delta/gitlab/gitlab-ce.git/app/assets/javascripts/u2f, branch chatops-deploy-command gitlab.com: gitlab-org/gitlab-ce.git explicitly disable eslint inline 2016-11-15T16:30:34+00:00 Luke "Jared" Bennett lbennett@gitlab.com 2016-11-15T14:08:06+00:00 7cefaea876da9e25a1c3ea870f4e4b070a196905 






disable ESLint for all JavaScript files
2016-10-26T08:02:58+00:00

winniehell
git@winniehell.de

2016-10-26T08:02:58+00:00

02f94cf038b08d25bc1b414a32d16f988fb9268e












Restore comments lost when converting CoffeeScript to JavaScript
2016-09-08T17:23:12+00:00

Jared Deckard
jared.deckard@gmail.com

2016-07-27T03:32:10+00:00

7f6474b269a5cfa454d28c0c0da969490c9eb33e












ES6ify all the things!
2016-07-24T20:45:11+00:00

Fatih Acet
acetfatih@gmail.com

2016-07-24T20:45:11+00:00

aaa9509d120524573085e94af9de5cdde83e3271












Add a U2F feature spec for multiple devices owned by the same user.
2016-07-14T02:49:09+00:00

Timothy Andrew
mail@timothyandrew.net

2016-07-11T07:53:02+00:00

341d8bc3f7fbe3763250af1e89020b81dad34bb8

1. This scenario was previously tested for the registration flow, but
   not authentication.





1. This scenario was previously tested for the registration flow, but
   not authentication.







Use a single challenge for U2F authentication.
2016-07-14T02:49:09+00:00

Timothy Andrew
mail@timothyandrew.net

2016-07-11T07:32:24+00:00

3572582dd2568cd473676563077ab3985b9803f7

1. According to the spec, either we have a single challenge with
   a number of `signRequests`, or a number of `signRequests`, each with
   it's own challenge.

2. Previously, we had both these - per-request challenges, as well as a
   single extra challenge.

3. This commit changes this so that the per-request challenges are
   removed, leaving only a single challenge, as per the v1.1 U2F API.

4. The existing implementation didn't work in Firefox, because the
   Firefox (extension) implementation is less flexible with regard to
   the inputs.

5. Fix teaspoon specs.

6. References: https://fidoalliance.org/specs/fido-u2f-v1.0-nfc-bt-amendment-20150514/fido-u2f-javascript-api.html#h2_background





1. According to the spec, either we have a single challenge with
   a number of `signRequests`, or a number of `signRequests`, each with
   it's own challenge.

2. Previously, we had both these - per-request challenges, as well as a
   single extra challenge.

3. This commit changes this so that the per-request challenges are
   removed, leaving only a single challenge, as per the v1.1 U2F API.

4. The existing implementation didn't work in Firefox, because the
   Firefox (extension) implementation is less flexible with regard to
   the inputs.

5. Fix teaspoon specs.

6. References: https://fidoalliance.org/specs/fido-u2f-v1.0-nfc-bt-amendment-20150514/fido-u2f-javascript-api.html#h2_background







Load Javascript U2F library selectively.
2016-07-14T02:49:09+00:00

Timothy Andrew
mail@timothyandrew.net

2016-07-11T07:30:22+00:00

4b33c4c6d1aa529ec22606995123cfa3a151ccee

1. Only on supported Chrome versions

2. Mainly, this lets us simplify the javascript-based U2F check to
   `window.u2f`, where `window.u2f` can either be loaded from the GitLab
   server (for Chrome) or from the Firefox extension.

3. This is a better way to provide browser detection for U2F.





1. Only on supported Chrome versions

2. Mainly, this lets us simplify the javascript-based U2F check to
   `window.u2f`, where `window.u2f` can either be loaded from the GitLab
   server (for Chrome) or from the Firefox extension.

3. This is a better way to provide browser detection for U2F.







Implement authentication (login) using a U2F device.
2016-06-06T07:20:31+00:00

Timothy Andrew
mail@timothyandrew.net

2016-06-06T04:50:39+00:00

86b07caa599a7f064e9077770b1a87c670d7607c

- Move the `authenticate_with_two_factor` method from
  `ApplicationController` to the `AuthenticatesWithTwoFactor` module,
  where it should be.





- Move the `authenticate_with_two_factor` method from
  `ApplicationController` to the `AuthenticatesWithTwoFactor` module,
  where it should be.







Implement U2F registration.
2016-06-06T07:20:31+00:00

Timothy Andrew
mail@timothyandrew.net

2016-06-06T04:44:51+00:00

128549f10beb406333fa23c1693750c06ff7bc4a

- Move the `TwoFactorAuthsController`'s `new` action to `show`, since
  the page is not used to create a single "two factor auth" anymore. We
  can have a single 2FA authenticator app, along with any number of U2F
  devices, in any combination, so the page will be accessed after the
  first "two factor auth" is created.
- Add the `u2f` javascript library, which provides an API to the
  browser's U2F implementation.
- Add tests for the JS components





- Move the `TwoFactorAuthsController`'s `new` action to `show`, since
  the page is not used to create a single "two factor auth" anymore. We
  can have a single 2FA authenticator app, along with any number of U2F
  devices, in any combination, so the page will be accessed after the
  first "two factor auth" is created.
- Add the `u2f` javascript library, which provides an API to the
  browser's U2F implementation.
- Add tests for the JS components