nextcloud/core/templates/twofactorselectchallenge.php

<div class="warning">
	<h2 class="two-factor-header"><?php p($l->t('Two-factor authentication')) ?></h2>
	<p><?php p($l->t('Enhanced security is enabled for your account. Please authenticate using a second factor.')) ?></p>
	<?php if ($_['providerMissing']): ?>
	<p>
		<strong><?php p($l->t('Could not load at least one of your enabled two-factor auth methods. Please contact your admin.')) ?></strong>
	</p>
	<?php endif; ?>
	<?php if (empty($_['providers'])): ?>
	<p>
		<?php if (is_null($_['backupProvider'])): ?>
		<strong><?php p($l->t('Two-factor authentication is enforced but has not been configured on your account. Contact your admin for assistance.')) ?></strong>
		<?php else: ?>
		<strong><?php p($l->t('Two-factor authentication is enforced but has not been configured on your account. Use one of your backup codes to log in or contact your admin for assistance.')) ?></strong>
		<?php endif; ?>
	</p>
	<?php else: ?>
	<p>
		<ul>
			<?php foreach ($_['providers'] as $provider): ?>
				<li>
					<a class="button two-factor-provider"
					   href="<?php p(\OC::$server->getURLGenerator()->linkToRoute('core.TwoFactorChallenge.showChallenge',
										[
											'challengeProviderId' => $provider->getId(),
											'redirect_url' => $_['redirect_url'],
										]
									)) ?>">
						<?php p($provider->getDescription()) ?>
					</a>
				</li>
			<?php endforeach; ?>
		</ul>
	</p>
	<?php endif ?>
	<p class="two-factor-link">
		<a class="button" href="<?php print_unescaped($_['logout_url']); ?>"><?php p($l->t('Cancel log in')) ?></a>
		<?php if (!is_null($_['backupProvider'])): ?>
		<a class="button" href="<?php p(\OC::$server->getURLGenerator()->linkToRoute('core.TwoFactorChallenge.showChallenge',
												[
													'challengeProviderId' => $_['backupProvider']->getId(),
													'redirect_url' => $_['redirect_url'],
												]
											)) ?>"><?php p($l->t('Use backup code')) ?></a>
		<?php endif; ?>
	</p>
</div>
use centered h2 for 2FA page headers 2016-08-27 12:33:15 +03:00			`<div class="warning">`
list 2FA providers as buttons 2016-08-27 13:27:05 +03:00			`<h2 class="two-factor-header"><?php p($l->t('Two-factor authentication')) ?></h2>`
			`<p><?php p($l->t('Enhanced security is enabled for your account. Please authenticate using a second factor.')) ?></p>`
Make 2FA providers stateful This adds persistence to the Nextcloud server 2FA logic so that the server knows which 2FA providers are enabled for a specific user at any time, even when the provider is not available. The `IStatefulProvider` interface was added as tagging interface for providers that are compatible with this new API. Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at> 2018-05-22 09:52:16 +03:00			`<?php if ($_['providerMissing']): ?>`
			`<p>`
			`<strong><?php p($l->t('Could not load at least one of your enabled two-factor auth methods. Please contact your admin.')) ?></strong>`
			`</p>`
			`<?php endif; ?>`
Add hint for locked accounts where 2FA is enforced but not configured Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at> 2018-10-01 11:59:32 +03:00			`<?php if (empty($_['providers'])): ?>`
			`<p>`
			`<?php if (is_null($_['backupProvider'])): ?>`
			`<strong><?php p($l->t('Two-factor authentication is enforced but has not been configured on your account. Contact your admin for assistance.')) ?></strong>`
			`<?php else: ?>`
			`<strong><?php p($l->t('Two-factor authentication is enforced but has not been configured on your account. Use one of your backup codes to log in or contact your admin for assistance.')) ?></strong>`
			`<?php endif; ?>`
			`</p>`
			`<?php else: ?>`
use centered h2 for 2FA page headers 2016-08-27 12:33:15 +03:00			`<p>`
			`<ul>`
			`<?php foreach ($_['providers'] as $provider): ?>`
			`<li>`
list 2FA providers as buttons 2016-08-27 13:27:05 +03:00			`<a class="button two-factor-provider"`
use centered h2 for 2FA page headers 2016-08-27 12:33:15 +03:00			`href="<?php p(\OC::$server->getURLGenerator()->linkToRoute('core.TwoFactorChallenge.showChallenge',`
			`[`
			`'challengeProviderId' => $provider->getId(),`
			`'redirect_url' => $_['redirect_url'],`
			`]`
			`)) ?>">`
			`<?php p($provider->getDescription()) ?>`
			`</a>`
			`</li>`
			`<?php endforeach; ?>`
			`</ul>`
			`</p>`
Add hint for locked accounts where 2FA is enforced but not configured Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at> 2018-10-01 11:59:32 +03:00			`<?php endif ?>`
Move log out and back codes link into 2fa box for better readability Fixes https://github.com/nextcloud/server/issues/2538 Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at> 2016-12-12 12:20:35 +03:00			`<p class="two-factor-link">`
Properly allow \OCP\Authentication\IApacheBackend to specify logout URL Any `\OCP\Authentication\IApacheBackend` previously had to implement `getLogoutAttribute` which returns a string. This string is directly injected into the logout `<a>` tag, so returning something like `href="foo"` would result in `<a href="foo">`. This is rather error prone and also in Nextcloud 12 broken as the logout entry has been moved with 054e161eb5f4a5c5c13ee322ae8e93ce66f01b13 inside the navigation manager where one cannot simply inject attributes. Thus this feature is broken in Nextcloud 12 which effectively leads to the bug described at nextcloud/user_saml#112, people cannot logout anymore when using SAML using SLO. Basically in case of SAML you have a SLO url which redirects you to the IdP and properly logs you out there as well. Instead of monkey patching the Navigation manager I decided to instead change `\OCP\Authentication\IApacheBackend` to use `\OCP\Authentication\IApacheBackend::getLogoutUrl` instead where it can return a string with the appropriate logout URL. Since this functionality is only prominently used in the SAML plugin. Any custom app would need a small change but I'm not aware of any and there's simply no way to fix this properly otherwise. Signed-off-by: Lukas Reschke <lukas@statuscode.ch> 2017-08-18 13:16:43 +03:00			`<a class="button" href="<?php print_unescaped($_['logout_url']); ?>"><?php p($l->t('Cancel log in')) ?></a>`
Move log out and back codes link into 2fa box for better readability Fixes https://github.com/nextcloud/server/issues/2538 Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at> 2016-12-12 12:20:35 +03:00			`<?php if (!is_null($_['backupProvider'])): ?>`
Use button instead of simple links Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at> 2017-03-06 13:00:58 +03:00			`<a class="button" href="<?php p(\OC::$server->getURLGenerator()->linkToRoute('core.TwoFactorChallenge.showChallenge',`
Move log out and back codes link into 2fa box for better readability Fixes https://github.com/nextcloud/server/issues/2538 Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at> 2016-12-12 12:20:35 +03:00			`[`
			`'challengeProviderId' => $_['backupProvider']->getId(),`
			`'redirect_url' => $_['redirect_url'],`
			`]`
			`)) ?>"><?php p($l->t('Use backup code')) ?></a>`
			`<?php endif; ?>`
			`</p>`
use centered h2 for 2FA page headers 2016-08-27 12:33:15 +03:00			`</div>`