Page MenuHomePhorge

AuthProject
ActivePublic

Members

  • This project does not have any members.
  • View All

Watchers

  • This project does not have any watchers.
  • View All

Details

Description

This project contains anything related to the auth application. This include things like:

  • Login
  • Registration
  • 2-Factor Authentification (2FA)

Recent Activity

Mon, Dec 2

aklapper closed T15963: LDAP over TLS is broken as Resolved by committing rP0bfdcaa005b1: Revert "Fix PHP 8.3 "Usage of ldap_connect with two arguments is deprecated"….
Mon, Dec 2, 09:28 · Bug Reports, Auth
aklapper added a revision to T15963: LDAP over TLS is broken: D25842: Revert "Fix PHP 8.3 "Usage of ldap_connect with two arguments is deprecated" exception".
Mon, Dec 2, 00:28 · Bug Reports, Auth

Sun, Dec 1

taavi added a project to T15963: LDAP over TLS is broken: Bug Reports.
Sun, Dec 1, 14:11 · Bug Reports, Auth
taavi created T15963: LDAP over TLS is broken.
Sun, Dec 1, 14:08 · Bug Reports, Auth

Sep 16 2024

valerio.bozzolan created T15942: Native Keycloak auth integration.
Sep 16 2024, 15:00 · Auth
aklapper closed T15848: newOAuth1Future doesn't set a User-Agent as Resolved by committing rP39237c0854fe: Set base-uri as User-Agent for OAuth1 and Github authentication.
Sep 16 2024, 08:22 · Auth

Sep 6 2024

aklapper added a comment to T15848: newOAuth1Future doesn't set a User-Agent.

I would like to better understand the root problem.

Why changing the current user agent should improve the situation?

Sep 6 2024, 10:11 · Auth

Sep 5 2024

RhinosF1 added a comment to T15848: newOAuth1Future doesn't set a User-Agent.

@valerio.bozzolan: thats not what Andre says. He says another area of the code uses a terrible user agent and we should change that to a better one at the same time.

Sep 5 2024, 19:51 · Auth
valerio.bozzolan added a comment to T15848: newOAuth1Future doesn't set a User-Agent.

I would like to better understand the root problem. I see that Cloudflare was showing a captcha to Phorge (what Phorge?). It seems it was because an user agent was missing. But aklapper said that we are already setting an user agent.

Sep 5 2024, 19:24 · Auth

Aug 1 2024

aklapper added a revision to T15848: newOAuth1Future doesn't set a User-Agent: D25758: Set base-uri as User-Agent for OAuth1 and Github authentication.
Aug 1 2024, 14:30 · Auth

Jun 6 2024

RhinosF1 added a comment to T15848: newOAuth1Future doesn't set a User-Agent.

That would probably be a better User-Agent

Jun 6 2024, 15:00 · Auth
aklapper added a comment to T15849: Add a "description" or "label" field for Conduit API Tokens.

/settings/panel/multifactor/ requires users to add a custom Name so there is likely code to adapt/reuse for /settings/panel/apitokens/

Jun 6 2024, 11:08 · Feature Requests, Conduit, Auth
aklapper added a comment to T15848: newOAuth1Future doesn't set a User-Agent.

https://we.phorge.it/source/phorge/browse/master/src/applications/auth/adapter/PhutilGitHubAuthAdapter.php$57-58 uses a boring
$future->addHeader('User-Agent', __CLASS__); for this.

Jun 6 2024, 10:53 · Auth

Jun 5 2024

bd808 added a project to T15849: Add a "description" or "label" field for Conduit API Tokens: Feature Requests.
Jun 5 2024, 22:36 · Feature Requests, Conduit, Auth
bd808 created T15849: Add a "description" or "label" field for Conduit API Tokens.
Jun 5 2024, 22:33 · Feature Requests, Conduit, Auth
RhinosF1 created T15848: newOAuth1Future doesn't set a User-Agent.
Jun 5 2024, 20:54 · Auth

Apr 30 2024

valerio.bozzolan reassigned T15706: Phorge/auth/config/view/3/ Call to phutil_nonempty_string() expected null or a string, got: PhutilSafeHTML. from valerio.bozzolan to avivey.

Thanks again :) Giving right credits

Apr 30 2024, 09:53 · Auth, Bug Reports

Apr 15 2024

avivey added a comment to T15706: Phorge/auth/config/view/3/ Call to phutil_nonempty_string() expected null or a string, got: PhutilSafeHTML..

done...

Apr 15 2024, 16:36 · Auth, Bug Reports
avivey added a comment to T15706: Phorge/auth/config/view/3/ Call to phutil_nonempty_string() expected null or a string, got: PhutilSafeHTML..

Yeah, probably. I'll try to do it tonight.

Apr 15 2024, 08:31 · Auth, Bug Reports

Apr 14 2024

revi added a comment to T15706: Phorge/auth/config/view/3/ Call to phutil_nonempty_string() expected null or a string, got: PhutilSafeHTML..

Can this (I mean rPb445e1d80df9 )be backported into stable?

Apr 14 2024, 12:24 · Auth, Bug Reports

Feb 12 2024

valerio.bozzolan closed T15706: Phorge/auth/config/view/3/ Call to phutil_nonempty_string() expected null or a string, got: PhutilSafeHTML. as Resolved by committing rPb445e1d80df9: Fix config transaction rendering error on auth page by allowing PhutilSafeHTML.
Feb 12 2024, 10:52 · Auth, Bug Reports
sirocyl added a comment to T15706: Phorge/auth/config/view/3/ Call to phutil_nonempty_string() expected null or a string, got: PhutilSafeHTML..

Heck yeah, changing phutil_nonempty_string() to phutil_nonempty_stringlike() there fixed the issue I had mentioned in a comment in T15737: Include information for installing required PHP version in Diviner docs.

Feb 12 2024, 10:50 · Auth, Bug Reports

Jan 13 2024

aklapper closed T15511: Do not require the real name during registration as Invalid.

PHP 8.2.14, Phorge at cc964550f945b08c64970c01a34b55314e8ef0aa

  1. As an admin, check that /config/edit/user.require-real-name/ is set to Make real names optional
  2. Log out of Phorge
  3. Go to http://phorge.localhost/auth/register/
  4. See that the Real Name field does not state Required on the right
  5. Enter values into the fields Username, Password, Confirm Password, Email
  6. Click the Register Account button
Jan 13 2024, 11:46 · Auth
aklapper added a comment to T15511: Do not require the real name during registration.

Reference: rPdfcccd4cb882a171d10ba8a5c2763dcc73654256

Jan 13 2024, 10:55 · Auth

Jan 12 2024

valerio.bozzolan closed T15692: Allow to see your own public revoked key as Resolved by committing rP549a26d0879c: Auth SSH Details: show Public Key (not just Type).
Jan 12 2024, 21:34 · UX, User-valerio.bozzolan, Auth
doommius added a comment to T15708: Discord as auth method.

Sounds easy enough to implement.

Jan 12 2024, 18:44 · Auth
avivey added a comment to T15708: Discord as auth method.

Doc(s) on new extensions: I remember having a chapter under /book/contrib/, but I can't find it now. We should build a guide under T15030.
Short answer: create a new repo, make an src dir with all the code, and run arc liberate to create a "library" (including __phutil_library_init__.php and __phutil_library_map__.php), and then add the path of the extension to load-libraries in conf.json.

Jan 12 2024, 17:02 · Auth
doommius added a comment to T15708: Discord as auth method.

I'd like to see this as an Extension rather then go into the rP, just because we want to have more stuff as extensions; I think this area is abstracted enough so that it can easily be made that way.

That could be a good target as well for this, Is there docs on how extensions should be made?

Jan 12 2024, 14:21 · Auth
avivey added a comment to T15708: Discord as auth method.

I'd like to see this as an Extension rather then go into the rP, just because we want to have more stuff as extensions; I think this area is abstracted enough so that it can easily be made that way.

Jan 12 2024, 14:12 · Auth
doommius updated subscribers of T15708: Discord as auth method.

@valerio.bozzolan & @avivey What is the best practice for setting up the role/server check when new users attempt to auth via the oauth, you can't set limits on the oauth from discords side of view so you'd need to set them up on phorge, I've put down some ideas in the above comment.

Jan 12 2024, 13:33 · Auth
doommius added a comment to T15708: Discord as auth method.

How would i go about implementing it such that for a user to sign in with discord they need to have certain roles.

Jan 12 2024, 13:13 · Auth
doommius added a revision to T15708: Discord as auth method: D25513: Work in progress discord auth.
Jan 12 2024, 11:55 · Auth
doommius created T15708: Discord as auth method.
Jan 12 2024, 11:49 · Auth
doommius added a revision to T15706: Phorge/auth/config/view/3/ Call to phutil_nonempty_string() expected null or a string, got: PhutilSafeHTML.: D25512: Fix config transaction rendering error on auth page by allowing PhutilSafeHTML.
Jan 12 2024, 11:35 · Auth, Bug Reports
valerio.bozzolan added a comment to T15706: Phorge/auth/config/view/3/ Call to phutil_nonempty_string() expected null or a string, got: PhutilSafeHTML..

Can you try changing this line in your local install?

Jan 12 2024, 08:58 · Auth, Bug Reports

Jan 11 2024

doommius updated the task description for T15706: Phorge/auth/config/view/3/ Call to phutil_nonempty_string() expected null or a string, got: PhutilSafeHTML..
Jan 11 2024, 17:23 · Auth, Bug Reports
doommius updated the task description for T15706: Phorge/auth/config/view/3/ Call to phutil_nonempty_string() expected null or a string, got: PhutilSafeHTML..
Jan 11 2024, 17:17 · Auth, Bug Reports
doommius created T15706: Phorge/auth/config/view/3/ Call to phutil_nonempty_string() expected null or a string, got: PhutilSafeHTML..
Jan 11 2024, 17:15 · Auth, Bug Reports

Dec 27 2023

valerio.bozzolan added a comment to T15692: Allow to see your own public revoked key.

In addition, it seems only the owner can see their stuff here.

Dec 27 2023, 14:02 · UX, User-valerio.bozzolan, Auth

Dec 14 2023

valerio.bozzolan added a comment to T15692: Allow to see your own public revoked key.

I totally agree with these additional considerations. Thanks.

Dec 14 2023, 21:27 · UX, User-valerio.bozzolan, Auth
avivey added a comment to T15692: Allow to see your own public revoked key.

Since we already show the full (public) key when editing, then I don't see a reason not to show it after it's revoked.

Dec 14 2023, 09:03 · UX, User-valerio.bozzolan, Auth

Dec 13 2023

valerio.bozzolan added a revision to T15692: Allow to see your own public revoked key: D25495: Auth SSH Details: show Public Key (not just Type).
Dec 13 2023, 16:52 · UX, User-valerio.bozzolan, Auth
valerio.bozzolan triaged T15692: Allow to see your own public revoked key as Normal priority.
Dec 13 2023, 16:04 · UX, User-valerio.bozzolan, Auth

Jul 10 2023

Cigaryno added a project to T15078: Support for hardware keys as second factor: Auth.
Jul 10 2023, 14:00 · Auth

Jun 30 2023

avivey added a comment to T15511: Do not require the real name during registration.

It's enabled by default - https://we.phorge.it/source/phorge/browse/master/src/applications/people/config/PhabricatorUserConfigOptions.php$48

Jun 30 2023, 20:34 · Auth
Cigaryno created T15511: Do not require the real name during registration.
Jun 30 2023, 19:22 · Auth

Jun 29 2023

Cigaryno edited Description on Auth.
Jun 29 2023, 07:18
Cigaryno edited Description on Auth.
Jun 29 2023, 07:18

Jun 23 2023

Matthew created Auth.
Jun 23 2023, 16:34