Page MenuHomePhabricator

2FA Scratch codes error
Closed, ResolvedPublicBug

Description


my phone had broken and I change my smart phone.so I use my scratch code but error.my main account is WAN233.

Backtrace

[XSN1BApAADsAAHeoahcAAACF] /w/index.php?title=Special:UserLogin&returnto=Special:OAuth/authorize&returntoquery=oauth_token%3Db735c86ba2fdce2d1812fc927e7d2270%26oauth_consumer_key%3D038ec949b263dc807b0079fd88538f37   Wikimedia\Services\NoSuchServiceException from line 463 of /srv/mediawiki/php-1.34.0-wmf.11/includes/libs/services/ServiceContainer.php: No such service: OATHAuthUserRepository
#0 /srv/mediawiki/php-1.34.0-wmf.11/includes/libs/services/ServiceContainer.php(421): Wikimedia\Services\ServiceContainer->createService(string)
#1 /srv/mediawiki/php-1.34.0-wmf.11/extensions/OATHAuth/src/Key/TOTPKey.php(172): Wikimedia\Services\ServiceContainer->getService(string)
#2 /srv/mediawiki/php-1.34.0-wmf.11/extensions/OATHAuth/includes/auth/TOTPSecondaryAuthenticationProvider.php(106): MediaWiki\Extension\OATHAuth\Key\TOTPKey->verify(string, MediaWiki\Extension\OATHAuth\OATHUser)
#3 /srv/mediawiki/php-1.34.0-wmf.11/extensions/OATHAuth/src/Auth/SecondaryAuthenticationProvider.php(62): TOTPSecondaryAuthenticationProvider->continueSecondaryAuthentication(User, array)
#4 /srv/mediawiki/php-1.34.0-wmf.11/includes/auth/AuthManager.php(648): MediaWiki\Extension\OATHAuth\Auth\SecondaryAuthenticationProvider->continueSecondaryAuthentication(User, array)
#5 /srv/mediawiki/php-1.34.0-wmf.11/includes/specialpage/AuthManagerSpecialPage.php(355): MediaWiki\Auth\AuthManager->continueAuthentication(array)
#6 /srv/mediawiki/php-1.34.0-wmf.11/includes/specialpage/AuthManagerSpecialPage.php(482): AuthManagerSpecialPage->performAuthenticationStep(string, array)
#7 /srv/mediawiki/php-1.34.0-wmf.11/includes/htmlform/HTMLForm.php(672): AuthManagerSpecialPage->handleFormSubmit(array, VFormHTMLForm)
#8 /srv/mediawiki/php-1.34.0-wmf.11/includes/specialpage/AuthManagerSpecialPage.php(416): HTMLForm->trySubmit()
#9 /srv/mediawiki/php-1.34.0-wmf.11/includes/specialpage/LoginSignupSpecialPage.php(313): AuthManagerSpecialPage->trySubmit()
#10 /srv/mediawiki/php-1.34.0-wmf.11/includes/specialpage/SpecialPage.php(571): LoginSignupSpecialPage->execute(NULL)
#11 /srv/mediawiki/php-1.34.0-wmf.11/includes/specialpage/SpecialPageFactory.php(581): SpecialPage->run(NULL)
#12 /srv/mediawiki/php-1.34.0-wmf.11/includes/MediaWiki.php(288): MediaWiki\Special\SpecialPageFactory->executePath(Title, RequestContext)
#13 /srv/mediawiki/php-1.34.0-wmf.11/includes/MediaWiki.php(884): MediaWiki->performRequest()
#14 /srv/mediawiki/php-1.34.0-wmf.11/includes/MediaWiki.php(515): MediaWiki->main()
#15 /srv/mediawiki/php-1.34.0-wmf.11/index.php(42): MediaWiki->run()
#16 /srv/mediawiki/w/index.php(3): include(string)
#17 {main}

Event Timeline

Restricted Application added a subscriber: Aklapper. · View Herald TranscriptJul 8 2019, 5:00 PM
WAN233-bot updated the task description. (Show Details)Jul 8 2019, 5:09 PM
DannyS712 added a subscriber: DannyS712.

Error id: XSN1BApAADsAAHeoahcAAACF

Urbanecm updated the task description. (Show Details)Jul 8 2019, 5:19 PM
Urbanecm triaged this task as Unbreak Now! priority.Jul 8 2019, 5:23 PM
Urbanecm added a subscriber: Urbanecm.

I can reproduce. IMO qualifies as an UBN, since it prevents anyone using 2FA to protect against phone loss.

WAN233, given this task was created using your bot account, which can be linked to your main account thanks to this history, I'm convinced you're the real WAN233. Do you want to disable 2FA?

Restricted Application added a subscriber: Liuxinyu970226. · View Herald TranscriptJul 8 2019, 5:23 PM
WAN233-bot added a comment.EditedJul 8 2019, 5:24 PM

@Urbanecm OK,thanks

WAN233-bot added a comment.EditedJul 8 2019, 5:31 PM

I am surface admin at zh-classial wiki.I will enable it again.

All changes in the repo for wmf.11:

 !  ~/D/c/a/OATHAuth   master  git log --topo-order --no-merges --oneline origin/wmf/1.34.0-wmf.10..origin/wmf/1.34.0-wmf.11                             Mon  8 Jul 11:22:59 2019
7352a23 (origin/wmf/1.34.0-wmf.11) Localisation updates from https://translatewiki.net.
bd6969f Added required key in Username field of Special:DisableOATHForUser
62d83ab Bump version to 0.3.0
707f333 Disable autocomplete on 2FA verification fields
7ed800b Stop referring to $wgUser in a comment
8099c0a Make token fields always ltr
d147545 Fix `remoteExtPath` in RL module definition
ea984e5 Refactor the extension to support multiple auth modules

My immediate suspicion is on ea984e5 for no other reason than it's a very large change. @Reedy merged but now has limited availability. Given that it involved a DB schema change, this wouldn't be a trivial revert…

@Urbanecm OK,thanks

Can you please email ca@wikimedia.org from the email you have assigned to your account to verify your identity please?

Ping @ItSpiderman and @Osnard as authors of most of the changes...

Change 521335 had a related patch set uploaded (by Urbanecm; owner: Urbanecm):
[mediawiki/extensions/OATHAuth@master] [bugfix] Use correct service name in TOTPKey::verify()

https://gerrit.wikimedia.org/r/521335

Reedy added a comment.Jul 8 2019, 7:24 PM

Fix is easy

Change 521336 had a related patch set uploaded (by Reedy; owner: Reedy):
[mediawiki/extensions/OATHAuth@master] Fix service name

https://gerrit.wikimedia.org/r/521336

Change 521336 abandoned by Reedy:
Fix service name

https://gerrit.wikimedia.org/r/521336

Change 521337 had a related patch set uploaded (by Reedy; owner: Urbanecm):
[mediawiki/extensions/OATHAuth@wmf/1.34.0-wmf.11] [bugfix] Use correct service name in TOTPKey::verify()

https://gerrit.wikimedia.org/r/521337

Change 521335 abandoned by Urbanecm:
[bugfix] Use correct service name in TOTPKey::verify()

Reason:
Already done in https://gerrit.wikimedia.org/r/c/mediawiki/extensions/OATHAuth/ /510300/20/src/Key/TOTPKey.php

https://gerrit.wikimedia.org/r/521335

Fix is easy

Hmm, and it was already done in https://gerrit.wikimedia.org/r/c/mediawiki/extensions/OATHAuth/+/510300/20/src/Key/TOTPKey.php. Backport my change (even it can't end up in master), or the fix itself (warning, it's a big patch)?

Change 521337 merged by jenkins-bot:
[mediawiki/extensions/OATHAuth@wmf/1.34.0-wmf.11] [bugfix] Use correct service name in TOTPKey::verify()

https://gerrit.wikimedia.org/r/521337

Reedy added a comment.Jul 8 2019, 7:36 PM

Fix is easy

Hmm, and it was already done in https://gerrit.wikimedia.org/r/c/mediawiki/extensions/OATHAuth/+/510300/20/src/Key/TOTPKey.php. Backport my change (even it can't end up in master), or the fix itself (warning, it's a big patch)?

We don't backport features generally

Mentioned in SAL (#wikimedia-operations) [2019-07-08T19:38:46Z] <reedy@deploy1001> Synchronized php-1.34.0-wmf.11/extensions/OATHAuth/src/Key/TOTPKey.php: T227502 (duration: 00m 50s)

Reedy closed this task as Resolved.Jul 8 2019, 7:39 PM
Reedy assigned this task to Urbanecm.
Restricted Application added a project: User-Urbanecm. · View Herald TranscriptJul 8 2019, 7:39 PM

@Urbanecm OK,thanks

Can you please email ca@wikimedia.org from the email you have assigned to your account to verify your identity please?

done

Osnard added a comment.EditedJul 9 2019, 9:48 AM

@Reedy It there anything @ItSpiderman or me can do to help here? Has it been caused by out refactoring/work?

@Reedy It there anything @ItSpiderman or me can do to help here? Has it been caused by out refactoring/work?

This issue is already fixed. Thanks.