[Freeipa-devel] [PATCH] 531-541 OTP UI
Nathaniel McCallum
npmccallum at redhat.com
Mon Feb 24 14:31:49 UTC 2014
On Mon, 2014-02-24 at 11:04 +0100, Petr Vobornik wrote:
> On 21.2.2014 20:00, Nathaniel McCallum wrote:
> > Is it possible to do something more intelligent for the key and date
> > fields in the add-token UI?
> >
> > Date fields are currently just a text box. Is there any sort of calendar
> > we could use here? If not, I'm still unsure of what the format should be
> > for this field.
>
> It's the format you chose :), try to fill it in CLI, you will have the
> same proble. From API level it's just string, from LDAP it's generalized
> time.
Is there a better option? I'm open to suggestions.
> I've an UI patch prepared where you can write it in ISO format, with a
> validator attached to it, so user will be noticed about the format, but
> it's waiting for:
> https://www.redhat.com/archives/freeipa-devel/2014-January/msg00057.html
> https://www.redhat.com/archives/freeipa-devel/2014-January/msg00060.html
>
> >
> > The key field should probably have a note indicating that it is Base32
> > encoding. It would also be nice to restrict the input to Base32
> > characters. Maybe even automatic case correction...
>
> Actually I think it doesn't help much. Show me a person who can write
> base32 encoded string.... But I agree that a validator with some regex
> to limit the chars and a note that it should be base32 string is better.
> The question is what's the purpose of this field from user perspective.
> Is a human being suppose to fill it or is it meant to be only filled by
> some provisioning systems? In UI it's just as a backup?
>
> If there is a use case where user is suppose to choose the key, it would
> be better to fill the key and convert it to base32 string on a server.
I can't think of any case where a user would use the key field.
However, there are at least two important cases where an admin would do
this:
1. Hardware tokens
2. Transferring OATH (TOTP/HOTP) tokens from another system
Nathaniel
More information about the Freeipa-devel
mailing list