Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.Sign up
FR: Allow for better return values of two factor module #26593
I am working with ownCloud 9.1 Two Factor authentication framework.
The method verifyChallenge
is supposed to return true or false.
Please tell me, what you think. I would be happy to provide any input or a pull request.
Steps to reproduce
The method should return additional information to be displayed, in case of failed authentication.
The method only returns true or false. The login screen displays a standard information, that an "error occurred during token verification".
ownCloud version: (see ownCloud admin page)
List of activated apps: privacyIDEA ownCloud App
Would it make sense to store the detailed error in the log instead of exposing it to the user ?
There might be some errors which are so obvious, that it is nice to not need to look into the log.
OK, you should have monitoring systems to do this. should! ;-)
Also and most important: ownCloud is doing an authentication in two steps.
The idea of displaying this information to the user is, to avoid having him call the helpdesk. "Oh. I entered a previous OTP? So I have to push the button again" - instead of calling UHD.
Honestly there is also another scenario I am thinking of.
Displaying this message to the user or even to the boss! has a much larger effect on getting a new subscription than hiding this message in the log file.
From what I see the PHPDoc of the
In addition to that, let
This sounds cool to me, if the 2FAProvider can raise an Exception and the upper layer would catch this and display the text as error message to the user.
@PVince81 The 2FAChallengeException should be publically available in namespave OCP.
I guess each component under lib/public/ defines its own Exceptions. I will put it to lib/public/Authentication/TwoFactorAuth