{ "name": "OATHAuth", "author": [ "Ryan Lane", "Robert Vogel ", "Dejan Savuljesku ", "Taavi Väänänen" ], "url": "https://www.mediawiki.org/wiki/Extension:OATHAuth", "descriptionmsg": "oathauth-desc", "type": "other", "requires": { "MediaWiki": ">= 1.45" }, "license-name": "GPL-2.0-or-later AND GPL-3.0-or-later", "attributes": { "Echo": { "Notifications": { "oathauth-disable": { "category": "system", "group": "negative", "section": "alert", "presentation-model": "MediaWiki\\Extension\\OATHAuth\\Notifications\\DisablePresentationModel", "canNotifyAgent": true, "user-locators": [ "MediaWiki\\Extension\\Notifications\\UserLocator::locateEventAgent" ] }, "oathauth-enable": { "category": "system", "group": "positive", "section": "alert", "presentation-model": "MediaWiki\\Extension\\OATHAuth\\Notifications\\EnablePresentationModel", "canNotifyAgent": true, "user-locators": [ "MediaWiki\\Extension\\Notifications\\UserLocator::locateEventAgent" ] }, "oathauth-recoverycodes-count": { "category": "system", "group": "negative", "section": "alert", "presentation-model": "MediaWiki\\Extension\\OATHAuth\\Notifications\\RecoveryCodeCountPresentationModel", "canNotifyAgent": true, "user-locators": [ "MediaWiki\\Extension\\Notifications\\UserLocator::locateEventAgent" ] } } }, "OATHAuth": { "Modules": { "recoverycodes": { "class": "\\MediaWiki\\Extension\\OATHAuth\\Module\\RecoveryCodes", "services": [ "OATHUserRepository" ] }, "totp": { "class": "\\MediaWiki\\Extension\\OATHAuth\\Module\\TOTP", "services": [ "OATHUserRepository" ] } } } }, "AutoloadNamespaces": { "MediaWiki\\Extension\\OATHAuth\\": "src/", "MediaWiki\\Extension\\OATHAuth\\Maintenance\\": "maintenance/" }, "TestAutoloadNamespaces": { "MediaWiki\\Extension\\OATHAuth\\Tests\\Integration\\": "tests/phpunit/integration/", "MediaWiki\\Extension\\OATHAuth\\Tests\\Unit\\": "tests/phpunit/unit/" }, "AuthManagerAutoConfig": { "secondaryauth": { "OATHSecondaryAuthenticationProvider": { "class": "\\MediaWiki\\Extension\\OATHAuth\\Auth\\SecondaryAuthenticationProvider", "sort": 50 } } }, "ServiceWiringFiles": [ "ServiceWiring.php" ], "ExtensionMessagesFiles": { "OATHAuthAlias": "OATHAuth.alias.php" }, "Hooks": { "AuthChangeFormFields": "main", "GetPreferences": "main", "getUserPermissionsErrors": "main", "LoadExtensionSchemaUpdates": "updater", "UserEffectiveGroups": "main", "UserGetRights": "main", "UnitTestsAfterDatabaseSetup": "test", "UnitTestsBeforeDatabaseTeardown": "test" }, "HookHandlers": { "main": { "class": "\\MediaWiki\\Extension\\OATHAuth\\Hook\\HookHandler", "services": [ "OATHUserRepository", "OATHAuthModuleRegistry", "PermissionManager", "MainConfig", "UserGroupManager", "CentralIdLookupFactory" ] }, "updater": { "class": "MediaWiki\\Extension\\OATHAuth\\Hook\\UpdateTables" }, "test": { "class": "MediaWiki\\Extension\\OATHAuth\\Hook\\TestHandler", "services": [ "DBLoadBalancer" ] } }, "MessagesDirs": { "OATHAuth": [ "i18n", "i18n/api" ] }, "config": { "OATHAuthWindowRadius": { "value": 4, "description": "Number of token windows on either side of current time to be considered valid for authentication." }, "OATHAuthAccountPrefix": { "value": false, "description": "Prefix for user account shown during enrollment." }, "OATHExclusiveRights": { "value": [], "description": "List of permissions that are revoked from users who do not use two-factor authentication." }, "OATHRequiredForGroups": { "value": [], "description": "List of user groups that must use two-factor authentication." }, "OATHRolloutPercent": { "value": 0, "description": "Percentage of users to add to 2FA rollout." }, "OATHSecretKey": { "value": false, "description": "A secret key value for encrypting OATH-related data which should be SODIUM_CRYPTO_SECRETBOX_KEYBYTES hexadecimal bytes (64 chars) in length. This variable is currently considered immutable. Do not publicly set this value." }, "OATHPrioritizedModules": { "value": [ "webauthn", "totp", "recoverycodes" ], "description": "List of authentication methods in the order that they should be prioritized." }, "OATHRecoveryCodesCount": { "value": 10, "description": "The default amount of recovery codes to generate for a given user." } }, "ResourceModules": { "ext.oath.totpenable.styles": { "class": "MediaWiki\\ResourceLoader\\CodexModule", "styles": [ "totp/ext.oath.showqrcode.styles.less" ], "codexStyleOnly": true, "codexComponents": [ "CdxButton", "CdxIcon" ] }, "ext.oath.recovery.styles": { "class": "MediaWiki\\ResourceLoader\\CodexModule", "styles": [ "recovery/ext.oath.recovery.less" ], "codexStyleOnly": true, "codexComponents": [ "CdxButton", "CdxIcon" ] }, "ext.oath.recovery": { "packageFiles": [ "recovery/ext.oath.recovery.copy.js" ], "messages": [ "oathauth-recoverycodes-copy-success" ] }, "ext.oath.manage.styles": { "class": "MediaWiki\\ResourceLoader\\CodexModule", "styles": [ "oathmanage/oathmanage.less" ], "codexStyleOnly": true, "codexComponents": [ "CdxMessage", "CdxButton", "CdxAccordion", "CdxField", "CdxLabel", "CdxTextInput" ] } }, "ResourceFileModulePaths": { "localBasePath": "modules", "remoteExtPath": "OATHAuth/modules" }, "SpecialPages": { "DisableOATHForUser": { "class": "\\MediaWiki\\Extension\\OATHAuth\\Special\\DisableOATHForUser", "services": [ "OATHUserRepository", "UserFactory", "CentralIdLookup" ] }, "OATHManage": { "class": "\\MediaWiki\\Extension\\OATHAuth\\Special\\OATHManage", "services": [ "OATHUserRepository", "OATHAuthModuleRegistry", "AuthManager" ] }, "VerifyOATHForUser": { "class": "\\MediaWiki\\Extension\\OATHAuth\\Special\\VerifyOATHForUser", "services": [ "OATHUserRepository", "UserFactory" ] } }, "AvailableRights": [ "oathauth-enable", "oathauth-api-all", "oathauth-disable-for-user", "oathauth-verify-user", "oathauth-view-log" ], "GroupPermissions": { "*": { "oathauth-disable-for-user": false, "oathauth-view-log": false }, "user": { "oathauth-enable": true }, "sysop": { "oathauth-disable-for-user": true, "oathauth-verify-user": true, "oathauth-view-log": true }, "oathauth-twofactorauth": { "oathauth-enable": true } }, "GrantPermissions": { "oath": { "oathauth-api-all": true, "oathauth-verify-user": true } }, "GrantPermissionGroups": { "oath": "authentication" }, "GrantRiskGroups": { "oath": "internal" }, "APIModules": { "oathvalidate": { "class": "\\MediaWiki\\Extension\\OATHAuth\\Api\\Module\\ApiOATHValidate", "services": [ "OATHUserRepository", "UserFactory" ] } }, "APIMetaModules": { "oath": { "class": "\\MediaWiki\\Extension\\OATHAuth\\Api\\Module\\ApiQueryOATH", "services": [ "OATHUserRepository" ] } }, "RateLimits": { "badoath": { "&can-bypass": false, "user": [ 10, 60 ], "user-global": [ 10, 60 ] } }, "load_composer_autoloader": true, "LogTypes": [ "oath" ], "LogNames": { "oath": "oath-log-name" }, "LogHeaders": { "oath": "oath-log-header" }, "LogActionsHandlers": { "oath/*": "LogFormatter" }, "LogRestrictions": { "oath": "oathauth-view-log" }, "ActionFilteredLogs": { "oath": { "verify": [ "verify" ], "disable-other": [ "disable-other" ] } }, "DatabaseVirtualDomains": [ "virtual-oathauth" ], "manifest_version": 2 }