Add 2-factor authentication support for phpMyAdmin.

[Achilles-96]

Signed-off-by: Raghuram raghuram.4350@gmail.com

Before submitting pull request, please check that every commit:

• Has proper Signed-Off-By
• Has commit message which describes it
• Is needed on it's own, if you have just minor fixes to previous commits, you can squash them
• Any new functionality is covered by tests

[Achilles-96]

I described the procedure for setting it up 2-factor authentication in my blog post.

As I mentioned there, I need advice on where to place the link to access setup2FA.php.

[nijel]

I've quickly gone through your code, some general remarks:

• Please include documentation, having it in the blog is great, but it really should be part of our documentation.
• Any reason for not integrating 2FA into existing Settings tab?

[nijel]

I guess this is not intentional...

[nijel]

Please do not include third party libraries, can't this be loaded using composer? Also including generated code without source doesn't really play well with GPL, so we would have to distribute the source code as well.

[nijel]

What is purpose of this change? If really needed, please do that in separate commit explaining why it is needed.

[ibennetch]

@nijel are you satisfied with this change?

[nijel]

I'd prefer to have the documentation in the code as well, not only in the commit message, but thanks for documenting this.

[nijel]

• Please do not hardcode table name, see how others are handled.
• Why using LIKE when doing exact match?

[nijel]

I think this can fail, so you should handle false return value here.

[nijel]

Same as with auth2FA. Also these seem to share quite some amount of code, so you might want to factor that out.

[nijel]

Really?

[nijel]

Should be localized, also there is probably no point in showing the secret here. Especially not unescaped as it seems to be user input.

[nijel]

In case you want to pass the error details to client, please use JSON. Definitely do not output unescaped error messages.

[Achilles-96]

@nijel, I addressed most of the issues you raised. I left comments for the rest. Please verify.

[Achilles-96]

By this time, translations may not be possible.

[ibennetch]

Could you please add a comment to the code as well stating that translations may not be possible?

[nijel]

Hmm, maybe this should be part of the setup script in the end (which we indeed do not localize)?

Edit: I think there is no reason why the localization wound not work here, why it doesn't work here? You should just include common.inc.php (what you should do anyway for authentication and CSRF protection) and localization will work.

Also it should probably display proper error message, not just plain text...

[Achilles-96]

By this time, the user would not have been completely authenticated i.e., he/she is in the middle of authentication. Including common.inc.php is not possible because it will circularly check for 2-factor authentication again.

This part is accessed only by ajax request and the error message is displayed in standard PMA error dialog once received.

[nijel]

Maybe it would be better to closer integrate this to the authentication so that it can use the authentication API to show the form

[Achilles-96]

Authentication form is shown by auth2FA function in AuthenticationCookie.php. This is for verification. Do you mean I should move verification to a different file.

[ibennetch]

Forgive me if I missed you doing it earlier, but I think you need to escape PHP_AUTH_USER and secret here; you could use the Dbi function escapeString for that.

[ibennetch]

I tried opening my main phpMyAdmin after pulling your branch (without configuring any user for 2FA or setting up config.inc.php) and got a number of errors. We should be more graceful about failing if the user hasn't configured their system for this.

Error
SQL query: DocumentationEdit Edit

SELECT `pma_user` FROM `` WHERE `pma_user` = 'root';
MySQL said: Documentation

#1103 - Incorrect table name ''
Open new phpMyAdmin window
Notice in ./libraries/plugins/auth/AuthenticationCookie.php#570
Undefined index: 2fa_secrets

Backtrace

./libraries/plugins/auth/AuthenticationCookie.php#547: PMA\libraries\plugins\auth\AuthenticationCookie->check2FA()
./libraries/common.inc.php#656: PMA\libraries\plugins\auth\AuthenticationCookie->authCheck()
./index.php#22: require_once(./libraries/common.inc.php)
Warning in ./libraries/dbi/DBIMysqli.php#556
mysqli_real_escape_string() expects parameter 1 to be mysqli, boolean given

Backtrace

./libraries/dbi/DBIMysqli.php#556: mysqli_real_escape_string(
boolean false,
string '',
)
./libraries/classes/DatabaseInterface.php#2743: PMA\libraries\dbi\DBIMysqli->escapeString(
boolean false,
string '',
)
./libraries/navigation/nodes/Node.php#437: PhpMyAdmin\DatabaseInterface->escapeString(string '_')
./libraries/navigation/NavigationTree.php#289: PMA\libraries\navigation\nodes\Node->getData(
string 'databases',
integer 0,
string '',
)
./libraries/navigation/NavigationTree.php#847: PMA\libraries\navigation\NavigationTree->_buildPath()
./libraries/navigation/Navigation.php#45: PMA\libraries\navigation\NavigationTree->renderState()
./libraries/classes/Header.php#433: PMA\libraries\navigation\Navigation->getDisplay()
./libraries/classes/Response.php#266: PhpMyAdmin\Header->getDisplay()
./libraries/classes/Response.php#279: PhpMyAdmin\Response->_getDisplay()
./libraries/classes/Response.php#438: PhpMyAdmin\Response->_htmlResponse()
PhpMyAdmin\Response->response()
Warning in ./libraries/dbi/DBIMysqli.php#556
mysqli_real_escape_string() expects parameter 1 to be mysqli, boolean given

Backtrace

./libraries/dbi/DBIMysqli.php#556: mysqli_real_escape_string(
boolean false,
string '',
)
./libraries/classes/DatabaseInterface.php#2743: PMA\libraries\dbi\DBIMysqli->escapeString(
boolean false,
string '',
)
./libraries/navigation/nodes/Node.php#447: PhpMyAdmin\DatabaseInterface->escapeString(string '_')
./libraries/navigation/NavigationTree.php#289: PMA\libraries\navigation\nodes\Node->getData(
string 'databases',
integer 0,
string '',
)
./libraries/navigation/NavigationTree.php#847: PMA\libraries\navigation\NavigationTree->_buildPath()
./libraries/navigation/Navigation.php#45: PMA\libraries\navigation\NavigationTree->renderState()
./libraries/classes/Header.php#433: PMA\libraries\navigation\Navigation->getDisplay()
./libraries/classes/Response.php#266: PhpMyAdmin\Header->getDisplay()
./libraries/classes/Response.php#279: PhpMyAdmin\Response->_getDisplay()
./libraries/classes/Response.php#438: PhpMyAdmin\Response->_htmlResponse()
PhpMyAdmin\Response->response()
Warning in ./libraries/dbi/DBIMysqli.php#556
mysqli_real_escape_string() expects parameter 1 to be mysqli, boolean given

Backtrace

./libraries/dbi/DBIMysqli.php#556: mysqli_real_escape_string(
boolean false,
string '',
)
./libraries/classes/DatabaseInterface.php#2743: PMA\libraries\dbi\DBIMysqli->escapeString(
boolean false,
string '',
)
./libraries/navigation/nodes/Node.php#449: PhpMyAdmin\DatabaseInterface->escapeString(string '_')
./libraries/navigation/NavigationTree.php#289: PMA\libraries\navigation\nodes\Node->getData(
string 'databases',
integer 0,
string '',
)
./libraries/navigation/NavigationTree.php#847: PMA\libraries\navigation\NavigationTree->_buildPath()
./libraries/navigation/Navigation.php#45: PMA\libraries\navigation\NavigationTree->renderState()
./libraries/classes/Header.php#433: PMA\libraries\navigation\Navigation->getDisplay()
./libraries/classes/Response.php#266: PhpMyAdmin\Header->getDisplay()
./libraries/classes/Response.php#279: PhpMyAdmin\Response->_getDisplay()
./libraries/classes/Response.php#438: PhpMyAdmin\Response->_htmlResponse()
PhpMyAdmin\Response->response()

[ibennetch]

We'll have to deal gracefully with situations where the user either hasn't configured it or the table doesn't exist.

You can also see for instance libraries/classes/Bookmark.php:114 for an example of how we might deal with this. We have to test the array to make sure $cfgRelation['2fa_secret'] (or whatever configuration directive you use) isn't empty first, before trying to use it. We initialize it as part of the default configuration to an empty value, so before using we'll test if the user has configured it.

Also, you should add the new directive to libraries/config.default.php with a blank assignment such as $cfg['Servers'][$i]['2fa_secret'] = '';. You can add it right after the export_template area around line 503.

We should also add this new directive to libraries/relation.lib.php around line 353; this file is used by chk_rel.php which warns the user if their table structure is outdated.

Can you add the structure for the 2fa_secrets table to sql/create_tables.sql?

Instead of manually running the SQL, it might be more efficient to use PMA_queryAsControlUser such as

$sql_query
    = " SELECT `tables` FROM " . $this->_getPmaTable() .
    " WHERE `username` = '" . $GLOBALS['dbi']->escapeString($GLOBALS['cfg']['Server']['user']) . "'";
$result = PMA_queryAsControlUser($sql_query, false);

[nijel]

Can you please place the class to separate file and include tests for it?

[ibennetch]

Could you rebase this against current master to reflect the changes Maurício has done?

[codecov]

Codecov Report

Merging #13495 into master will decrease coverage by 0.2%.
The diff coverage is 2.09%.

@@            Coverage Diff             @@
##           master   #13495      +/-   ##
==========================================
- Coverage   53.17%   52.96%   -0.21%     
==========================================
  Files         468      470       +2     
  Lines       81619    81953     +334     
==========================================
+ Hits        43404    43410       +6     
- Misses      38215    38543     +328

[stale]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.