- 08 May, 2017 3 commits
-
-
Mike Greiling authored
-
Mike Greiling authored
-
Mike Greiling authored
-
- 05 Mar, 2017 1 commit
-
-
winniehell authored
-
- 17 Feb, 2017 1 commit
-
-
Mike Greiling authored
-
- 18 Jan, 2017 2 commits
-
-
Mike Greiling authored
-
Mike Greiling authored
-
- 04 Jan, 2017 1 commit
-
-
Luke "Jared" Bennett authored
-
- 27 Dec, 2016 1 commit
-
-
Luke "Jared" Bennett authored
Added tests
-
- 14 Dec, 2016 1 commit
-
-
Mike Greiling authored
-
- 15 Nov, 2016 1 commit
-
-
Luke "Jared" Bennett authored
-
- 07 Nov, 2016 1 commit
-
-
winniehell authored
-
- 26 Oct, 2016 1 commit
-
-
winniehell authored
-
- 08 Sep, 2016 1 commit
-
-
Jared Deckard authored
-
- 24 Jul, 2016 1 commit
-
-
Fatih Acet authored
-
- 14 Jul, 2016 3 commits
-
-
Timothy Andrew authored
1. This scenario was previously tested for the registration flow, but not authentication.
-
Timothy Andrew authored
1. According to the spec, either we have a single challenge with a number of `signRequests`, or a number of `signRequests`, each with it's own challenge. 2. Previously, we had both these - per-request challenges, as well as a single extra challenge. 3. This commit changes this so that the per-request challenges are removed, leaving only a single challenge, as per the v1.1 U2F API. 4. The existing implementation didn't work in Firefox, because the Firefox (extension) implementation is less flexible with regard to the inputs. 5. Fix teaspoon specs. 6. References: https://fidoalliance.org/specs/fido-u2f-v1.0-nfc-bt-amendment-20150514/fido-u2f-javascript-api.html#h2_background
-
Timothy Andrew authored
1. Only on supported Chrome versions 2. Mainly, this lets us simplify the javascript-based U2F check to `window.u2f`, where `window.u2f` can either be loaded from the GitLab server (for Chrome) or from the Firefox extension. 3. This is a better way to provide browser detection for U2F.
-
- 06 Jun, 2016 2 commits
-
-
Timothy Andrew authored
- Move the `authenticate_with_two_factor` method from `ApplicationController` to the `AuthenticatesWithTwoFactor` module, where it should be.
-
Timothy Andrew authored
- Move the `TwoFactorAuthsController`'s `new` action to `show`, since the page is not used to create a single "two factor auth" anymore. We can have a single 2FA authenticator app, along with any number of U2F devices, in any combination, so the page will be accessed after the first "two factor auth" is created. - Add the `u2f` javascript library, which provides an API to the browser's U2F implementation. - Add tests for the JS components
-