So because of the architectural differences between the two extensions, I figured it'd just be easier to make a tracking bug and have bugs for all the things OATHAuth is missing that TwoFactorAuthentication has. Then I'll re-fix those things one-by-one rather than attempting some kind of massive code merge.
|Resolved||Parent5446||T55192 Merge Extension:TwoFactorAuthentication into Extension:OATHAuth|
|Resolved||Parent5446||T55194 Make authentication window size and leniency configurable|
|Resolved||Parent5446||T55195 OATH token input should be on a separate page|
|Resolved||Parent5446||T55196 Used OATH should be cached to avoid replay attacks|
|Open||Parent5446||T55197 OATH should use $wgSecureLogin|
|Resolved||RyanLane||T55198 E:OATHAuth needs to be friendly with other authn extensions on the login page|