From d69cebd8c703f0a1f6839944f1c949bce350b02e Mon Sep 17 00:00:00 2001
From: Byron Jones <glob@mozilla.com>
Date: Tue, 13 Oct 2015 00:49:00 +0800
Subject: Bug 1199089 - add support for duo-security

---
 Bugzilla/MFA.pm | 28 ++++++++++++++++++++++++++--
 1 file changed, 26 insertions(+), 2 deletions(-)

(limited to 'Bugzilla/MFA.pm')

diff --git a/Bugzilla/MFA.pm b/Bugzilla/MFA.pm
index 4f0d8a547..868a75a7e 100644
--- a/Bugzilla/MFA.pm
+++ b/Bugzilla/MFA.pm
@@ -10,18 +10,38 @@ use strict;
 
 use Bugzilla::RNG qw( irand );
 use Bugzilla::Token qw( issue_short_lived_session_token set_token_extra_data get_token_extra_data delete_token );
-use Bugzilla::Util qw( trick_taint);
+use Bugzilla::Util qw( trick_taint );
 
 sub new {
     my ($class, $user) = @_;
     return bless({ user => $user }, $class);
 }
 
+sub new_from {
+    my ($class, $user, $mfa) = @_;
+    $mfa //= '';
+    if ($mfa eq 'TOTP') {
+        require Bugzilla::MFA::TOTP;
+        return Bugzilla::MFA::TOTP->new($user);
+    }
+    elsif ($mfa eq 'Duo' && Bugzilla->params->{duo_host}) {
+        require Bugzilla::MFA::Duo;
+        return Bugzilla::MFA::Duo->new($user);
+    }
+    else {
+        require Bugzilla::MFA::Dummy;
+        return Bugzilla::MFA::Dummy->new($user);
+    }
+}
+
 # abstract methods
 
-# api call, returns required data to user-prefs enrollment page
+# called during enrollment
 sub enroll {}
 
+# api call, returns required data to user-prefs enrollment page
+sub enroll_api {}
+
 # called after the user has confirmed enrollment
 sub enrolled {}
 
@@ -31,6 +51,10 @@ sub prompt {}
 # throws errors if code is invalid
 sub check {}
 
+# if true verifcation can happen inline (during enrollment/pref changes)
+# if false then the mfa provider requires an intermediate verification page
+sub can_verify_inline { 0 }
+
 # verification
 
 sub verify_prompt {
-- 
cgit v1.2.3-24-g4f1b