Skip to content

Remove hardcoded 2FA types from manager

Maxime Besson requested to merge fix-manager-hardcoded-sfa into v2.0

Currently, it is rather hard to add a new registrable 2FA type (such as WebAuthn) in the manager because the list of known 2FA types is hardcoded in a lot of places.

This MR eliminates all the hardcoding by:

  • Generating the filtering checkboxes by iterating on $conf->{available2FSelfRegistration} image
  • Grouping filtering parameters in a single query parameter (UBKCheck/TOTPCheck/etc => multivalued 'type')
  • Reworking the angular display model to use an object and adjust displaying logic

I had to do a little change in Common::PSGI::Router to allow .html templates to be served by a given function instead of always using an auto-generated sub. This is needed because I need to pass config-dependant variables ($conf->{available2FSelfRegistration}) to the template engine in order to generate the filtering checkboxes. Maybe there was a better way to do this? @guimard cf 12ca5e62

@maudoux could you try this on your test environments and let me know if you spot any regressions?

It would be nice if we could have this in 2.0.15 so we can prepare for new registrable 2FA types in 2.0.16

Merge request reports