updated plugin Two Factor version 0.9.1

This commit is contained in:
KawaiiPunk 2024-05-09 15:27:00 +00:00 committed by Gitium
parent 62f3186aef
commit baa5aa7ed5
10 changed files with 719 additions and 278 deletions

File diff suppressed because it is too large Load Diff

View File

@ -28,20 +28,6 @@ class Two_Factor_Backup_Codes extends Two_Factor_Provider {
*/
const NUMBER_OF_CODES = 10;
/**
* Ensures only one instance of this class exists in memory at any one time.
*
* @since 0.1-dev
*/
public static function get_instance() {
static $instance;
$class = __CLASS__;
if ( ! is_a( $instance, $class ) ) {
$instance = new $class();
}
return $instance;
}
/**
* Class constructor.
*
@ -70,7 +56,7 @@ class Two_Factor_Backup_Codes extends Two_Factor_Provider {
'methods' => WP_REST_Server::CREATABLE,
'callback' => array( $this, 'rest_generate_codes' ),
'permission_callback' => function( $request ) {
return current_user_can( 'edit_user', $request['user_id'] );
return Two_Factor_Core::rest_api_can_edit_user_and_update_two_factor_options( $request['user_id'] );
},
'args' => array(
'user_id' => array(
@ -114,7 +100,7 @@ class Two_Factor_Backup_Codes extends Two_Factor_Provider {
echo wp_kses(
sprintf(
/* translators: %s: URL for code regeneration */
__( 'Two-Factor: You are out of backup codes and need to <a href="%s">regenerate!</a>', 'two-factor' ),
__( 'Two-Factor: You are out of recovery codes and need to <a href="%s">regenerate!</a>', 'two-factor' ),
esc_url( get_edit_user_link( $user->ID ) . '#two-factor-backup-codes' )
),
array( 'a' => array( 'href' => true ) )
@ -132,7 +118,16 @@ class Two_Factor_Backup_Codes extends Two_Factor_Provider {
* @since 0.1-dev
*/
public function get_label() {
return _x( 'Backup Verification Codes (Single Use)', 'Provider Label', 'two-factor' );
return _x( 'Recovery Codes', 'Provider Label', 'two-factor' );
}
/**
* Returns the "continue with" text provider for the login screen.
*
* @since 0.9.0
*/
public function get_alternative_provider_label() {
return __( 'Use a recovery code', 'two-factor' );
}
/**
@ -165,24 +160,26 @@ class Two_Factor_Backup_Codes extends Two_Factor_Provider {
$count = self::codes_remaining_for_user( $user );
?>
<p id="two-factor-backup-codes">
<button type="button" class="button button-two-factor-backup-codes-generate button-secondary hide-if-no-js">
<?php esc_html_e( 'Generate Verification Codes', 'two-factor' ); ?>
</button>
<span class="two-factor-backup-codes-count">
<p class="two-factor-backup-codes-count">
<?php
echo esc_html(
sprintf(
/* translators: %s: count */
_n( '%s unused code remaining.', '%s unused codes remaining.', $count, 'two-factor' ),
/* translators: %s: count */
_n( '%s unused code remaining, each recovery code can only be used once.', '%s unused codes remaining, each recovery code can only be used once.', $count, 'two-factor' ),
$count
)
);
?>
</span>
</p>
<p>
<button type="button" class="button button-two-factor-backup-codes-generate button-secondary hide-if-no-js">
<?php esc_html_e( 'Generate new recovery codes', 'two-factor' ); ?>
</button>
</p>
</p>
<div class="two-factor-backup-codes-wrapper" style="display:none;">
<ol class="two-factor-backup-codes-unused-codes"></ol>
<p class="description"><?php esc_html_e( 'Write these down! Once you navigate away from this page, you will not be able to view these codes again.', 'two-factor' ); ?></p>
<p class="description"><?php esc_html_e( 'Write these down! Once you navigate away from this page, you will not be able to view these codes again.', 'two-factor' ); ?></p>
<p>
<a class="button button-two-factor-backup-codes-download button-secondary hide-if-no-js" href="javascript:void(0);" id="two-factor-backup-codes-download-link" download="two-factor-backup-codes.txt"><?php esc_html_e( 'Download Codes', 'two-factor' ); ?></a>
<p>
@ -275,7 +272,7 @@ class Two_Factor_Backup_Codes extends Two_Factor_Provider {
$count = self::codes_remaining_for_user( $user );
$title = sprintf(
/* translators: %s: the site's domain */
__( 'Two-Factor Backup Codes for %s', 'two-factor' ),
__( 'Two-Factor Recovery Codes for %s', 'two-factor' ),
home_url( '/' )
);
@ -291,11 +288,11 @@ class Two_Factor_Backup_Codes extends Two_Factor_Provider {
$i18n = array(
/* translators: %s: count */
'count' => esc_html( sprintf( _n( '%s unused code remaining.', '%s unused codes remaining.', $count, 'two-factor' ), $count ) ),
'count' => esc_html( sprintf( _n( '%s unused code remaining, each recovery code can only be used once.', '%s unused codes remaining, each recovery code can only be used once.', $count, 'two-factor' ), $count ) ),
);
if ( $request->get_param( 'enable_provider' ) && ! Two_Factor_Core::enable_provider_for_user( $user_id, 'Two_Factor_Backup_Codes' ) ) {
return new WP_Error( 'db_error', __( 'Unable to enable Backup Codes provider for this user.', 'two-factor' ), array( 'status' => 500 ) );
return new WP_Error( 'db_error', __( 'Unable to enable recovery codes for this user.', 'two-factor' ), array( 'status' => 500 ) );
}
return array(
@ -330,9 +327,9 @@ class Two_Factor_Backup_Codes extends Two_Factor_Provider {
public function authentication_page( $user ) {
require_once ABSPATH . '/wp-admin/includes/template.php';
?>
<p class="two-factor-prompt"><?php esc_html_e( 'Enter a backup verification code.', 'two-factor' ); ?></p>
<p class="two-factor-prompt"><?php esc_html_e( 'Enter a recovery code.', 'two-factor' ); ?></p><br/>
<p>
<label for="authcode"><?php esc_html_e( 'Verification Code:', 'two-factor' ); ?></label>
<label for="authcode"><?php esc_html_e( 'Recovery Code:', 'two-factor' ); ?></label>
<input type="text" inputmode="numeric" name="two-factor-backup-code" id="authcode" class="input authcode" value="" size="20" pattern="[0-9 ]*" placeholder="1234 5678" data-digits="8" />
</p>
<?php

View File

@ -14,20 +14,6 @@
*/
class Two_Factor_Dummy extends Two_Factor_Provider {
/**
* Ensures only one instance of this class exists in memory at any one time.
*
* @since 0.1-dev
*/
public static function get_instance() {
static $instance;
$class = __CLASS__;
if ( ! is_a( $instance, $class ) ) {
$instance = new $class();
}
return $instance;
}
/**
* Class constructor.
*

View File

@ -35,20 +35,6 @@ class Two_Factor_Email extends Two_Factor_Provider {
*/
const INPUT_NAME_RESEND_CODE = 'two-factor-email-code-resend';
/**
* Ensures only one instance of this class exists in memory at any one time.
*
* @since 0.1-dev
*/
public static function get_instance() {
static $instance;
$class = __CLASS__;
if ( ! is_a( $instance, $class ) ) {
$instance = new $class();
}
return $instance;
}
/**
* Class constructor.
*
@ -68,6 +54,15 @@ class Two_Factor_Email extends Two_Factor_Provider {
return _x( 'Email', 'Provider Label', 'two-factor' );
}
/**
* Returns the "continue with" text provider for the login screen.
*
* @since 0.9.0
*/
public function get_alternative_provider_label() {
return __( 'Send a code to your email', 'two-factor' );
}
/**
* Generate the user token.
*

View File

@ -208,7 +208,7 @@ class Two_Factor_FIDO_U2F_Admin {
<p><a href="https://support.google.com/accounts/answer/6103523"><?php esc_html_e( 'You can find FIDO U2F Security Key devices for sale from here.', 'two-factor' ); ?></a></p>
<?php
require TWO_FACTOR_DIR . 'providers/class-two-factor-fido-u2f-admin-list-table.php';
require_once TWO_FACTOR_DIR . 'providers/class-two-factor-fido-u2f-admin-list-table.php';
$u2f_list_table = new Two_Factor_FIDO_U2F_Admin_List_Table();
$u2f_list_table->items = $security_keys;
$u2f_list_table->prepare_items();
@ -328,7 +328,7 @@ class Two_Factor_FIDO_U2F_Admin {
public static function wp_ajax_inline_save() {
check_ajax_referer( 'keyinlineeditnonce', '_inline_edit' );
require TWO_FACTOR_DIR . 'providers/class-two-factor-fido-u2f-admin-list-table.php';
require_once TWO_FACTOR_DIR . 'providers/class-two-factor-fido-u2f-admin-list-table.php';
$wp_list_table = new Two_Factor_FIDO_U2F_Admin_List_Table();
if ( ! isset( $_POST['keyHandle'] ) ) {

View File

@ -42,21 +42,6 @@ class Two_Factor_FIDO_U2F extends Two_Factor_Provider {
*/
const U2F_ASSET_VERSION = '0.2.1';
/**
* Ensures only one instance of this class exists in memory at any one time.
*
* @return \Two_Factor_FIDO_U2F
*/
public static function get_instance() {
static $instance;
if ( ! isset( $instance ) ) {
$instance = new self();
}
return $instance;
}
/**
* Class constructor.
*
@ -119,6 +104,15 @@ class Two_Factor_FIDO_U2F extends Two_Factor_Provider {
return _x( 'FIDO U2F Security Keys', 'Provider Label', 'two-factor' );
}
/**
* Returns the "continue with" text provider for the login screen.
*
* @since 0.9.0
*/
public function get_alternative_provider_label() {
return __( 'Use your security key', 'two-factor' );
}
/**
* Register script dependencies used during login and when
* registering keys in the WP admin.

View File

@ -14,6 +14,23 @@
*/
abstract class Two_Factor_Provider {
/**
* Ensures only one instance of the provider class exists in memory at any one time.
*
* @since 0.1-dev
*/
public static function get_instance() {
static $instances = array();
$class_name = static::class;
if ( ! isset( $instances[ $class_name ] ) ) {
$instances[ $class_name ] = new $class_name;
}
return $instances[ $class_name ];
}
/**
* Class constructor.
*
@ -32,6 +49,21 @@ abstract class Two_Factor_Provider {
*/
abstract public function get_label();
/**
* Returns the "continue with" text provider for the login screen.
*
* @since 0.9.0
*
* @return string
*/
public function get_alternative_provider_label() {
return sprintf(
/* translators: the two factor provider name */
__( 'Use %s', 'two-factor' ),
$this->get_label()
);
}
/**
* Prints the name of the provider.
*
@ -41,6 +73,17 @@ abstract class Two_Factor_Provider {
echo esc_html( $this->get_label() );
}
/**
* Retrieves the provider key / slug.
*
* @since 0.9.0
*
* @return string
*/
public function get_key() {
return get_class( $this );
}
/**
* Prints the form that prompts the user to authenticate.
*

View File

@ -37,19 +37,6 @@ class Two_Factor_Totp extends Two_Factor_Provider {
*/
private static $base_32_chars = 'ABCDEFGHIJKLMNOPQRSTUVWXYZ234567';
/**
* Ensures only one instance of this class exists in memory at any one time.
*
* @codeCoverageIgnore
*/
public static function get_instance() {
static $instance;
if ( ! isset( $instance ) ) {
$instance = new self();
}
return $instance;
}
/**
* Class constructor. Sets up hooks, etc.
*
@ -78,7 +65,7 @@ class Two_Factor_Totp extends Two_Factor_Provider {
'methods' => WP_REST_Server::DELETABLE,
'callback' => array( $this, 'rest_delete_totp' ),
'permission_callback' => function( $request ) {
return current_user_can( 'edit_user', $request['user_id'] );
return Two_Factor_Core::rest_api_can_edit_user_and_update_two_factor_options( $request['user_id'] );
},
'args' => array(
'user_id' => array(
@ -91,7 +78,7 @@ class Two_Factor_Totp extends Two_Factor_Provider {
'methods' => WP_REST_Server::CREATABLE,
'callback' => array( $this, 'rest_setup_totp' ),
'permission_callback' => function( $request ) {
return current_user_can( 'edit_user', $request['user_id'] );
return Two_Factor_Core::rest_api_can_edit_user_and_update_two_factor_options( $request['user_id'] );
},
'args' => array(
'user_id' => array(
@ -123,7 +110,16 @@ class Two_Factor_Totp extends Two_Factor_Provider {
* Returns the name of the provider.
*/
public function get_label() {
return _x( 'Time Based One-Time Password (TOTP)', 'Provider Label', 'two-factor' );
return _x( 'Authenticator app', 'Provider Label', 'two-factor' );
}
/**
* Returns the "continue with" text provider for the login screen.
*
* @since 0.9.0
*/
public function get_alternative_provider_label() {
return __( 'Use your authenticator app', 'two-factor' );
}
/**
@ -384,16 +380,15 @@ class Two_Factor_Totp extends Two_Factor_Provider {
<?php else : ?>
<p class="success">
<?php esc_html_e( 'Secret key is configured and registered. It is not possible to view it again for security reasons.', 'two-factor' ); ?>
<?php esc_html_e( 'An authenticator app is currently configured. You will need to re-scan the QR code on all devices if reset.', 'two-factor' ); ?>
</p>
<p>
<a class="button reset-totp-key" href="#"><?php esc_html_e( 'Reset Key', 'two-factor' ); ?></a>
<em class="description">
<?php esc_html_e( 'You will have to re-scan the QR code on all devices as the previous codes will stop working.', 'two-factor' ); ?>
</em>
<button type="button" class="button button-secondary reset-totp-key hide-if-no-js">
<?php esc_html_e( 'Reset authenticator app', 'two-factor' ); ?>
</button>
<script>
( function( $ ) {
$( 'a.reset-totp-key' ).click( function( e ) {
$( '.button.reset-totp-key' ).click( function( e ) {
e.preventDefault();
wp.apiRequest( {
@ -667,7 +662,7 @@ class Two_Factor_Totp extends Two_Factor_Provider {
require_once ABSPATH . '/wp-admin/includes/template.php';
?>
<p class="two-factor-prompt">
<?php esc_html_e( 'Please enter the code generated by your authenticator app.', 'two-factor' ); ?>
<?php esc_html_e( 'Enter the code generated by your authenticator app.', 'two-factor' ); ?>
</p>
<p>
<label for="authcode"><?php esc_html_e( 'Authentication Code:', 'two-factor' ); ?></label>

View File

@ -2,9 +2,9 @@
Contributors: georgestephanis, valendesigns, stevenkword, extendwings, sgrant, aaroncampbell, johnbillion, stevegrunwell, netweb, kasparsd, alihusnainarshad, passoniate
Tags: two factor, two step, authentication, login, totp, fido u2f, u2f, email, backup codes, 2fa, yubikey
Requires at least: 4.3
Tested up to: 6.2
Tested up to: 6.5
Requires PHP: 5.6
Stable tag: 0.8.2
Stable tag: 0.9.1
Enable Two-Factor Authentication using time-based one-time passwords (OTP, Google Authenticator), Universal 2nd Factor (FIDO U2F, YubiKey), email and backup verification codes.

View File

@ -12,7 +12,7 @@
* Plugin URI: https://wordpress.org/plugins/two-factor/
* Description: Two-Factor Authentication using time-based one-time passwords, Universal 2nd Factor (FIDO U2F), email and backup verification codes.
* Author: Plugin Contributors
* Version: 0.8.2
* Version: 0.9.1
* Author URI: https://github.com/wordpress/two-factor/graphs/contributors
* Network: True
* Text Domain: two-factor
@ -26,7 +26,7 @@ define( 'TWO_FACTOR_DIR', plugin_dir_path( __FILE__ ) );
/**
* Version of the plugin.
*/
define( 'TWO_FACTOR_VERSION', '0.8.2' );
define( 'TWO_FACTOR_VERSION', '0.9.1' );
/**
* Include the base class here, so that other plugins can also extend it.