From a51d570a6ebff0989df8e599dc4b1a2cd0b14172 Mon Sep 17 00:00:00 2001 From: David Cook Date: Fri, 16 Jun 2023 06:04:37 +0000 Subject: [PATCH] Bug 34028: Fix manual entry for two factor authentication This patch changes the "Account" and "Key" display so that you can manually enter two factor authentication details into an authenticator app. The details are the same as those provided by scanning the QR code. Test plan: 0. Apply patch 1. Go to http://localhost:8081/cgi-bin/koha/admin/preferences.pl?op=search&searchfield=TwoFactorAuthentication 2. Change setting to "Enable" 3. Go to http://localhost:8081/cgi-bin/koha/circ/circulation.pl?borrowernumber=51 4. Click "More" on record toolbar and choose "Manage two-factor authentication" 5. Click "Enable two-factor authentication" 6. Scan the QR code into an authenticator app and note it creates an entry called "Centerville: Centerville_koha" 7. Manually enter an entry into an authenticator app (like Google Authenticator) 7a. Add the "Account" as shown on the Koha screen 7b. Add the "Key" as shown on the Koha screen 8. Note that the entries added by QR code and manual entry have the same label and both were accepted by the authenticator app Signed-off-by: David Nind Signed-off-by: Martin Renvoize Signed-off-by: Tomas Cohen Arazi (cherry picked from commit 7c05333914e3f54d66b9de6dde82b614ea83569a) Signed-off-by: Fridolin Somers --- koha-tmpl/intranet-tmpl/prog/en/includes/auth-two-factor.inc | 4 ++-- .../intranet-tmpl/prog/en/modules/members/two_factor_auth.tt | 1 + 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/koha-tmpl/intranet-tmpl/prog/en/includes/auth-two-factor.inc b/koha-tmpl/intranet-tmpl/prog/en/includes/auth-two-factor.inc index 24e74141da..04f19ce2c9 100644 --- a/koha-tmpl/intranet-tmpl/prog/en/includes/auth-two-factor.inc +++ b/koha-tmpl/intranet-tmpl/prog/en/includes/auth-two-factor.inc @@ -4,8 +4,8 @@

We recommend cloud-based mobile authenticator apps such as Authy, Duo Mobile, and LastPass. They can restore access if you lose your hardware device.

Can't scan the code?

To add the entry manually, provide the following details to the application on your phone.

-

Account: [% issuer | html %]

-

Key: "[% key_id | html %]

+

Account: "[% issuer | html %]: [% key_id | html %]"

+

Key: "[% secret32 | html %]"

Time based: Yes

diff --git a/koha-tmpl/intranet-tmpl/prog/en/modules/members/two_factor_auth.tt b/koha-tmpl/intranet-tmpl/prog/en/modules/members/two_factor_auth.tt index 9d34b9b8f1..2cb3c897aa 100644 --- a/koha-tmpl/intranet-tmpl/prog/en/modules/members/two_factor_auth.tt +++ b/koha-tmpl/intranet-tmpl/prog/en/modules/members/two_factor_auth.tt @@ -100,6 +100,7 @@ $("#secret32").val(data.secret32); $("#issuer").html(data.issuer); $("#key_id").html(data.key_id); + $("#key_secret").html(data.secret32); $("#registration-form").show(); $("#registration-status").hide(); }, -- 2.39.5