Skip to content

server: reset 2fa user configuration on incomplete setup #10247

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
DaanHoogland merged 2 commits into from
Jan 30, 2025
Merged

server: reset 2fa user configuration on incomplete setup #10247

DaanHoogland merged 2 commits into from
Jan 30, 2025

Conversation

@shwstppr
Copy link
Contributor

@shwstppr shwstppr commented Jan 23, 2025

Description

Fixes #9308

When 2FA isn't validated and completed during setup and a login request is made, this PR clears 2FA configuration to allow setting it up again.

Types of changes

  • Breaking change (fix or feature that would cause existing functionality to change)
  • New feature (non-breaking change which adds functionality)
  • Bug fix (non-breaking change which fixes an issue)
  • Enhancement (improves an existing feature and functionality)
  • Cleanup (Code refactoring and cleanup, that may add test cases)
  • build/CI
  • test (unit or integration test code)

Feature/Enhancement Scale or Bug Severity

Feature/Enhancement Scale

  • Major
  • Minor

Bug Severity

  • BLOCKER
  • Critical
  • Major
  • Minor
  • Trivial

Screenshots (if appropriate):

How Has This Been Tested?

How did you try to break this feature and the system with this change?

@shwstppr
server: reset 2fa user configuration on incomplete setup
f23c2e6 
Fixes apache#9308

When 2FA isn't validated and completed during setup and a login request
is done, this PR clears 2FA configuration to allow setting it up again.

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>
@shwstppr
Copy link
Contributor Author

shwstppr commented Jan 23, 2025

@blueorangutan package

@shwstppr shwstppr linked an issue Jan 23, 2025 that may be closed by this pull request
2FA is enabled even if User fails to verify with TOTP code #9308
Closed
@blueorangutan
Copy link

blueorangutan commented Jan 23, 2025

@shwstppr a [SL] Jenkins job has been kicked to build packages. It will be bundled with KVM, XenServer and VMware SystemVM templates. I'll keep you posted as I make progress.

@codecov
Copy link

codecov bot commented Jan 23, 2025
edited
Loading

Codecov Report

Attention: Patch coverage is 63.63636% with 8 lines in your changes missing coverage. Please review.

Project coverage is 15.15%. Comparing base (9967bb3) to head (c128b0b).
Report is 24 commits behind head on 4.19.

Files with missing lines Patch % Lines
...ma/src/main/java/com/cloud/user/UserAccountVO.java 0.00% 3 Missing ⚠️
...c/main/java/com/cloud/user/AccountManagerImpl.java 82.35% 0 Missing and 3 partials ⚠️
server/src/main/java/com/cloud/api/ApiServer.java 0.00% 2 Missing ⚠️
Additional details and impacted files 
@@             Coverage Diff              @@
##               4.19   #10247      +/-   ##
============================================
+ Coverage     15.13%   15.15%   +0.01%     
- Complexity    11274    11285      +11     
============================================
  Files          5408     5408              
  Lines        473974   473844     -130     
  Branches      57813    57826      +13     
============================================
+ Hits          71730    71804      +74     
+ Misses       394227   394013     -214     
- Partials       8017     8027      +10
Flag Coverage Δ
uitests 4.29% <ø> (-0.01%) ⬇️
unittests 15.87% <63.63%> (+0.02%) ⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@blueorangutan
Copy link

blueorangutan commented Jan 23, 2025

Packaging result [SF]: ✔️ el8 ✔️ el9 ✔️ debian ✔️ suse15. SL-JID 12185

@shwstppr
Copy link
Contributor Author

shwstppr commented Jan 25, 2025

@blueorangutan test

@blueorangutan
Copy link

blueorangutan commented Jan 25, 2025

@shwstppr a [SL] Trillian-Jenkins test job (ol8 mgmt + kvm-ol8) has been kicked to run smoke tests

@blueorangutan
Copy link

blueorangutan commented Jan 25, 2025

[SF] Trillian test result (tid-12187)
Environment: kvm-ol8 (x2), Advanced Networking with Mgmt server ol8
Total time taken: 43722 seconds
Marvin logs: https://github.com/blueorangutan/acs-prs/releases/download/trillian/pr10247-t12187-kvm-ol8.zip
Smoke tests completed. 132 look OK, 1 have errors, 0 did not run
Only failed and skipped tests results shown below:

Test Result Time (s) Test File
test_01_secure_vm_migration Error 131.42 test_vm_life_cycle.py
test_01_secure_vm_migration Error 131.43 test_vm_life_cycle.py

@shwstppr
add unit tests
c128b0b 
Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>
@shwstppr shwstppr marked this pull request as ready for review January 27, 2025 04:51
DaanHoogland
DaanHoogland approved these changes Jan 27, 2025
View reviewed changes
Copy link
Contributor

@DaanHoogland DaanHoogland left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

clgtm

@DaanHoogland DaanHoogland added this to the 4.19.2 milestone Jan 27, 2025
@borisstoyanov borisstoyanov self-assigned this Jan 27, 2025
@borisstoyanov
Copy link
Contributor

borisstoyanov commented Jan 27, 2025

@blueorangutan package

@blueorangutan
Copy link

blueorangutan commented Jan 27, 2025

@borisstoyanov a [SL] Jenkins job has been kicked to build packages. It will be bundled with KVM, XenServer and VMware SystemVM templates. I'll keep you posted as I make progress.

harikrishna-patnala
harikrishna-patnala approved these changes Jan 27, 2025
View reviewed changes
Copy link
Contributor

@harikrishna-patnala harikrishna-patnala left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

code LGTM

@blueorangutan
Copy link

blueorangutan commented Jan 27, 2025

Packaging result [SF]: ✔️ el8 ✔️ el9 ✔️ debian ✔️ suse15. SL-JID 12219

borisstoyanov
borisstoyanov approved these changes Jan 28, 2025
View reviewed changes
Copy link
Contributor

@borisstoyanov borisstoyanov left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, cannot reproduce with the new changes

@DaanHoogland DaanHoogland merged commit b93589b into apache:4.19 Jan 30, 2025
26 checks passed
@DaanHoogland DaanHoogland deleted the fix-2fa-setup-relogin branch January 30, 2025 14:51
@DaanHoogland DaanHoogland mentioned this pull request Jan 30, 2025
Closed
rg9975 pushed a commit to rg9975/cloudstack that referenced this pull request Jan 31, 2025
@shwstppr
server: reset 2fa user configuration on incomplete setup (apache#10247)
cdd17dc 
Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>
dhslove pushed a commit to ablecloud-team/ablestack-cloud that referenced this pull request Jun 19, 2025
@shwstppr @dhslove
server: reset 2fa user configuration on incomplete setup (apache#10247)
8518757 
Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@DaanHoogland DaanHoogland DaanHoogland approved these changes

@harikrishna-patnala harikrishna-patnala harikrishna-patnala approved these changes

@borisstoyanov borisstoyanov borisstoyanov approved these changes

Assignees

@borisstoyanov borisstoyanov

Labels

component:networking status:ready-for-merge

Projects

None yet

Milestone

4.19.2

Development

Successfully merging this pull request may close these issues.

2FA is enabled even if User fails to verify with TOTP code

5 participants

@shwstppr @blueorangutan @borisstoyanov @DaanHoogland @harikrishna-patnala