From 3f0cf7773ec015b62d14559d8606ed8acfeea23c Mon Sep 17 00:00:00 2001 From: magento packaging service Date: Fri, 9 Aug 2024 17:01:25 +0000 Subject: [PATCH] Version 1.1.6-p2 --- ReCaptchaAdminUi/composer.json | 8 +- ReCaptchaCheckout/composer.json | 18 +++-- ReCaptchaCheckoutSalesRule/composer.json | 20 ++--- ReCaptchaContact/composer.json | 8 +- ReCaptchaCustomer/composer.json | 12 +-- ReCaptchaFrontendUi/composer.json | 8 +- ReCaptchaMigration/composer.json | 6 +- ReCaptchaNewsletter/composer.json | 12 +-- ReCaptchaPaypal/composer.json | 14 ++-- ReCaptchaReview/composer.json | 12 +-- ReCaptchaSendFriend/composer.json | 12 +-- ReCaptchaStorePickup/composer.json | 8 +- ReCaptchaUi/composer.json | 22 ++--- ReCaptchaUser/composer.json | 10 ++- ReCaptchaValidation/composer.json | 8 +- ReCaptchaValidationApi/composer.json | 6 +- ReCaptchaVersion2Checkbox/composer.json | 12 +-- ReCaptchaVersion2Invisible/composer.json | 12 +-- ReCaptchaVersion3Invisible/composer.json | 12 +-- ReCaptchaWebapiApi/composer.json | 8 +- ReCaptchaWebapiGraphQl/composer.json | 14 ++-- ReCaptchaWebapiRest/composer.json | 10 ++- ReCaptchaWebapiUi/composer.json | 8 +- Securitytxt/composer.json | 24 +++--- .../Controller/Adminhtml/Authy/Authpost.php | 54 ++++++++++++- .../Controller/Adminhtml/Google/Authpost.php | 54 ++++++++++++- .../Model/Config/Backend/OtpWindow.php | 64 +++++++++++++++ .../Setup/Patch/Data/UpdateOtpWindow.php | 81 +++++++++++++++++++ TwoFactorAuth/Test/Api/GoogleActivateTest.php | 2 +- .../Test/Api/GoogleAuthenticateTest.php | 2 +- TwoFactorAuth/composer.json | 6 +- TwoFactorAuth/etc/adminhtml/system.xml | 13 ++- TwoFactorAuth/etc/config.xml | 4 +- TwoFactorAuth/i18n/en_US.csv | 5 ++ _metapackage/composer.json | 52 ++++++------ 35 files changed, 470 insertions(+), 151 deletions(-) mode change 100644 => 100755 TwoFactorAuth/Controller/Adminhtml/Authy/Authpost.php mode change 100644 => 100755 TwoFactorAuth/Controller/Adminhtml/Google/Authpost.php create mode 100644 TwoFactorAuth/Model/Config/Backend/OtpWindow.php create mode 100644 TwoFactorAuth/Setup/Patch/Data/UpdateOtpWindow.php mode change 100644 => 100755 TwoFactorAuth/etc/adminhtml/system.xml create mode 100755 TwoFactorAuth/i18n/en_US.csv diff --git a/ReCaptchaAdminUi/composer.json b/ReCaptchaAdminUi/composer.json index d37ce494..bbb33e47 100644 --- a/ReCaptchaAdminUi/composer.json +++ b/ReCaptchaAdminUi/composer.json @@ -1,15 +1,16 @@ { "name": "magento/module-re-captcha-admin-ui", "description": "Google reCAPTCHA integration for Magento2", + "type": "magento2-module", + "license": "OSL-3.0", + "version": "1.1.4", "require": { "php": "~8.1.0||~8.2.0||~8.3.0", "magento/framework": "*", "magento/module-config": "*", - "magento/module-re-captcha-ui": "*", + "magento/module-re-captcha-ui": "1.1.*", "magento/module-store": "*" }, - "type": "magento2-module", - "license": "OSL-3.0", "autoload": { "files": [ "registration.php" @@ -19,3 +20,4 @@ } } } + diff --git a/ReCaptchaCheckout/composer.json b/ReCaptchaCheckout/composer.json index fd5d1240..74f3e2d4 100644 --- a/ReCaptchaCheckout/composer.json +++ b/ReCaptchaCheckout/composer.json @@ -1,19 +1,20 @@ { "name": "magento/module-re-captcha-checkout", "description": "Google reCAPTCHA integration for Magento2", + "type": "magento2-module", + "license": "OSL-3.0", + "version": "1.1.4", "require": { "php": "~8.1.0||~8.2.0||~8.3.0", "magento/framework": "*", "magento/module-checkout": "*", - "magento/module-re-captcha-ui": "*", - "magento/module-re-captcha-validation-api": "*", - "magento/module-re-captcha-admin-ui": "*", - "magento/module-re-captcha-frontend-ui": "*", - "magento/module-re-captcha-webapi-api": "*", - "magento/module-re-captcha-webapi-ui": "*" + "magento/module-re-captcha-ui": "1.1.*", + "magento/module-re-captcha-validation-api": "1.1.*", + "magento/module-re-captcha-admin-ui": "1.1.*", + "magento/module-re-captcha-frontend-ui": "1.1.*", + "magento/module-re-captcha-webapi-api": "1.0.*", + "magento/module-re-captcha-webapi-ui": "1.0.*" }, - "type": "magento2-module", - "license": "OSL-3.0", "autoload": { "files": [ "registration.php" @@ -23,3 +24,4 @@ } } } + diff --git a/ReCaptchaCheckoutSalesRule/composer.json b/ReCaptchaCheckoutSalesRule/composer.json index 3d66f93c..501406b3 100644 --- a/ReCaptchaCheckoutSalesRule/composer.json +++ b/ReCaptchaCheckoutSalesRule/composer.json @@ -1,20 +1,21 @@ { "name": "magento/module-re-captcha-checkout-sales-rule", "description": "Google ReCaptcha integration for Magento2 coupons", + "type": "magento2-module", + "license": "OSL-3.0", + "version": "1.1.3", "require": { "php": "~8.1.0||~8.2.0||~8.3.0", "magento/framework": "*", "magento/module-checkout": "*", "magento/module-sales-rule": "*", - "magento/module-re-captcha-ui": "*", - "magento/module-re-captcha-validation-api": "*", - "magento/module-re-captcha-admin-ui": "*", - "magento/module-re-captcha-frontend-ui": "*", - "magento/module-re-captcha-webapi-api": "*", - "magento/module-re-captcha-webapi-ui": "*" + "magento/module-re-captcha-ui": "1.1.*", + "magento/module-re-captcha-validation-api": "1.1.*", + "magento/module-re-captcha-admin-ui": "1.1.*", + "magento/module-re-captcha-frontend-ui": "1.1.*", + "magento/module-re-captcha-webapi-api": "1.0.*", + "magento/module-re-captcha-webapi-ui": "1.0.*" }, - "type": "magento2-module", - "license": "OSL-3.0", "autoload": { "files": [ "registration.php" @@ -22,5 +23,6 @@ "psr-4": { "Magento\\ReCaptchaCheckoutSalesRule\\": "" } - } + } } + diff --git a/ReCaptchaContact/composer.json b/ReCaptchaContact/composer.json index 6c8f9ae9..502cfb26 100644 --- a/ReCaptchaContact/composer.json +++ b/ReCaptchaContact/composer.json @@ -1,13 +1,14 @@ { "name": "magento/module-re-captcha-contact", "description": "Google reCAPTCHA integration for Magento2", + "type": "magento2-module", + "license": "OSL-3.0", + "version": "1.1.3", "require": { "php": "~8.1.0||~8.2.0||~8.3.0", "magento/framework": "*", - "magento/module-re-captcha-ui": "*" + "magento/module-re-captcha-ui": "1.1.*" }, - "type": "magento2-module", - "license": "OSL-3.0", "autoload": { "files": [ "registration.php" @@ -17,3 +18,4 @@ } } } + diff --git a/ReCaptchaCustomer/composer.json b/ReCaptchaCustomer/composer.json index 065d3183..feca6a02 100644 --- a/ReCaptchaCustomer/composer.json +++ b/ReCaptchaCustomer/composer.json @@ -1,16 +1,17 @@ { "name": "magento/module-re-captcha-customer", "description": "Google reCAPTCHA integration for Magento2", + "type": "magento2-module", + "license": "OSL-3.0", + "version": "1.1.5", "require": { "php": "~8.1.0||~8.2.0||~8.3.0", "magento/framework": "*", "magento/module-customer": "*", - "magento/module-re-captcha-ui": "*", - "magento/module-re-captcha-validation-api": "*", - "magento/module-re-captcha-webapi-api": "*" + "magento/module-re-captcha-ui": "1.1.*", + "magento/module-re-captcha-validation-api": "1.1.*", + "magento/module-re-captcha-webapi-api": "1.0.*" }, - "type": "magento2-module", - "license": "OSL-3.0", "autoload": { "files": [ "registration.php" @@ -20,3 +21,4 @@ } } } + diff --git a/ReCaptchaFrontendUi/composer.json b/ReCaptchaFrontendUi/composer.json index 78cdd6a9..8d052d67 100644 --- a/ReCaptchaFrontendUi/composer.json +++ b/ReCaptchaFrontendUi/composer.json @@ -1,14 +1,15 @@ { "name": "magento/module-re-captcha-frontend-ui", "description": "Google reCAPTCHA integration for Magento2", + "type": "magento2-module", + "license": "OSL-3.0", + "version": "1.1.5", "require": { "php": "~8.1.0||~8.2.0||~8.3.0", "magento/framework": "*", "magento/module-store": "*", - "magento/module-re-captcha-ui": "*" + "magento/module-re-captcha-ui": "1.1.*" }, - "type": "magento2-module", - "license": "OSL-3.0", "autoload": { "files": [ "registration.php" @@ -18,3 +19,4 @@ } } } + diff --git a/ReCaptchaMigration/composer.json b/ReCaptchaMigration/composer.json index 81504bcb..369f67db 100644 --- a/ReCaptchaMigration/composer.json +++ b/ReCaptchaMigration/composer.json @@ -1,13 +1,14 @@ { "name": "magento/module-re-captcha-migration", "description": "Google reCAPTCHA config migration for Magento2", + "type": "magento2-module", + "license": "OSL-3.0", + "version": "1.1.4", "require": { "php": "~8.1.0||~8.2.0||~8.3.0", "magento/framework": "*", "magento/module-config": "*" }, - "type": "magento2-module", - "license": "OSL-3.0", "autoload": { "files": [ "registration.php" @@ -17,3 +18,4 @@ } } } + diff --git a/ReCaptchaNewsletter/composer.json b/ReCaptchaNewsletter/composer.json index 687a9cef..13f0174a 100644 --- a/ReCaptchaNewsletter/composer.json +++ b/ReCaptchaNewsletter/composer.json @@ -1,15 +1,16 @@ { "name": "magento/module-re-captcha-newsletter", "description": "Google reCAPTCHA integration for Magento2", + "type": "magento2-module", + "license": "OSL-3.0", + "version": "1.1.4", "require": { "php": "~8.1.0||~8.2.0||~8.3.0", "magento/framework": "*", - "magento/module-re-captcha-ui": "*", - "magento/module-re-captcha-validation-api": "*", - "magento/module-re-captcha-webapi-api": "*" + "magento/module-re-captcha-ui": "1.1.*", + "magento/module-re-captcha-validation-api": "1.1.*", + "magento/module-re-captcha-webapi-api": "1.0.*" }, - "type": "magento2-module", - "license": "OSL-3.0", "autoload": { "files": [ "registration.php" @@ -19,3 +20,4 @@ } } } + diff --git a/ReCaptchaPaypal/composer.json b/ReCaptchaPaypal/composer.json index e6373715..07575c8e 100644 --- a/ReCaptchaPaypal/composer.json +++ b/ReCaptchaPaypal/composer.json @@ -1,19 +1,20 @@ { "name": "magento/module-re-captcha-paypal", "description": "Google reCaptcha integration for Magento2 PayPal PayflowPro payment form", + "type": "magento2-module", + "license": "OSL-3.0", + "version": "1.1.4", "require": { "php": "~8.1.0||~8.2.0||~8.3.0", "magento/framework": "*", - "magento/module-re-captcha-ui": "*", - "magento/module-re-captcha-validation-api": "*", + "magento/module-re-captcha-ui": "1.1.*", + "magento/module-re-captcha-validation-api": "1.1.*", "magento/module-checkout": "*", - "magento/module-re-captcha-webapi-api": "*", + "magento/module-re-captcha-webapi-api": "1.0.*", "magento/module-quote": "*", "magento/module-paypal": "*", - "magento/module-re-captcha-checkout": "*" + "magento/module-re-captcha-checkout": "1.1.*" }, - "type": "magento2-module", - "license": "OSL-3.0", "autoload": { "files": [ "registration.php" @@ -23,3 +24,4 @@ } } } + diff --git a/ReCaptchaReview/composer.json b/ReCaptchaReview/composer.json index 628da4f6..813c100d 100644 --- a/ReCaptchaReview/composer.json +++ b/ReCaptchaReview/composer.json @@ -1,15 +1,16 @@ { "name": "magento/module-re-captcha-review", "description": "Google reCAPTCHA integration for Magento2", + "type": "magento2-module", + "license": "OSL-3.0", + "version": "1.1.4", "require": { "php": "~8.1.0||~8.2.0||~8.3.0", "magento/framework": "*", - "magento/module-re-captcha-ui": "*", - "magento/module-re-captcha-validation-api": "*", - "magento/module-re-captcha-webapi-api": "*" + "magento/module-re-captcha-ui": "1.1.*", + "magento/module-re-captcha-validation-api": "1.1.*", + "magento/module-re-captcha-webapi-api": "1.0.*" }, - "type": "magento2-module", - "license": "OSL-3.0", "autoload": { "files": [ "registration.php" @@ -19,3 +20,4 @@ } } } + diff --git a/ReCaptchaSendFriend/composer.json b/ReCaptchaSendFriend/composer.json index 10845103..d1a08690 100644 --- a/ReCaptchaSendFriend/composer.json +++ b/ReCaptchaSendFriend/composer.json @@ -1,15 +1,16 @@ { "name": "magento/module-re-captcha-send-friend", "description": "Google reCAPTCHA integration for Magento2", + "type": "magento2-module", + "license": "OSL-3.0", + "version": "1.1.4", "require": { "php": "~8.1.0||~8.2.0||~8.3.0", "magento/framework": "*", - "magento/module-re-captcha-ui": "*", - "magento/module-re-captcha-validation-api": "*", - "magento/module-re-captcha-webapi-api": "*" + "magento/module-re-captcha-ui": "1.1.*", + "magento/module-re-captcha-validation-api": "1.1.*", + "magento/module-re-captcha-webapi-api": "1.0.*" }, - "type": "magento2-module", - "license": "OSL-3.0", "autoload": { "files": [ "registration.php" @@ -19,3 +20,4 @@ } } } + diff --git a/ReCaptchaStorePickup/composer.json b/ReCaptchaStorePickup/composer.json index 9858c213..46fc3760 100644 --- a/ReCaptchaStorePickup/composer.json +++ b/ReCaptchaStorePickup/composer.json @@ -1,17 +1,18 @@ { "name": "magento/module-re-captcha-store-pickup", "description": "Google reCaptcha integration for Magento2 Inventory Store Pickup shipping form", + "type": "magento2-module", + "license": "OSL-3.0", + "version": "1.0.3", "require": { "php": "~8.1.0||~8.2.0||~8.3.0", "magento/framework": "*", "magento/module-checkout": "*", - "magento/module-re-captcha-ui": "*" + "magento/module-re-captcha-ui": "1.1.*" }, "suggest": { "magento/module-inventory-in-store-pickup-frontend": "*" }, - "type": "magento2-module", - "license": "OSL-3.0", "autoload": { "files": [ "registration.php" @@ -21,3 +22,4 @@ } } } + diff --git a/ReCaptchaUi/composer.json b/ReCaptchaUi/composer.json index e49c14bc..a0c904fe 100644 --- a/ReCaptchaUi/composer.json +++ b/ReCaptchaUi/composer.json @@ -1,19 +1,14 @@ { "name": "magento/module-re-captcha-ui", "description": "Google reCAPTCHA integration for Magento2", + "type": "magento2-module", + "license": "OSL-3.0", + "version": "1.1.4", "require": { "php": "~8.1.0||~8.2.0||~8.3.0", "magento/framework": "*", - "magento/module-re-captcha-validation-api": "*" + "magento/module-re-captcha-validation-api": "1.1.*" }, - "authors": [ - { - "name": "Riccardo Tempesta", - "email": "riccardo.tempesta@magespecialist.it" - } - ], - "type": "magento2-module", - "license": "OSL-3.0", "autoload": { "files": [ "registration.php" @@ -21,5 +16,12 @@ "psr-4": { "Magento\\ReCaptchaUi\\": "" } - } + }, + "authors": [ + { + "email": "riccardo.tempesta@magespecialist.it", + "name": "Riccardo Tempesta" + } + ] } + diff --git a/ReCaptchaUser/composer.json b/ReCaptchaUser/composer.json index 8d71f56f..1a1d7dc5 100644 --- a/ReCaptchaUser/composer.json +++ b/ReCaptchaUser/composer.json @@ -1,14 +1,15 @@ { "name": "magento/module-re-captcha-user", "description": "Google reCAPTCHA integration for Magento2", + "type": "magento2-module", + "license": "OSL-3.0", + "version": "1.1.4", "require": { "php": "~8.1.0||~8.2.0||~8.3.0", "magento/framework": "*", - "magento/module-re-captcha-ui": "*", - "magento/module-re-captcha-validation-api": "*" + "magento/module-re-captcha-ui": "1.1.*", + "magento/module-re-captcha-validation-api": "1.1.*" }, - "type": "magento2-module", - "license": "OSL-3.0", "autoload": { "files": [ "registration.php" @@ -18,3 +19,4 @@ } } } + diff --git a/ReCaptchaValidation/composer.json b/ReCaptchaValidation/composer.json index cf1422d6..e348a559 100644 --- a/ReCaptchaValidation/composer.json +++ b/ReCaptchaValidation/composer.json @@ -1,14 +1,15 @@ { "name": "magento/module-re-captcha-validation", "description": "Google reCAPTCHA integration for Magento2", + "type": "magento2-module", + "license": "OSL-3.0", + "version": "1.1.3", "require": { "php": "~8.1.0||~8.2.0||~8.3.0", "magento/framework": "*", - "magento/module-re-captcha-validation-api": "*", + "magento/module-re-captcha-validation-api": "1.1.*", "google/recaptcha": "^1.2" }, - "type": "magento2-module", - "license": "OSL-3.0", "autoload": { "files": [ "registration.php" @@ -18,3 +19,4 @@ } } } + diff --git a/ReCaptchaValidationApi/composer.json b/ReCaptchaValidationApi/composer.json index 46bce41c..b5a37547 100644 --- a/ReCaptchaValidationApi/composer.json +++ b/ReCaptchaValidationApi/composer.json @@ -1,12 +1,13 @@ { "name": "magento/module-re-captcha-validation-api", "description": "Google reCAPTCHA integration for Magento2", + "type": "magento2-module", + "license": "OSL-3.0", + "version": "1.1.3", "require": { "php": "~8.1.0||~8.2.0||~8.3.0", "magento/framework": "*" }, - "type": "magento2-module", - "license": "OSL-3.0", "autoload": { "files": [ "registration.php" @@ -16,3 +17,4 @@ } } } + diff --git a/ReCaptchaVersion2Checkbox/composer.json b/ReCaptchaVersion2Checkbox/composer.json index 5ef3ef87..0acc244a 100644 --- a/ReCaptchaVersion2Checkbox/composer.json +++ b/ReCaptchaVersion2Checkbox/composer.json @@ -1,19 +1,20 @@ { "name": "magento/module-re-captcha-version-2-checkbox", "description": "Google reCAPTCHA integration for Magento2", + "type": "magento2-module", + "license": "OSL-3.0", + "version": "2.0.4", "require": { "php": "~8.1.0||~8.2.0||~8.3.0", "magento/framework": "*", "magento/module-store": "*", - "magento/module-re-captcha-ui": "*", - "magento/module-re-captcha-validation-api": "*" + "magento/module-re-captcha-ui": "1.1.*", + "magento/module-re-captcha-validation-api": "1.1.*" }, "suggest": { "magento/module-config": "*", - "magento/module-re-captcha-admin-ui": "*" + "magento/module-re-captcha-admin-ui": "1.1.*" }, - "type": "magento2-module", - "license": "OSL-3.0", "autoload": { "files": [ "registration.php" @@ -23,3 +24,4 @@ } } } + diff --git a/ReCaptchaVersion2Invisible/composer.json b/ReCaptchaVersion2Invisible/composer.json index afff926e..b0624006 100644 --- a/ReCaptchaVersion2Invisible/composer.json +++ b/ReCaptchaVersion2Invisible/composer.json @@ -1,19 +1,20 @@ { "name": "magento/module-re-captcha-version-2-invisible", "description": "Google reCAPTCHA integration for Magento2", + "type": "magento2-module", + "license": "OSL-3.0", + "version": "2.0.4", "require": { "php": "~8.1.0||~8.2.0||~8.3.0", "magento/framework": "*", "magento/module-store": "*", - "magento/module-re-captcha-ui": "*", - "magento/module-re-captcha-validation-api": "*" + "magento/module-re-captcha-ui": "1.1.*", + "magento/module-re-captcha-validation-api": "1.1.*" }, "suggest": { "magento/module-config": "*", - "magento/module-re-captcha-admin-ui": "*" + "magento/module-re-captcha-admin-ui": "1.1.*" }, - "type": "magento2-module", - "license": "OSL-3.0", "autoload": { "files": [ "registration.php" @@ -23,3 +24,4 @@ } } } + diff --git a/ReCaptchaVersion3Invisible/composer.json b/ReCaptchaVersion3Invisible/composer.json index f0da1871..34edb358 100644 --- a/ReCaptchaVersion3Invisible/composer.json +++ b/ReCaptchaVersion3Invisible/composer.json @@ -1,19 +1,20 @@ { "name": "magento/module-re-captcha-version-3-invisible", "description": "Google reCAPTCHA integration for Magento2", + "type": "magento2-module", + "license": "OSL-3.0", + "version": "2.0.4", "require": { "php": "~8.1.0||~8.2.0||~8.3.0", "magento/framework": "*", "magento/module-store": "*", - "magento/module-re-captcha-ui": "*", - "magento/module-re-captcha-validation-api": "*" + "magento/module-re-captcha-ui": "1.1.*", + "magento/module-re-captcha-validation-api": "1.1.*" }, "suggest": { "magento/module-config": "*", - "magento/module-re-captcha-admin-ui": "*" + "magento/module-re-captcha-admin-ui": "1.1.*" }, - "type": "magento2-module", - "license": "OSL-3.0", "autoload": { "files": [ "registration.php" @@ -23,3 +24,4 @@ } } } + diff --git a/ReCaptchaWebapiApi/composer.json b/ReCaptchaWebapiApi/composer.json index e9933c44..143c2a5e 100644 --- a/ReCaptchaWebapiApi/composer.json +++ b/ReCaptchaWebapiApi/composer.json @@ -1,13 +1,14 @@ { "name": "magento/module-re-captcha-webapi-api", "description": "Google reCAPTCHA integration for Magento2", + "type": "magento2-module", + "license": "OSL-3.0", + "version": "1.0.3", "require": { "php": "~8.1.0||~8.2.0||~8.3.0", "magento/framework": "*", - "magento/module-re-captcha-validation-api": "*" + "magento/module-re-captcha-validation-api": "1.1.*" }, - "type": "magento2-module", - "license": "OSL-3.0", "autoload": { "files": [ "registration.php" @@ -17,3 +18,4 @@ } } } + diff --git a/ReCaptchaWebapiGraphQl/composer.json b/ReCaptchaWebapiGraphQl/composer.json index d32a4c6d..c1ec289e 100644 --- a/ReCaptchaWebapiGraphQl/composer.json +++ b/ReCaptchaWebapiGraphQl/composer.json @@ -1,17 +1,18 @@ { "name": "magento/module-re-captcha-webapi-graph-ql", "description": "Google reCAPTCHA integration for Magento2", + "type": "magento2-module", + "license": "OSL-3.0", + "version": "1.0.3", "require": { "php": "~8.1.0||~8.2.0||~8.3.0", "magento/framework": "*", "magento/module-authorization": "*", - "magento/module-re-captcha-frontend-ui": "*", - "magento/module-re-captcha-version-3-invisible": "*", - "magento/module-re-captcha-validation-api": "*", - "magento/module-re-captcha-webapi-api": "*" + "magento/module-re-captcha-frontend-ui": "1.1.*", + "magento/module-re-captcha-version-3-invisible": "2.0.*", + "magento/module-re-captcha-validation-api": "1.1.*", + "magento/module-re-captcha-webapi-api": "1.0.*" }, - "type": "magento2-module", - "license": "OSL-3.0", "autoload": { "files": [ "registration.php" @@ -21,3 +22,4 @@ } } } + diff --git a/ReCaptchaWebapiRest/composer.json b/ReCaptchaWebapiRest/composer.json index 42d2b752..bbee5792 100644 --- a/ReCaptchaWebapiRest/composer.json +++ b/ReCaptchaWebapiRest/composer.json @@ -1,16 +1,17 @@ { "name": "magento/module-re-captcha-webapi-rest", "description": "Google reCAPTCHA integration for Magento2", + "type": "magento2-module", + "license": "OSL-3.0", + "version": "1.0.3", "require": { "php": "~8.1.0||~8.2.0||~8.3.0", "magento/framework": "*", "magento/module-authorization": "*", - "magento/module-re-captcha-validation-api": "*", - "magento/module-re-captcha-webapi-api": "*", + "magento/module-re-captcha-validation-api": "1.1.*", + "magento/module-re-captcha-webapi-api": "1.0.*", "magento/module-webapi": "*" }, - "type": "magento2-module", - "license": "OSL-3.0", "autoload": { "files": [ "registration.php" @@ -20,3 +21,4 @@ } } } + diff --git a/ReCaptchaWebapiUi/composer.json b/ReCaptchaWebapiUi/composer.json index e55a03a3..b17e0c40 100644 --- a/ReCaptchaWebapiUi/composer.json +++ b/ReCaptchaWebapiUi/composer.json @@ -1,13 +1,14 @@ { "name": "magento/module-re-captcha-webapi-ui", "description": "Google reCAPTCHA integration for Magento2", + "type": "magento2-module", + "license": "OSL-3.0", + "version": "1.0.3", "require": { "php": "~8.1.0||~8.2.0||~8.3.0", "magento/framework": "*", - "magento/module-re-captcha-frontend-ui": "*" + "magento/module-re-captcha-frontend-ui": "1.1.*" }, - "type": "magento2-module", - "license": "OSL-3.0", "autoload": { "files": [ "registration.php" @@ -17,3 +18,4 @@ } } } + diff --git a/Securitytxt/composer.json b/Securitytxt/composer.json index 7fdc5633..aabfe64c 100644 --- a/Securitytxt/composer.json +++ b/Securitytxt/composer.json @@ -2,22 +2,17 @@ "name": "magento/module-securitytxt", "description": "Security.txt file for Magento 2 websites", "type": "magento2-module", + "license": [ + "OSL-3.0", + "AFL-3.0" + ], + "version": "1.1.3", "require": { "php": "~8.1.0||~8.2.0||~8.3.0", "magento/framework": "*", "magento/module-config": "*", "magento/module-store": "*" }, - "authors": [ - { - "name": "Kalpesh Mehta", - "email": "k@lpe.sh" - } - ], - "license": [ - "OSL-3.0", - "AFL-3.0" - ], "autoload": { "files": [ "registration.php" @@ -25,5 +20,12 @@ "psr-4": { "Magento\\Securitytxt\\": "" } - } + }, + "authors": [ + { + "email": "k@lpe.sh", + "name": "Kalpesh Mehta" + } + ] } + diff --git a/TwoFactorAuth/Controller/Adminhtml/Authy/Authpost.php b/TwoFactorAuth/Controller/Adminhtml/Authy/Authpost.php old mode 100644 new mode 100755 index 1fd18f93..0a1d5674 --- a/TwoFactorAuth/Controller/Adminhtml/Authy/Authpost.php +++ b/TwoFactorAuth/Controller/Adminhtml/Authy/Authpost.php @@ -19,9 +19,13 @@ use Magento\TwoFactorAuth\Controller\Adminhtml\AbstractAction; use Magento\TwoFactorAuth\Model\Provider\Engine\Authy; use Magento\User\Model\User; +use Magento\Framework\App\Config\ScopeConfigInterface; +use Magento\User\Model\ResourceModel\User as UserResource; +use Magento\Framework\App\ObjectManager; /** * @SuppressWarnings(PHPMD.CamelCaseMethodName) + * @SuppressWarnings(PHPMD.CouplingBetweenObjects) */ class Authpost extends AbstractAction implements HttpPostActionInterface { @@ -60,6 +64,26 @@ class Authpost extends AbstractAction implements HttpPostActionInterface */ private $alert; + /** + * Config path for the 2FA Attempts + */ + private const XML_PATH_2FA_RETRY_ATTEMPTS = 'twofactorauth/general/twofactorauth_retry'; + + /** + * Config path for the 2FA Attempts + */ + private const XML_PATH_2FA_LOCK_EXPIRE = 'twofactorauth/general/auth_lock_expire'; + + /** + * @var ScopeConfigInterface + */ + private $scopeConfig; + + /** + * @var UserResource + */ + private $userResource; + /** * @param Action\Context $context * @param Session $session @@ -69,6 +93,9 @@ class Authpost extends AbstractAction implements HttpPostActionInterface * @param TfaInterface $tfa * @param AlertInterface $alert * @param DataObjectFactory $dataObjectFactory + * @param UserResource|null $userResource + * @param ScopeConfigInterface|null $scopeConfig + * @SuppressWarnings(PHPMD.ExcessiveParameterList) */ public function __construct( Action\Context $context, @@ -78,7 +105,9 @@ public function __construct( TfaSessionInterface $tfaSession, TfaInterface $tfa, AlertInterface $alert, - DataObjectFactory $dataObjectFactory + DataObjectFactory $dataObjectFactory, + ?UserResource $userResource = null, + ?ScopeConfigInterface $scopeConfig = null ) { parent::__construct($context); $this->tfa = $tfa; @@ -88,6 +117,8 @@ public function __construct( $this->authy = $authy; $this->dataObjectFactory = $dataObjectFactory; $this->alert = $alert; + $this->scopeConfig = $scopeConfig ?? ObjectManager::getInstance()->get(ScopeConfigInterface::class); + $this->userResource = $userResource ?? ObjectManager::getInstance()->get(UserResource::class); } /** @@ -109,6 +140,13 @@ public function execute() $result = $this->jsonFactory->create(); try { + if (!$this->allowApiRetries()) { //locked the user + $lockThreshold = $this->scopeConfig->getValue(self::XML_PATH_2FA_LOCK_EXPIRE); + if ($this->userResource->lock((int)$user->getId(), 0, $lockThreshold)) { + $result->setData(['success' => false, 'message' => "Your account is temporarily disabled."]); + return $result; + } + } $this->authy->verify($user, $this->dataObjectFactory->create([ 'data' => $this->getRequest()->getParams(), ])); @@ -141,4 +179,18 @@ protected function _isAllowed() $this->tfa->getProviderIsAllowed((int) $user->getId(), Authy::CODE) && $this->tfa->getProvider(Authy::CODE)->isActive((int) $user->getId()); } + + /** + * Check if retry attempt above threshold value + * + * @return bool + */ + private function allowApiRetries() : bool + { + $maxRetries = $this->scopeConfig->getValue(self::XML_PATH_2FA_RETRY_ATTEMPTS); + $verifyAttempts = $this->session->getOtpAttempt(); + $verifyAttempts = $verifyAttempts === null ? 1 : $verifyAttempts+1; + $this->session->setOtpAttempt($verifyAttempts); + return $maxRetries >= $verifyAttempts; + } } diff --git a/TwoFactorAuth/Controller/Adminhtml/Google/Authpost.php b/TwoFactorAuth/Controller/Adminhtml/Google/Authpost.php old mode 100644 new mode 100755 index f0437f1d..14a70134 --- a/TwoFactorAuth/Controller/Adminhtml/Google/Authpost.php +++ b/TwoFactorAuth/Controller/Adminhtml/Google/Authpost.php @@ -19,6 +19,9 @@ use Magento\TwoFactorAuth\Controller\Adminhtml\AbstractAction; use Magento\TwoFactorAuth\Model\Provider\Engine\Google; use Magento\User\Model\User; +use Magento\Framework\App\Config\ScopeConfigInterface; +use Magento\User\Model\ResourceModel\User as UserResource; +use Magento\Framework\App\ObjectManager; /** * Google authenticator post controller @@ -61,6 +64,26 @@ class Authpost extends AbstractAction implements HttpPostActionInterface */ private $alert; + /** + * Config path for the 2FA Attempts + */ + private const XML_PATH_2FA_RETRY_ATTEMPTS = 'twofactorauth/general/twofactorauth_retry'; + + /** + * Config path for the 2FA Attempts + */ + private const XML_PATH_2FA_LOCK_EXPIRE = 'twofactorauth/general/auth_lock_expire'; + + /** + * @var ScopeConfigInterface + */ + private $scopeConfig; + + /** + * @var UserResource + */ + private $userResource; + /** * @param Action\Context $context * @param Session $session @@ -70,6 +93,9 @@ class Authpost extends AbstractAction implements HttpPostActionInterface * @param TfaInterface $tfa * @param AlertInterface $alert * @param DataObjectFactory $dataObjectFactory + * @param UserResource|null $userResource + * @param ScopeConfigInterface|null $scopeConfig + * @SuppressWarnings(PHPMD.ExcessiveParameterList) */ public function __construct( Action\Context $context, @@ -79,7 +105,9 @@ public function __construct( TfaSessionInterface $tfaSession, TfaInterface $tfa, AlertInterface $alert, - DataObjectFactory $dataObjectFactory + DataObjectFactory $dataObjectFactory, + ?UserResource $userResource = null, + ?ScopeConfigInterface $scopeConfig = null ) { parent::__construct($context); $this->tfa = $tfa; @@ -89,6 +117,8 @@ public function __construct( $this->tfaSession = $tfaSession; $this->dataObjectFactory = $dataObjectFactory; $this->alert = $alert; + $this->scopeConfig = $scopeConfig ?? ObjectManager::getInstance()->get(ScopeConfigInterface::class); + $this->userResource = $userResource ?? ObjectManager::getInstance()->get(UserResource::class); } /** @@ -103,6 +133,14 @@ public function execute() /** @var \Magento\Framework\DataObject $request */ $request = $this->dataObjectFactory->create(['data' => $this->getRequest()->getParams()]); + if (!$this->allowApiRetries()) { //locked the user + $lockThreshold = $this->scopeConfig->getValue(self::XML_PATH_2FA_LOCK_EXPIRE); + if ($this->userResource->lock((int)$user->getId(), 0, $lockThreshold)) { + $response->setData(['success' => false, 'message' => "Your account is temporarily disabled."]); + return $response; + } + } + if ($this->google->verify($user, $request)) { $this->tfaSession->grantAccess(); $response->setData(['success' => true]); @@ -133,4 +171,18 @@ protected function _isAllowed() && $this->tfa->getProviderIsAllowed((int)$user->getId(), Google::CODE) && $this->tfa->getProvider(Google::CODE)->isActive((int)$user->getId()); } + + /** + * Check if retry attempt above threshold value + * + * @return bool + */ + private function allowApiRetries() : bool + { + $maxRetries = $this->scopeConfig->getValue(self::XML_PATH_2FA_RETRY_ATTEMPTS); + $verifyAttempts = $this->session->getOtpAttempt(); + $verifyAttempts = $verifyAttempts === null ? 1 : $verifyAttempts+1; + $this->session->setOtpAttempt($verifyAttempts); + return $maxRetries >= $verifyAttempts; + } } diff --git a/TwoFactorAuth/Model/Config/Backend/OtpWindow.php b/TwoFactorAuth/Model/Config/Backend/OtpWindow.php new file mode 100644 index 00000000..f2645f0e --- /dev/null +++ b/TwoFactorAuth/Model/Config/Backend/OtpWindow.php @@ -0,0 +1,64 @@ +getValue(); + $period = $this->getDefaultPeriod(); + if (!is_numeric($value) || $value < 1 || $value >= $period) { + throw new ValidatorException( + __( + 'Invalid OTP Window value. It must be between 1 and %1 as default OTP period value is %2', + $period-1, + $period + ) + ); + } + + return parent::beforeSave(); + } +} diff --git a/TwoFactorAuth/Setup/Patch/Data/UpdateOtpWindow.php b/TwoFactorAuth/Setup/Patch/Data/UpdateOtpWindow.php new file mode 100644 index 00000000..6fedac7d --- /dev/null +++ b/TwoFactorAuth/Setup/Patch/Data/UpdateOtpWindow.php @@ -0,0 +1,81 @@ +moduleDataSetup = $moduleDataSetup; + } + + /** + * Fetch Totp default period + * + * @return int + */ + public function getDefaultPeriod() + { + return TOTPInterface::DEFAULT_PERIOD; + } + + /** + * Apply the data patch + */ + public function apply() + { + $setup = $this->moduleDataSetup->getConnection(); + $tableName = $this->moduleDataSetup->getTable('core_config_data'); + $setup->startSetup(); + $select = $setup->select() + ->from($tableName, ['path']) + ->where('path = ?', 'twofactorauth/google/otp_window'); + + $existingValue = $setup->fetchOne($select); + $period = $this->getDefaultPeriod(); + if ($existingValue && $existingValue >= $period) { + $newWindowValue = $period - 1; + $setup->update( + $tableName, + ['value' => $newWindowValue], + 'path = "twofactorauth/google/otp_window"' + ); + } + $setup->endSetup(); + + return $this; + } + + /** + * @inheritdoc + */ + public static function getDependencies() + { + return []; + } + + /** + * @inheritdoc + */ + public function getAliases() + { + return []; + } +} diff --git a/TwoFactorAuth/Test/Api/GoogleActivateTest.php b/TwoFactorAuth/Test/Api/GoogleActivateTest.php index 73087341..857dcbbb 100644 --- a/TwoFactorAuth/Test/Api/GoogleActivateTest.php +++ b/TwoFactorAuth/Test/Api/GoogleActivateTest.php @@ -129,7 +129,7 @@ public function testAlreadyActivatedProvider() /** * @magentoConfigFixture twofactorauth/general/force_providers google * @magentoApiDataFixture Magento/User/_files/user_with_custom_role.php - * @magentoConfigFixture twofactorauth/google/otp_window 20 + * @magentoConfigFixture twofactorauth/google/otp_window 29 */ public function testActivate() { diff --git a/TwoFactorAuth/Test/Api/GoogleAuthenticateTest.php b/TwoFactorAuth/Test/Api/GoogleAuthenticateTest.php index 101b9379..04e7717d 100644 --- a/TwoFactorAuth/Test/Api/GoogleAuthenticateTest.php +++ b/TwoFactorAuth/Test/Api/GoogleAuthenticateTest.php @@ -223,7 +223,7 @@ public function testNotConfiguredProvider(): void /** * @magentoConfigFixture twofactorauth/general/force_providers google * @magentoApiDataFixture Magento/User/_files/user_with_custom_role.php - * @magentoConfigFixture twofactorauth/google/otp_window 20 + * @magentoConfigFixture twofactorauth/google/otp_window 29 * * @return void */ diff --git a/TwoFactorAuth/composer.json b/TwoFactorAuth/composer.json index ae527fde..d819155d 100644 --- a/TwoFactorAuth/composer.json +++ b/TwoFactorAuth/composer.json @@ -1,6 +1,9 @@ { "name": "magento/module-two-factor-auth", "description": "Two Factor Authentication module for Magento2", + "type": "magento2-module", + "license": "OSL-3.0", + "version": "1.1.6-p2", "require": { "php": "~8.1.0||~8.2.0||~8.3.0", "magento/framework": "*", @@ -17,8 +20,6 @@ "endroid/qr-code": "^4.3.5", "2tvenom/cborencode": "^1.0" }, - "type": "magento2-module", - "license": "OSL-3.0", "autoload": { "files": [ "registration.php" @@ -28,3 +29,4 @@ } } } + diff --git a/TwoFactorAuth/etc/adminhtml/system.xml b/TwoFactorAuth/etc/adminhtml/system.xml old mode 100644 new mode 100755 index 7086746b..59716797 --- a/TwoFactorAuth/etc/adminhtml/system.xml +++ b/TwoFactorAuth/etc/adminhtml/system.xml @@ -35,6 +35,16 @@ This can be used to override the default email configuration link that is sent when using the Magento Web API's to authenticate. Use the placeholder :tfat to indicate where the token should be injected + + + Security configurations for TwoFactorAuth page. + + + + TwoFactorAuth Configuration. + @@ -42,7 +52,8 @@ - This determines how long the one-time-passwords are valid for. An OTP Window of 1 will result in the current OTP value plus 1 code in the past and 1 code in the future to be valid at any given point in time. + This sets the time drift leeway for OTPs. A leeway of 29 with a period of 30 means OTPs are valid within ±29 seconds from the current time. The leeway must be smaller than the period. + Magento\TwoFactorAuth\Model\Config\Backend\OtpWindow + 10 + 300 Login request to your Magento Admin @@ -21,7 +23,7 @@ - 1 + 29 diff --git a/TwoFactorAuth/i18n/en_US.csv b/TwoFactorAuth/i18n/en_US.csv new file mode 100755 index 00000000..667ec371 --- /dev/null +++ b/TwoFactorAuth/i18n/en_US.csv @@ -0,0 +1,5 @@ +"Configuration for TwoFactorAuth retry attempts","Configuration for TwoFactorAuth retry attempts" +"Configuration for TwoFactorAuth lock expire time","Configuration for TwoFactorAuth lock expire time" +"TwoFactorAuth Configuration","TwoFactorAuth Configuration" +"Security configurations for TwoFactorAuth page","Security configurations for TwoFactorAuth page" +"Your account is temporarily disabled.","Your account is temporarily disabled." diff --git a/_metapackage/composer.json b/_metapackage/composer.json index 23d52829..486f7e3c 100644 --- a/_metapackage/composer.json +++ b/_metapackage/composer.json @@ -2,32 +2,34 @@ "name": "magento/security-package", "description": "Magento Security Package", "type": "metapackage", + "version": "1.1.6-p2", "require": { - "magento/module-re-captcha-admin-ui": "*", - "magento/module-re-captcha-checkout": "*", - "magento/module-re-captcha-contact": "*", - "magento/module-re-captcha-customer": "*", - "magento/module-re-captcha-frontend-ui": "*", - "magento/module-re-captcha-migration": "*", - "magento/module-re-captcha-newsletter": "*", - "magento/module-re-captcha-paypal": "*", - "magento/module-re-captcha-review": "*", - "magento/module-re-captcha-send-friend": "*", - "magento/module-re-captcha-store-pickup": "*", - "magento/module-re-captcha-ui": "*", - "magento/module-re-captcha-user": "*", - "magento/module-re-captcha-validation": "*", - "magento/module-re-captcha-validation-api": "*", - "magento/module-re-captcha-version-2-checkbox": "*", - "magento/module-re-captcha-version-2-invisible": "*", - "magento/module-re-captcha-version-3-invisible": "*", - "magento/module-re-captcha-webapi-api": "*", - "magento/module-re-captcha-webapi-rest": "*", - "magento/module-re-captcha-webapi-graph-ql": "*", - "magento/module-re-captcha-webapi-ui": "*", - "magento/module-securitytxt": "*", - "magento/module-two-factor-auth": "*", + "magento/module-re-captcha-admin-ui": "1.1.4", + "magento/module-re-captcha-checkout": "1.1.4", + "magento/module-re-captcha-contact": "1.1.3", + "magento/module-re-captcha-customer": "1.1.5", + "magento/module-re-captcha-frontend-ui": "1.1.5", + "magento/module-re-captcha-migration": "1.1.4", + "magento/module-re-captcha-newsletter": "1.1.4", + "magento/module-re-captcha-paypal": "1.1.4", + "magento/module-re-captcha-review": "1.1.4", + "magento/module-re-captcha-send-friend": "1.1.4", + "magento/module-re-captcha-store-pickup": "1.0.3", + "magento/module-re-captcha-ui": "1.1.4", + "magento/module-re-captcha-user": "1.1.4", + "magento/module-re-captcha-validation": "1.1.3", + "magento/module-re-captcha-validation-api": "1.1.3", + "magento/module-re-captcha-version-2-checkbox": "2.0.4", + "magento/module-re-captcha-version-2-invisible": "2.0.4", + "magento/module-re-captcha-version-3-invisible": "2.0.4", + "magento/module-re-captcha-webapi-api": "1.0.3", + "magento/module-re-captcha-webapi-rest": "1.0.3", + "magento/module-re-captcha-webapi-graph-ql": "1.0.3", + "magento/module-re-captcha-webapi-ui": "1.0.3", + "magento/module-securitytxt": "1.1.3", + "magento/module-two-factor-auth": "1.1.6-p2", "google/recaptcha": "^1.2", - "magento/module-re-captcha-checkout-sales-rule": "*" + "magento/module-re-captcha-checkout-sales-rule": "1.1.3" } } +