[Freeipa-devel] [PATCH] 531-541 OTP UI

Petr Vobornik pvoborni at redhat.com
Fri Feb 21 14:24:00 UTC 2014 

On 10.2.2014 14:12, Petr Vobornik wrote:
> On 13.1.2014 17:09, Petr Vobornik wrote:
>> Hi,
>>
>> these patches implements the OTP Web UI.
>>
>> Last 5 patches is the OTP UI.
>>
>> First 6 patches is a little refactoring/bug fixes needed for them.
>> General password dialog is introduced to avoid another implementation.
>>
>> Self-service UI is implemented to be very simple. Atm user can choose
>> only token name. Admin interface allows to enter all values.
>>
>> It's based on the RCUE work -> we need to push RCUE first. Thanks
>> Nathaniel for review of the last font package. It will speed things up.
>>
>> Know bugs:
>> - there is clash in id's of checkboxes preventing editation of
>> subsequently displayed ones with the same name. Will be fixed in
>> separate patch.
>> - bugs caused by bugs in API (adding/removal of own tokens in
>> self-service, inability to enter key on token creation -
>> https://fedorahosted.org/freeipa/ticket/4099)
>> - datetime format (widget+validator) will be implemented in separate
>> patch
>> - no support of not reviewed CLI patches (HOTP..)
>>
>> Cgit:
>> http://fedorapeople.org/cgit/pvoborni/public_git/freeipa.git/log/?h=otp
>>
>> https://fedorahosted.org/freeipa/ticket/3369
>>
>
> patch 540-1 has been updated
> - QR code is centered
> - QR code correction level was lowered from H to M
>
> All other current patches from sub-threads are attached as well (it was
> getting hard to keep track of them).
>

Attaching new version of patch 537: 537-4

It:
* adds HOTP support - new switch in adder dialog and ipatokenhotpcounter 
field in details facet
* removes 'default' radio button in adder dialog in ipatokenotpalgorithm 
and ipatokenotpdigits field


Btw I've encountered an issue on Web UI login when:
- user is created
- token is created for him
- admin resets user's password and changes auth type to 'otp'
- user tries to login with psw+otp

The initial login-password call is successful but subsequent change 
password fails - it uses the old psw+otp.

I'll address this issue in https://fedorahosted.org/freeipa/ticket/3903 
which is almost implemented.


I also plan to hide fields without any value in otp token details page 
in self-service mode. This will be done after #3903 because some 
prerequisites for #3903 add useful code for that task.
-- 
Petr Vobornik
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-pvoborni-0537-4-UI-for-OTP-tokens.patch
Type: text/x-patch
Size: 16273 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20140221/edd90c29/attachment.bin>

More information about the Freeipa-devel mailing list