: sites/trunk/wordpress.org/public_html/wp-content/plugins/wporg-two-factor/providers/class-wporg-two-factor-slack.php</h4>
<pre class="diff"><span>
<span class="info" style="display: block; padding: 0 10px; color: #888">--- sites/trunk/wordpress.org/public_html/wp-content/plugins/wporg-two-factor/providers/class-wporg-two-factor-slack.php 2018-02-26 07:02:08 UTC (rev 6758)
+++ sites/trunk/wordpress.org/public_html/wp-content/plugins/wporg-two-factor/providers/class-wporg-two-factor-slack.php 2018-02-26 07:06:12 UTC (rev 6759)
</span><span class="lines" style="display: block; padding: 0 10px; color: #888">@@ -1,8 +1,8 @@
</span><span class="cx" style="display: block; padding: 0 10px"> <?php
</span><span class="cx" style="display: block; padding: 0 10px">
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">-require_once TWO_FACTOR_DIR . 'providers/class.two-factor-email.php';
</del><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+require_once __DIR__ . '/class-wporg-two-factor-email.php';
</ins><span class="cx" style="display: block; padding: 0 10px">
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">-class WPORG_Two_Factor_Slack extends Two_Factor_Email {
</del><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+class WPORG_Two_Factor_Slack extends WPORG_Two_Factor_Email {
</ins><span class="cx" style="display: block; padding: 0 10px">
</span><span class="cx" style="display: block; padding: 0 10px"> /**
</span><span class="cx" style="display: block; padding: 0 10px"> * The user meta token key.
</span><span class="lines" style="display: block; padding: 0 10px; color: #888">@@ -12,13 +12,6 @@
</span><span class="cx" style="display: block; padding: 0 10px"> const TOKEN_META_KEY = '_two_factor_slack_token';
</span><span class="cx" style="display: block; padding: 0 10px">
</span><span class="cx" style="display: block; padding: 0 10px"> /**
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">- * Name of the input field used for code resend.
- *
- * @var string
- */
- const INPUT_NAME_RESEND_CODE = 'two-factor-slack-code-resend';
-
- /**
</del><span class="cx" style="display: block; padding: 0 10px"> * Ensures only one instance of this class exists in memory at any one time.
</span><span class="cx" style="display: block; padding: 0 10px"> *
</span><span class="cx" style="display: block; padding: 0 10px"> * @since 0.1-dev
</span><span class="lines" style="display: block; padding: 0 10px; color: #888">@@ -33,40 +26,50 @@
</span><span class="cx" style="display: block; padding: 0 10px"> }
</span><span class="cx" style="display: block; padding: 0 10px">
</span><span class="cx" style="display: block; padding: 0 10px"> public function get_label() {
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">- return _x( 'Slack', 'Provider Label', 'wporg' );
</del><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+ return 'Slack'; // Not marked for translation as this shouldn't be called/displayed.
</ins><span class="cx" style="display: block; padding: 0 10px"> }
</span><span class="cx" style="display: block; padding: 0 10px">
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">- /**
- * Whether this Two Factor provider is configured and available for the user specified.
- *
- * @since 0.1-dev
- *
- * @param WP_User $user WP_User object of the logged-in user.
- * @return boolean
- */
</del><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+ protected function get_slack_details( $user_id ) {
+ global $wpdb;
+
+ static $cached_details = [];
+ if ( isset( $cached_details[ $user_id ] ) ) {
+ return $cached_details[ $user_id ];
+ }
+
+ // TODO abstract this? memcache it?
+ $user_details = $wpdb->get_var( $wpdb->prepare( "SELECT profiledata FROM slack_users WHERE user_id = %d LIMIT 1", $user_id ) );
+ $user_details = $user_details ? json_decode( $user_details ) : false;
+
+ $cached_details[ $user_id ] = $user_details;
+
+ return $user_details;
+ }
+
</ins><span class="cx" style="display: block; padding: 0 10px"> public function is_available_for_user( $user ) {
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">- // TODO Check if the user has a 2FA slack account.
- return false;
</del><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+ $user_details = $this->get_slack_details( $user->ID );
+
+ // Require the Slack account to exist, and for the user to have 2FA enabled on Slack.
+ return $user_detauls && empty( $user_details->deleted ) && ! empty( $user_details->has_2fa );
</ins><span class="cx" style="display: block; padding: 0 10px"> }
</span><span class="cx" style="display: block; padding: 0 10px">
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">- /**
- * Generate and email the user token.
- *
- * @since 0.1-dev
- *
- * @param WP_User $user WP_User object of the logged-in user.
- */
</del><span class="cx" style="display: block; padding: 0 10px"> public function generate_and_email_token( $user ) {
</span><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+ return $this->generate_and_slack_token( $user );
+ }
+
+ public function generate_and_slack_token( $user ) {
</ins><span class="cx" style="display: block; padding: 0 10px"> $token = $this->generate_token( $user->ID );
</span><span class="cx" style="display: block; padding: 0 10px">
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">- /* translators: %s: site name */
- $subject = wp_strip_all_tags( sprintf( __( 'Your login confirmation code for %s', 'wporg' ), get_bloginfo( 'name' ) ) );
- /* translators: %s: token */
- $message = wp_strip_all_tags( sprintf( __( 'Enter %s to log in.', 'wporg' ), $token ) );
</del><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+ $message = "Please enter the following verification code on WordPress.org to complete your login:\n{$token}";
</ins><span class="cx" style="display: block; padding: 0 10px">
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">- $who = '@dd32';
</del><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+ $slack_details = $this->get_slack_details( $user->ID );
</ins><span class="cx" style="display: block; padding: 0 10px">
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">- return slack_dm( $subject . "\n" . $message, $who );
</del><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+ if ( $slack_details->id ) {
+ // TODO: Replace this with a named Slack Bot.
+ return slack_dm( $message, $slack_details->id );
+ }
+
+ return false;
</ins><span class="cx" style="display: block; padding: 0 10px"> }
</span><span class="cx" style="display: block; padding: 0 10px">
</span><span class="cx" style="display: block; padding: 0 10px"> }
</span></span></pre></div>
<a id="sitestrunkwordpressorgpublic_htmlwpcontentpluginswporgtwofactorwporgtwofactorphp"></a>
<div class="modfile"><h4 style="background-color: #eee; color: inherit; margin: 1em 0; padding: 1.3em; font-size: 115%">Modified: sites/trunk/wordpress.org/public_html/wp-content/plugins/wporg-two-factor/wporg-two-factor.php</h4>
<pre class="diff"><span>
<span class="info" style="display: block; padding: 0 10px; color: #888">--- sites/trunk/wordpress.org/public_html/wp-content/plugins/wporg-two-factor/wporg-two-factor.php 2018-02-26 07:02:08 UTC (rev 6758)
+++ sites/trunk/wordpress.org/public_html/wp-content/plugins/wporg-two-factor/wporg-two-factor.php 2018-02-26 07:06:12 UTC (rev 6759)
</span><span class="lines" style="display: block; padding: 0 10px; color: #888">@@ -198,7 +198,6 @@
</span><span class="cx" style="display: block; padding: 0 10px"> * NOTE: It's assumed that the Two Factor details have been setup correctly previously.
</span><span class="cx" style="display: block; padding: 0 10px"> */
</span><span class="cx" style="display: block; padding: 0 10px"> public static function enable_two_factor( $user_id ) {
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">- // True if at least one provider method was set.
</del><span class="cx" style="display: block; padding: 0 10px"> return (
</span><span class="cx" style="display: block; padding: 0 10px"> update_user_meta( $user_id, self::PROVIDER_USER_META_KEY, 'WPORG_Two_Factor_Primary' ) &&
</span><span class="cx" style="display: block; padding: 0 10px"> update_user_meta( $user_id, self::ENABLED_PROVIDERS_USER_META_KEY, [ 'WPORG_Two_Factor_Primary', 'WPORG_Two_Factor_Secondary' ] )
</span><span class="lines" style="display: block; padding: 0 10px; color: #888">@@ -222,7 +221,7 @@
</span><span class="cx" style="display: block; padding: 0 10px"> */
</span><span class="cx" style="display: block; padding: 0 10px"> public static function user_two_factor_options( $user ) {
</span><span class="cx" style="display: block; padding: 0 10px"> wp_enqueue_script( 'two-factor-edit', plugins_url( 'js/profile-edit.js' , __FILE__ ), [ 'jquery' ], 1, true );
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">- wp_localize_script( 'two-factor-edit', 'two_factor_edit', array(
</del><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+ wp_localize_script( 'two-factor-edit', 'two_factor_edit', array(
</ins><span class="cx" style="display: block; padding: 0 10px"> 'ajaxurl' => admin_url( 'admin-ajax.php' ),
</span><span class="cx" style="display: block; padding: 0 10px"> ) );
</span><span class="cx" style="display: block; padding: 0 10px">
</span></span></pre>
</div>
</div>
</body>
</html>