From fec6a596c36a6ff44552f7e4afc8d6593fb3a77d Mon Sep 17 00:00:00 2001
From: David Cook <dcook@prosentient.com.au>
Date: Fri, 16 Jun 2023 06:04:37 +0000
Subject: [PATCH] Bug 34028: Fix manual entry for two factor authentication

This patch changes the "Account" and "Key" display so that
you can manually enter two factor authentication details into
an authenticator app.

The details are the same as those provided by scanning the QR code.

Test plan:
0. Apply patch
1. Go to
http://localhost:8081/cgi-bin/koha/admin/preferences.pl?op=search&searchfield=TwoFactorAuthentication
2. Change setting to "Enable"
3. Go to http://localhost:8081/cgi-bin/koha/circ/circulation.pl?borrowernumber=51
4. Click "More" on record toolbar and choose "Manage two-factor authentication"
5. Click "Enable two-factor authentication"
6. Scan the QR code into an authenticator app and note it creates an entry called
"Centerville: Centerville_koha"
7. Manually enter an entry into an authenticator app (like Google Authenticator)
7a. Add the "Account" as shown on the Koha screen
7b. Add the "Key" as shown on the Koha screen
8. Note that the entries added by QR code and manual entry have the same
label and both were accepted by the authenticator app

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit 7c05333914e3f54d66b9de6dde82b614ea83569a)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
(cherry picked from commit a51d570a6ebff0989df8e599dc4b1a2cd0b14172)
Signed-off-by: Pedro Amorim <pedro.amorim@ptfs-europe.com>
---
 koha-tmpl/intranet-tmpl/prog/en/includes/auth-two-factor.inc  | 4 ++--
 .../intranet-tmpl/prog/en/modules/members/two_factor_auth.tt  | 1 +
 2 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/koha-tmpl/intranet-tmpl/prog/en/includes/auth-two-factor.inc b/koha-tmpl/intranet-tmpl/prog/en/includes/auth-two-factor.inc
index 24e74141da..04f19ce2c9 100644
--- a/koha-tmpl/intranet-tmpl/prog/en/includes/auth-two-factor.inc
+++ b/koha-tmpl/intranet-tmpl/prog/en/includes/auth-two-factor.inc
@@ -4,8 +4,8 @@
             <p>We recommend cloud-based mobile authenticator apps such as Authy, Duo Mobile, and LastPass. They can restore access if you lose your hardware device.</p>
             <p>Can't scan the code?</p>
             <p>To add the entry manually, provide the following details to the application on your phone.</p>
-            <p>Account: <span id="issuer">[% issuer | html %]</span></p>
-            <p>Key: <span id="key_id">"[% key_id | html %]</span></p>
+            <p>Account: "<span id="issuer">[% issuer | html %]</span>: <span id="key_id">[% key_id | html %]</span>"</p>
+            <p>Key: "<span id="key_secret">[% secret32 | html %]</span>"</p>
             <p>Time based: Yes</p>
         </div>
 
diff --git a/koha-tmpl/intranet-tmpl/prog/en/modules/members/two_factor_auth.tt b/koha-tmpl/intranet-tmpl/prog/en/modules/members/two_factor_auth.tt
index 9d34b9b8f1..2cb3c897aa 100644
--- a/koha-tmpl/intranet-tmpl/prog/en/modules/members/two_factor_auth.tt
+++ b/koha-tmpl/intranet-tmpl/prog/en/modules/members/two_factor_auth.tt
@@ -100,6 +100,7 @@
                         $("#secret32").val(data.secret32);
                         $("#issuer").html(data.issuer);
                         $("#key_id").html(data.key_id);
+                        $("#key_secret").html(data.secret32);
                         $("#registration-form").show();
                         $("#registration-status").hide();
                     },
-- 
2.20.1