Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Added support for OOB and Recovery code MFA challenges #442

Merged
merged 6 commits into from
Feb 4, 2021
Merged

Added support for OOB and Recovery code MFA challenges #442

merged 6 commits into from
Feb 4, 2021

Conversation

ejensen
Copy link
Contributor

@ejensen ejensen commented Jan 28, 2021
edited
Loading

Changes

This PR adds methods to start OOB MFA challenges and to login with OOB & recovery codes. Previously, the only supported MFA authenticator was OTP.

References

Testing

  • This change adds unit test coverage
  • This change has been tested on the latest version of the platform/language or why not

Checklist

@ejensen ejensen requested a review from a team as a code owner January 28, 2021 06:06
This was referenced Jan 28, 2021
Merged
Merged
@Widcket
Copy link
Contributor

Widcket commented Jan 29, 2021

Hi @ejensen, thanks for this PR. We'll discuss this internally.

@Widcket
Copy link
Contributor

Widcket commented Jan 29, 2021

@ejensen can you please provide more details about your use case?

@ejensen
Copy link
Contributor Author

ejensen commented Jan 31, 2021
edited
Loading

@ejensen can you please provide more details about your use case?

@Widcket We want to support Out Of Band (OOB) MFA Authenticators in addition to OTP MFA Authenticators.
Auth0.Swift and Auth0.Android currently only supports OTP Authenticators. Making it impossible for users with OOB Authenticator (SMS/Voice/Email/Push) to login. Others have also reported this issue in #261

Adding API to support OOB MFA Authenticators allows clients to trigger the OOB challenges and authenticate with the responses detailed in Auth0's documentation:

@Widcket
Copy link
Contributor

Widcket commented Feb 1, 2021

Hi @ejensen, can you please give me access to your fork so I can add a commit to see if that kickstarts the CI?

@ejensen
Copy link
Contributor Author

ejensen commented Feb 1, 2021

@Widcket The fork is public and I gave you write access

@Widcket
Copy link
Contributor

Widcket commented Feb 1, 2021

@ejensen I can't commit changes. We're having a CI hiccup on the iOS repos, and adding a commit fixed it for this PR.

Screen Shot 2021-02-01 at 16 41 28

@Widcket
Copy link
Contributor

Widcket commented Feb 1, 2021

@ejensen Sorry, I hadn't accepted the invitation yet. My bad.

@Widcket Widcket changed the title Support for OOB and Recovery code MFA challenges Add support for OOB and Recovery code MFA challenges Feb 1, 2021
@Widcket Widcket changed the title Add support for OOB and Recovery code MFA challenges Added support for OOB and Recovery code MFA challenges Feb 1, 2021
Widcket
Widcket requested changes Feb 1, 2021
View reviewed changes
Copy link
Contributor

@Widcket Widcket left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good, just missing tests for multifactorChallenge(mfaToken: String, types: [String]?, channel: String?, authenticatorId: String?). Make sure to test even the optional parameters.

@Widcket Widcket added this to the vNext milestone Feb 2, 2021
@ejensen
Copy link
Contributor Author

ejensen commented Feb 3, 2021

@Widcket commit b0fb3b2 add tests for the multifactorChallenge method

@ejensen ejensen requested a review from Widcket February 3, 2021 00:56
Widcket
Widcket previously approved these changes Feb 4, 2021
View reviewed changes
@Widcket Widcket merged commit f1059fe into auth0:master Feb 4, 2021
@Widcket Widcket deleted the mfa-support branch February 4, 2021 12:34
@Widcket
Copy link
Contributor

Widcket commented Feb 4, 2021

Thanks @ejensen.

@Widcket Widcket mentioned this pull request Feb 12, 2021
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Widcket Widcket Widcket approved these changes

Assignees
No one assigned
Labels
CH: Added
Projects
None yet
Milestone
1.31.0
Development

Successfully merging this pull request may close these issues.
2 participants
@ejensen @Widcket