Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ReAuth: resolve fatal, code cleanup #567

Merged
merged 17 commits into from
May 17, 2023
Merged

ReAuth: resolve fatal, code cleanup #567

merged 17 commits into from
May 17, 2023

Conversation

dd32
Copy link
Member

@dd32 dd32 commented May 15, 2023

What?

See #565, #566

This centralises the provider selection into it's own method for clarity around it's logic, resolving a fatal error in the process, but replacing it with a dead-end Cheating huh? style error. This error condition should not be possible to be hit under normal circumstances.

More importantly, this adds Session metadata helpers (That should probably be provided by core) for retrieving/updating the current user session.

Through that, the 2fa-session flag is cleared upon the providers being disabled.

Why?

In comparison to #566 this resolves the underlying fatal in a way that can't be reintroduced, fixes some merge bugs (ie. get_class( $provider ) is replaced by $provider->get_key()), and reduces code duplication.
The unit test from #566 is included.

How?

Testing Instructions

See #565 #566

Screenshots or screencast

Changelog Entry

N/A - Bugfix for unreleased feature.

@dd32 dd32 mentioned this pull request May 15, 2023
Closed
@jeffpaul jeffpaul added this to the 0.9.0 milestone May 15, 2023
iandunn
iandunn approved these changes May 16, 2023
View reviewed changes
Copy link
Member

@iandunn iandunn left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This works in my tests, and the code LGTM 👍🏻

tests/class-two-factor-core.php Outdated Show resolved Hide resolved
@dd32 @iandunn
Test: Clarify test description.
58a7d8b 
Co-authored-by: Ian Dunn <ian@iandunn.name>
@iandunn iandunn mentioned this pull request May 16, 2023
Merged
@StevenDufresne StevenDufresne mentioned this pull request May 17, 2023
Closed
dd32 added 2 commits May 17, 2023 14:04
@dd32
When a provider instance is passed, still verify that it's enabled fo…
a5b3479 
…r the user.
@dd32
Tests: Add test coverage for Two_Factor_Core::get_provider_for_user, …
b040cad 
…Two_Factor_Core::get_current_user_session, and Two_Factor_Core::update_current_user_session.
@dd32 dd32 marked this pull request as ready for review May 17, 2023 04:05
@dd32 dd32 merged commit 654ebb7 into WordPress:master May 17, 2023
@jeffpaul jeffpaul linked an issue May 17, 2023 that may be closed by this pull request
Provider: Call to a member function get_key() on null #569
Closed
@iandunn iandunn mentioned this pull request May 19, 2023
Closed
@jeffpaul jeffpaul linked an issue May 19, 2023 that may be closed by this pull request
Revalidation required when no providers enabled #565
Closed
@kasparsd kasparsd mentioned this pull request Apr 23, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@iandunn iandunn iandunn approved these changes

Assignees

@dd32 dd32

Labels
None yet
Projects
None yet
Milestone
0.9.0
Development

Successfully merging this pull request may close these issues.

Provider: Call to a member function get_key() on null Revalidation required when no providers enabled
3 participants
@dd32 @iandunn @jeffpaul