I had to roll it back to .18 to get it to work...
Basically, anything that requires elevated permissions and it was a PITA
I had to roll it back to .18 to get it to work...
Basically, anything that requires elevated permissions and it was a PITA
@Reedy I cannot seem to reproduce this locally. Could you provide some reproduction steps? I've tried visiting Special:Userrights and other restricted pages while logged in and it did not bother me. All other functionality seemed to be working as expected.
@Reedy Just so I know all the details, were you logged in already? And I presume your account has 2FA enabled on it?
Originally, but I logged out and in again and still had the same issue. @bd808 and @valhallasw had the same issue
And the error message was:
"oathauth-abortlogin": "The two-factor authentication token provided was invalid.",
Literally the only place that error message is used is in the AbortChangePassword hook...
I think this might be due to https://gerrit.wikimedia.org/r/135597, which removed the TwoFactorIsEnabled hook, which SpecialNova uses to check for two-factor when loading higher privileged special pages. But I'm not sure why it would give that error message.
.19 is running now on https://labtestwikitech.wikimedia.org so y'all can see the problem.
function checkTwoFactor() { if ( $this->getUser()->isAllowed( 'userrights' ) ) { $isEnabled = false; Hooks::run( 'TwoFactorIsEnabled', array( &$isEnabled ) ); if ( !$isEnabled ) { throw new ErrorPageError( 'openstackmanager-twofactorrequired', 'openstackmanager-twofactorrequired2' ); } } }
So a hook was removed that a production extension depends on. :/
Change 281025 had a related patch set uploaded (by Dpatrick):
Reintroduce TwoFactorIsEnabled hook
I have a patch in now. I'd like to reproduce the issue on https://labtestwikitech.wikimedia.org/, then have the fix deployed there for testing, if possible. However, I'm having trouble reproducing the error. Is the problem be triggered by simply visiting https://labtestwikitech.wikimedia.org/Special:NovaInstance when logged in?
It was, if you enable 2FA. I don't know if you require elevated permissions too, but that should be relatively easy to get if necessary
I have 2FA enabled (for use dpatrick2) and I get an error from that page. I might need those elevated permissions.
Okay, I'm able to see the error now. Thanks! Is it possible, without too much trouble, to have https://gerrit.wikimedia.org/r/281025 deployed there for testing?
Change 281119 had a related patch set uploaded (by Reedy):
Reintroduce TwoFactorIsEnabled hook
Cherry picked, merged, deployed, pulled
I don't have cloudadmin on that wiki, so can't test atm either...
Logged in with my wikitech details, createAndPromote to give me 'crat, and SQL insert on the db to make myself a cloud admin. 2FA enabled, and tested.
Works for me now :)