SL-20278 Disconnect saving MFA from saving password
Andrey Kleshchev
akleshchev
parent
76c6dc025d
commit
69a98a8465
|
|
@ -229,6 +229,7 @@ void LLFloaterForgetUser::forgetUser(const std::string &userid, const std::strin
|
|||
{
|
||||
// Remove creds
|
||||
gSecAPIHandler->removeFromCredentialMap("login_list", grid, userid);
|
||||
gSecAPIHandler->removeFromProtectedMap("mfa_hash", grid, userid);
|
||||
|
||||
LLPointer<LLCredential> cred = gSecAPIHandler->loadCredential(grid);
|
||||
if (cred.notNull() && cred->userID() == userid)
|
||||
|
|
|
|||
|
|
@ -87,6 +87,7 @@ LLLoginInstance::LLLoginInstance() :
|
|||
mLoginModule(new LLLogin()),
|
||||
mNotifications(NULL),
|
||||
mLoginState("offline"),
|
||||
mSaveMFA(true),
|
||||
mAttemptComplete(false),
|
||||
mTransferRate(0.0f),
|
||||
mDispatcher("LLLoginInstance", "change")
|
||||
|
|
@ -449,10 +450,7 @@ void LLLoginInstance::handleLoginFailure(const LLSD& event)
|
|||
gViewerWindow->setShowProgress(FALSE);
|
||||
}
|
||||
|
||||
LLSD args(llsd::map( "MESSAGE", LLTrans::getString(response["message_id"]) ));
|
||||
LLSD payload;
|
||||
LLNotificationsUtil::add("PromptMFAToken", args, payload,
|
||||
boost::bind(&LLLoginInstance::handleMFAChallenge, this, _1, _2));
|
||||
showMFAChallange(LLTrans::getString(response["message_id"]));
|
||||
}
|
||||
else if( reason_response == "key"
|
||||
|| reason_response == "presence"
|
||||
|
|
@ -540,10 +538,7 @@ bool LLLoginInstance::handleTOSResponse(bool accepted, const std::string& key)
|
|||
{
|
||||
// SL-18511 this TOS failure happened while we are in the middle of an MFA challenge/response.
|
||||
// the previously entered token is very likely expired, so prompt again
|
||||
LLSD args(llsd::map( "MESSAGE", LLTrans::getString("LoginFailedAuthenticationMFARequired") ));
|
||||
LLSD payload;
|
||||
LLNotificationsUtil::add("PromptMFAToken", args, payload,
|
||||
boost::bind(&LLLoginInstance::handleMFAChallenge, this, _1, _2));
|
||||
showMFAChallange(LLTrans::getString("LoginFailedAuthenticationMFARequired"));
|
||||
}
|
||||
else
|
||||
{
|
||||
|
|
@ -561,6 +556,22 @@ bool LLLoginInstance::handleTOSResponse(bool accepted, const std::string& key)
|
|||
return true;
|
||||
}
|
||||
|
||||
void LLLoginInstance::showMFAChallange(const std::string& message)
|
||||
{
|
||||
LLSD args(llsd::map("MESSAGE", message));
|
||||
LLSD payload;
|
||||
if (gSavedSettings.getBOOL("RememberUser"))
|
||||
{
|
||||
LLNotificationsUtil::add("PromptMFATokenWithSave", args, payload,
|
||||
boost::bind(&LLLoginInstance::handleMFAChallenge, this, _1, _2));
|
||||
}
|
||||
else
|
||||
{
|
||||
LLNotificationsUtil::add("PromptMFAToken", args, payload,
|
||||
boost::bind(&LLLoginInstance::handleMFAChallenge, this, _1, _2));
|
||||
}
|
||||
}
|
||||
|
||||
bool LLLoginInstance::handleMFAChallenge(LLSD const & notif, LLSD const & response)
|
||||
{
|
||||
bool continue_clicked = response["continue"].asBoolean();
|
||||
|
|
@ -576,6 +587,7 @@ bool LLLoginInstance::handleMFAChallenge(LLSD const & notif, LLSD const & respon
|
|||
|
||||
// Set the request data to true and retry login.
|
||||
mRequestData["params"]["token"] = token;
|
||||
mSaveMFA = response.has("ignore") ? response["ignore"].asBoolean() : false;
|
||||
reconnect();
|
||||
} else {
|
||||
LL_INFOS("LLLogin") << "PromptMFAToken: no token, attemptComplete" << LL_ENDL;
|
||||
|
|
|
|||
|
|
@ -56,6 +56,7 @@ public:
|
|||
bool authSuccess() { return mAttemptComplete && mLoginState == "online"; }
|
||||
|
||||
const std::string& getLoginState() { return mLoginState; }
|
||||
bool saveMFA() const { return mSaveMFA; }
|
||||
LLSD getResponse(const std::string& key) { return getResponse()[key]; }
|
||||
LLSD getResponse();
|
||||
|
||||
|
|
@ -84,6 +85,7 @@ private:
|
|||
void syncWithUpdater(ResponsePtr resp, const LLSD& notification, const LLSD& response);
|
||||
|
||||
bool handleTOSResponse(bool v, const std::string& key);
|
||||
void showMFAChallange(const std::string& message);
|
||||
bool handleMFAChallenge(LLSD const & notif, LLSD const & response);
|
||||
|
||||
void attemptComplete() { mAttemptComplete = true; } // In the future an event?
|
||||
|
|
@ -95,6 +97,7 @@ private:
|
|||
LLSD mRequestData;
|
||||
LLSD mResponseData;
|
||||
bool mAttemptComplete;
|
||||
bool mSaveMFA;
|
||||
F64 mTransferRate;
|
||||
std::string mSerialNumber;
|
||||
int mLastExecEvent;
|
||||
|
|
|
|||
|
|
@ -1110,11 +1110,6 @@ void LLPanelLogin::onRememberPasswordCheck(void*)
|
|||
|
||||
std::string grid(LLGridManager::getInstance()->getGridId());
|
||||
std::string user_id(cred->userID());
|
||||
if (!remember_password)
|
||||
{
|
||||
gSecAPIHandler->removeFromProtectedMap("mfa_hash", grid, user_id);
|
||||
gSecAPIHandler->syncProtectedMap();
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -3795,7 +3795,9 @@ bool process_login_success_response()
|
|||
|
||||
|
||||
// Only save mfa_hash for future logins if the user wants their info remembered.
|
||||
if(response.has("mfa_hash") && gSavedSettings.getBOOL("RememberUser") && gSavedSettings.getBOOL("RememberPassword"))
|
||||
if(response.has("mfa_hash")
|
||||
&& gSavedSettings.getBOOL("RememberUser")
|
||||
&& LLLoginInstance::getInstance()->saveMFA())
|
||||
{
|
||||
std::string grid(LLGridManager::getInstance()->getGridId());
|
||||
std::string user_id(gUserCredential->userID());
|
||||
|
|
@ -3803,6 +3805,13 @@ bool process_login_success_response()
|
|||
// TODO(brad) - related to SL-17223 consider building a better interface that sync's automatically
|
||||
gSecAPIHandler->syncProtectedMap();
|
||||
}
|
||||
else if (!LLLoginInstance::getInstance()->saveMFA())
|
||||
{
|
||||
std::string grid(LLGridManager::getInstance()->getGridId());
|
||||
std::string user_id(gUserCredential->userID());
|
||||
gSecAPIHandler->removeFromProtectedMap("mfa_hash", grid, user_id);
|
||||
gSecAPIHandler->syncProtectedMap();
|
||||
}
|
||||
|
||||
bool success = false;
|
||||
// JC: gesture loading done below, when we have an asset system
|
||||
|
|
|
|||
|
|
@ -279,6 +279,10 @@ LLToastAlertPanel::LLToastAlertPanel( LLNotificationPtr notification, bool modal
|
|||
if (!edit_text_name.empty())
|
||||
{
|
||||
S32 y = VPAD + BTN_HEIGHT + VPAD/2;
|
||||
if (form->getIgnoreType() != LLNotificationForm::IGNORE_NO)
|
||||
{
|
||||
y += EDITOR_HEIGHT;
|
||||
}
|
||||
mLineEditor = LLUICtrlFactory::getInstance()->createFromFile<LLLineEditor>("alert_line_editor.xml", this, LLPanel::child_registry_t::instance());
|
||||
|
||||
if (mLineEditor)
|
||||
|
|
@ -522,6 +526,10 @@ void LLToastAlertPanel::onButtonPressed( const LLSD& data, S32 button )
|
|||
{
|
||||
response[mLineEditor->getName()] = mLineEditor->getValue();
|
||||
}
|
||||
if (mNotification->getForm()->getIgnoreType() != LLNotificationForm::IGNORE_NO)
|
||||
{
|
||||
response["ignore"] = mNotification->isIgnored();
|
||||
}
|
||||
response[button_data->mButton->getName()] = true;
|
||||
|
||||
// If we declared a URL and chose the URL option, go to the url
|
||||
|
|
|
|||
|
|
@ -11988,16 +11988,41 @@ Packing: [PACK_TIME]s [PSIZE]KB
|
|||
Unpacking: [UNPACK_TIME]s [USIZE]KB
|
||||
<tag>fail</tag>
|
||||
</notification>
|
||||
|
||||
|
||||
<notification
|
||||
icon="alertmodal.tga"
|
||||
label="Prompt for MFA Token"
|
||||
name="PromptMFAToken"
|
||||
type="alertmodal">
|
||||
[MESSAGE]
|
||||
<tag>confirm</tag>
|
||||
<form name="form">
|
||||
<input name="token" type="text" width="400" />
|
||||
<button
|
||||
default="true"
|
||||
index="0"
|
||||
name="continue"
|
||||
text="Continue"/>
|
||||
<button
|
||||
index="1"
|
||||
name="cancel"
|
||||
text="Cancel"/>
|
||||
</form>
|
||||
</notification>
|
||||
|
||||
<notification
|
||||
icon="alertmodal.tga"
|
||||
label="Prompt for MFA Token"
|
||||
name="PromptMFAToken"
|
||||
name="PromptMFATokenWithSave"
|
||||
type="alertmodal">
|
||||
[MESSAGE]
|
||||
<tag>confirm</tag>
|
||||
<form name="form">
|
||||
<input name="token" type="text" width="400" />
|
||||
<ignore
|
||||
name="ignore"
|
||||
checkbox_only="true"
|
||||
text="Remember this computer for 30 days."/>
|
||||
<button
|
||||
default="true"
|
||||
index="0"
|
||||
|
|
|
|||
Loading…
Reference in New Issue