diff options
| author | Timothy Andrew <mail@timothyandrew.net> | 2016-07-11 13:23:02 +0530 |
|---|---|---|
| committer | Timothy Andrew <mail@timothyandrew.net> | 2016-07-14 08:19:09 +0530 |
| commit | 341d8bc3f7fbe3763250af1e89020b81dad34bb8 (patch) | |
| tree | 31ce9bb6d36b59b25cfd6f0e61b327bca808a942 /app | |
| parent | 3572582dd2568cd473676563077ab3985b9803f7 (diff) | |
| download | gitlab-ce-341d8bc3f7fbe3763250af1e89020b81dad34bb8.tar.gz | |
Add a U2F feature spec for multiple devices owned by the same user.17341-firefox-u2f
1. This scenario was previously tested for the registration flow, but
not authentication.
Diffstat (limited to 'app')
| -rw-r--r-- | app/assets/javascripts/u2f/authenticate.js.coffee | 13 | ||||
| -rw-r--r-- | app/assets/javascripts/u2f/util.js.coffee (renamed from app/assets/javascripts/u2f/util.js.coffee.erb) | 2 | ||||
| -rw-r--r-- | app/views/devise/sessions/two_factor.html.haml | 4 | ||||
| -rw-r--r-- | app/views/profiles/two_factor_auths/show.html.haml | 4 |
4 files changed, 13 insertions, 10 deletions
diff --git a/app/assets/javascripts/u2f/authenticate.js.coffee b/app/assets/javascripts/u2f/authenticate.js.coffee index be10e911c83..918c0a560fd 100644 --- a/app/assets/javascripts/u2f/authenticate.js.coffee +++ b/app/assets/javascripts/u2f/authenticate.js.coffee @@ -8,14 +8,17 @@ class @U2FAuthenticate @appId = u2fParams.app_id @challenge = u2fParams.challenge - # The U2F Javascript API v1.1 requires a single challenge, with _no - # challenges per-request_. - # - # The U2F Javascript API v1.0 requires a challenge per-request, which - # is done by copying the single challenge into every request. + # The U2F Javascript API v1.1 requires a single challenge, with + # _no challenges per-request_. The U2F Javascript API v1.0 requires a + # challenge per-request, which is done by copying the single challenge + # into every request. # # In either case, we don't need the per-request challenges that the server # has generated, so we can remove them. + # + # Note: The server library fixes this behaviour in (unreleased) version 1.0.0. + # This can be removed once we upgrade. + # https://github.com/castle/ruby-u2f/commit/103f428071a81cd3d5f80c2e77d522d5029946a4 @signRequests = u2fParams.sign_requests.map (request) -> _(request).omit('challenge') start: () => diff --git a/app/assets/javascripts/u2f/util.js.coffee.erb b/app/assets/javascripts/u2f/util.js.coffee index be1d3286b01..5ef324f609d 100644 --- a/app/assets/javascripts/u2f/util.js.coffee.erb +++ b/app/assets/javascripts/u2f/util.js.coffee @@ -1,3 +1,3 @@ class @U2FUtil @isU2FSupported: -> - window.u2f + window.u2f diff --git a/app/views/devise/sessions/two_factor.html.haml b/app/views/devise/sessions/two_factor.html.haml index dbf4d699d01..4debd3d608f 100644 --- a/app/views/devise/sessions/two_factor.html.haml +++ b/app/views/devise/sessions/two_factor.html.haml @@ -1,5 +1,5 @@ -- content_for :page_specific_javascripts do - - if inject_u2f_api? +- if inject_u2f_api? + - content_for :page_specific_javascripts do = page_specific_javascript_tag('u2f.js') %div diff --git a/app/views/profiles/two_factor_auths/show.html.haml b/app/views/profiles/two_factor_auths/show.html.haml index 0e9a80a6267..355bfcf1d62 100644 --- a/app/views/profiles/two_factor_auths/show.html.haml +++ b/app/views/profiles/two_factor_auths/show.html.haml @@ -2,8 +2,8 @@ - header_title "Two-Factor Authentication", profile_two_factor_auth_path = render 'profiles/head' -- content_for :page_specific_javascripts do - - if inject_u2f_api? +- if inject_u2f_api? + - content_for :page_specific_javascripts do = page_specific_javascript_tag('u2f.js') .row.prepend-top-default |