-
New Feature
-
Resolution: Fixed
-
Minor
-
4.3
-
MOODLE_403_STABLE
-
MOODLE_403_STABLE
-
MDL-78509-master -
-
10
-
Team Hedgehog 2023 Sprint 2.3, Team Hedgehog 2023 Review 2, Team Hedgehog 2023 Sprint 3.1
Add the existing tool_mfa (https://github.com/catalyst/moodle-tool_mfa) into Moodle core. This is not a Moodle authentication plugin. It leverages API's to enable plugins to augment the login process instead of replacing it. This means that this MFA plugin can be added on top of any other authentication plugin resulting in a much cleaner architecture, and it means you can compose a solution that does everything you need instead of compromising by swapping out the entire login flow. Meaning this can still work with existing SSO flows for example.
The first step will be to rectify any remaining issues identified in MDL-78387 As outlined in this report
For a first pass we will not be including the following factors:
- SMS - This relies on another plugin, that basically adds the AWS SDK. There will be a seperate issue relating to this.
- Security Questions - This is currently out of scope as it relies on another plugin that is not core.
- Login Banner - This is a cool feature (see: login banner factor) However, this does not belong here. We should extend/modify/fix tool_policy to support this.
The WebAuthn (hardware token) factor uses a 3rd party library for webAuthn support. As part of this issue, this library should be moved out of tool_mfa and into the core 3rd party libs. This will make it easier for others to use it, and will help with tasks like making a first factor login method for hardware tokens (MDL-76125)
Apart from the above tasks the aim is to include tool_mfa "as is" into Moodle LMS. Then iterate on it once the initial functionality is available.
While we are working on this it will be a good idea to bring the plugin in with its existing git history and to have separate commits for each of the actions. This can be then squashed for integration
To summarise:
- Include the plugin in core Moodle LMS
- Fix remaining issues in, the review report
- Don't include the factors: SMS, Security Questions, and Login Banner
- Move the WebAuth library to the core 3rd party libs and refactor as required.
- Follow up tasks will be collated in the Epic MDL-78508 and done as separate tasks
- Bring in plugin history and do things as seperate commits that are squashed before integration
Â
- blocks
-
MDL-78878 Authentication: MFA - Guide page bugs
- Open
-
MDL-78512 Authentication: MFA - No factor PHP warning
- Closed
-
MDL-78831 Authentication: MFA - Uninstall link in each factor
- Closed
-
MDL-78946 Authentication: MFA - Review missing strings for subplugin type in MFA
- Closed
-
MDL-76125 Allow authentication via WebAuthN passkey (aka Face ID, fingerprint, biometric login)
- Open
-
MDL-78751 Implement ReCaptcha v3 as an MFA plugin
- Open
-
MDL-78511 Authentication: MFA - SMS factor
- Closed
-
MDL-78513 Authentication: MFA - Improve Auth fail message
- Open
-
MDL-78534 Authentication: MFA - Improve 2nd factor verify flow
- Closed
-
MDL-78942 Authentication: MFA - Review and replace all @codingStandardsIgnoreXXX tags
- Closed
-
MDL-79051 Authentication: MFA - Improve email template
- Closed
- caused a regression
-
MDL-79238 Default Factor sub-plugins must be registered as standard plugins
- Closed
-
MDL-82838 MFA Token can easily be accidentally resubmitted
- Waiting for component lead review
- documents
-
MDL-80638 Upgrade WebAuthn to 2.1.1
- Closed
- has a non-specific relationship to
-
MDL-70070 Some data providers incorrectly named
- Closed
- has a QA test
-
MDLQA-18433 Multi-Factor Authentication - SMS factor exploratory test
- Open
-
MDLQA-18914 CLONE - Multi-Factor Authentication - SMS factor exploratory test
- Passed
-
MDLQA-19364 CLONE - Multi-Factor Authentication - SMS factor exploratory test
- Passed
- has been marked as being related by
-
MDL-75195 Missing supportemail field on Moodle install_database.php
- Closed
-
MDL-79398 Empty lang string settings:enabled_help should be removed
- Closed
- has to be finished together with
-
MOBILE-4388 Support LMS MFA features
- Open
- Testing discovered
-
MDL-78937 Deprecated: strpos(): Passing null to parameter #1 ($haystack) in /lib/classes/component.php
- Closed
-
MDL-79488 Hardcoded strings in MFA tool
- Closed
- will help resolve
-
MDL-78512 Authentication: MFA - No factor PHP warning
- Closed