You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cloudstack.apache.org by GitBox <gi...@apache.org> on 2023/01/02 11:34:21 UTC
[GitHub] [cloudstack] harikrishna-patnala opened a new pull request, #6924: [Draft] User two factor authentication
harikrishna-patnala opened a new pull request, #6924:
URL: https://github.com/apache/cloudstack/pull/6924
### Description
This PR introduces a new feature to add support for Two Factor Authentication 2FA in CloudStack.
The corresponding documentation PR is at https://github.com/apache/cloudstack-documentation/pull/293 having all the details about the feature and how to use it.
<!--- Describe your changes in DETAIL - And how has behaviour functionally changed. -->
<!-- For new features, provide link to FS, dev ML discussion etc. -->
<!-- In case of bug fix, the expected and actual behaviours, steps to reproduce. -->
<!-- When "Fixes: #<id>" is specified, the issue/PR will automatically be closed when this PR gets merged -->
<!-- For addressing multiple issues/PRs, use multiple "Fixes: #<id>" -->
<!-- Fixes: # -->
<!--- ********************************************************************************* -->
<!--- NOTE: AUTOMATATION USES THE DESCRIPTIONS TO SET LABELS AND PRODUCE DOCUMENTATION. -->
<!--- PLEASE PUT AN 'X' in only **ONE** box -->
<!--- ********************************************************************************* -->
### Types of changes
- [ ] Breaking change (fix or feature that would cause existing functionality to change)
- [x] New feature (non-breaking change which adds functionality)
- [ ] Bug fix (non-breaking change which fixes an issue)
- [ ] Enhancement (improves an existing feature and functionality)
- [ ] Cleanup (Code refactoring and cleanup, that may add test cases)
### Feature/Enhancement Scale or Bug Severity
#### Feature/Enhancement Scale
- [x] Major
- [ ] Minor
### Screenshots (if appropriate):
Few sample screenshots are attached here
1. User login page to verify 2FA
2. User page to setup 2FA using google provider
3. User page to setup 2FA using staticpin provider
4. User login page to setup 2FA on the first login attempt
5. A new action button to enable/disable 2FA for user
<!-- Please read the [CONTRIBUTING](https://github.com/apache/cloudstack/blob/main/CONTRIBUTING.md) document -->
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] harikrishna-patnala commented on pull request #6924: [Draft] User two factor authentication
Posted by GitBox <gi...@apache.org>.
harikrishna-patnala commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1328621842
@blueorangutan package
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6924: [Draft] User two factor authentication
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1333601685
<b>Trillian Build Failed (tid-5328)<b/>
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] DaanHoogland commented on pull request #6924: [Draft] User two factor authentication
Posted by GitBox <gi...@apache.org>.
DaanHoogland commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1398458747
@blueorangutan package
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] harikrishna-patnala commented on a diff in pull request #6924: [Draft] User two factor authentication
Posted by GitBox <gi...@apache.org>.
harikrishna-patnala commented on code in PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#discussion_r1035566540
##########
server/src/main/java/com/cloud/user/AccountManagerImpl.java:
##########
@@ -315,6 +322,31 @@ public class AccountManagerImpl extends ManagerBase implements AccountManager, M
private int _cleanupInterval;
private List<String> apiNameList;
+ protected static Map<String, UserTwoFactorAuthenticator> userTwoFactorAuthenticationProvidersMap = new HashMap<>();
+
+ private List<UserTwoFactorAuthenticator> userTwoFactorAuthenticationProviders;
+
+ static ConfigKey<Boolean> enableUserTwoFactorAuthentication = new ConfigKey<Boolean>("Advanced",
+ Boolean.class,
+ "enable.user.two.factor.authentication",
+ "false",
+ "Determines whether two factor authentication is enabled or not. This can also be configured at domain level.",
+ false,
+ ConfigKey.Scope.Domain);
+
+ ConfigKey<Boolean> mandateUserTwoFactorAuthentication = new ConfigKey<Boolean>("Advanced",
+ Boolean.class,
+ "mandate.user.two.factor.authentication",
+ "false",
+ "Determines whether to make the two factor authentication mandatory or not. This can also be configured at domain level.",
+ false,
+ ConfigKey.Scope.Domain);
+
+ ConfigKey<String> userTwoFactorAuthenticationDefaultProvider = new ConfigKey<>("Advanced", String.class,
+ "user.two.factor.authentication.default.provider",
+ "GOOGLE",
+ "The default user two factor authentication provider plugin. Eg. google, staticpin", true, ConfigKey.Scope.Domain);
Review Comment:
This config is used only to get the default 2FA provider only when using API. In UI we use the listUserTwoFactorAuthenticatorProviders API to fetch the provider names, so if it is from UI check is not required.
I've intentionally did nt keep the check in configurationmanager impl because, we will have to add specific if condition only for this. setup 2FA API will fail with proper error if does not find the provider name.
Hope this is fine.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] weizhouapache commented on pull request #6924: [Draft] User two factor authentication
Posted by GitBox <gi...@apache.org>.
weizhouapache commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1329091403
@blueorangutan package
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] weizhouapache commented on a diff in pull request #6924: [Draft] User two factor authentication
Posted by GitBox <gi...@apache.org>.
weizhouapache commented on code in PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#discussion_r1034820810
##########
server/src/main/java/com/cloud/user/AccountManagerImpl.java:
##########
@@ -139,8 +142,8 @@
import com.cloud.projects.dao.ProjectAccountDao;
import com.cloud.projects.dao.ProjectDao;
import com.cloud.region.ha.GlobalLoadBalancingRulesService;
-import com.cloud.server.auth.UserAuthenticator;
-import com.cloud.server.auth.UserAuthenticator.ActionOnFailedAuthentication;
+import org.apache.cloudstack.auth.UserAuthenticator;
Review Comment:
@harikrishna-patnala
the imports in many classes are not ordered after moving com.cloud.server.auth.UserAuthenticator to org.apache.cloudstack.auth.UserAuthenticator
can you fix them ?
##########
ui/src/views/dashboard/Dashboard.vue:
##########
@@ -56,6 +60,7 @@ export default {
}
},
created () {
+ console.log(this.$store.getters.twoFaEnabled)
Review Comment:
this seems unnecesary
##########
setup/db/22beta4to22GA.sql:
##########
@@ -61,7 +61,7 @@ ALTER TABLE `cloud`.`user_ip_address` DROP COLUMN public_ip_address;
ALTER TABLE `cloud`.`user_ip_address` CHANGE public_ip_address1 public_ip_address char(40) NOT NULL COMMENT 'the public ip address';
DROP VIEW if exists port_forwarding_rules_view;
-ALTER TABLE `cloud`.`port_forwarding_rules` ADD COLUMN `dest_ip_address1` char(40) NOT NULL COMMENT 'the destination ip address';
+ ALTER TABLE `cloud`.`port_forwarding_rules` ADD COLUMN `dest_ip_address1` char(40) NOT NULL COMMENT 'the destination ip address';
Review Comment:
this seems unnecessary.
##########
server/src/main/java/com/cloud/user/AccountManagerImpl.java:
##########
@@ -315,6 +322,31 @@ public class AccountManagerImpl extends ManagerBase implements AccountManager, M
private int _cleanupInterval;
private List<String> apiNameList;
+ protected static Map<String, UserTwoFactorAuthenticator> userTwoFactorAuthenticationProvidersMap = new HashMap<>();
+
+ private List<UserTwoFactorAuthenticator> userTwoFactorAuthenticationProviders;
+
+ static ConfigKey<Boolean> enableUserTwoFactorAuthentication = new ConfigKey<Boolean>("Advanced",
+ Boolean.class,
+ "enable.user.two.factor.authentication",
+ "false",
+ "Determines whether two factor authentication is enabled or not. This can also be configured at domain level.",
+ false,
Review Comment:
@harikrishna-patnala
these settings are dynamic , right ?
##########
server/src/main/java/com/cloud/user/AccountManagerImpl.java:
##########
@@ -315,6 +322,31 @@ public class AccountManagerImpl extends ManagerBase implements AccountManager, M
private int _cleanupInterval;
private List<String> apiNameList;
+ protected static Map<String, UserTwoFactorAuthenticator> userTwoFactorAuthenticationProvidersMap = new HashMap<>();
+
+ private List<UserTwoFactorAuthenticator> userTwoFactorAuthenticationProviders;
+
+ static ConfigKey<Boolean> enableUserTwoFactorAuthentication = new ConfigKey<Boolean>("Advanced",
+ Boolean.class,
+ "enable.user.two.factor.authentication",
+ "false",
+ "Determines whether two factor authentication is enabled or not. This can also be configured at domain level.",
+ false,
+ ConfigKey.Scope.Domain);
+
+ ConfigKey<Boolean> mandateUserTwoFactorAuthentication = new ConfigKey<Boolean>("Advanced",
+ Boolean.class,
+ "mandate.user.two.factor.authentication",
+ "false",
+ "Determines whether to make the two factor authentication mandatory or not. This can also be configured at domain level.",
+ false,
+ ConfigKey.Scope.Domain);
+
+ ConfigKey<String> userTwoFactorAuthenticationDefaultProvider = new ConfigKey<>("Advanced", String.class,
+ "user.two.factor.authentication.default.provider",
+ "GOOGLE",
+ "The default user two factor authentication provider plugin. Eg. google, staticpin", true, ConfigKey.Scope.Domain);
Review Comment:
is there check on the value of config `userTwoFactorAuthenticationDefaultProvider` ?
##########
plugins/user-two-factor-authenticators/static-pin/src/main/java/org/apache/cloudstack/auth/StaticPinUserTwoFactorAuthenticator.java:
##########
@@ -0,0 +1,74 @@
+// Licensed to the Apache Software Foundation (ASF) under one or more
+// contributor license agreements. See the NOTICE file distributed with
+// this work for additional information regarding copyright ownership.
+// The ASF licenses this file to You under the Apache License, Version 2.0
+// (the "License"); you may not use this file except in compliance with
+// the License. You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package org.apache.cloudstack.auth;
+
+import javax.inject.Inject;
+
+import com.cloud.exception.CloudAuthenticationException;
+import com.cloud.user.UserAccount;
+import com.cloud.utils.exception.CloudRuntimeException;
+import org.apache.commons.lang3.StringUtils;
+import org.apache.log4j.Logger;
+
+import com.cloud.user.dao.UserAccountDao;
+import com.cloud.utils.component.AdapterBase;
+
+import java.util.Random;
+
+public class StaticPinUserTwoFactorAuthenticator extends AdapterBase implements UserTwoFactorAuthenticator {
+ public static final Logger s_logger = Logger.getLogger(StaticPinUserTwoFactorAuthenticator.class);
+
+ @Inject
+ private UserAccountDao _userAccountDao;
+
+ @Override
+ public String getName() {
+ return "staticpin";
+ }
+
+ @Override
+ public String getDescription() {
+ return "Static Pin user two factor authentication provider Plugin";
+ }
+
+ @Override
+ public void check2FA(String code, UserAccount userAccount) throws CloudAuthenticationException {
+ String expectedCode = getStaticPin(userAccount);
+ if (expectedCode.equals(code)) {
+ s_logger.info("2FA matches user's input");
+ return;
+ }
+ throw new CloudAuthenticationException("two-factor authentication code provided is invalid");
+ }
+
+ private String getStaticPin(UserAccount userAccount) {
+ return userAccount.getKeyFor2fa();
+ }
+
+ @Override
+ public String setup2FAKey(UserAccount userAccount) {
+ if (StringUtils.isNotEmpty(userAccount.getKeyFor2fa())) {
+ throw new CloudRuntimeException(String.format("2FA key is already setup for the user account %s", userAccount.getAccountName()));
+ }
+ long seed = System.currentTimeMillis();
+ Random rng = new Random(seed);
Review Comment:
@harikrishna-patnala
would be good to use SecureRandom ?
##########
server/src/main/java/com/cloud/user/AccountManagerImpl.java:
##########
@@ -3100,6 +3171,151 @@ public String getConfigComponentName() {
@Override
public ConfigKey<?>[] getConfigKeys() {
- return new ConfigKey<?>[] {UseSecretKeyInResponse};
+ return new ConfigKey<?>[] {UseSecretKeyInResponse, enableUserTwoFactorAuthentication, userTwoFactorAuthenticationDefaultProvider, mandateUserTwoFactorAuthentication};
+ }
+
+ public List<UserTwoFactorAuthenticator> getUserTwoFactorAuthenticationProviders() {
+ return userTwoFactorAuthenticationProviders;
+ }
+
+ public void setUserTwoFactorAuthenticationProviders(final List<UserTwoFactorAuthenticator> userTwoFactorAuthenticationProviders) {
+ this.userTwoFactorAuthenticationProviders = userTwoFactorAuthenticationProviders;
+ }
+
+ private void initializeUserTwoFactorAuthenticationProvidersMap() {
+ if (userTwoFactorAuthenticationProviders != null) {
+ for (final UserTwoFactorAuthenticator userTwoFactorAuthenticator : userTwoFactorAuthenticationProviders) {
+ userTwoFactorAuthenticationProvidersMap.put(userTwoFactorAuthenticator.getName().toLowerCase(), userTwoFactorAuthenticator);
+ }
+ }
+ }
+
+ @Override
+ public void verifyUsingTwoFactorAuthenticationCode(final String code, final Long domainId, final Long userAccountId) {
+
+ Account caller = CallContext.current().getCallingAccount();
+ Account owner = _accountService.getActiveAccountById(caller.getId());
+
+ checkAccess(caller, null, true, owner);
+
+ UserAccount userAccount = _accountService.getUserAccountById(userAccountId);
+ if (!userAccount.isUser2faEnabled()) {
+ throw new CloudRuntimeException(String.format("Two factor authentication is not enabled on the user: %s", userAccount.getUsername()));
+ }
+ UserTwoFactorAuthenticator userTwoFactorAuthenticator = getUserTwoFactorAuthenticator(domainId, userAccountId);
+ userTwoFactorAuthenticator.check2FA(code, userAccount);
+ }
+
+ @Override
+ public UserTwoFactorAuthenticator getUserTwoFactorAuthenticator(Long domainId, Long userAccountId) {
+ if (userAccountId != null) {
+ UserAccount userAccount = _accountService.getUserAccountById(userAccountId);
+ if (userAccount.getUser2faProvider() != null) {
+ return getUserTwoFactorAuthenticator(userAccount.getUser2faProvider());
+ }
+ }
+ final String name = userTwoFactorAuthenticationDefaultProvider.valueIn(domainId);
+ return getUserTwoFactorAuthenticator(name);
+ }
+
+ @Override
+ public UserTwoFactorAuthenticationSetupResponse setupUserTwoFactorAuthentication(SetupUserTwoFactorAuthenticationCmd cmd) {
+ String providerName = cmd.getProvider();
+
+ Account caller = CallContext.current().getCallingAccount();
+ Account owner = _accountService.getActiveAccountById(caller.getId());
+
+ if (cmd.getEnable()) {
+ checkAccess(caller, null, true, owner);
+ Long userId = CallContext.current().getCallingUserId();
+
+ UserTwoFactorAuthenticationSetupResponse response = enableTwoFactorAuthentication(userId, providerName);
+ return response;
+ }
+
+ // Admin can disable 2FA of the users
+ Long userId = cmd.getUserId();
+ UserTwoFactorAuthenticationSetupResponse response = disableTwoFactorAuthentication(userId, caller, owner);
+
+ return response;
+ }
+
+ protected UserTwoFactorAuthenticationSetupResponse enableTwoFactorAuthentication(Long userId, String providerName) {
+ UserAccountVO userAccount = _userAccountDao.findById(userId);
+ UserVO userVO = _userDao.findById(userId);
+
+ if (!enableUserTwoFactorAuthentication.valueIn(userAccount.getDomainId())) {
+ throw new CloudRuntimeException("2FA is not enabled for this domain or at global level");
+ }
+
+ if (StringUtils.isEmpty(providerName)) {
+ throw new InvalidParameterValueException("Provider name is mandatory to setup 2FA");
+ }
+ UserTwoFactorAuthenticator provider = getUserTwoFactorAuthenticationProvider(providerName);
+ String code = provider.setup2FAKey(userAccount);
+ UserVO user = _userDao.createForUpdate();
+ user.setKeyFor2fa(code);
+ user.setUser2faProvider(provider.getName());
+ user.setUser2faEnabled(true);
+ _userDao.update(userId, user);
+
+ UserTwoFactorAuthenticationSetupResponse response = new UserTwoFactorAuthenticationSetupResponse();
+ response.setId(userVO.getUuid());
+ response.setUsername(userAccount.getUsername());
+ response.setSecretCode(code);
+
+ return response;
}
+
+ protected UserTwoFactorAuthenticationSetupResponse disableTwoFactorAuthentication(Long userId, Account caller, Account owner) {
+ UserVO userVO = null;
+ if (userId != null) {
+ userVO = validateUser(userId, caller.getDomainId());
+ if (userVO == null) {
+ throw new InvalidParameterValueException("Unable to find user= " + userVO.getUsername() + " in domain id = " + caller.getDomainId());
+ }
+ owner = _accountService.getActiveAccountById(userVO.getAccountId());
+ } else {
+ userId = CallContext.current().getCallingUserId();
+ userVO = _userDao.findById(userId);
+ }
+ checkAccess(caller, null, true, owner);
+
+ UserVO user = _userDao.createForUpdate();
+ user.setKeyFor2fa(null);
+ user.setUser2faProvider(null);
+ user.setUser2faEnabled(false);
+ _userDao.update(userVO.getId(), user);
+
+ UserTwoFactorAuthenticationSetupResponse response = new UserTwoFactorAuthenticationSetupResponse();
+ response.setId(userVO.getUuid());
+ response.setUsername(userVO.getUsername());
+
+ return response;
+ }
+
+ private UserVO validateUser(Long userId, Long domainId) {
+ UserVO user = null;
+ if (userId != null) {
+ user = _userDao.findById(userId);
+ if (user == null) {
+ throw new InvalidParameterValueException("Invalid user ID provided");
+ }
+ if (_accountDao.findById(user.getAccountId()).getDomainId() != domainId) {
+ throw new InvalidParameterValueException("User doesn't belong to the specified account or domain");
+ }
+ }
+ return user;
+ }
+
+ public UserTwoFactorAuthenticator getUserTwoFactorAuthenticator(final String name) {
+ if (StringUtils.isEmpty(name)) {
+ throw new CloudRuntimeException("Invalid UserTwoFactorAuthenticator name provided");
+ }
+ if (!userTwoFactorAuthenticationProvidersMap.containsKey(name)) {
Review Comment:
is the provider name case-sensitive ?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] sonarcloud[bot] commented on pull request #6924: [Draft] User two factor authentication
Posted by sonarcloud.
sonarcloud[bot] commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1411655040
SonarCloud Quality Gate failed. [](https://sonarcloud.io/dashboard?id=apache_cloudstack&pullRequest=6924)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=BUG) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=BUG) [0 Bugs](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=BUG)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=VULNERABILITY) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=VULNERABILITY) [0 Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=VULNERABILITY)
[](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6924&resolved=false&types=SECURITY_HOTSPOT) [](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6924&resolved=false&types=SECURITY_HOTSPOT) [3 Security Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6924&resolved=false&types=SECURITY_HOTSPOT)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=CODE_SMELL) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=CODE_SMELL) [19 Code Smells](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=CODE_SMELL)
[](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6924&metric=new_coverage&view=list) [36.1% Coverage](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6924&metric=new_coverage&view=list)
[](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6924&metric=new_duplicated_lines_density&view=list) [3.9% Duplication](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6924&metric=new_duplicated_lines_density&view=list)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] sonarcloud[bot] commented on pull request #6924: [Draft] User two factor authentication
Posted by sonarcloud.
sonarcloud[bot] commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1412094416
SonarCloud Quality Gate failed. [](https://sonarcloud.io/dashboard?id=apache_cloudstack&pullRequest=6924)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=BUG) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=BUG) [0 Bugs](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=BUG)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=VULNERABILITY) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=VULNERABILITY) [0 Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=VULNERABILITY)
[](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6924&resolved=false&types=SECURITY_HOTSPOT) [](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6924&resolved=false&types=SECURITY_HOTSPOT) [3 Security Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6924&resolved=false&types=SECURITY_HOTSPOT)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=CODE_SMELL) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=CODE_SMELL) [22 Code Smells](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=CODE_SMELL)
[](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6924&metric=new_coverage&view=list) [36.2% Coverage](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6924&metric=new_coverage&view=list)
[](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6924&metric=new_duplicated_lines_density&view=list) [3.9% Duplication](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6924&metric=new_duplicated_lines_density&view=list)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6924: User two factor authentication
Posted by "blueorangutan (via GitHub)" <gi...@apache.org>.
blueorangutan commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1422068576
@harikrishna-patnala a Jenkins job has been kicked to build packages. It will be bundled with KVM, XenServer and VMware SystemVM templates. I'll keep you posted as I make progress.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] rohityadavcloud commented on a diff in pull request #6924: User two factor authentication
Posted by "rohityadavcloud (via GitHub)" <gi...@apache.org>.
rohityadavcloud commented on code in PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#discussion_r1098398377
##########
plugins/user-authenticators/saml2/src/main/java/org/apache/cloudstack/saml/SAMLUtils.java:
##########
@@ -286,7 +287,10 @@ public static void setupSamlUserCookies(final LoginCmdResponse loginResponse, fi
resp.addCookie(new Cookie("account", URLEncoder.encode(loginResponse.getAccount(), HttpUtils.UTF_8)));
resp.addCookie(new Cookie("isSAML", URLEncoder.encode("true", HttpUtils.UTF_8)));
resp.addCookie(new Cookie("twoFaEnabled", URLEncoder.encode(loginResponse.is2FAenabled(), HttpUtils.UTF_8)));
- resp.addCookie(new Cookie("twoFaProvider", URLEncoder.encode(loginResponse.getProviderFor2FA(), HttpUtils.UTF_8)));
+ String providerFor2FA = loginResponse.getProviderFor2FA();
+ if (StringUtils.isNoneEmpty(providerFor2FA)) {
Review Comment:
@harikrishna-patnala do you mean `if (!<condition>)`, the missing !
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] harikrishna-patnala commented on a diff in pull request #6924: [Draft] User two factor authentication
Posted by "harikrishna-patnala (via GitHub)" <gi...@apache.org>.
harikrishna-patnala commented on code in PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#discussion_r1094354295
##########
api/src/main/java/org/apache/cloudstack/api/response/UserResponse.java:
##########
@@ -120,6 +120,10 @@ public class UserResponse extends BaseResponse implements SetResourceIconRespons
@Param(description = "Base64 string representation of the resource icon", since = "4.16.0.0")
ResourceIconResponse icon;
+ @SerializedName(ApiConstants.IS_2FA_ENABLED)
+ @Param(description = "true if user has two factor authentication enabled", since = "4.18.0.0")
Review Comment:
Added in LoginCmdResponse as well
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] github-actions[bot] commented on pull request #6924: User two factor authentication
Posted by "github-actions[bot] (via GitHub)" <gi...@apache.org>.
github-actions[bot] commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1415249292
This pull request has merge conflicts. Dear author, please fix the conflicts and sync your branch with the base branch.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6924: User two factor authentication
Posted by "blueorangutan (via GitHub)" <gi...@apache.org>.
blueorangutan commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1413638220
@rohityadavcloud a Jenkins job has been kicked to build packages. It will be bundled with KVM, XenServer and VMware SystemVM templates. I'll keep you posted as I make progress.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] harikrishna-patnala commented on pull request #6924: User two factor authentication
Posted by "harikrishna-patnala (via GitHub)" <gi...@apache.org>.
harikrishna-patnala commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1425744580
@blueorangutan package
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] rohityadavcloud commented on pull request #6924: User two factor authentication
Posted by "rohityadavcloud (via GitHub)" <gi...@apache.org>.
rohityadavcloud commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1424188993
@blueorangutan test
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6924: User two factor authentication
Posted by "blueorangutan (via GitHub)" <gi...@apache.org>.
blueorangutan commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1422106833
Packaging result: :heavy_check_mark: el7 :heavy_check_mark: el8 :heavy_check_mark: el9 :heavy_check_mark: debian :heavy_check_mark: suse15. SL-JID 5528
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] sonarcloud[bot] commented on pull request #6924: User two factor authentication
Posted by "sonarcloud[bot] (via GitHub)" <gi...@apache.org>.
sonarcloud[bot] commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1422266551
SonarCloud Quality Gate failed. [](https://sonarcloud.io/dashboard?id=apache_cloudstack&pullRequest=6924)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=BUG) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=BUG) [0 Bugs](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=BUG)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=VULNERABILITY) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=VULNERABILITY) [0 Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=VULNERABILITY)
[](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6924&resolved=false&types=SECURITY_HOTSPOT) [](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6924&resolved=false&types=SECURITY_HOTSPOT) [9 Security Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6924&resolved=false&types=SECURITY_HOTSPOT)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=CODE_SMELL) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=CODE_SMELL) [27 Code Smells](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=CODE_SMELL)
[](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6924&metric=new_coverage&view=list) [34.0% Coverage](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6924&metric=new_coverage&view=list)
[](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6924&metric=new_duplicated_lines_density&view=list) [3.8% Duplication](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6924&metric=new_duplicated_lines_density&view=list)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] sonarcloud[bot] commented on pull request #6924: User two factor authentication
Posted by "sonarcloud[bot] (via GitHub)" <gi...@apache.org>.
sonarcloud[bot] commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1424134169
SonarCloud Quality Gate failed. [](https://sonarcloud.io/dashboard?id=apache_cloudstack&pullRequest=6924)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=BUG) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=BUG) [0 Bugs](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=BUG)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=VULNERABILITY) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=VULNERABILITY) [0 Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=VULNERABILITY)
[](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6924&resolved=false&types=SECURITY_HOTSPOT) [](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6924&resolved=false&types=SECURITY_HOTSPOT) [9 Security Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6924&resolved=false&types=SECURITY_HOTSPOT)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=CODE_SMELL) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=CODE_SMELL) [27 Code Smells](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=CODE_SMELL)
[](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6924&metric=new_coverage&view=list) [34.0% Coverage](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6924&metric=new_coverage&view=list)
[](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6924&metric=new_duplicated_lines_density&view=list) [3.8% Duplication](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6924&metric=new_duplicated_lines_density&view=list)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] harikrishna-patnala commented on pull request #6924: [Draft] User two factor authentication
Posted by GitBox <gi...@apache.org>.
harikrishna-patnala commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1381806473
@blueorangutan package
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] sonarcloud[bot] commented on pull request #6924: [Draft] User two factor authentication
Posted by sonarcloud.
sonarcloud[bot] commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1411910886
SonarCloud Quality Gate failed. [](https://sonarcloud.io/dashboard?id=apache_cloudstack&pullRequest=6924)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=BUG) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=BUG) [0 Bugs](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=BUG)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=VULNERABILITY) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=VULNERABILITY) [0 Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=VULNERABILITY)
[](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6924&resolved=false&types=SECURITY_HOTSPOT) [](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6924&resolved=false&types=SECURITY_HOTSPOT) [3 Security Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6924&resolved=false&types=SECURITY_HOTSPOT)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=CODE_SMELL) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=CODE_SMELL) [19 Code Smells](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=CODE_SMELL)
[](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6924&metric=new_coverage&view=list) [36.1% Coverage](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6924&metric=new_coverage&view=list)
[](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6924&metric=new_duplicated_lines_density&view=list) [3.9% Duplication](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6924&metric=new_duplicated_lines_density&view=list)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] DaanHoogland commented on pull request #6924: [Draft] User two factor authentication
Posted by "DaanHoogland (via GitHub)" <gi...@apache.org>.
DaanHoogland commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1412112359
@blueorangutan test matrix
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] harikrishna-patnala commented on pull request #6924: [Draft] User two factor authentication
Posted by GitBox <gi...@apache.org>.
harikrishna-patnala commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1386604262
@blueorangutan package
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] sonarcloud[bot] commented on pull request #6924: [Draft] User two factor authentication
Posted by GitBox <gi...@apache.org>.
sonarcloud[bot] commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1386663621
SonarCloud Quality Gate failed. [](https://sonarcloud.io/dashboard?id=apache_cloudstack&pullRequest=6924)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=BUG) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=BUG) [3 Bugs](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=BUG)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=VULNERABILITY) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=VULNERABILITY) [0 Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=VULNERABILITY)
[](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6924&resolved=false&types=SECURITY_HOTSPOT) [](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6924&resolved=false&types=SECURITY_HOTSPOT) [3 Security Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6924&resolved=false&types=SECURITY_HOTSPOT)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=CODE_SMELL) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=CODE_SMELL) [55 Code Smells](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=CODE_SMELL)
[](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6924&metric=new_coverage&view=list) [35.8% Coverage](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6924&metric=new_coverage&view=list)
[](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6924&metric=new_duplicated_lines_density&view=list) [3.9% Duplication](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6924&metric=new_duplicated_lines_density&view=list)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] sonarcloud[bot] commented on pull request #6924: User two factor authentication
Posted by "sonarcloud[bot] (via GitHub)" <gi...@apache.org>.
sonarcloud[bot] commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1425693440
SonarCloud Quality Gate failed. [](https://sonarcloud.io/dashboard?id=apache_cloudstack&pullRequest=6924)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=BUG) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=BUG) [0 Bugs](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=BUG)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=VULNERABILITY) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=VULNERABILITY) [0 Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=VULNERABILITY)
[](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6924&resolved=false&types=SECURITY_HOTSPOT) [](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6924&resolved=false&types=SECURITY_HOTSPOT) [9 Security Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6924&resolved=false&types=SECURITY_HOTSPOT)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=CODE_SMELL) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=CODE_SMELL) [27 Code Smells](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=CODE_SMELL)
[](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6924&metric=new_coverage&view=list) [34.0% Coverage](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6924&metric=new_coverage&view=list)
[](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6924&metric=new_duplicated_lines_density&view=list) [3.8% Duplication](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6924&metric=new_duplicated_lines_density&view=list)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6924: [Draft] User two factor authentication
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1352956391
@harikrishna-patnala a Jenkins job has been kicked to build packages. It will be bundled with
SystemVM template(s). I'll keep you posted as I make progress.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6924: [Draft] User two factor authentication
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1331693865
@harikrishna-patnala a Jenkins job has been kicked to build packages. It will be bundled with KVM, XenServer and VMware SystemVM templates. I'll keep you posted as I make progress.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] harikrishna-patnala commented on pull request #6924: [Draft] User two factor authentication
Posted by GitBox <gi...@apache.org>.
harikrishna-patnala commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1331693603
@blueorangutan package
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6924: [Draft] User two factor authentication
Posted by "blueorangutan (via GitHub)" <gi...@apache.org>.
blueorangutan commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1404631191
@harikrishna-patnala a Jenkins job has been kicked to build packages. It will be bundled with KVM, XenServer and VMware SystemVM templates. I'll keep you posted as I make progress.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] harikrishna-patnala commented on pull request #6924: [Draft] User two factor authentication
Posted by "harikrishna-patnala (via GitHub)" <gi...@apache.org>.
harikrishna-patnala commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1404630511
@blueorangutan package
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] harikrishna-patnala commented on pull request #6924: [Draft] User two factor authentication
Posted by GitBox <gi...@apache.org>.
harikrishna-patnala commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1352667558
@blueorangutan package
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6924: User two factor authentication
Posted by "blueorangutan (via GitHub)" <gi...@apache.org>.
blueorangutan commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1414292425
<b>Trillian test result (tid-6087)</b>
Environment: kvm-centos7 (x2), Advanced Networking with Mgmt server 7
Total time taken: 40944 seconds
Marvin logs: https://github.com/blueorangutan/acs-prs/releases/download/trillian/pr6924-t6087-kvm-centos7.zip
Smoke tests completed. 108 look OK, 0 have errors, 0 did not run
Only failed and skipped tests results shown below:
Test | Result | Time (s) | Test File
--- | --- | --- | ---
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6924: [Draft] User two factor authentication
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1386605271
@harikrishna-patnala a Jenkins job has been kicked to build packages. It will be bundled with KVM, XenServer and VMware SystemVM templates. I'll keep you posted as I make progress.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6924: [Draft] User two factor authentication
Posted by "blueorangutan (via GitHub)" <gi...@apache.org>.
blueorangutan commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1411586307
@harikrishna-patnala a Jenkins job has been kicked to build packages. It will be bundled with KVM, XenServer and VMware SystemVM templates. I'll keep you posted as I make progress.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6924: User two factor authentication
Posted by "blueorangutan (via GitHub)" <gi...@apache.org>.
blueorangutan commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1423706094
Packaging result: :heavy_check_mark: el7 :heavy_check_mark: el8 :heavy_check_mark: el9 :heavy_check_mark: debian :heavy_check_mark: suse15. SL-JID 5536
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] harikrishna-patnala commented on pull request #6924: User two factor authentication
Posted by "harikrishna-patnala (via GitHub)" <gi...@apache.org>.
harikrishna-patnala commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1423924831
@blueorangutan test matrix
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] harikrishna-patnala commented on pull request #6924: User two factor authentication
Posted by "harikrishna-patnala (via GitHub)" <gi...@apache.org>.
harikrishna-patnala commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1426954730
@blueorangutan package
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] weizhouapache commented on pull request #6924: [Draft] User two factor authentication
Posted by GitBox <gi...@apache.org>.
weizhouapache commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1328859112
@blueorangutan package
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] harikrishna-patnala commented on a diff in pull request #6924: [Draft] User two factor authentication
Posted by GitBox <gi...@apache.org>.
harikrishna-patnala commented on code in PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#discussion_r1034341338
##########
api/src/main/java/org/apache/cloudstack/api/response/LoginCmdResponse.java:
##########
@@ -163,4 +175,28 @@ public String getSessionKey() {
public void setSessionKey(String sessionKey) {
this.sessionKey = sessionKey;
}
+
+ public String Is2FAenabled() {
Review Comment:
updated
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6924: [Draft] User two factor authentication
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1329262557
Packaging result: :heavy_check_mark: el7 :heavy_check_mark: el8 :heavy_check_mark: debian :heavy_check_mark: suse15. SL-JID 4656
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] rohityadavcloud commented on pull request #6924: User two factor authentication
Posted by "rohityadavcloud (via GitHub)" <gi...@apache.org>.
rohityadavcloud commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1425998468
cc @DaanHoogland I think this is ready for merge if smoketests passes and there are no regression. Any additional testing and review is welcome.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] sonarcloud[bot] commented on pull request #6924: User two factor authentication
Posted by "sonarcloud[bot] (via GitHub)" <gi...@apache.org>.
sonarcloud[bot] commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1426120067
SonarCloud Quality Gate failed. [](https://sonarcloud.io/dashboard?id=apache_cloudstack&pullRequest=6924)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=BUG) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=BUG) [0 Bugs](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=BUG)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=VULNERABILITY) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=VULNERABILITY) [0 Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=VULNERABILITY)
[](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6924&resolved=false&types=SECURITY_HOTSPOT) [](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6924&resolved=false&types=SECURITY_HOTSPOT) [9 Security Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6924&resolved=false&types=SECURITY_HOTSPOT)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=CODE_SMELL) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=CODE_SMELL) [27 Code Smells](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=CODE_SMELL)
[](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6924&metric=new_coverage&view=list) [33.8% Coverage](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6924&metric=new_coverage&view=list)
[](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6924&metric=new_duplicated_lines_density&view=list) [3.6% Duplication](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6924&metric=new_duplicated_lines_density&view=list)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] rohityadavcloud commented on pull request #6924: User two factor authentication
Posted by "rohityadavcloud (via GitHub)" <gi...@apache.org>.
rohityadavcloud commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1427197611
@harikrishna-patnala are the extraconfig errors related to this pr?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] harikrishna-patnala commented on pull request #6924: User two factor authentication
Posted by "harikrishna-patnala (via GitHub)" <gi...@apache.org>.
harikrishna-patnala commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1427274459
No @rohityadavcloud these are failing on main as well.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6924: User two factor authentication
Posted by "blueorangutan (via GitHub)" <gi...@apache.org>.
blueorangutan commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1424426778
Packaging result: :heavy_check_mark: el7 :heavy_check_mark: el8 :heavy_check_mark: el9 :heavy_check_mark: debian :heavy_check_mark: suse15. SL-JID 5542
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] harikrishna-patnala commented on a diff in pull request #6924: [Draft] User two factor authentication
Posted by GitBox <gi...@apache.org>.
harikrishna-patnala commented on code in PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#discussion_r1035553908
##########
server/src/main/java/com/cloud/user/AccountManagerImpl.java:
##########
@@ -315,6 +322,31 @@ public class AccountManagerImpl extends ManagerBase implements AccountManager, M
private int _cleanupInterval;
private List<String> apiNameList;
+ protected static Map<String, UserTwoFactorAuthenticator> userTwoFactorAuthenticationProvidersMap = new HashMap<>();
+
+ private List<UserTwoFactorAuthenticator> userTwoFactorAuthenticationProviders;
+
+ static ConfigKey<Boolean> enableUserTwoFactorAuthentication = new ConfigKey<Boolean>("Advanced",
+ Boolean.class,
+ "enable.user.two.factor.authentication",
+ "false",
+ "Determines whether two factor authentication is enabled or not. This can also be configured at domain level.",
+ false,
Review Comment:
These can be made dynamic, I'll make it now. I wanted the reviewer's opinion, so kept it false then. I'll change it.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6924: [Draft] User two factor authentication
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1328622431
@harikrishna-patnala a Jenkins job has been kicked to build packages. It will be bundled with KVM, XenServer and VMware SystemVM templates. I'll keep you posted as I make progress.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6924: [Draft] User two factor authentication
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1328628872
Packaging result: :heavy_multiplication_x: el7 :heavy_multiplication_x: el8 :heavy_multiplication_x: debian :heavy_multiplication_x: suse15. SL-JID 4654
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6924: [Draft] User two factor authentication
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1329033983
Packaging result: :heavy_check_mark: el7 :heavy_multiplication_x: el8 :heavy_check_mark: debian :heavy_check_mark: suse15. SL-JID 4654
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6924: [Draft] User two factor authentication
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1330144946
@harikrishna-patnala a Jenkins job has been kicked to build packages. It will be bundled with KVM, XenServer and VMware SystemVM templates. I'll keep you posted as I make progress.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] harikrishna-patnala commented on pull request #6924: [Draft] User two factor authentication
Posted by GitBox <gi...@apache.org>.
harikrishna-patnala commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1336814145
@blueorangutan package
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] DaanHoogland commented on pull request #6924: [Draft] User two factor authentication
Posted by GitBox <gi...@apache.org>.
DaanHoogland commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1354720869
@harikrishna-patnala will this be ready before half January? i.e. 4.18
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6924: User two factor authentication
Posted by "blueorangutan (via GitHub)" <gi...@apache.org>.
blueorangutan commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1421191250
@harikrishna-patnala a Jenkins job has been kicked to build packages. It will be bundled with
SystemVM template(s). I'll keep you posted as I make progress.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] rohityadavcloud commented on pull request #6924: User two factor authentication
Posted by "rohityadavcloud (via GitHub)" <gi...@apache.org>.
rohityadavcloud commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1420474250
@blueorangutan help
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6924: User two factor authentication
Posted by "blueorangutan (via GitHub)" <gi...@apache.org>.
blueorangutan commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1420676531
@harikrishna-patnala a Jenkins job has been kicked to build packages. It will be bundled with
SystemVM template(s). I'll keep you posted as I make progress.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6924: User two factor authentication
Posted by "blueorangutan (via GitHub)" <gi...@apache.org>.
blueorangutan commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1426612177
<b>Trillian test result (tid-6163)</b>
Environment: kvm-centos7 (x2), Advanced Networking with Mgmt server 7
Total time taken: 46116 seconds
Marvin logs: https://github.com/blueorangutan/acs-prs/releases/download/trillian/pr6924-t6163-kvm-centos7.zip
Smoke tests completed. 106 look OK, 2 have errors, 0 did not run
Only failed and skipped tests results shown below:
Test | Result | Time (s) | Test File
--- | --- | --- | ---
test_router_dhcphosts | `Failure` | 22.83 | test_router_dhcphosts.py
test_02_deploy_vm_with_extraconfig_kvm | `Error` | 1.18 | test_deploy_vm_extra_config_data.py
test_03_update_vm_with_extraconfig_kvm | `Error` | 0.14 | test_deploy_vm_extra_config_data.py
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6924: [Draft] User two factor authentication
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1381863193
Packaging result: :heavy_check_mark: el7 :heavy_check_mark: el8 :heavy_check_mark: el9 :heavy_check_mark: debian :heavy_check_mark: suse15. SL-JID 5267
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] sonarcloud[bot] commented on pull request #6924: User two factor authentication
Posted by "sonarcloud[bot] (via GitHub)" <gi...@apache.org>.
sonarcloud[bot] commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1423723651
SonarCloud Quality Gate failed. [](https://sonarcloud.io/dashboard?id=apache_cloudstack&pullRequest=6924)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=BUG) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=BUG) [0 Bugs](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=BUG)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=VULNERABILITY) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=VULNERABILITY) [0 Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=VULNERABILITY)
[](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6924&resolved=false&types=SECURITY_HOTSPOT) [](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6924&resolved=false&types=SECURITY_HOTSPOT) [9 Security Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6924&resolved=false&types=SECURITY_HOTSPOT)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=CODE_SMELL) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=CODE_SMELL) [27 Code Smells](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=CODE_SMELL)
[](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6924&metric=new_coverage&view=list) [34.0% Coverage](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6924&metric=new_coverage&view=list)
[](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6924&metric=new_duplicated_lines_density&view=list) [3.8% Duplication](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6924&metric=new_duplicated_lines_density&view=list)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6924: User two factor authentication
Posted by "blueorangutan (via GitHub)" <gi...@apache.org>.
blueorangutan commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1423926101
@harikrishna-patnala a Trillian-Jenkins matrix job (centos7 mgmt + xenserver71, rocky8 mgmt + vmware67u3, centos7 mgmt + kvmcentos7) has been kicked to run smoke tests
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6924: User two factor authentication
Posted by "blueorangutan (via GitHub)" <gi...@apache.org>.
blueorangutan commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1425744914
@harikrishna-patnala a Jenkins job has been kicked to build packages. It will be bundled with KVM, XenServer and VMware SystemVM templates. I'll keep you posted as I make progress.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6924: User two factor authentication
Posted by "blueorangutan (via GitHub)" <gi...@apache.org>.
blueorangutan commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1424190436
@rohityadavcloud a Trillian-Jenkins test job (centos7 mgmt + kvm-centos7) has been kicked to run smoke tests
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] DaanHoogland commented on pull request #6924: User two factor authentication
Posted by "DaanHoogland (via GitHub)" <gi...@apache.org>.
DaanHoogland commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1426783790
@harikrishna-patnala can you address/answer the comments?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] harikrishna-patnala commented on pull request #6924: [Draft] User two factor authentication
Posted by "harikrishna-patnala (via GitHub)" <gi...@apache.org>.
harikrishna-patnala commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1404616158
@blueorangutan package
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6924: User two factor authentication
Posted by "blueorangutan (via GitHub)" <gi...@apache.org>.
blueorangutan commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1426959778
Packaging result: :heavy_check_mark: el7 :heavy_check_mark: el8 :heavy_check_mark: el9 :heavy_check_mark: debian :heavy_check_mark: suse15. SL-JID 5564
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] harikrishna-patnala commented on pull request #6924: User two factor authentication
Posted by "harikrishna-patnala (via GitHub)" <gi...@apache.org>.
harikrishna-patnala commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1415055775
@blueorangutan package
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] github-actions[bot] commented on pull request #6924: User two factor authentication
Posted by "github-actions[bot] (via GitHub)" <gi...@apache.org>.
github-actions[bot] commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1415443070
This pull request has merge conflicts. Dear author, please fix the conflicts and sync your branch with the base branch.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] harikrishna-patnala commented on pull request #6924: [Draft] User two factor authentication
Posted by "harikrishna-patnala (via GitHub)" <gi...@apache.org>.
harikrishna-patnala commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1411996427
@blueorangutan package
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] rohityadavcloud commented on pull request #6924: [Draft] User two factor authentication
Posted by "rohityadavcloud (via GitHub)" <gi...@apache.org>.
rohityadavcloud commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1410273567
Ping @harikrishna-patnala can you fix the conflicts and build pkgs?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6924: [Draft] User two factor authentication
Posted by "blueorangutan (via GitHub)" <gi...@apache.org>.
blueorangutan commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1413098168
<b>Trillian test result (tid-6073)</b>
Environment: kvm-centos7 (x2), Advanced Networking with Mgmt server 7
Total time taken: 46682 seconds
Marvin logs: https://github.com/blueorangutan/acs-prs/releases/download/trillian/pr6924-t6073-kvm-centos7.zip
Smoke tests completed. 106 look OK, 2 have errors, 0 did not run
Only failed and skipped tests results shown below:
Test | Result | Time (s) | Test File
--- | --- | --- | ---
test_03_ssvm_internals | `Failure` | 14.39 | test_ssvm.py
test_03_create_redundant_VPC_1tier_2VMs_2IPs_2PF_ACL_reboot_routers | `Failure` | 473.99 | test_vpc_redundant.py
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6924: [Draft] User two factor authentication
Posted by "blueorangutan (via GitHub)" <gi...@apache.org>.
blueorangutan commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1412049190
Packaging result: :heavy_check_mark: el7 :heavy_check_mark: el8 :heavy_check_mark: el9 :heavy_check_mark: debian :heavy_check_mark: suse15. SL-JID 5474
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6924: [Draft] User two factor authentication
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1333229919
Packaging result: :heavy_check_mark: el7 :heavy_check_mark: el8 :heavy_check_mark: debian :heavy_check_mark: suse15. SL-JID 4715
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] weizhouapache commented on a diff in pull request #6924: [Draft] User two factor authentication
Posted by GitBox <gi...@apache.org>.
weizhouapache commented on code in PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#discussion_r1038114229
##########
api/src/main/java/org/apache/cloudstack/api/command/admin/user/UpdateUserCmd.java:
##########
@@ -80,6 +80,9 @@ public class UpdateUserCmd extends BaseCmd {
@Parameter(name = ApiConstants.USERNAME, type = CommandType.STRING, description = "Unique username")
private String username;
+ @Parameter(name = ApiConstants.MANDATE_2FA, type = CommandType.BOOLEAN, description = "Provide true to mandate the user to use two factor authentication has to be enabled. This parameter is only used to mandate 2FA, not to disable 2FA")
Review Comment:
@harikrishna-patnala
is `mandate2fa` a parameter only for admins (root admin, domain admin) ?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] harikrishna-patnala commented on pull request #6924: [Draft] User two factor authentication
Posted by GitBox <gi...@apache.org>.
harikrishna-patnala commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1333171103
@blueorangutan package
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] harikrishna-patnala commented on a diff in pull request #6924: [Draft] User two factor authentication
Posted by GitBox <gi...@apache.org>.
harikrishna-patnala commented on code in PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#discussion_r1049301360
##########
server/src/main/java/com/cloud/user/AccountManagerImpl.java:
##########
@@ -315,6 +322,31 @@ public class AccountManagerImpl extends ManagerBase implements AccountManager, M
private int _cleanupInterval;
private List<String> apiNameList;
+ protected static Map<String, UserTwoFactorAuthenticator> userTwoFactorAuthenticationProvidersMap = new HashMap<>();
+
+ private List<UserTwoFactorAuthenticator> userTwoFactorAuthenticationProviders;
+
+ static ConfigKey<Boolean> enableUserTwoFactorAuthentication = new ConfigKey<Boolean>("Advanced",
+ Boolean.class,
+ "enable.user.two.factor.authentication",
+ "false",
+ "Determines whether two factor authentication is enabled or not. This can also be configured at domain level.",
+ false,
+ ConfigKey.Scope.Domain);
+
+ ConfigKey<Boolean> mandateUserTwoFactorAuthentication = new ConfigKey<Boolean>("Advanced",
+ Boolean.class,
+ "mandate.user.two.factor.authentication",
+ "false",
+ "Determines whether to make the two factor authentication mandatory or not. This can also be configured at domain level.",
+ false,
+ ConfigKey.Scope.Domain);
+
+ ConfigKey<String> userTwoFactorAuthenticationDefaultProvider = new ConfigKey<>("Advanced", String.class,
+ "user.two.factor.authentication.default.provider",
+ "GOOGLE",
+ "The default user two factor authentication provider plugin. Eg. google, staticpin", true, ConfigKey.Scope.Domain);
Review Comment:
Added this check in configuration manager
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6924: User two factor authentication
Posted by "blueorangutan (via GitHub)" <gi...@apache.org>.
blueorangutan commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1420553861
@harikrishna-patnala a Jenkins job has been kicked to build packages. It will be bundled with KVM, XenServer and VMware SystemVM templates. I'll keep you posted as I make progress.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6924: User two factor authentication
Posted by "blueorangutan (via GitHub)" <gi...@apache.org>.
blueorangutan commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1418980096
@harikrishna-patnala a Jenkins job has been kicked to build packages. It will be bundled with
SystemVM template(s). I'll keep you posted as I make progress.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6924: User two factor authentication
Posted by "blueorangutan (via GitHub)" <gi...@apache.org>.
blueorangutan commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1420536605
Packaging result: :heavy_multiplication_x: el7 :heavy_multiplication_x: el8 :heavy_multiplication_x: el9 :heavy_multiplication_x: debian :heavy_multiplication_x: suse15. SL-JID 5519
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] sonarcloud[bot] commented on pull request #6924: User two factor authentication
Posted by "sonarcloud[bot] (via GitHub)" <gi...@apache.org>.
sonarcloud[bot] commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1420764549
SonarCloud Quality Gate failed. [](https://sonarcloud.io/dashboard?id=apache_cloudstack&pullRequest=6924)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=BUG) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=BUG) [0 Bugs](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=BUG)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=VULNERABILITY) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=VULNERABILITY) [0 Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=VULNERABILITY)
[](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6924&resolved=false&types=SECURITY_HOTSPOT) [](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6924&resolved=false&types=SECURITY_HOTSPOT) [15 Security Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6924&resolved=false&types=SECURITY_HOTSPOT)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=CODE_SMELL) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=CODE_SMELL) [24 Code Smells](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=CODE_SMELL)
[](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6924&metric=new_coverage&view=list) [35.0% Coverage](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6924&metric=new_coverage&view=list)
[](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6924&metric=new_duplicated_lines_density&view=list) [3.8% Duplication](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6924&metric=new_duplicated_lines_density&view=list)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6924: User two factor authentication
Posted by "blueorangutan (via GitHub)" <gi...@apache.org>.
blueorangutan commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1420048234
<b>Trillian test result (tid-6111)</b>
Environment: kvm-centos7 (x2), Advanced Networking with Mgmt server 7
Total time taken: 40920 seconds
Marvin logs: https://github.com/blueorangutan/acs-prs/releases/download/trillian/pr6924-t6111-kvm-centos7.zip
Smoke tests completed. 108 look OK, 0 have errors, 0 did not run
Only failed and skipped tests results shown below:
Test | Result | Time (s) | Test File
--- | --- | --- | ---
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6924: User two factor authentication
Posted by "blueorangutan (via GitHub)" <gi...@apache.org>.
blueorangutan commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1423675122
@harikrishna-patnala a Jenkins job has been kicked to build packages. It will be bundled with
SystemVM template(s). I'll keep you posted as I make progress.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] DaanHoogland commented on pull request #6924: [Draft] User two factor authentication
Posted by GitBox <gi...@apache.org>.
DaanHoogland commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1398604312
@blueorangutan test
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6924: User two factor authentication
Posted by "blueorangutan (via GitHub)" <gi...@apache.org>.
blueorangutan commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1425660251
Packaging result: :heavy_check_mark: el7 :heavy_check_mark: el8 :heavy_check_mark: el9 :heavy_check_mark: debian :heavy_check_mark: suse15. SL-JID 5551
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] sonarcloud[bot] commented on pull request #6924: User two factor authentication
Posted by "sonarcloud[bot] (via GitHub)" <gi...@apache.org>.
sonarcloud[bot] commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1425821856
SonarCloud Quality Gate failed. [](https://sonarcloud.io/dashboard?id=apache_cloudstack&pullRequest=6924)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=BUG) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=BUG) [0 Bugs](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=BUG)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=VULNERABILITY) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=VULNERABILITY) [0 Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=VULNERABILITY)
[](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6924&resolved=false&types=SECURITY_HOTSPOT) [](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6924&resolved=false&types=SECURITY_HOTSPOT) [9 Security Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6924&resolved=false&types=SECURITY_HOTSPOT)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=CODE_SMELL) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=CODE_SMELL) [27 Code Smells](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=CODE_SMELL)
[](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6924&metric=new_coverage&view=list) [33.8% Coverage](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6924&metric=new_coverage&view=list)
[](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6924&metric=new_duplicated_lines_density&view=list) [3.6% Duplication](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6924&metric=new_duplicated_lines_density&view=list)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] sonarcloud[bot] commented on pull request #6924: User two factor authentication
Posted by "sonarcloud[bot] (via GitHub)" <gi...@apache.org>.
sonarcloud[bot] commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1419055005
SonarCloud Quality Gate failed. [](https://sonarcloud.io/dashboard?id=apache_cloudstack&pullRequest=6924)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=BUG) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=BUG) [0 Bugs](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=BUG)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=VULNERABILITY) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=VULNERABILITY) [0 Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=VULNERABILITY)
[](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6924&resolved=false&types=SECURITY_HOTSPOT) [](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6924&resolved=false&types=SECURITY_HOTSPOT) [9 Security Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6924&resolved=false&types=SECURITY_HOTSPOT)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=CODE_SMELL) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=CODE_SMELL) [24 Code Smells](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=CODE_SMELL)
[](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6924&metric=new_coverage&view=list) [34.9% Coverage](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6924&metric=new_coverage&view=list)
[](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6924&metric=new_duplicated_lines_density&view=list) [3.8% Duplication](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6924&metric=new_duplicated_lines_density&view=list)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] harikrishna-patnala commented on a diff in pull request #6924: User two factor authentication
Posted by "harikrishna-patnala (via GitHub)" <gi...@apache.org>.
harikrishna-patnala commented on code in PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#discussion_r1098417623
##########
plugins/user-authenticators/saml2/src/main/java/org/apache/cloudstack/saml/SAMLUtils.java:
##########
@@ -286,7 +287,10 @@ public static void setupSamlUserCookies(final LoginCmdResponse loginResponse, fi
resp.addCookie(new Cookie("account", URLEncoder.encode(loginResponse.getAccount(), HttpUtils.UTF_8)));
resp.addCookie(new Cookie("isSAML", URLEncoder.encode("true", HttpUtils.UTF_8)));
resp.addCookie(new Cookie("twoFaEnabled", URLEncoder.encode(loginResponse.is2FAenabled(), HttpUtils.UTF_8)));
- resp.addCookie(new Cookie("twoFaProvider", URLEncoder.encode(loginResponse.getProviderFor2FA(), HttpUtils.UTF_8)));
+ String providerFor2FA = loginResponse.getProviderFor2FA();
+ if (StringUtils.isNoneEmpty(providerFor2FA)) {
Review Comment:
yeah, wrong method used, will fix it.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] sonarcloud[bot] commented on pull request #6924: [Draft] User two factor authentication
Posted by sonarcloud.
sonarcloud[bot] commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1404670440
SonarCloud Quality Gate failed. [](https://sonarcloud.io/dashboard?id=apache_cloudstack&pullRequest=6924)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=BUG) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=BUG) [3 Bugs](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=BUG)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=VULNERABILITY) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=VULNERABILITY) [0 Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=VULNERABILITY)
[](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6924&resolved=false&types=SECURITY_HOTSPOT) [](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6924&resolved=false&types=SECURITY_HOTSPOT) [3 Security Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6924&resolved=false&types=SECURITY_HOTSPOT)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=CODE_SMELL) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=CODE_SMELL) [55 Code Smells](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=CODE_SMELL)
[](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6924&metric=new_coverage&view=list) [35.8% Coverage](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6924&metric=new_coverage&view=list)
[](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6924&metric=new_duplicated_lines_density&view=list) [3.9% Duplication](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6924&metric=new_duplicated_lines_density&view=list)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] harikrishna-patnala commented on pull request #6924: [Draft] User two factor authentication
Posted by "harikrishna-patnala (via GitHub)" <gi...@apache.org>.
harikrishna-patnala commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1404764257
@blueorangutan package
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6924: [Draft] User two factor authentication
Posted by "blueorangutan (via GitHub)" <gi...@apache.org>.
blueorangutan commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1404809501
Packaging result: :heavy_check_mark: el7 :heavy_check_mark: el8 :heavy_check_mark: el9 :heavy_check_mark: debian :heavy_check_mark: suse15. SL-JID 5414
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] harikrishna-patnala commented on pull request #6924: [Draft] User two factor authentication
Posted by "harikrishna-patnala (via GitHub)" <gi...@apache.org>.
harikrishna-patnala commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1411585510
@blueorangutan package
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6924: [Draft] User two factor authentication
Posted by "blueorangutan (via GitHub)" <gi...@apache.org>.
blueorangutan commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1413316216
@DaanHoogland a Trillian-Jenkins test job (centos7 mgmt + kvm-centos7) has been kicked to run smoke tests
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] NuxRo commented on pull request #6924: [Draft] User two factor authentication
Posted by GitBox <gi...@apache.org>.
NuxRo commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1353379951
@blueorangutan package
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6924: [Draft] User two factor authentication
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1328759043
@harikrishna-patnala a Jenkins job has been kicked to build packages. It will be bundled with KVM, XenServer and VMware SystemVM templates. I'll keep you posted as I make progress.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6924: [Draft] User two factor authentication
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1336814990
@harikrishna-patnala a Jenkins job has been kicked to build packages. It will be bundled with KVM, XenServer and VMware SystemVM templates. I'll keep you posted as I make progress.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6924: [Draft] User two factor authentication
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1381763074
@harikrishna-patnala a Jenkins job has been kicked to build packages. It will be bundled with KVM, XenServer and VMware SystemVM templates. I'll keep you posted as I make progress.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] github-actions[bot] commented on pull request #6924: [Draft] User two factor authentication
Posted by GitBox <gi...@apache.org>.
github-actions[bot] commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1337963227
This pull request has merge conflicts. Dear author, please fix the conflicts and sync your branch with the base branch.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6924: [Draft] User two factor authentication
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1352699160
Packaging result: :heavy_multiplication_x: el7 :heavy_multiplication_x: el8 :heavy_multiplication_x: debian :heavy_multiplication_x: suse15. SL-JID 4958
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6924: [Draft] User two factor authentication
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1352992281
Packaging result: :heavy_multiplication_x: el7 :heavy_multiplication_x: el8 :heavy_multiplication_x: debian :heavy_multiplication_x: suse15. SL-JID 4962
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] github-actions[bot] commented on pull request #6924: [Draft] User two factor authentication
Posted by github-actions.
github-actions[bot] commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1411779235
This pull request has merge conflicts. Dear author, please fix the conflicts and sync your branch with the base branch.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] DaanHoogland commented on a diff in pull request #6924: [Draft] User two factor authentication
Posted by "DaanHoogland (via GitHub)" <gi...@apache.org>.
DaanHoogland commented on code in PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#discussion_r1094183589
##########
api/src/main/java/org/apache/cloudstack/api/command/admin/user/UpdateUserCmd.java:
##########
@@ -79,6 +79,9 @@ public class UpdateUserCmd extends BaseCmd {
@Parameter(name = ApiConstants.USERNAME, type = CommandType.STRING, description = "Unique username")
private String username;
+ @Parameter(name = ApiConstants.MANDATE_2FA, type = CommandType.BOOLEAN, description = "Provide true to mandate the user to use two factor authentication has to be enabled. This parameter is only used to mandate 2FA, not to disable 2FA")
Review Comment:
```suggestion
@Parameter(name = ApiConstants.MANDATE_2FA, type = CommandType.BOOLEAN, description = "Provide true to mandate the user to use two factor authentication has to be enabled. This parameter is only used to mandate 2FA, not to disable 2FA", since = "4.18.0.0")
```
##########
api/src/main/java/org/apache/cloudstack/api/response/UserResponse.java:
##########
@@ -120,6 +120,10 @@ public class UserResponse extends BaseResponse implements SetResourceIconRespons
@Param(description = "Base64 string representation of the resource icon", since = "4.16.0.0")
ResourceIconResponse icon;
+ @SerializedName(ApiConstants.IS_2FA_ENABLED)
+ @Param(description = "true if user has two factor authentication enabled", since = "4.18.0.0")
Review Comment:
would since be needed on output parameters? if so these shhould be added on `LoginCmdResponse` as well.
##########
plugins/network-elements/juniper-contrail/src/test/java/org/apache/cloudstack/network/contrail/management/MockAccountManager.java:
##########
@@ -24,9 +24,12 @@
import javax.inject.Inject;
import javax.naming.ConfigurationException;
+import com.cloud.api.auth.SetupUserTwoFactorAuthenticationCmd;
Review Comment:
we must really stop putting new classes in `com.cloud` packages. `package org.apache.cloudstack.api.auth;` works just as well.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] rohityadavcloud commented on pull request #6924: User two factor authentication
Posted by "rohityadavcloud (via GitHub)" <gi...@apache.org>.
rohityadavcloud commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1413637708
@blueorangutan package
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] DaanHoogland commented on a diff in pull request #6924: [Draft] User two factor authentication
Posted by "DaanHoogland (via GitHub)" <gi...@apache.org>.
DaanHoogland commented on code in PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#discussion_r1094393356
##########
plugins/network-elements/juniper-contrail/src/test/java/org/apache/cloudstack/network/contrail/management/MockAccountManager.java:
##########
@@ -24,9 +24,12 @@
import javax.inject.Inject;
import javax.naming.ConfigurationException;
+import com.cloud.api.auth.SetupUserTwoFactorAuthenticationCmd;
Review Comment:
not now @harikrishna-patnala , as discussed off-line. worrying but not blocking in any way.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6924: User two factor authentication
Posted by "blueorangutan (via GitHub)" <gi...@apache.org>.
blueorangutan commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1420722668
Packaging result: :heavy_check_mark: el7 :heavy_check_mark: el8 :heavy_check_mark: el9 :heavy_check_mark: debian :heavy_check_mark: suse15. SL-JID 5522
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6924: User two factor authentication
Posted by "blueorangutan (via GitHub)" <gi...@apache.org>.
blueorangutan commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1420198489
<b>Trillian test result (tid-6110)</b>
Environment: vmware-67u3 (x2), Advanced Networking with Mgmt server r8
Total time taken: 52004 seconds
Marvin logs: https://github.com/blueorangutan/acs-prs/releases/download/trillian/pr6924-t6110-vmware-67u3.zip
Smoke tests completed. 108 look OK, 0 have errors, 0 did not run
Only failed and skipped tests results shown below:
Test | Result | Time (s) | Test File
--- | --- | --- | ---
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] harikrishna-patnala commented on pull request #6924: User two factor authentication
Posted by "harikrishna-patnala (via GitHub)" <gi...@apache.org>.
harikrishna-patnala commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1422067915
@blueorangutan package
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6924: User two factor authentication
Posted by "blueorangutan (via GitHub)" <gi...@apache.org>.
blueorangutan commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1424980650
<b>Trillian test result (tid-6140)</b>
Environment: kvm-centos7 (x2), Advanced Networking with Mgmt server 7
Total time taken: 47614 seconds
Marvin logs: https://github.com/blueorangutan/acs-prs/releases/download/trillian/pr6924-t6140-kvm-centos7.zip
Smoke tests completed. 106 look OK, 2 have errors, 0 did not run
Only failed and skipped tests results shown below:
Test | Result | Time (s) | Test File
--- | --- | --- | ---
test_02_deploy_vm_with_extraconfig_kvm | `Error` | 0.14 | test_deploy_vm_extra_config_data.py
test_03_update_vm_with_extraconfig_kvm | `Error` | 0.14 | test_deploy_vm_extra_config_data.py
test_02_deploy_vm_on_specific_cluster | `Error` | 0.13 | test_vm_deployment_planner.py
test_03_deploy_vm_on_specific_pod | `Error` | 0.16 | test_vm_deployment_planner.py
test_04_deploy_vm_on_host_override_pod_and_cluster | `Error` | 0.16 | test_vm_deployment_planner.py
test_05_deploy_vm_on_cluster_override_pod | `Error` | 0.14 | test_vm_deployment_planner.py
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] harikrishna-patnala commented on pull request #6924: User two factor authentication
Posted by "harikrishna-patnala (via GitHub)" <gi...@apache.org>.
harikrishna-patnala commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1420676171
@blueorangutan package
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] BryanMLima commented on a diff in pull request #6924: User two factor authentication
Posted by "BryanMLima (via GitHub)" <gi...@apache.org>.
BryanMLima commented on code in PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#discussion_r1101416929
##########
server/src/main/java/com/cloud/api/ApiServlet.java:
##########
@@ -293,17 +299,27 @@ void processRequestInContext(final HttpServletRequest req, final HttpServletResp
// Initialize an empty context and we will update it after we have verified the request below,
// we no longer rely on web-session here, verifyRequest will populate user/account information
// if a API key exists
- Long userId = null;
if (isNew && s_logger.isTraceEnabled()) {
s_logger.trace(String.format("new session: %s", session));
}
+
+ if (!isNew && (command.equalsIgnoreCase(ValidateUserTwoFactorAuthenticationCodeCmd.APINAME) || (!skip2FAcheckForAPIs(command) && !skip2FAcheckForUser(session)))) {
Review Comment:
~~~
!isNew && (command.equalsIgnoreCase(ValidateUserTwoFactorAuthenticationCodeCmd.APINAME) || (!skip2FAcheckForAPIs(command) && !skip2FAcheckForUser(session)))
~~~
Could be a method called `shouldCheck2faPermission` or something like that. It would improve code legibility.
##########
server/src/main/java/com/cloud/api/auth/SetupUserTwoFactorAuthenticationCmd.java:
##########
@@ -0,0 +1,96 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements. See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership. The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License. You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied. See the License for the
+// specific language governing permissions and limitations
+// under the License.
+package com.cloud.api.auth;
+
+import com.cloud.user.AccountManager;
+import org.apache.cloudstack.acl.RoleType;
+import org.apache.cloudstack.api.APICommand;
+import org.apache.cloudstack.api.ApiConstants;
+import org.apache.cloudstack.api.ApiCommandResourceType;
+import org.apache.cloudstack.api.BaseCmd;
+import org.apache.cloudstack.api.Parameter;
+import org.apache.cloudstack.api.ServerApiException;
+import org.apache.cloudstack.api.response.UserResponse;
+import org.apache.cloudstack.api.response.UserTwoFactorAuthenticationSetupResponse;
+import org.apache.cloudstack.context.CallContext;
+import org.apache.log4j.Logger;
+
+import javax.inject.Inject;
+
+@APICommand(name = SetupUserTwoFactorAuthenticationCmd.APINAME, description = "Setup the 2fa for the user.", authorized = {RoleType.Admin, RoleType.DomainAdmin, RoleType.ResourceAdmin, RoleType.User}, requestHasSensitiveInfo = false,
+ responseObject = UserTwoFactorAuthenticationSetupResponse.class, entityType = {}, since = "4.18.0")
+public class SetupUserTwoFactorAuthenticationCmd extends BaseCmd {
+
+ public static final String APINAME = "setupUserTwoFactorAuthentication";
+ public static final Logger s_logger = Logger.getLogger(SetupUserTwoFactorAuthenticationCmd.class.getName());
+
+ @Inject
+ private AccountManager accountManager;
+
+ /////////////////////////////////////////////////////
+ //////////////// API parameters /////////////////////
+ /////////////////////////////////////////////////////
+
+ @Parameter(name = ApiConstants.PROVIDER, type = CommandType.STRING, description = "two factor authentication code")
Review Comment:
```suggestion
@Parameter(name = ApiConstants.PROVIDER, type = CommandType.STRING, description = "Two factor authentication provider")
```
Should it not be the provider here?
##########
test/integration/smoke/test_2fa.py:
##########
@@ -0,0 +1,294 @@
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+""" P1 tests for Account
+"""
+# Import Local Modules
+from marvin.cloudstackTestCase import cloudstackTestCase
+from marvin.lib.utils import (random_gen,
+ cleanup_resources,
+ validateList)
+from marvin.cloudstackAPI import *
+from marvin.lib.base import (Domain,
+ Account,
+ ServiceOffering,
+ VirtualMachine,
+ Network,
+ User,
+ Template,
+ Role)
+from marvin.lib.common import (get_domain,
+ get_zone,
+ get_test_template,
+ list_accounts,
+ list_virtual_machines,
+ list_service_offering,
+ list_templates,
+ list_users,
+ wait_for_cleanup)
+from nose.plugins.attrib import attr
+from marvin.cloudstackException import CloudstackAPIException
+from marvin.codes import PASS
+import time
+
+from pyVmomi.VmomiSupport import GetVersionFromVersionUri
+
+class Services:
+
+ """Test Account Services
+ """
+
+ def __init__(self):
+ self.services = {
+ "domain": {
+ "name": "Domain",
+ },
+ "account": {
+ "email": "test@test.com",
+ "firstname": "Test",
+ "lastname": "User",
+ "username": "test",
+ # Random characters are appended for unique
+ # username
+ "password": "fr3sca",
+ },
+ "role": {
+ "name": "User Role",
+ "type": "User",
+ "description": "User Role created by Marvin test"
+ },
+ "user": {
+ "email": "user@test.com",
+ "firstname": "User",
+ "lastname": "User",
+ "username": "User",
+ # Random characters are appended for unique
+ # username
+ "password": "fr3sca",
+ },
+ "service_offering": {
+ "name": "Tiny Instance",
+ "displaytext": "Tiny Instance",
+ "cpunumber": 1,
+ "cpuspeed": 100,
+ # in MHz
+ "memory": 128,
+ # In MBs
+ },
+ "virtual_machine": {
+ "displayname": "Test VM",
+ "username": "root",
+ "password": "password",
+ "ssh_port": 22,
+ "hypervisor": 'XenServer',
+ # Hypervisor type should be same as
+ # hypervisor type of cluster
+ "privateport": 22,
+ "publicport": 22,
+ "protocol": 'TCP',
+ },
+ "template": {
+ "displaytext": "Public Template",
+ "name": "Public template",
+ "ostype": 'CentOS 5.6 (64-bit)',
+ "url": "",
+ "hypervisor": '',
+ "format": '',
+ "isfeatured": True,
+ "ispublic": True,
+ "isextractable": True,
+ "templatefilter": "self"
+ },
+ "ostype": 'CentOS 5.6 (64-bit)',
+ "sleep": 60,
+ "timeout": 10,
+ }
+
+class TestUserLogin(cloudstackTestCase):
Review Comment:
Could change this to 2FA, as this is the same name as the `test_accounts.py`.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6924: User two factor authentication
Posted by "blueorangutan (via GitHub)" <gi...@apache.org>.
blueorangutan commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1424867016
<b>Trillian test result (tid-6138)</b>
Environment: xenserver-71 (x2), Advanced Networking with Mgmt server 7
Total time taken: 40173 seconds
Marvin logs: https://github.com/blueorangutan/acs-prs/releases/download/trillian/pr6924-t6138-xenserver-71.zip
Smoke tests completed. 106 look OK, 2 have errors, 0 did not run
Only failed and skipped tests results shown below:
Test | Result | Time (s) | Test File
--- | --- | --- | ---
test_06_deploy_vm_with_extraconfig_throws_exception_xenserver | `Error` | 1.22 | test_deploy_vm_extra_config_data.py
test_07_deploy_vm_with_extraconfig_xenserver | `Error` | 0.21 | test_deploy_vm_extra_config_data.py
test_02_deploy_vm_on_specific_cluster | `Error` | 1.12 | test_vm_deployment_planner.py
test_03_deploy_vm_on_specific_pod | `Error` | 0.16 | test_vm_deployment_planner.py
test_04_deploy_vm_on_host_override_pod_and_cluster | `Error` | 1.19 | test_vm_deployment_planner.py
test_05_deploy_vm_on_cluster_override_pod | `Error` | 1.16 | test_vm_deployment_planner.py
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6924: User two factor authentication
Posted by "blueorangutan (via GitHub)" <gi...@apache.org>.
blueorangutan commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1425582907
@DaanHoogland a Jenkins job has been kicked to build packages. It will be bundled with KVM, XenServer and VMware SystemVM templates. I'll keep you posted as I make progress.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6924: User two factor authentication
Posted by "blueorangutan (via GitHub)" <gi...@apache.org>.
blueorangutan commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1425824017
Packaging result: :heavy_check_mark: el7 :heavy_check_mark: el8 :heavy_check_mark: el9 :heavy_check_mark: debian :heavy_check_mark: suse15. SL-JID 5556
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6924: User two factor authentication
Posted by "blueorangutan (via GitHub)" <gi...@apache.org>.
blueorangutan commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1425822841
Packaging result: :heavy_check_mark: el7 :heavy_check_mark: el8 :heavy_check_mark: el9 :heavy_check_mark: debian :heavy_check_mark: suse15. SL-JID 5554
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] rohityadavcloud commented on pull request #6924: User two factor authentication
Posted by "rohityadavcloud (via GitHub)" <gi...@apache.org>.
rohityadavcloud commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1425963893
@blueorangutan test
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6924: [Draft] User two factor authentication
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1331735244
Packaging result: :heavy_check_mark: el7 :heavy_multiplication_x: el8 :heavy_check_mark: debian :heavy_check_mark: suse15. SL-JID 4690
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] github-actions[bot] commented on pull request #6924: [Draft] User two factor authentication
Posted by github-actions.
github-actions[bot] commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1403568049
This pull request has merge conflicts. Dear author, please fix the conflicts and sync your branch with the base branch.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6924: [Draft] User two factor authentication
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1398459855
@DaanHoogland a Jenkins job has been kicked to build packages. It will be bundled with KVM, XenServer and VMware SystemVM templates. I'll keep you posted as I make progress.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6924: [Draft] User two factor authentication
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1328859615
@weizhouapache a Jenkins job has been kicked to build packages. It will be bundled with
SystemVM template(s). I'll keep you posted as I make progress.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6924: [Draft] User two factor authentication
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1328862435
Packaging result: :heavy_multiplication_x: el7 :heavy_multiplication_x: el8 :heavy_multiplication_x: debian :heavy_multiplication_x: suse15. SL-JID 4657
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6924: [Draft] User two factor authentication
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1328766105
Packaging result: :heavy_multiplication_x: el7 :heavy_multiplication_x: el8 :heavy_multiplication_x: debian :heavy_multiplication_x: suse15. SL-JID 4656
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] DaanHoogland merged pull request #6924: User two factor authentication
Posted by "DaanHoogland (via GitHub)" <gi...@apache.org>.
DaanHoogland merged PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6924: User two factor authentication
Posted by "blueorangutan (via GitHub)" <gi...@apache.org>.
blueorangutan commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1427113843
<b>Trillian test result (tid-6168)</b>
Environment: kvm-centos7 (x2), Advanced Networking with Mgmt server 7
Total time taken: 40852 seconds
Marvin logs: https://github.com/blueorangutan/acs-prs/releases/download/trillian/pr6924-t6168-kvm-centos7.zip
Smoke tests completed. 107 look OK, 1 have errors, 0 did not run
Only failed and skipped tests results shown below:
Test | Result | Time (s) | Test File
--- | --- | --- | ---
test_02_deploy_vm_with_extraconfig_kvm | `Error` | 1.22 | test_deploy_vm_extra_config_data.py
test_03_update_vm_with_extraconfig_kvm | `Error` | 0.17 | test_deploy_vm_extra_config_data.py
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] harikrishna-patnala commented on a diff in pull request #6924: [Draft] User two factor authentication
Posted by GitBox <gi...@apache.org>.
harikrishna-patnala commented on code in PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#discussion_r1035565094
##########
server/src/main/java/com/cloud/user/AccountManagerImpl.java:
##########
@@ -3100,6 +3171,151 @@ public String getConfigComponentName() {
@Override
public ConfigKey<?>[] getConfigKeys() {
- return new ConfigKey<?>[] {UseSecretKeyInResponse};
+ return new ConfigKey<?>[] {UseSecretKeyInResponse, enableUserTwoFactorAuthentication, userTwoFactorAuthenticationDefaultProvider, mandateUserTwoFactorAuthentication};
+ }
+
+ public List<UserTwoFactorAuthenticator> getUserTwoFactorAuthenticationProviders() {
+ return userTwoFactorAuthenticationProviders;
+ }
+
+ public void setUserTwoFactorAuthenticationProviders(final List<UserTwoFactorAuthenticator> userTwoFactorAuthenticationProviders) {
+ this.userTwoFactorAuthenticationProviders = userTwoFactorAuthenticationProviders;
+ }
+
+ private void initializeUserTwoFactorAuthenticationProvidersMap() {
+ if (userTwoFactorAuthenticationProviders != null) {
+ for (final UserTwoFactorAuthenticator userTwoFactorAuthenticator : userTwoFactorAuthenticationProviders) {
+ userTwoFactorAuthenticationProvidersMap.put(userTwoFactorAuthenticator.getName().toLowerCase(), userTwoFactorAuthenticator);
+ }
+ }
+ }
+
+ @Override
+ public void verifyUsingTwoFactorAuthenticationCode(final String code, final Long domainId, final Long userAccountId) {
+
+ Account caller = CallContext.current().getCallingAccount();
+ Account owner = _accountService.getActiveAccountById(caller.getId());
+
+ checkAccess(caller, null, true, owner);
+
+ UserAccount userAccount = _accountService.getUserAccountById(userAccountId);
+ if (!userAccount.isUser2faEnabled()) {
+ throw new CloudRuntimeException(String.format("Two factor authentication is not enabled on the user: %s", userAccount.getUsername()));
+ }
+ UserTwoFactorAuthenticator userTwoFactorAuthenticator = getUserTwoFactorAuthenticator(domainId, userAccountId);
+ userTwoFactorAuthenticator.check2FA(code, userAccount);
+ }
+
+ @Override
+ public UserTwoFactorAuthenticator getUserTwoFactorAuthenticator(Long domainId, Long userAccountId) {
+ if (userAccountId != null) {
+ UserAccount userAccount = _accountService.getUserAccountById(userAccountId);
+ if (userAccount.getUser2faProvider() != null) {
+ return getUserTwoFactorAuthenticator(userAccount.getUser2faProvider());
+ }
+ }
+ final String name = userTwoFactorAuthenticationDefaultProvider.valueIn(domainId);
+ return getUserTwoFactorAuthenticator(name);
+ }
+
+ @Override
+ public UserTwoFactorAuthenticationSetupResponse setupUserTwoFactorAuthentication(SetupUserTwoFactorAuthenticationCmd cmd) {
+ String providerName = cmd.getProvider();
+
+ Account caller = CallContext.current().getCallingAccount();
+ Account owner = _accountService.getActiveAccountById(caller.getId());
+
+ if (cmd.getEnable()) {
+ checkAccess(caller, null, true, owner);
+ Long userId = CallContext.current().getCallingUserId();
+
+ UserTwoFactorAuthenticationSetupResponse response = enableTwoFactorAuthentication(userId, providerName);
+ return response;
+ }
+
+ // Admin can disable 2FA of the users
+ Long userId = cmd.getUserId();
+ UserTwoFactorAuthenticationSetupResponse response = disableTwoFactorAuthentication(userId, caller, owner);
+
+ return response;
+ }
+
+ protected UserTwoFactorAuthenticationSetupResponse enableTwoFactorAuthentication(Long userId, String providerName) {
+ UserAccountVO userAccount = _userAccountDao.findById(userId);
+ UserVO userVO = _userDao.findById(userId);
+
+ if (!enableUserTwoFactorAuthentication.valueIn(userAccount.getDomainId())) {
+ throw new CloudRuntimeException("2FA is not enabled for this domain or at global level");
+ }
+
+ if (StringUtils.isEmpty(providerName)) {
+ throw new InvalidParameterValueException("Provider name is mandatory to setup 2FA");
+ }
+ UserTwoFactorAuthenticator provider = getUserTwoFactorAuthenticationProvider(providerName);
+ String code = provider.setup2FAKey(userAccount);
+ UserVO user = _userDao.createForUpdate();
+ user.setKeyFor2fa(code);
+ user.setUser2faProvider(provider.getName());
+ user.setUser2faEnabled(true);
+ _userDao.update(userId, user);
+
+ UserTwoFactorAuthenticationSetupResponse response = new UserTwoFactorAuthenticationSetupResponse();
+ response.setId(userVO.getUuid());
+ response.setUsername(userAccount.getUsername());
+ response.setSecretCode(code);
+
+ return response;
}
+
+ protected UserTwoFactorAuthenticationSetupResponse disableTwoFactorAuthentication(Long userId, Account caller, Account owner) {
+ UserVO userVO = null;
+ if (userId != null) {
+ userVO = validateUser(userId, caller.getDomainId());
+ if (userVO == null) {
+ throw new InvalidParameterValueException("Unable to find user= " + userVO.getUsername() + " in domain id = " + caller.getDomainId());
+ }
+ owner = _accountService.getActiveAccountById(userVO.getAccountId());
+ } else {
+ userId = CallContext.current().getCallingUserId();
+ userVO = _userDao.findById(userId);
+ }
+ checkAccess(caller, null, true, owner);
+
+ UserVO user = _userDao.createForUpdate();
+ user.setKeyFor2fa(null);
+ user.setUser2faProvider(null);
+ user.setUser2faEnabled(false);
+ _userDao.update(userVO.getId(), user);
+
+ UserTwoFactorAuthenticationSetupResponse response = new UserTwoFactorAuthenticationSetupResponse();
+ response.setId(userVO.getUuid());
+ response.setUsername(userVO.getUsername());
+
+ return response;
+ }
+
+ private UserVO validateUser(Long userId, Long domainId) {
+ UserVO user = null;
+ if (userId != null) {
+ user = _userDao.findById(userId);
+ if (user == null) {
+ throw new InvalidParameterValueException("Invalid user ID provided");
+ }
+ if (_accountDao.findById(user.getAccountId()).getDomainId() != domainId) {
+ throw new InvalidParameterValueException("User doesn't belong to the specified account or domain");
+ }
+ }
+ return user;
+ }
+
+ public UserTwoFactorAuthenticator getUserTwoFactorAuthenticator(final String name) {
+ if (StringUtils.isEmpty(name)) {
+ throw new CloudRuntimeException("Invalid UserTwoFactorAuthenticator name provided");
+ }
+ if (!userTwoFactorAuthenticationProvidersMap.containsKey(name)) {
Review Comment:
yeah, added toLowerCase() methods while adding and fetching from the map.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6924: [Draft] User two factor authentication
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1333171735
@harikrishna-patnala a Jenkins job has been kicked to build packages. It will be bundled with KVM, XenServer and VMware SystemVM templates. I'll keep you posted as I make progress.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] harikrishna-patnala commented on a diff in pull request #6924: [Draft] User two factor authentication
Posted by GitBox <gi...@apache.org>.
harikrishna-patnala commented on code in PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#discussion_r1034341933
##########
api/src/main/java/com/cloud/user/UserAccount.java:
##########
@@ -67,4 +67,18 @@ public interface UserAccount extends InternalIdentity {
public String getExternalEntity();
public void setExternalEntity(String entity);
+
+ public boolean isTwoFactorAuthenticationEnabled();
+
+ public void setTwoFactorAuthenticationEnabled(boolean twoFactorAuthenticationEnabled);
+
+ public String getKeyFor2fa();
+
+ public void setKeyFor2fa(String keyFor2fa);
+
+ public String getUser2faProvider();
+
+ public void setUser2faProvider(String user2faProvider);
Review Comment:
Expect for the provider names, APIs and responses, I've now changed the usage to 2fa.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6924: [Draft] User two factor authentication
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1330174885
Packaging result: :heavy_check_mark: el7 :heavy_multiplication_x: el8 :heavy_check_mark: debian :heavy_check_mark: suse15. SL-JID 4668
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6924: [Draft] User two factor authentication
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1329189931
@weizhouapache a Jenkins job has been kicked to build packages. It will be bundled with KVM, XenServer and VMware SystemVM templates. I'll keep you posted as I make progress.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] weizhouapache commented on a diff in pull request #6924: [Draft] User two factor authentication
Posted by GitBox <gi...@apache.org>.
weizhouapache commented on code in PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#discussion_r1037969392
##########
api/src/main/java/org/apache/cloudstack/api/command/admin/user/UpdateUserCmd.java:
##########
@@ -80,6 +80,9 @@ public class UpdateUserCmd extends BaseCmd {
@Parameter(name = ApiConstants.USERNAME, type = CommandType.STRING, description = "Unique username")
private String username;
+ @Parameter(name = ApiConstants.MANDATE_2FA, type = CommandType.BOOLEAN, description = "Provide true to mandate the user to use two factor authentication has to be enabled. This parameter is only used to mandate 2FA, not to disable 2FA")
+ private Boolean mandate2FA;
Review Comment:
add since ?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6924: [Draft] User two factor authentication
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1354400849
@harikrishna-patnala a Jenkins job has been kicked to build packages. It will be bundled with KVM, XenServer and VMware SystemVM templates. I'll keep you posted as I make progress.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6924: [Draft] User two factor authentication
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1352668076
@harikrishna-patnala a Jenkins job has been kicked to build packages. It will be bundled with KVM, XenServer and VMware SystemVM templates. I'll keep you posted as I make progress.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6924: [Draft] User two factor authentication
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1353380410
@NuxRo a Jenkins job has been kicked to build packages. It will be bundled with KVM, XenServer and VMware SystemVM templates. I'll keep you posted as I make progress.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] sonarcloud[bot] commented on pull request #6924: [Draft] User two factor authentication
Posted by GitBox <gi...@apache.org>.
sonarcloud[bot] commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1383956001
SonarCloud Quality Gate failed. [](https://sonarcloud.io/dashboard?id=apache_cloudstack&pullRequest=6924)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=BUG) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=BUG) [3 Bugs](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=BUG)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=VULNERABILITY) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=VULNERABILITY) [0 Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=VULNERABILITY)
[](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6924&resolved=false&types=SECURITY_HOTSPOT) [](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6924&resolved=false&types=SECURITY_HOTSPOT) [3 Security Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6924&resolved=false&types=SECURITY_HOTSPOT)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=CODE_SMELL) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=CODE_SMELL) [55 Code Smells](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=CODE_SMELL)
[](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6924&metric=new_coverage&view=list) [35.8% Coverage](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6924&metric=new_coverage&view=list)
[](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6924&metric=new_duplicated_lines_density&view=list) [3.9% Duplication](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6924&metric=new_duplicated_lines_density&view=list)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6924: [Draft] User two factor authentication
Posted by "blueorangutan (via GitHub)" <gi...@apache.org>.
blueorangutan commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1399175982
<b>Trillian test result (tid-5932)</b>
Environment: kvm-centos7 (x2), Advanced Networking with Mgmt server 7
Total time taken: 40855 seconds
Marvin logs: https://github.com/blueorangutan/acs-prs/releases/download/trillian/pr6924-t5932-kvm-centos7.zip
Smoke tests completed. 107 look OK, 1 have errors, 0 did not run
Only failed and skipped tests results shown below:
Test | Result | Time (s) | Test File
--- | --- | --- | ---
test_2FA_enabled | `Failure` | 2.92 | test_2fa.py
test_2FA_setup | `Failure` | 2.91 | test_2fa.py
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6924: [Draft] User two factor authentication
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1398604770
@DaanHoogland a Trillian-Jenkins test job (centos7 mgmt + kvm-centos7) has been kicked to run smoke tests
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6924: User two factor authentication
Posted by "blueorangutan (via GitHub)" <gi...@apache.org>.
blueorangutan commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1413710458
Packaging result: :heavy_check_mark: el7 :heavy_check_mark: el8 :heavy_check_mark: el9 :heavy_check_mark: debian :heavy_check_mark: suse15. SL-JID 5487
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] sonarcloud[bot] commented on pull request #6924: User two factor authentication
Posted by "sonarcloud[bot] (via GitHub)" <gi...@apache.org>.
sonarcloud[bot] commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1420628306
SonarCloud Quality Gate failed. [](https://sonarcloud.io/dashboard?id=apache_cloudstack&pullRequest=6924)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=BUG) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=BUG) [0 Bugs](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=BUG)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=VULNERABILITY) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=VULNERABILITY) [0 Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=VULNERABILITY)
[](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6924&resolved=false&types=SECURITY_HOTSPOT) [](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6924&resolved=false&types=SECURITY_HOTSPOT) [15 Security Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6924&resolved=false&types=SECURITY_HOTSPOT)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=CODE_SMELL) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=CODE_SMELL) [24 Code Smells](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=CODE_SMELL)
[](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6924&metric=new_coverage&view=list) [35.0% Coverage](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6924&metric=new_coverage&view=list)
[](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6924&metric=new_duplicated_lines_density&view=list) [3.8% Duplication](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6924&metric=new_duplicated_lines_density&view=list)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] harikrishna-patnala commented on pull request #6924: User two factor authentication
Posted by "harikrishna-patnala (via GitHub)" <gi...@apache.org>.
harikrishna-patnala commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1421190722
@blueorangutan package
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6924: [Draft] User two factor authentication
Posted by "blueorangutan (via GitHub)" <gi...@apache.org>.
blueorangutan commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1413060880
<b>Trillian test result (tid-6071)</b>
Environment: xenserver-71 (x2), Advanced Networking with Mgmt server 7
Total time taken: 43212 seconds
Marvin logs: https://github.com/blueorangutan/acs-prs/releases/download/trillian/pr6924-t6071-xenserver-71.zip
Smoke tests completed. 108 look OK, 0 have errors, 0 did not run
Only failed and skipped tests results shown below:
Test | Result | Time (s) | Test File
--- | --- | --- | ---
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6924: User two factor authentication
Posted by "blueorangutan (via GitHub)" <gi...@apache.org>.
blueorangutan commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1424065326
@harikrishna-patnala a Jenkins job has been kicked to build packages. It will be bundled with
SystemVM template(s). I'll keep you posted as I make progress.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6924: User two factor authentication
Posted by "blueorangutan (via GitHub)" <gi...@apache.org>.
blueorangutan commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1426954820
@harikrishna-patnala a Jenkins job has been kicked to build packages. It will be bundled with
SystemVM template(s). I'll keep you posted as I make progress.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] DaanHoogland commented on pull request #6924: User two factor authentication
Posted by "DaanHoogland (via GitHub)" <gi...@apache.org>.
DaanHoogland commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1426964846
@blueorangutan test matrix
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] rohityadavcloud commented on pull request #6924: User two factor authentication
Posted by "rohityadavcloud (via GitHub)" <gi...@apache.org>.
rohityadavcloud commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1425997972
@BryanMLima @stephankruggg Github has its own mind, I was trying to click on the re-review icon to ask you both to help review this again. Thanks.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6924: User two factor authentication
Posted by "blueorangutan (via GitHub)" <gi...@apache.org>.
blueorangutan commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1427725254
Packaging result: :heavy_check_mark: el7 :heavy_check_mark: el8 :heavy_check_mark: el9 :heavy_check_mark: debian :heavy_check_mark: suse15. SL-JID 5568
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] github-actions[bot] commented on pull request #6924: [Draft] User two factor authentication
Posted by github-actions.
github-actions[bot] commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1406304732
This pull request has merge conflicts. Dear author, please fix the conflicts and sync your branch with the base branch.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6924: [Draft] User two factor authentication
Posted by "blueorangutan (via GitHub)" <gi...@apache.org>.
blueorangutan commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1404666326
Packaging result: :heavy_check_mark: el7 :heavy_check_mark: el8 :heavy_check_mark: el9 :heavy_check_mark: debian :heavy_check_mark: suse15. SL-JID 5413
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6924: [Draft] User two factor authentication
Posted by "blueorangutan (via GitHub)" <gi...@apache.org>.
blueorangutan commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1404635551
Packaging result: :heavy_multiplication_x: el7 :heavy_multiplication_x: el8 :heavy_multiplication_x: el9 :heavy_multiplication_x: debian :heavy_multiplication_x: suse15. SL-JID 5412
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6924: [Draft] User two factor authentication
Posted by "blueorangutan (via GitHub)" <gi...@apache.org>.
blueorangutan commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1404765297
@harikrishna-patnala a Jenkins job has been kicked to build packages. It will be bundled with
SystemVM template(s). I'll keep you posted as I make progress.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] harikrishna-patnala commented on pull request #6924: [Draft] User two factor authentication
Posted by GitBox <gi...@apache.org>.
harikrishna-patnala commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1328757860
@blueorangutan package
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6924: [Draft] User two factor authentication
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1329092449
@weizhouapache a Jenkins job has been kicked to build packages. It will be bundled with
SystemVM template(s). I'll keep you posted as I make progress.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] weizhouapache commented on pull request #6924: [Draft] User two factor authentication
Posted by GitBox <gi...@apache.org>.
weizhouapache commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1328984352
@blueorangutan package
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] github-actions[bot] commented on pull request #6924: [Draft] User two factor authentication
Posted by GitBox <gi...@apache.org>.
github-actions[bot] commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1370559079
This pull request has merge conflicts. Dear author, please fix the conflicts and sync your branch with the base branch.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6924: [Draft] User two factor authentication
Posted by "blueorangutan (via GitHub)" <gi...@apache.org>.
blueorangutan commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1412113457
@DaanHoogland a Trillian-Jenkins matrix job (centos7 mgmt + xenserver71, rocky8 mgmt + vmware67u3, centos7 mgmt + kvmcentos7) has been kicked to run smoke tests
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] DaanHoogland commented on pull request #6924: [Draft] User two factor authentication
Posted by "DaanHoogland (via GitHub)" <gi...@apache.org>.
DaanHoogland commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1413315168
@blueorangutan test
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6924: User two factor authentication
Posted by "blueorangutan (via GitHub)" <gi...@apache.org>.
blueorangutan commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1415056419
@harikrishna-patnala a Jenkins job has been kicked to build packages. It will be bundled with KVM, XenServer and VMware SystemVM templates. I'll keep you posted as I make progress.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] harikrishna-patnala commented on pull request #6924: User two factor authentication
Posted by "harikrishna-patnala (via GitHub)" <gi...@apache.org>.
harikrishna-patnala commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1418979036
@blueorangutan package
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] sonarcloud[bot] commented on pull request #6924: User two factor authentication
Posted by "sonarcloud[bot] (via GitHub)" <gi...@apache.org>.
sonarcloud[bot] commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1415142746
SonarCloud Quality Gate failed. [](https://sonarcloud.io/dashboard?id=apache_cloudstack&pullRequest=6924)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=BUG) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=BUG) [0 Bugs](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=BUG)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=VULNERABILITY) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=VULNERABILITY) [0 Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=VULNERABILITY)
[](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6924&resolved=false&types=SECURITY_HOTSPOT) [](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6924&resolved=false&types=SECURITY_HOTSPOT) [8 Security Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6924&resolved=false&types=SECURITY_HOTSPOT)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=CODE_SMELL) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=CODE_SMELL) [22 Code Smells](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=CODE_SMELL)
[](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6924&metric=new_coverage&view=list) [36.3% Coverage](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6924&metric=new_coverage&view=list)
[](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6924&metric=new_duplicated_lines_density&view=list) [3.9% Duplication](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6924&metric=new_duplicated_lines_density&view=list)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6924: User two factor authentication
Posted by "blueorangutan (via GitHub)" <gi...@apache.org>.
blueorangutan commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1420494281
@rohityadavcloud a Jenkins job has been kicked to build packages. It will be bundled with KVM, XenServer and VMware SystemVM templates. I'll keep you posted as I make progress.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] rohityadavcloud commented on pull request #6924: User two factor authentication
Posted by "rohityadavcloud (via GitHub)" <gi...@apache.org>.
rohityadavcloud commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1420493083
@blueorangutan package
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6924: User two factor authentication
Posted by "blueorangutan (via GitHub)" <gi...@apache.org>.
blueorangutan commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1420474740
@rohityadavcloud I understand these words: "help", "hello", "thanks", "package", "test"
Test command usage: test [mgmt os] [hypervisor] [keepEnv] [qemuEv]
Mgmt OS options: ['centos7', 'centos6', 'suse15', 'alma8', 'ubuntu18', 'ubuntu22', 'ubuntu20', 'rocky8', 'alma9']
Hypervisor options: ['kvm-centos6', 'kvm-centos7', 'kvm-rocky8', 'kvm-alma8', 'kvm-alma9', 'kvm-ubuntu18', 'kvm-ubuntu20', 'kvm-ubuntu22', 'kvm-suse15', 'vmware-55u3', 'vmware-60u2', 'vmware-65u2', 'vmware-67u3', 'vmware-70u1', 'vmware-70u2', 'vmware-70u3', 'xenserver-65sp1', 'xenserver-71', 'xenserver-74', 'xcpng74', 'xcpng76', 'xcpng80', 'xcpng81', 'xcpng82']
Note: when keepEnv is passed, you need to specify mgmt server os and hypervisor or use the `matrix` command.
when qemuEv is passed, it will deploy KVM hyperviosr hosts with qemu-kvm-ev, else it will default to stock qemu.
Package command usage: package [all(default value),kvm,xen,vmware,hyperv,ovm] - a comma separated list can be passed with package command to bundle the required hypervisor's systemVM templates. Not passing any argument will bundle all - kvm,xen and vmware templates.
Blessed contributors for kicking Trillian test jobs: ['rohityadavcloud', 'nvazquez', 'borisstoyanov', 'DaanHoogland', 'shwstppr', 'andrijapanicsb', 'rahulbcn27', 'davidjumani', 'harikrishna-patnala', 'vladimirpetrov', 'weizhouapache', 'NuxRo', 'mlsorensen']
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] harikrishna-patnala commented on a diff in pull request #6924: User two factor authentication
Posted by "harikrishna-patnala (via GitHub)" <gi...@apache.org>.
harikrishna-patnala commented on code in PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#discussion_r1098415992
##########
ui/src/permission.js:
##########
@@ -60,21 +60,29 @@ router.beforeEach((to, from, next) => {
next({ path: '/dashboard' })
NProgress.done()
} else if (to.path === '/verify2FA' || to.path === '/setup2FA') {
- if (store.getters.twoFaEnabled && !store.getters.loginFlag) {
+ const isSAML = JSON.parse(Cookies.get('isSAML') || Cookies.get('isSAML', { path: '/client' }) || false)
Review Comment:
yeah @rohityadavcloud but we needed more details if 2FA is enabled or 2FA is configured to redirect to appropriate page. so for that I kept these conditions.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] sonarcloud[bot] commented on pull request #6924: User two factor authentication
Posted by "sonarcloud[bot] (via GitHub)" <gi...@apache.org>.
sonarcloud[bot] commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1426962617
SonarCloud Quality Gate failed. [](https://sonarcloud.io/dashboard?id=apache_cloudstack&pullRequest=6924)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=BUG) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=BUG) [0 Bugs](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=BUG)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=VULNERABILITY) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=VULNERABILITY) [0 Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=VULNERABILITY)
[](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6924&resolved=false&types=SECURITY_HOTSPOT) [](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6924&resolved=false&types=SECURITY_HOTSPOT) [9 Security Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6924&resolved=false&types=SECURITY_HOTSPOT)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=CODE_SMELL) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=CODE_SMELL) [27 Code Smells](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=CODE_SMELL)
[](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6924&metric=new_coverage&view=list) [34.0% Coverage](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6924&metric=new_coverage&view=list)
[](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6924&metric=new_duplicated_lines_density&view=list) [3.6% Duplication](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6924&metric=new_duplicated_lines_density&view=list)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6924: [Draft] User two factor authentication
Posted by "blueorangutan (via GitHub)" <gi...@apache.org>.
blueorangutan commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1411642440
Packaging result: :heavy_check_mark: el7 :heavy_check_mark: el8 :heavy_check_mark: el9 :heavy_check_mark: debian :heavy_check_mark: suse15. SL-JID 5465
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] github-actions[bot] commented on pull request #6924: [Draft] User two factor authentication
Posted by github-actions.
github-actions[bot] commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1411695359
This pull request has merge conflicts. Dear author, please fix the conflicts and sync your branch with the base branch.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] DaanHoogland commented on pull request #6924: User two factor authentication
Posted by "DaanHoogland (via GitHub)" <gi...@apache.org>.
DaanHoogland commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1425581827
@blueorangutan package
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] harikrishna-patnala commented on pull request #6924: User two factor authentication
Posted by "harikrishna-patnala (via GitHub)" <gi...@apache.org>.
harikrishna-patnala commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1424064402
@blueorangutan package
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6924: User two factor authentication
Posted by "blueorangutan (via GitHub)" <gi...@apache.org>.
blueorangutan commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1424127171
Packaging result: :heavy_check_mark: el7 :heavy_check_mark: el8 :heavy_check_mark: el9 :heavy_check_mark: debian :heavy_check_mark: suse15. SL-JID 5539
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6924: User two factor authentication
Posted by "blueorangutan (via GitHub)" <gi...@apache.org>.
blueorangutan commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1425751538
@harikrishna-patnala a Jenkins job has been kicked to build packages. It will be bundled with KVM, XenServer and VMware SystemVM templates. I'll keep you posted as I make progress.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6924: User two factor authentication
Posted by "blueorangutan (via GitHub)" <gi...@apache.org>.
blueorangutan commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1425964618
@rohityadavcloud a Trillian-Jenkins test job (centos7 mgmt + kvm-centos7) has been kicked to run smoke tests
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] sonarcloud[bot] commented on pull request #6924: [Draft] User two factor authentication
Posted by GitBox <gi...@apache.org>.
sonarcloud[bot] commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1381903925
SonarCloud Quality Gate failed. [](https://sonarcloud.io/dashboard?id=apache_cloudstack&pullRequest=6924)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=BUG) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=BUG) [3 Bugs](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=BUG)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=VULNERABILITY) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=VULNERABILITY) [0 Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=VULNERABILITY)
[](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6924&resolved=false&types=SECURITY_HOTSPOT) [](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6924&resolved=false&types=SECURITY_HOTSPOT) [3 Security Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6924&resolved=false&types=SECURITY_HOTSPOT)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=CODE_SMELL) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=CODE_SMELL) [55 Code Smells](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=CODE_SMELL)
[](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6924&metric=new_coverage&view=list) [35.8% Coverage](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6924&metric=new_coverage&view=list)
[](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6924&metric=new_duplicated_lines_density&view=list) [3.9% Duplication](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6924&metric=new_duplicated_lines_density&view=list)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6924: [Draft] User two factor authentication
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1386655757
Packaging result: :heavy_check_mark: el7 :heavy_check_mark: el8 :heavy_check_mark: el9 :heavy_check_mark: debian :heavy_check_mark: suse15. SL-JID 5303
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] github-actions[bot] commented on pull request #6924: [Draft] User two factor authentication
Posted by GitBox <gi...@apache.org>.
github-actions[bot] commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1398106446
This pull request has merge conflicts. Dear author, please fix the conflicts and sync your branch with the base branch.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] stephankruggg commented on a diff in pull request #6924: [Draft] User two factor authentication
Posted by GitBox <gi...@apache.org>.
stephankruggg commented on code in PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#discussion_r1033885197
##########
server/src/main/java/com/cloud/user/AccountManagerImpl.java:
##########
@@ -315,6 +322,31 @@ public class AccountManagerImpl extends ManagerBase implements AccountManager, M
private int _cleanupInterval;
private List<String> apiNameList;
+ protected static Map<String, UserTwoFactorAuthenticator> userTwoFactorAuthenticationProvidersMap = new HashMap<>();
+
+ private List<UserTwoFactorAuthenticator> userTwoFactorAuthenticationProviders;
+
+ static ConfigKey<Boolean> enableUserTwoFactorAuthentication = new ConfigKey<Boolean>("Advanced",
+ Boolean.class,
+ "enable.user.two.factor.authentication",
+ "false",
+ "Determines whether two factor authentication is enabled or not. This can be configured at domain level also",
Review Comment:
```suggestion
"Determines whether two factor authentication is enabled or not. This can also be configured at domain level.,
```
##########
api/src/main/java/com/cloud/user/AccountService.java:
##########
@@ -124,4 +126,18 @@ User createUser(String userName, String password, String firstName, String lastN
public Map<String, String> getKeys(GetUserKeysCmd cmd);
public Map<String, String> getKeys(Long userId);
+
+ /**
+ * Lists user two-factor authentication provider plugins
+ * @return list of providers
+ */
+ List<UserTwoFactorAuthenticator> listUserTwoFactorAuthenticationProviders();
+
+ /**
+ * Find user two factor authenticator provider by domain ID
Review Comment:
```suggestion
* Finds user two factor authenticator provider by domain ID
```
##########
server/src/main/java/com/cloud/user/AccountManagerImpl.java:
##########
@@ -315,6 +322,31 @@ public class AccountManagerImpl extends ManagerBase implements AccountManager, M
private int _cleanupInterval;
private List<String> apiNameList;
+ protected static Map<String, UserTwoFactorAuthenticator> userTwoFactorAuthenticationProvidersMap = new HashMap<>();
+
+ private List<UserTwoFactorAuthenticator> userTwoFactorAuthenticationProviders;
+
+ static ConfigKey<Boolean> enableUserTwoFactorAuthentication = new ConfigKey<Boolean>("Advanced",
+ Boolean.class,
+ "enable.user.two.factor.authentication",
+ "false",
+ "Determines whether two factor authentication is enabled or not. This can be configured at domain level also",
+ false,
+ ConfigKey.Scope.Domain);
+
+ ConfigKey<Boolean> mandateUserTwoFactorAuthentication = new ConfigKey<Boolean>("Advanced",
+ Boolean.class,
+ "mandate.user.two.factor.authentication",
+ "false",
+ "Determines whether to make the two factor authentication mandatory or not. This can be configured at domain level also",
Review Comment:
```suggestion
"Determines whether to make the two factor authentication mandatory or not. This can also be configured at domain level.",
```
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] weizhouapache commented on pull request #6924: [Draft] User two factor authentication
Posted by GitBox <gi...@apache.org>.
weizhouapache commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1329189125
@blueorangutan package
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] DaanHoogland commented on pull request #6924: [Draft] User two factor authentication
Posted by GitBox <gi...@apache.org>.
DaanHoogland commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1375722536
@harikrishna-patnala is this one still in focus for 4.18?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6924: [Draft] User two factor authentication
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1381776371
Packaging result: :heavy_multiplication_x: el7 :heavy_multiplication_x: el8 :heavy_multiplication_x: el9 :heavy_multiplication_x: debian :heavy_multiplication_x: suse15. SL-JID 5266
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] harikrishna-patnala commented on pull request #6924: [Draft] User two factor authentication
Posted by GitBox <gi...@apache.org>.
harikrishna-patnala commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1381762230
@blueorangutan package
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] sonarcloud[bot] commented on pull request #6924: [Draft] User two factor authentication
Posted by GitBox <gi...@apache.org>.
sonarcloud[bot] commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1398545952
SonarCloud Quality Gate failed. [](https://sonarcloud.io/dashboard?id=apache_cloudstack&pullRequest=6924)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=BUG) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=BUG) [3 Bugs](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=BUG)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=VULNERABILITY) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=VULNERABILITY) [0 Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=VULNERABILITY)
[](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6924&resolved=false&types=SECURITY_HOTSPOT) [](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6924&resolved=false&types=SECURITY_HOTSPOT) [3 Security Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6924&resolved=false&types=SECURITY_HOTSPOT)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=CODE_SMELL) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=CODE_SMELL) [55 Code Smells](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=CODE_SMELL)
[](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6924&metric=new_coverage&view=list) [35.8% Coverage](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6924&metric=new_coverage&view=list)
[](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6924&metric=new_duplicated_lines_density&view=list) [3.9% Duplication](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6924&metric=new_duplicated_lines_density&view=list)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6924: [Draft] User two factor authentication
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1398558072
Packaging result: :heavy_check_mark: el7 :heavy_check_mark: el8 :heavy_check_mark: el9 :heavy_check_mark: debian :heavy_check_mark: suse15. SL-JID 5354
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6924: [Draft] User two factor authentication
Posted by "blueorangutan (via GitHub)" <gi...@apache.org>.
blueorangutan commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1404616492
@harikrishna-patnala a Jenkins job has been kicked to build packages. It will be bundled with
SystemVM template(s). I'll keep you posted as I make progress.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] harikrishna-patnala commented on pull request #6924: User two factor authentication
Posted by "harikrishna-patnala (via GitHub)" <gi...@apache.org>.
harikrishna-patnala commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1415260887
@blueorangutan package
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6924: User two factor authentication
Posted by "blueorangutan (via GitHub)" <gi...@apache.org>.
blueorangutan commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1419027808
Packaging result: :heavy_check_mark: el7 :heavy_check_mark: el8 :heavy_check_mark: el9 :heavy_check_mark: debian :heavy_check_mark: suse15. SL-JID 5509
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] stephankruggg commented on a diff in pull request #6924: User two factor authentication
Posted by "stephankruggg (via GitHub)" <gi...@apache.org>.
stephankruggg commented on code in PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#discussion_r1102974105
##########
engine/schema/src/main/java/org/apache/cloudstack/resourcedetail/UserDetailVO.java:
##########
@@ -45,6 +45,8 @@ public class UserDetailVO implements ResourceDetail {
@Column(name = "display")
private boolean display = true;
+ public static final String Setup2FADetail = "2FAsetupStatus";
Review Comment:
```suggestion
public static final String Setup2FADetail = "2FASetupStatus";
```
##########
server/src/main/java/com/cloud/user/AccountManagerImpl.java:
##########
@@ -2650,6 +2711,27 @@ public Map<String, String> getKeys(Long userId) {
return keys;
}
+ @Override
+ public List<UserTwoFactorAuthenticator> listUserTwoFactorAuthenticationProviders() {
+ return userTwoFactorAuthenticationProviders;
+ }
+
+ @Override
+ public UserTwoFactorAuthenticator getUserTwoFactorAuthenticationProvider(Long domainId) {
+ final String name = userTwoFactorAuthenticationDefaultProvider.valueIn(domainId);
+ return getUserTwoFactorAuthenticationProvider(name);
+ }
+
+ public UserTwoFactorAuthenticator getUserTwoFactorAuthenticationProvider(final String name) {
+ if (StringUtils.isEmpty(name)) {
+ throw new CloudRuntimeException("Invalid two factor authentication provider name provided");
+ }
+ if (!userTwoFactorAuthenticationProvidersMap.containsKey(name.toLowerCase())) {
+ throw new CloudRuntimeException("Failed to find two factor authentication provider by the name: " + name);
Review Comment:
```suggestion
throw new CloudRuntimeException(String.format("Failed to find two factor authentication provider by the name: %s.", name));
```
##########
server/src/main/java/com/cloud/api/auth/SetupUserTwoFactorAuthenticationCmd.java:
##########
@@ -0,0 +1,96 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements. See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership. The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License. You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied. See the License for the
+// specific language governing permissions and limitations
+// under the License.
+package com.cloud.api.auth;
+
+import com.cloud.user.AccountManager;
+import org.apache.cloudstack.acl.RoleType;
+import org.apache.cloudstack.api.APICommand;
+import org.apache.cloudstack.api.ApiConstants;
+import org.apache.cloudstack.api.ApiCommandResourceType;
+import org.apache.cloudstack.api.BaseCmd;
+import org.apache.cloudstack.api.Parameter;
+import org.apache.cloudstack.api.ServerApiException;
+import org.apache.cloudstack.api.response.UserResponse;
+import org.apache.cloudstack.api.response.UserTwoFactorAuthenticationSetupResponse;
+import org.apache.cloudstack.context.CallContext;
+import org.apache.log4j.Logger;
+
+import javax.inject.Inject;
+
+@APICommand(name = SetupUserTwoFactorAuthenticationCmd.APINAME, description = "Setup the 2fa for the user.", authorized = {RoleType.Admin, RoleType.DomainAdmin, RoleType.ResourceAdmin, RoleType.User}, requestHasSensitiveInfo = false,
Review Comment:
```suggestion
@APICommand(name = SetupUserTwoFactorAuthenticationCmd.APINAME, description = "Setup the 2FA for the user.", authorized = {RoleType.Admin, RoleType.DomainAdmin, RoleType.ResourceAdmin, RoleType.User}, requestHasSensitiveInfo = false,
```
##########
ui/public/locales/en.json:
##########
@@ -2951,6 +2970,21 @@
"message.update.autoscale.vm.profile.failed": "Failed to update autoscale vm profile",
"message.update.condition.failed": "Failed to update condition",
"message.update.condition.processing": "Updating condition...",
+"message.two.factor.authorization.failed": "Unable to verify 2FA with provided code, please retry.",
+"message.two.fa.auth": "Open the two-factor authentication app on your mobile device to view your authentication code.",
+"message.two.fa.auth.register.account": "Open the two-factor authentication application and scan the QR code add the user account.",
+"message.two.fa.static.pin.part1": "If you can't scan the QR code, ",
+"message.two.fa.static.pin.part2": "Click here to view the secret code",
+"message.two.fa.auth.staticpin": "<br> You have configured 2FA for security verification. <br> Enter the static PIN generated during the 2FA setup to verify.",
+"message.two.fa.auth.totp": "<br> You have configured 2FA for security verification. <br> Open the TOTP authenticator application on your device and enter the authentication code.",
+"message.two.fa.register.account": "1. Open the TOTP authenticator application on your device. <br>2. Scan the below QR code to add the user. <br>3. If you cannot scan the QR code, enter the setup key manually. <br>4. Verification of the 2FA code is mandatory to complete the 2FA setup.",
+"message.two.fa.staticpin": "1. Use the generated static PIN as 2FA code for two factor authentication.<br>2. Save this static PIN / 2FA code and do not share. This code will be used for subsequent logins.<br>3. Verification of the 2FA code is mandatory to complete the 2FA setup.",
+"message.two.fa.register.account.login.page": "1. Open the TOTP authenticator application on your device. <br>2. Scan the below QR code to add the user. <br>3. If you cannot scan the QR code, enter the setup key manually. <br>4. Verify the 2FA code to continue to login.",
+"message.two.fa.staticpin.login.page": "1. Use the generated static PIN as 2FA code for two factor authentication.<br>2. Save this static PIN / 2FA code and do not share. This code will be used for subsequent logins.<br>3. Verify the 2FA code to continue to login.",
Review Comment:
```suggestion
"message.two.fa.staticpin.login.page": "1. Use the generated static PIN as 2FA code for two factor authentication.<br>2. Save this static PIN / 2FA code and do not share it. This code will be used for subsequent logins.<br>3. Verify the 2FA code to continue to login.",
```
##########
server/src/main/java/com/cloud/api/ApiServlet.java:
##########
@@ -360,6 +376,99 @@ void processRequestInContext(final HttpServletRequest req, final HttpServletResp
}
}
+ private boolean checkIfAuthenticatorIsOf2FA(String command) {
+ boolean verify2FA = false;
+ APIAuthenticator apiAuthenticator = authManager.getAPIAuthenticator(command);
+ if (apiAuthenticator != null && apiAuthenticator.getAPIType().equals(APIAuthenticationType.LOGIN_2FA_API)) {
+ verify2FA = true;
+ } else {
+ verify2FA = false;
+ }
+ return verify2FA;
+ }
+
+ protected boolean skip2FAcheckForAPIs(String command) {
+ boolean skip2FAcheck = false;
+
+ if (command.equalsIgnoreCase(ApiConstants.LIST_IDPS)
+ || command.equalsIgnoreCase(ApiConstants.LIST_APIS)
+ || command.equalsIgnoreCase(ListUserTwoFactorAuthenticatorProvidersCmd.APINAME)
+ || command.equalsIgnoreCase(SetupUserTwoFactorAuthenticationCmd.APINAME)) {
+ skip2FAcheck = true;
+ }
+ return skip2FAcheck;
+ }
+
+ protected boolean skip2FAcheckForUser(HttpSession session) {
+ boolean skip2FAcheck = false;
+ Long userId = (Long) session.getAttribute("userid");
+ boolean is2FAverified = (boolean) session.getAttribute(ApiConstants.IS_2FA_VERIFIED);
+ if (is2FAverified) {
+ s_logger.debug(String.format("Two factor authentication is already verified for the user %d, so skipping", userId));
+ skip2FAcheck = true;
+ } else {
+ UserAccount userAccount = accountMgr.getUserAccountById(userId);
+ boolean is2FAenabled = userAccount.isUser2faEnabled();
+ if (is2FAenabled) {
+ skip2FAcheck = false;
+ } else {
+ boolean is2FAmandated = Boolean.TRUE.equals(AccountManagerImpl.enableUserTwoFactorAuthentication.valueIn(userAccount.getDomainId())) && Boolean.TRUE.equals(AccountManagerImpl.mandateUserTwoFactorAuthentication.valueIn(userAccount.getDomainId()));
Review Comment:
`userAccount.getDomainId()` can be extracted to a variable, as it is used more than once throughout the code.
##########
server/src/main/java/com/cloud/user/AccountManagerImpl.java:
##########
@@ -3114,6 +3200,170 @@ public String getConfigComponentName() {
@Override
public ConfigKey<?>[] getConfigKeys() {
- return new ConfigKey<?>[] {UseSecretKeyInResponse};
+ return new ConfigKey<?>[] {UseSecretKeyInResponse, enableUserTwoFactorAuthentication,
+ userTwoFactorAuthenticationDefaultProvider, mandateUserTwoFactorAuthentication, userTwoFactorAuthenticationIssuer};
}
+
+ public List<UserTwoFactorAuthenticator> getUserTwoFactorAuthenticationProviders() {
+ return userTwoFactorAuthenticationProviders;
+ }
+
+ public void setUserTwoFactorAuthenticationProviders(final List<UserTwoFactorAuthenticator> userTwoFactorAuthenticationProviders) {
+ this.userTwoFactorAuthenticationProviders = userTwoFactorAuthenticationProviders;
+ }
+
+ protected void initializeUserTwoFactorAuthenticationProvidersMap() {
+ if (userTwoFactorAuthenticationProviders != null) {
+ for (final UserTwoFactorAuthenticator userTwoFactorAuthenticator : userTwoFactorAuthenticationProviders) {
+ userTwoFactorAuthenticationProvidersMap.put(userTwoFactorAuthenticator.getName().toLowerCase(), userTwoFactorAuthenticator);
+ }
+ }
+ }
+
+ @Override
+ public void verifyUsingTwoFactorAuthenticationCode(final String code, final Long domainId, final Long userAccountId) {
+
+ Account caller = CallContext.current().getCallingAccount();
+ Account owner = _accountService.getActiveAccountById(caller.getId());
+
+ checkAccess(caller, null, true, owner);
+
+ UserAccount userAccount = _accountService.getUserAccountById(userAccountId);
+ if (!userAccount.isUser2faEnabled()) {
+ throw new CloudRuntimeException(String.format("Two factor authentication is not enabled on the user: %s", userAccount.getUsername()));
+ }
+ if (StringUtils.isBlank(userAccount.getUser2faProvider()) || StringUtils.isBlank(userAccount.getKeyFor2fa())) {
+ throw new CloudRuntimeException(String.format("Two factor authentication is not setup for the user: %s, please setup 2FA before verifying", userAccount.getUsername()));
+ }
+
+ UserTwoFactorAuthenticator userTwoFactorAuthenticator = getUserTwoFactorAuthenticator(domainId, userAccountId);
+ try {
+ userTwoFactorAuthenticator.check2FA(code, userAccount);
+ UserDetailVO userDetailVO = _userDetailsDao.findDetail(userAccountId, UserDetailVO.Setup2FADetail);
+ if (userDetailVO != null) {
+ userDetailVO.setValue(UserAccountVO.Setup2FAstatus.VERIFIED.name());
+ _userDetailsDao.update(userDetailVO.getId(), userDetailVO);
+ }
+ } catch (CloudTwoFactorAuthenticationException e) {
+ UserDetailVO userDetailVO = _userDetailsDao.findDetail(userAccountId, "2FAsetupComplete");
+ if (userDetailVO != null && userDetailVO.getValue().equals(UserAccountVO.Setup2FAstatus.ENABLED.name())) {
+ disableTwoFactorAuthentication(userAccountId, caller, owner);
+ }
+ throw e;
+ }
+ }
+
+ @Override
+ public UserTwoFactorAuthenticator getUserTwoFactorAuthenticator(Long domainId, Long userAccountId) {
+ if (userAccountId != null) {
+ UserAccount userAccount = _accountService.getUserAccountById(userAccountId);
+ if (userAccount.getUser2faProvider() != null) {
+ return getUserTwoFactorAuthenticator(userAccount.getUser2faProvider());
+ }
+ }
+ final String name = userTwoFactorAuthenticationDefaultProvider.valueIn(domainId);
+ return getUserTwoFactorAuthenticator(name);
+ }
+
+ @Override
+ public UserTwoFactorAuthenticationSetupResponse setupUserTwoFactorAuthentication(SetupUserTwoFactorAuthenticationCmd cmd) {
+ String providerName = cmd.getProvider();
+
+ Account caller = CallContext.current().getCallingAccount();
+ Account owner = _accountService.getActiveAccountById(caller.getId());
+
+ if (Boolean.TRUE.equals(cmd.getEnable())) {
+ checkAccess(caller, null, true, owner);
+ Long userId = CallContext.current().getCallingUserId();
+
+ return enableTwoFactorAuthentication(userId, providerName);
+ }
+
+ // Admin can disable 2FA of the users
+ Long userId = cmd.getUserId();
+ return disableTwoFactorAuthentication(userId, caller, owner);
+ }
+
+ protected UserTwoFactorAuthenticationSetupResponse enableTwoFactorAuthentication(Long userId, String providerName) {
+ UserAccountVO userAccount = _userAccountDao.findById(userId);
+ UserVO userVO = _userDao.findById(userId);
+
+ if (Boolean.FALSE.equals(enableUserTwoFactorAuthentication.valueIn(userAccount.getDomainId())) && Boolean.FALSE.equals(mandateUserTwoFactorAuthentication.valueIn(userAccount.getDomainId()))) {
Review Comment:
`userAccount.getDomainId()` can be extracted to a variable, as it is used more than once throughout the code.
##########
server/src/main/java/com/cloud/user/AccountManagerImpl.java:
##########
@@ -3114,6 +3200,170 @@ public String getConfigComponentName() {
@Override
public ConfigKey<?>[] getConfigKeys() {
- return new ConfigKey<?>[] {UseSecretKeyInResponse};
+ return new ConfigKey<?>[] {UseSecretKeyInResponse, enableUserTwoFactorAuthentication,
+ userTwoFactorAuthenticationDefaultProvider, mandateUserTwoFactorAuthentication, userTwoFactorAuthenticationIssuer};
}
+
+ public List<UserTwoFactorAuthenticator> getUserTwoFactorAuthenticationProviders() {
+ return userTwoFactorAuthenticationProviders;
+ }
+
+ public void setUserTwoFactorAuthenticationProviders(final List<UserTwoFactorAuthenticator> userTwoFactorAuthenticationProviders) {
+ this.userTwoFactorAuthenticationProviders = userTwoFactorAuthenticationProviders;
+ }
+
+ protected void initializeUserTwoFactorAuthenticationProvidersMap() {
+ if (userTwoFactorAuthenticationProviders != null) {
+ for (final UserTwoFactorAuthenticator userTwoFactorAuthenticator : userTwoFactorAuthenticationProviders) {
+ userTwoFactorAuthenticationProvidersMap.put(userTwoFactorAuthenticator.getName().toLowerCase(), userTwoFactorAuthenticator);
+ }
+ }
+ }
+
+ @Override
+ public void verifyUsingTwoFactorAuthenticationCode(final String code, final Long domainId, final Long userAccountId) {
+
+ Account caller = CallContext.current().getCallingAccount();
+ Account owner = _accountService.getActiveAccountById(caller.getId());
+
+ checkAccess(caller, null, true, owner);
+
+ UserAccount userAccount = _accountService.getUserAccountById(userAccountId);
+ if (!userAccount.isUser2faEnabled()) {
+ throw new CloudRuntimeException(String.format("Two factor authentication is not enabled on the user: %s", userAccount.getUsername()));
+ }
+ if (StringUtils.isBlank(userAccount.getUser2faProvider()) || StringUtils.isBlank(userAccount.getKeyFor2fa())) {
+ throw new CloudRuntimeException(String.format("Two factor authentication is not setup for the user: %s, please setup 2FA before verifying", userAccount.getUsername()));
+ }
+
+ UserTwoFactorAuthenticator userTwoFactorAuthenticator = getUserTwoFactorAuthenticator(domainId, userAccountId);
+ try {
+ userTwoFactorAuthenticator.check2FA(code, userAccount);
+ UserDetailVO userDetailVO = _userDetailsDao.findDetail(userAccountId, UserDetailVO.Setup2FADetail);
+ if (userDetailVO != null) {
+ userDetailVO.setValue(UserAccountVO.Setup2FAstatus.VERIFIED.name());
+ _userDetailsDao.update(userDetailVO.getId(), userDetailVO);
+ }
+ } catch (CloudTwoFactorAuthenticationException e) {
+ UserDetailVO userDetailVO = _userDetailsDao.findDetail(userAccountId, "2FAsetupComplete");
+ if (userDetailVO != null && userDetailVO.getValue().equals(UserAccountVO.Setup2FAstatus.ENABLED.name())) {
+ disableTwoFactorAuthentication(userAccountId, caller, owner);
+ }
+ throw e;
+ }
+ }
+
+ @Override
+ public UserTwoFactorAuthenticator getUserTwoFactorAuthenticator(Long domainId, Long userAccountId) {
+ if (userAccountId != null) {
+ UserAccount userAccount = _accountService.getUserAccountById(userAccountId);
+ if (userAccount.getUser2faProvider() != null) {
Review Comment:
`userAccount.getUser2faProvider()` can be extracted to a variable, as it is used more than once throughout the code.
##########
server/src/main/java/com/cloud/user/AccountManagerImpl.java:
##########
@@ -3114,6 +3200,170 @@ public String getConfigComponentName() {
@Override
public ConfigKey<?>[] getConfigKeys() {
- return new ConfigKey<?>[] {UseSecretKeyInResponse};
+ return new ConfigKey<?>[] {UseSecretKeyInResponse, enableUserTwoFactorAuthentication,
+ userTwoFactorAuthenticationDefaultProvider, mandateUserTwoFactorAuthentication, userTwoFactorAuthenticationIssuer};
}
+
+ public List<UserTwoFactorAuthenticator> getUserTwoFactorAuthenticationProviders() {
+ return userTwoFactorAuthenticationProviders;
+ }
+
+ public void setUserTwoFactorAuthenticationProviders(final List<UserTwoFactorAuthenticator> userTwoFactorAuthenticationProviders) {
+ this.userTwoFactorAuthenticationProviders = userTwoFactorAuthenticationProviders;
+ }
+
+ protected void initializeUserTwoFactorAuthenticationProvidersMap() {
+ if (userTwoFactorAuthenticationProviders != null) {
+ for (final UserTwoFactorAuthenticator userTwoFactorAuthenticator : userTwoFactorAuthenticationProviders) {
+ userTwoFactorAuthenticationProvidersMap.put(userTwoFactorAuthenticator.getName().toLowerCase(), userTwoFactorAuthenticator);
+ }
+ }
+ }
+
+ @Override
+ public void verifyUsingTwoFactorAuthenticationCode(final String code, final Long domainId, final Long userAccountId) {
+
+ Account caller = CallContext.current().getCallingAccount();
+ Account owner = _accountService.getActiveAccountById(caller.getId());
+
+ checkAccess(caller, null, true, owner);
+
+ UserAccount userAccount = _accountService.getUserAccountById(userAccountId);
+ if (!userAccount.isUser2faEnabled()) {
+ throw new CloudRuntimeException(String.format("Two factor authentication is not enabled on the user: %s", userAccount.getUsername()));
+ }
+ if (StringUtils.isBlank(userAccount.getUser2faProvider()) || StringUtils.isBlank(userAccount.getKeyFor2fa())) {
+ throw new CloudRuntimeException(String.format("Two factor authentication is not setup for the user: %s, please setup 2FA before verifying", userAccount.getUsername()));
+ }
+
+ UserTwoFactorAuthenticator userTwoFactorAuthenticator = getUserTwoFactorAuthenticator(domainId, userAccountId);
+ try {
+ userTwoFactorAuthenticator.check2FA(code, userAccount);
+ UserDetailVO userDetailVO = _userDetailsDao.findDetail(userAccountId, UserDetailVO.Setup2FADetail);
+ if (userDetailVO != null) {
+ userDetailVO.setValue(UserAccountVO.Setup2FAstatus.VERIFIED.name());
+ _userDetailsDao.update(userDetailVO.getId(), userDetailVO);
+ }
+ } catch (CloudTwoFactorAuthenticationException e) {
+ UserDetailVO userDetailVO = _userDetailsDao.findDetail(userAccountId, "2FAsetupComplete");
+ if (userDetailVO != null && userDetailVO.getValue().equals(UserAccountVO.Setup2FAstatus.ENABLED.name())) {
+ disableTwoFactorAuthentication(userAccountId, caller, owner);
+ }
+ throw e;
+ }
+ }
+
+ @Override
+ public UserTwoFactorAuthenticator getUserTwoFactorAuthenticator(Long domainId, Long userAccountId) {
+ if (userAccountId != null) {
+ UserAccount userAccount = _accountService.getUserAccountById(userAccountId);
+ if (userAccount.getUser2faProvider() != null) {
+ return getUserTwoFactorAuthenticator(userAccount.getUser2faProvider());
+ }
+ }
+ final String name = userTwoFactorAuthenticationDefaultProvider.valueIn(domainId);
+ return getUserTwoFactorAuthenticator(name);
+ }
+
+ @Override
+ public UserTwoFactorAuthenticationSetupResponse setupUserTwoFactorAuthentication(SetupUserTwoFactorAuthenticationCmd cmd) {
+ String providerName = cmd.getProvider();
+
+ Account caller = CallContext.current().getCallingAccount();
+ Account owner = _accountService.getActiveAccountById(caller.getId());
+
+ if (Boolean.TRUE.equals(cmd.getEnable())) {
+ checkAccess(caller, null, true, owner);
+ Long userId = CallContext.current().getCallingUserId();
+
+ return enableTwoFactorAuthentication(userId, providerName);
+ }
+
+ // Admin can disable 2FA of the users
+ Long userId = cmd.getUserId();
+ return disableTwoFactorAuthentication(userId, caller, owner);
+ }
+
+ protected UserTwoFactorAuthenticationSetupResponse enableTwoFactorAuthentication(Long userId, String providerName) {
+ UserAccountVO userAccount = _userAccountDao.findById(userId);
+ UserVO userVO = _userDao.findById(userId);
+
+ if (Boolean.FALSE.equals(enableUserTwoFactorAuthentication.valueIn(userAccount.getDomainId())) && Boolean.FALSE.equals(mandateUserTwoFactorAuthentication.valueIn(userAccount.getDomainId()))) {
+ throw new CloudRuntimeException("2FA is not enabled for this domain or at global level");
+ }
+
+ if (StringUtils.isEmpty(providerName)) {
+ providerName = userTwoFactorAuthenticationDefaultProvider.valueIn(userAccount.getDomainId());
+ s_logger.debug(String.format("Provider name is not given to setup 2FA, so using the default 2FA provider %s", providerName));
+ }
+
+ UserTwoFactorAuthenticator provider = getUserTwoFactorAuthenticationProvider(providerName);
+ String code = provider.setup2FAKey(userAccount);
+ UserVO user = _userDao.createForUpdate();
+ user.setKeyFor2fa(code);
+ user.setUser2faProvider(provider.getName());
+ user.setUser2faEnabled(true);
+ _userDao.update(userId, user);
+
+ // 2FA setup will be complete only upon successful verification with 2FA code
+ UserDetailVO setup2FAstatus = new UserDetailVO(userId, UserDetailVO.Setup2FADetail, UserAccountVO.Setup2FAstatus.ENABLED.name());
+ _userDetailsDao.persist(setup2FAstatus);
+
+ UserTwoFactorAuthenticationSetupResponse response = new UserTwoFactorAuthenticationSetupResponse();
+ response.setId(userVO.getUuid());
+ response.setUsername(userAccount.getUsername());
+ response.setSecretCode(code);
+
+ return response;
+ }
+
+ protected UserTwoFactorAuthenticationSetupResponse disableTwoFactorAuthentication(Long userId, Account caller, Account owner) {
+ UserVO userVO = null;
+ if (userId != null) {
+ userVO = validateUser(userId, caller.getDomainId());
+ owner = _accountService.getActiveAccountById(userVO.getAccountId());
+ } else {
+ userId = CallContext.current().getCallingUserId();
+ userVO = _userDao.findById(userId);
+ }
+ checkAccess(caller, null, true, owner);
+
+ UserVO user = _userDao.createForUpdate();
+ user.setKeyFor2fa(null);
+ user.setUser2faProvider(null);
+ user.setUser2faEnabled(false);
+ _userDao.update(userVO.getId(), user);
+ _userDetailsDao.removeDetail(userId, UserDetailVO.Setup2FADetail);
+
+ UserTwoFactorAuthenticationSetupResponse response = new UserTwoFactorAuthenticationSetupResponse();
+ response.setId(userVO.getUuid());
+ response.setUsername(userVO.getUsername());
+
+ return response;
+ }
+
+ private UserVO validateUser(Long userId, Long domainId) {
+ UserVO user = null;
+ if (userId != null) {
+ user = _userDao.findById(userId);
+ if (user == null) {
+ throw new InvalidParameterValueException("Invalid user ID provided");
+ }
+ if (_accountDao.findById(user.getAccountId()).getDomainId() != domainId) {
+ throw new InvalidParameterValueException("User doesn't belong to the specified account or domain");
+ }
+ }
+ return user;
+ }
+
+ public UserTwoFactorAuthenticator getUserTwoFactorAuthenticator(final String name) {
+ if (StringUtils.isEmpty(name)) {
+ throw new CloudRuntimeException("Invalid UserTwoFactorAuthenticator name provided");
+ }
+ if (!userTwoFactorAuthenticationProvidersMap.containsKey(name.toLowerCase())) {
+ throw new CloudRuntimeException("Failed to find UserTwoFactorAuthenticator by the name: " + name);
Review Comment:
```suggestion
throw new CloudRuntimeException(String.format("Failed to find UserTwoFactorAuthenticator by the name: %s.", name));
```
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6924: User two factor authentication
Posted by "blueorangutan (via GitHub)" <gi...@apache.org>.
blueorangutan commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1426964924
@DaanHoogland a Trillian-Jenkins matrix job (centos7 mgmt + xenserver71, rocky8 mgmt + vmware67u3, centos7 mgmt + kvmcentos7) has been kicked to run smoke tests
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6924: User two factor authentication
Posted by "blueorangutan (via GitHub)" <gi...@apache.org>.
blueorangutan commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1425037088
<b>Trillian test result (tid-6141)</b>
Environment: kvm-centos7 (x2), Advanced Networking with Mgmt server 7
Total time taken: 40683 seconds
Marvin logs: https://github.com/blueorangutan/acs-prs/releases/download/trillian/pr6924-t6141-kvm-centos7.zip
Smoke tests completed. 106 look OK, 2 have errors, 0 did not run
Only failed and skipped tests results shown below:
Test | Result | Time (s) | Test File
--- | --- | --- | ---
test_02_deploy_vm_with_extraconfig_kvm | `Error` | 1.26 | test_deploy_vm_extra_config_data.py
test_03_update_vm_with_extraconfig_kvm | `Error` | 0.21 | test_deploy_vm_extra_config_data.py
test_02_deploy_vm_on_specific_cluster | `Error` | 0.13 | test_vm_deployment_planner.py
test_03_deploy_vm_on_specific_pod | `Error` | 1.18 | test_vm_deployment_planner.py
test_04_deploy_vm_on_host_override_pod_and_cluster | `Error` | 0.18 | test_vm_deployment_planner.py
test_05_deploy_vm_on_cluster_override_pod | `Error` | 0.16 | test_vm_deployment_planner.py
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] harikrishna-patnala commented on pull request #6924: User two factor authentication
Posted by "harikrishna-patnala (via GitHub)" <gi...@apache.org>.
harikrishna-patnala commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1423674873
@blueorangutan package
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] DaanHoogland commented on pull request #6924: User two factor authentication
Posted by "DaanHoogland (via GitHub)" <gi...@apache.org>.
DaanHoogland commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1419130094
@blueorangutan test matrix
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6924: User two factor authentication
Posted by "blueorangutan (via GitHub)" <gi...@apache.org>.
blueorangutan commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1424939780
<b>Trillian test result (tid-6139)</b>
Environment: vmware-67u3 (x2), Advanced Networking with Mgmt server r8
Total time taken: 44559 seconds
Marvin logs: https://github.com/blueorangutan/acs-prs/releases/download/trillian/pr6924-t6139-vmware-67u3.zip
Smoke tests completed. 106 look OK, 2 have errors, 0 did not run
Only failed and skipped tests results shown below:
Test | Result | Time (s) | Test File
--- | --- | --- | ---
test_04_deploy_vm_with_extraconfig_throws_exception_vmware | `Error` | 1.23 | test_deploy_vm_extra_config_data.py
test_05_deploy_vm_with_extraconfig_vmware | `Error` | 1.22 | test_deploy_vm_extra_config_data.py
test_02_deploy_vm_on_specific_cluster | `Error` | 1.23 | test_vm_deployment_planner.py
test_03_deploy_vm_on_specific_pod | `Error` | 1.20 | test_vm_deployment_planner.py
test_04_deploy_vm_on_host_override_pod_and_cluster | `Error` | 0.23 | test_vm_deployment_planner.py
test_05_deploy_vm_on_cluster_override_pod | `Error` | 0.22 | test_vm_deployment_planner.py
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] sonarcloud[bot] commented on pull request #6924: User two factor authentication
Posted by "sonarcloud[bot] (via GitHub)" <gi...@apache.org>.
sonarcloud[bot] commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1422165459
SonarCloud Quality Gate failed. [](https://sonarcloud.io/dashboard?id=apache_cloudstack&pullRequest=6924)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=BUG) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=BUG) [0 Bugs](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=BUG)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=VULNERABILITY) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=VULNERABILITY) [0 Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=VULNERABILITY)
[](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6924&resolved=false&types=SECURITY_HOTSPOT) [](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6924&resolved=false&types=SECURITY_HOTSPOT) [9 Security Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6924&resolved=false&types=SECURITY_HOTSPOT)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=CODE_SMELL) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=CODE_SMELL) [27 Code Smells](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=CODE_SMELL)
[](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6924&metric=new_coverage&view=list) [34.0% Coverage](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6924&metric=new_coverage&view=list)
[](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6924&metric=new_duplicated_lines_density&view=list) [3.8% Duplication](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6924&metric=new_duplicated_lines_density&view=list)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6924: User two factor authentication
Posted by "blueorangutan (via GitHub)" <gi...@apache.org>.
blueorangutan commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1421254075
Packaging result: :heavy_check_mark: el7 :heavy_check_mark: el8 :heavy_check_mark: el9 :heavy_check_mark: debian :heavy_check_mark: suse15. SL-JID 5524
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] harikrishna-patnala commented on pull request #6924: User two factor authentication
Posted by "harikrishna-patnala (via GitHub)" <gi...@apache.org>.
harikrishna-patnala commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1420552878
@blueorangutan package
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6924: User two factor authentication
Posted by "blueorangutan (via GitHub)" <gi...@apache.org>.
blueorangutan commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1420622564
Packaging result: :heavy_check_mark: el7 :heavy_check_mark: el8 :heavy_check_mark: el9 :heavy_check_mark: debian :heavy_check_mark: suse15. SL-JID 5520
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] sonarcloud[bot] commented on pull request #6924: User two factor authentication
Posted by "sonarcloud[bot] (via GitHub)" <gi...@apache.org>.
sonarcloud[bot] commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1421280234
SonarCloud Quality Gate failed. [](https://sonarcloud.io/dashboard?id=apache_cloudstack&pullRequest=6924)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=BUG) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=BUG) [0 Bugs](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=BUG)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=VULNERABILITY) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=VULNERABILITY) [0 Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=VULNERABILITY)
[](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6924&resolved=false&types=SECURITY_HOTSPOT) [](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6924&resolved=false&types=SECURITY_HOTSPOT) [9 Security Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6924&resolved=false&types=SECURITY_HOTSPOT)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=CODE_SMELL) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=CODE_SMELL) [24 Code Smells](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=CODE_SMELL)
[](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6924&metric=new_coverage&view=list) [35.0% Coverage](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6924&metric=new_coverage&view=list)
[](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6924&metric=new_duplicated_lines_density&view=list) [3.8% Duplication](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6924&metric=new_duplicated_lines_density&view=list)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6924: User two factor authentication
Posted by "blueorangutan (via GitHub)" <gi...@apache.org>.
blueorangutan commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1427127146
<b>Trillian test result (tid-6167)</b>
Environment: vmware-67u3 (x2), Advanced Networking with Mgmt server r8
Total time taken: 44755 seconds
Marvin logs: https://github.com/blueorangutan/acs-prs/releases/download/trillian/pr6924-t6167-vmware-67u3.zip
Smoke tests completed. 107 look OK, 1 have errors, 0 did not run
Only failed and skipped tests results shown below:
Test | Result | Time (s) | Test File
--- | --- | --- | ---
test_04_deploy_vm_with_extraconfig_throws_exception_vmware | `Error` | 1.27 | test_deploy_vm_extra_config_data.py
test_05_deploy_vm_with_extraconfig_vmware | `Error` | 1.22 | test_deploy_vm_extra_config_data.py
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6924: [Draft] User two factor authentication
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1353423018
Packaging result: :heavy_multiplication_x: el7 :heavy_multiplication_x: el8 :heavy_multiplication_x: debian :heavy_multiplication_x: suse15. SL-JID 4969
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] harikrishna-patnala commented on pull request #6924: [Draft] User two factor authentication
Posted by GitBox <gi...@apache.org>.
harikrishna-patnala commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1354399975
@blueorangutan package
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6924: [Draft] User two factor authentication
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1333408002
<b>Trillian Build Failed (tid-5324)<b/>
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] codecov[bot] commented on pull request #6924: [Draft] User two factor authentication
Posted by GitBox <gi...@apache.org>.
codecov[bot] commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1328698741
# [Codecov](https://codecov.io/gh/apache/cloudstack/pull/6924?src=pr&el=h1&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) Report
> Merging [#6924](https://codecov.io/gh/apache/cloudstack/pull/6924?src=pr&el=desc&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) (4e9fabd) into [main](https://codecov.io/gh/apache/cloudstack/commit/a880109d50708f3bebeee14818547e644347dbf5?el=desc&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) (a880109) will **increase** coverage by `0.00%`.
> The diff coverage is `15.07%`.
```diff
@@ Coverage Diff @@
## main #6924 +/- ##
==========================================
Coverage 10.87% 10.87%
- Complexity 7117 7123 +6
==========================================
Files 2485 2490 +5
Lines 245507 245775 +268
Branches 38334 38366 +32
==========================================
+ Hits 26699 26739 +40
- Misses 215538 215756 +218
- Partials 3270 3280 +10
```
| [Impacted Files](https://codecov.io/gh/apache/cloudstack/pull/6924?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) | Coverage Δ | |
|---|---|---|
| [...ne/schema/src/main/java/com/cloud/user/UserVO.java](https://codecov.io/gh/apache/cloudstack/pull/6924/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-ZW5naW5lL3NjaGVtYS9zcmMvbWFpbi9qYXZhL2NvbS9jbG91ZC91c2VyL1VzZXJWTy5qYXZh) | `42.85% <0.00%> (-4.02%)` | :arrow_down: |
| [.../org/apache/cloudstack/ldap/LdapAuthenticator.java](https://codecov.io/gh/apache/cloudstack/pull/6924/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-cGx1Z2lucy91c2VyLWF1dGhlbnRpY2F0b3JzL2xkYXAvc3JjL21haW4vamF2YS9vcmcvYXBhY2hlL2Nsb3Vkc3RhY2svbGRhcC9MZGFwQXV0aGVudGljYXRvci5qYXZh) | `23.91% <ø> (ø)` | |
| [...g/apache/cloudstack/auth/MD5UserAuthenticator.java](https://codecov.io/gh/apache/cloudstack/pull/6924/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-cGx1Z2lucy91c2VyLWF1dGhlbnRpY2F0b3JzL21kNS9zcmMvbWFpbi9qYXZhL29yZy9hcGFjaGUvY2xvdWRzdGFjay9hdXRoL01ENVVzZXJBdXRoZW50aWNhdG9yLmphdmE=) | `70.37% <ø> (ø)` | |
| [...loudstack/server/auth/PBKDF2UserAuthenticator.java](https://codecov.io/gh/apache/cloudstack/pull/6924/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-cGx1Z2lucy91c2VyLWF1dGhlbnRpY2F0b3JzL3Bia2RmMi9zcmMvbWFpbi9qYXZhL29yZy9hcGFjaGUvY2xvdWRzdGFjay9zZXJ2ZXIvYXV0aC9QQktERjJVc2VyQXV0aGVudGljYXRvci5qYXZh) | `51.78% <ø> (ø)` | |
| [...he/cloudstack/auth/PlainTextUserAuthenticator.java](https://codecov.io/gh/apache/cloudstack/pull/6924/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-cGx1Z2lucy91c2VyLWF1dGhlbnRpY2F0b3JzL3BsYWluLXRleHQvc3JjL21haW4vamF2YS9vcmcvYXBhY2hlL2Nsb3Vkc3RhY2svYXV0aC9QbGFpblRleHRVc2VyQXV0aGVudGljYXRvci5qYXZh) | `0.00% <ø> (ø)` | |
| [...apache/cloudstack/saml/SAML2UserAuthenticator.java](https://codecov.io/gh/apache/cloudstack/pull/6924/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-cGx1Z2lucy91c2VyLWF1dGhlbnRpY2F0b3JzL3NhbWwyL3NyYy9tYWluL2phdmEvb3JnL2FwYWNoZS9jbG91ZHN0YWNrL3NhbWwvU0FNTDJVc2VyQXV0aGVudGljYXRvci5qYXZh) | `56.25% <ø> (ø)` | |
| [...cloudstack/auth/SHA256SaltedUserAuthenticator.java](https://codecov.io/gh/apache/cloudstack/pull/6924/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-cGx1Z2lucy91c2VyLWF1dGhlbnRpY2F0b3JzL3NoYTI1NnNhbHRlZC9zcmMvbWFpbi9qYXZhL29yZy9hcGFjaGUvY2xvdWRzdGFjay9hdXRoL1NIQTI1NlNhbHRlZFVzZXJBdXRoZW50aWNhdG9yLmphdmE=) | `69.09% <ø> (ø)` | |
| [...udstack/auth/GoogleUserTwoFactorAuthenticator.java](https://codecov.io/gh/apache/cloudstack/pull/6924/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-cGx1Z2lucy91c2VyLXR3by1mYWN0b3ItYXV0aGVudGljYXRvcnMvZ29vZ2xlL3NyYy9tYWluL2phdmEvb3JnL2FwYWNoZS9jbG91ZHN0YWNrL2F1dGgvR29vZ2xlVXNlclR3b0ZhY3RvckF1dGhlbnRpY2F0b3IuamF2YQ==) | `0.00% <0.00%> (ø)` | |
| [...tack/auth/StaticPinUserTwoFactorAuthenticator.java](https://codecov.io/gh/apache/cloudstack/pull/6924/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-cGx1Z2lucy91c2VyLXR3by1mYWN0b3ItYXV0aGVudGljYXRvcnMvc3RhdGljLXBpbi9zcmMvbWFpbi9qYXZhL29yZy9hcGFjaGUvY2xvdWRzdGFjay9hdXRoL1N0YXRpY1BpblVzZXJUd29GYWN0b3JBdXRoZW50aWNhdG9yLmphdmE=) | `0.00% <0.00%> (ø)` | |
| [server/src/main/java/com/cloud/api/ApiServer.java](https://codecov.io/gh/apache/cloudstack/pull/6924/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c2VydmVyL3NyYy9tYWluL2phdmEvY29tL2Nsb3VkL2FwaS9BcGlTZXJ2ZXIuamF2YQ==) | `1.85% <0.00%> (-0.03%)` | :arrow_down: |
| ... and [12 more](https://codecov.io/gh/apache/cloudstack/pull/6924/diff?src=pr&el=tree-more&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) | |
:mega: We’re building smart automated test selection to slash your CI/CD build times. [Learn more](https://about.codecov.io/iterative-testing/?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6924: [Draft] User two factor authentication
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1328985436
@weizhouapache a Jenkins job has been kicked to build packages. It will be bundled with
SystemVM template(s). I'll keep you posted as I make progress.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6924: [Draft] User two factor authentication
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1329158955
Packaging result: :heavy_multiplication_x: el7 :heavy_check_mark: el8 :heavy_multiplication_x: debian :heavy_check_mark: suse15. SL-JID 4655
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] BryanMLima commented on a diff in pull request #6924: [Draft] User two factor authentication
Posted by GitBox <gi...@apache.org>.
BryanMLima commented on code in PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#discussion_r1033618883
##########
api/src/main/java/org/apache/cloudstack/api/response/LoginCmdResponse.java:
##########
@@ -163,4 +175,28 @@ public String getSessionKey() {
public void setSessionKey(String sessionKey) {
this.sessionKey = sessionKey;
}
+
+ public String Is2FAenabled() {
+ return is2FAenabled;
+ }
+
+ public void set2FAenabled(String is2FAenabled) {
+ this.is2FAenabled = is2FAenabled;
+ }
+
+ public String Is2FAverfied() {
Review Comment:
```suggestion
public String is2FAverfied() {
```
##########
api/src/main/java/org/apache/cloudstack/auth/UserTwoFactorAuthenticator.java:
##########
@@ -0,0 +1,45 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements. See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership. The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License. You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied. See the License for the
+// specific language governing permissions and limitations
+// under the License.
+package org.apache.cloudstack.auth;
+
+import com.cloud.exception.CloudAuthenticationException;
+import com.cloud.user.UserAccount;
+import com.cloud.utils.component.Adapter;
+
+public interface UserTwoFactorAuthenticator extends Adapter {
+
+ /**
+ * Returns the unique name of the provider
+ * @return returns provider name
+ */
+ String getName();
+
+ /**
+ * Returns description about the user 2FA provider plugin
Review Comment:
```suggestion
* Returns the description about the user 2FA provider plugin
```
##########
api/src/main/java/org/apache/cloudstack/api/response/LoginCmdResponse.java:
##########
@@ -163,4 +175,28 @@ public String getSessionKey() {
public void setSessionKey(String sessionKey) {
this.sessionKey = sessionKey;
}
+
+ public String Is2FAenabled() {
Review Comment:
```suggestion
public String is2FAenabled() {
```
##########
api/src/main/java/com/cloud/user/UserAccount.java:
##########
@@ -67,4 +67,18 @@ public interface UserAccount extends InternalIdentity {
public String getExternalEntity();
public void setExternalEntity(String entity);
+
+ public boolean isTwoFactorAuthenticationEnabled();
+
+ public void setTwoFactorAuthenticationEnabled(boolean twoFactorAuthenticationEnabled);
+
+ public String getKeyFor2fa();
+
+ public void setKeyFor2fa(String keyFor2fa);
+
+ public String getUser2faProvider();
+
+ public void setUser2faProvider(String user2faProvider);
Review Comment:
There are instances of `TwoFactorAuthentication` and `2fa` in this and others files as well. Maybe standardize the name to `2fa` as it is more concise.
##########
api/src/main/java/org/apache/cloudstack/auth/UserTwoFactorAuthenticator.java:
##########
@@ -0,0 +1,45 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements. See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership. The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License. You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied. See the License for the
+// specific language governing permissions and limitations
+// under the License.
+package org.apache.cloudstack.auth;
+
+import com.cloud.exception.CloudAuthenticationException;
+import com.cloud.user.UserAccount;
+import com.cloud.utils.component.Adapter;
+
+public interface UserTwoFactorAuthenticator extends Adapter {
+
+ /**
+ * Returns the unique name of the provider
+ * @return returns provider name
+ */
+ String getName();
+
+ /**
+ * Returns description about the user 2FA provider plugin
+ * @return returns description
+ */
+ String getDescription();
+
+ /**
+ * verifies the 2FA code provided by user
Review Comment:
```suggestion
* Verifies the 2FA code provided by user
```
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] harikrishna-patnala commented on pull request #6924: [Draft] User two factor authentication
Posted by GitBox <gi...@apache.org>.
harikrishna-patnala commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1330144551
@blueorangutan package
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] harikrishna-patnala commented on a diff in pull request #6924: [Draft] User two factor authentication
Posted by GitBox <gi...@apache.org>.
harikrishna-patnala commented on code in PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#discussion_r1039183477
##########
api/src/main/java/org/apache/cloudstack/api/command/admin/user/UpdateUserCmd.java:
##########
@@ -80,6 +80,9 @@ public class UpdateUserCmd extends BaseCmd {
@Parameter(name = ApiConstants.USERNAME, type = CommandType.STRING, description = "Unique username")
private String username;
+ @Parameter(name = ApiConstants.MANDATE_2FA, type = CommandType.BOOLEAN, description = "Provide true to mandate the user to use two factor authentication has to be enabled. This parameter is only used to mandate 2FA, not to disable 2FA")
Review Comment:
Yes, thanks @weizhouapache updated the parameter.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] harikrishna-patnala commented on pull request #6924: [Draft] User two factor authentication
Posted by GitBox <gi...@apache.org>.
harikrishna-patnala commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1352955546
@blueorangutan package
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] weizhouapache commented on a diff in pull request #6924: [Draft] User two factor authentication
Posted by GitBox <gi...@apache.org>.
weizhouapache commented on code in PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#discussion_r1049313517
##########
server/src/main/java/com/cloud/user/AccountManagerImpl.java:
##########
@@ -315,6 +322,31 @@ public class AccountManagerImpl extends ManagerBase implements AccountManager, M
private int _cleanupInterval;
private List<String> apiNameList;
+ protected static Map<String, UserTwoFactorAuthenticator> userTwoFactorAuthenticationProvidersMap = new HashMap<>();
+
+ private List<UserTwoFactorAuthenticator> userTwoFactorAuthenticationProviders;
+
+ static ConfigKey<Boolean> enableUserTwoFactorAuthentication = new ConfigKey<Boolean>("Advanced",
+ Boolean.class,
+ "enable.user.two.factor.authentication",
+ "false",
+ "Determines whether two factor authentication is enabled or not. This can also be configured at domain level.",
+ false,
+ ConfigKey.Scope.Domain);
+
+ ConfigKey<Boolean> mandateUserTwoFactorAuthentication = new ConfigKey<Boolean>("Advanced",
+ Boolean.class,
+ "mandate.user.two.factor.authentication",
+ "false",
+ "Determines whether to make the two factor authentication mandatory or not. This can also be configured at domain level.",
+ false,
+ ConfigKey.Scope.Domain);
+
+ ConfigKey<String> userTwoFactorAuthenticationDefaultProvider = new ConfigKey<>("Advanced", String.class,
+ "user.two.factor.authentication.default.provider",
+ "GOOGLE",
+ "The default user two factor authentication provider plugin. Eg. google, staticpin", true, ConfigKey.Scope.Domain);
Review Comment:
great, thanks @harikrishna-patnala
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6924: [Draft] User two factor authentication
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1354569822
Packaging result: :heavy_check_mark: el7 :heavy_check_mark: el8 :heavy_check_mark: debian :heavy_check_mark: suse15. SL-JID 4983
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] DaanHoogland closed pull request #6924: [Draft] User two factor authentication
Posted by GitBox <gi...@apache.org>.
DaanHoogland closed pull request #6924: [Draft] User two factor authentication
URL: https://github.com/apache/cloudstack/pull/6924
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] sonarcloud[bot] commented on pull request #6924: [Draft] User two factor authentication
Posted by GitBox <gi...@apache.org>.
sonarcloud[bot] commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1368912478
SonarCloud Quality Gate failed. [](https://sonarcloud.io/dashboard?id=apache_cloudstack&pullRequest=6924)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=BUG) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=BUG) [3 Bugs](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=BUG)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=VULNERABILITY) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=VULNERABILITY) [0 Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=VULNERABILITY)
[](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6924&resolved=false&types=SECURITY_HOTSPOT) [](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6924&resolved=false&types=SECURITY_HOTSPOT) [3 Security Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6924&resolved=false&types=SECURITY_HOTSPOT)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=CODE_SMELL) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=CODE_SMELL) [54 Code Smells](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=CODE_SMELL)
[](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6924&metric=new_coverage&view=list) [37.2% Coverage](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6924&metric=new_coverage&view=list)
[](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6924&metric=new_duplicated_lines_density&view=list) [3.9% Duplication](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6924&metric=new_duplicated_lines_density&view=list)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] harikrishna-patnala commented on pull request #6924: [Draft] User two factor authentication
Posted by GitBox <gi...@apache.org>.
harikrishna-patnala commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1368865766
Yes @DaanHoogland this is for 4.18 only. Currently this is in queue for testing.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6924: [Draft] User two factor authentication
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1381807084
@harikrishna-patnala a Jenkins job has been kicked to build packages. It will be bundled with KVM, XenServer and VMware SystemVM templates. I'll keep you posted as I make progress.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] github-actions[bot] commented on pull request #6924: User two factor authentication
Posted by "github-actions[bot] (via GitHub)" <gi...@apache.org>.
github-actions[bot] commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1425557027
This pull request has merge conflicts. Dear author, please fix the conflicts and sync your branch with the base branch.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] harikrishna-patnala commented on pull request #6924: User two factor authentication
Posted by "harikrishna-patnala (via GitHub)" <gi...@apache.org>.
harikrishna-patnala commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1425750536
@blueorangutan package
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6924: User two factor authentication
Posted by "blueorangutan (via GitHub)" <gi...@apache.org>.
blueorangutan commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1427111725
<b>Trillian test result (tid-6166)</b>
Environment: xenserver-71 (x2), Advanced Networking with Mgmt server 7
Total time taken: 40310 seconds
Marvin logs: https://github.com/blueorangutan/acs-prs/releases/download/trillian/pr6924-t6166-xenserver-71.zip
Smoke tests completed. 107 look OK, 1 have errors, 0 did not run
Only failed and skipped tests results shown below:
Test | Result | Time (s) | Test File
--- | --- | --- | ---
test_06_deploy_vm_with_extraconfig_throws_exception_xenserver | `Error` | 1.22 | test_deploy_vm_extra_config_data.py
test_07_deploy_vm_with_extraconfig_xenserver | `Error` | 1.18 | test_deploy_vm_extra_config_data.py
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] DaanHoogland commented on pull request #6924: [Draft] User two factor authentication
Posted by "DaanHoogland (via GitHub)" <gi...@apache.org>.
DaanHoogland commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1404701275
> SonarCloud Quality Gate failed. [](https://sonarcloud.io/dashboard?id=apache_cloudstack&pullRequest=6924)
>
> [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=BUG) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=BUG) [3 Bugs](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=BUG) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=VULNERABILITY) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=VULNERABILITY) [0 Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=VULNERABILITY) [](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6924&resolved=false&types=SECURITY_HOTSPOT) [](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6924&resolved=false&types=SECURITY_HOTSPOT) [2 Security Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6924&resolved=false&types=SECURITY_HOTSPOT) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=CODE_SMELL) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=CODE_SMELL) [55 Code Smells](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=CODE_SMELL)
>
> [](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6924&metric=new_coverage&view=list) [35.8% Coverage](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6924&metric=new_coverage&view=list) [](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6924&metric=new_duplicated_lines_density&view=list) [3.9% Duplication](https://so
narcloud.io/component_measures?id=apache_cloudstack&pullRequest=6924&metric=new_duplicated_lines_density&view=list)
@harikrishna-patnala can you please look at these?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] DaanHoogland closed pull request #6924: [Draft] User two factor authentication
Posted by GitBox <gi...@apache.org>.
DaanHoogland closed pull request #6924: [Draft] User two factor authentication
URL: https://github.com/apache/cloudstack/pull/6924
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] sonarcloud[bot] commented on pull request #6924: User two factor authentication
Posted by "sonarcloud[bot] (via GitHub)" <gi...@apache.org>.
sonarcloud[bot] commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1415389173
SonarCloud Quality Gate failed. [](https://sonarcloud.io/dashboard?id=apache_cloudstack&pullRequest=6924)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=BUG) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=BUG) [0 Bugs](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=BUG)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=VULNERABILITY) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=VULNERABILITY) [0 Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=VULNERABILITY)
[](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6924&resolved=false&types=SECURITY_HOTSPOT) [](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6924&resolved=false&types=SECURITY_HOTSPOT) [8 Security Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6924&resolved=false&types=SECURITY_HOTSPOT)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=CODE_SMELL) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=CODE_SMELL) [24 Code Smells](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=CODE_SMELL)
[](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6924&metric=new_coverage&view=list) [36.1% Coverage](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6924&metric=new_coverage&view=list)
[](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6924&metric=new_duplicated_lines_density&view=list) [3.8% Duplication](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6924&metric=new_duplicated_lines_density&view=list)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6924: User two factor authentication
Posted by "blueorangutan (via GitHub)" <gi...@apache.org>.
blueorangutan commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1415169763
Packaging result: :heavy_check_mark: el7 :heavy_check_mark: el8 :heavy_check_mark: el9 :heavy_check_mark: debian :heavy_check_mark: suse15. SL-JID 5491
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6924: User two factor authentication
Posted by "blueorangutan (via GitHub)" <gi...@apache.org>.
blueorangutan commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1415262163
@harikrishna-patnala a Jenkins job has been kicked to build packages. It will be bundled with KVM, XenServer and VMware SystemVM templates. I'll keep you posted as I make progress.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6924: [Draft] User two factor authentication
Posted by "blueorangutan (via GitHub)" <gi...@apache.org>.
blueorangutan commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1411997074
@harikrishna-patnala a Jenkins job has been kicked to build packages. It will be bundled with
SystemVM template(s). I'll keep you posted as I make progress.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] harikrishna-patnala commented on a diff in pull request #6924: [Draft] User two factor authentication
Posted by "harikrishna-patnala (via GitHub)" <gi...@apache.org>.
harikrishna-patnala commented on code in PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#discussion_r1094356249
##########
plugins/network-elements/juniper-contrail/src/test/java/org/apache/cloudstack/network/contrail/management/MockAccountManager.java:
##########
@@ -24,9 +24,12 @@
import javax.inject.Inject;
import javax.naming.ConfigurationException;
+import com.cloud.api.auth.SetupUserTwoFactorAuthenticationCmd;
Review Comment:
Yeah, I started the work with that @DaanHoogland but I had to use AccountManager which is in com.cloud and I could not use them from org.apache.cloudstack.api.auth because it is adding circular dependency.
Any other way/thoughts that I can look at !
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] sonarcloud[bot] commented on pull request #6924: [Draft] User two factor authentication
Posted by "sonarcloud[bot] (via GitHub)" <gi...@apache.org>.
sonarcloud[bot] commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1413613028
SonarCloud Quality Gate failed. [](https://sonarcloud.io/dashboard?id=apache_cloudstack&pullRequest=6924)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=BUG) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=BUG) [0 Bugs](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=BUG)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=VULNERABILITY) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=VULNERABILITY) [0 Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=VULNERABILITY)
[](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6924&resolved=false&types=SECURITY_HOTSPOT) [](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6924&resolved=false&types=SECURITY_HOTSPOT) [8 Security Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6924&resolved=false&types=SECURITY_HOTSPOT)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=CODE_SMELL) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=CODE_SMELL) [22 Code Smells](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6924&resolved=false&types=CODE_SMELL)
[](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6924&metric=new_coverage&view=list) [36.2% Coverage](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6924&metric=new_coverage&view=list)
[](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6924&metric=new_duplicated_lines_density&view=list) [3.9% Duplication](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6924&metric=new_duplicated_lines_density&view=list)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6924: [Draft] User two factor authentication
Posted by "blueorangutan (via GitHub)" <gi...@apache.org>.
blueorangutan commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1413073225
<b>Trillian test result (tid-6072)</b>
Environment: vmware-67u3 (x2), Advanced Networking with Mgmt server r8
Total time taken: 44337 seconds
Marvin logs: https://github.com/blueorangutan/acs-prs/releases/download/trillian/pr6924-t6072-vmware-67u3.zip
Smoke tests completed. 108 look OK, 0 have errors, 0 did not run
Only failed and skipped tests results shown below:
Test | Result | Time (s) | Test File
--- | --- | --- | ---
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6924: User two factor authentication
Posted by "blueorangutan (via GitHub)" <gi...@apache.org>.
blueorangutan commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1419131970
@DaanHoogland a Trillian-Jenkins matrix job (centos7 mgmt + xenserver71, rocky8 mgmt + vmware67u3, centos7 mgmt + kvmcentos7) has been kicked to run smoke tests
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6924: User two factor authentication
Posted by "blueorangutan (via GitHub)" <gi...@apache.org>.
blueorangutan commented on PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#issuecomment-1420049770
<b>Trillian test result (tid-6109)</b>
Environment: xenserver-71 (x2), Advanced Networking with Mgmt server 7
Total time taken: 41211 seconds
Marvin logs: https://github.com/blueorangutan/acs-prs/releases/download/trillian/pr6924-t6109-xenserver-71.zip
Smoke tests completed. 108 look OK, 0 have errors, 0 did not run
Only failed and skipped tests results shown below:
Test | Result | Time (s) | Test File
--- | --- | --- | ---
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] rohityadavcloud commented on a diff in pull request #6924: User two factor authentication
Posted by "rohityadavcloud (via GitHub)" <gi...@apache.org>.
rohityadavcloud commented on code in PR #6924:
URL: https://github.com/apache/cloudstack/pull/6924#discussion_r1098320084
##########
ui/src/permission.js:
##########
@@ -60,21 +60,29 @@ router.beforeEach((to, from, next) => {
next({ path: '/dashboard' })
NProgress.done()
} else if (to.path === '/verify2FA' || to.path === '/setup2FA') {
- if (store.getters.twoFaEnabled && !store.getters.loginFlag) {
+ const isSAML = JSON.parse(Cookies.get('isSAML') || Cookies.get('isSAML', { path: '/client' }) || false)
Review Comment:
@harikrishna-patnala suggestion: we shouldn't worry if this is 2FA enabled or not; a general way to implement is to simply test if 2FA is required and simply redirect to the appropriate path for the logged in user. (we assume once SAML SSO has worked, the user has logged in)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org