GH-93: add an option to turn off the old U2F provider

inc/class-adminsettings.php

@@ -121,5 +121,17 @@ public function register_settings(): void {
 				),
 			]
 		);
+
+		add_settings_field(
+			'disable_u2f',
+			__( 'Disable old U2F provider', 'two-factor-provider-webauthn' ),
+			[ $this->input_factory, 'checkbox' ],
+			Admin::OPTIONS_MENU_SLUG,
+			$settings_section,
+			[
+				'label_for' => 'disable_u2f',
+				'help'      => __( 'This option allows you to turn off the old U2F provider in the Two Factor plugin.', 'two-factor-provider-webauthn' ),
+			]
+		);
 	}
 }

inc/class-plugin.php

@@ -2,6 +2,7 @@
 
 namespace WildWolf\WordPress\TwoFactorWebAuthn;
 
+use Two_Factor_FIDO_U2F;
 use TwoFactor_Provider_WebAuthn;
 use WildWolf\Utils\Singleton;
 
@@ -34,6 +35,12 @@ public function init(): void {
 	 */
 	public function two_factor_providers( array $providers ): array {
 		$providers[ TwoFactor_Provider_WebAuthn::class ] = __DIR__ . '/class-twofactor-provider-webauthn.php';
+
+		$disable_u2f = Settings::instance()->get_disable_u2f();
+		if ( $disable_u2f ) {
+			unset( $providers[ Two_Factor_FIDO_U2F::class ] );
+		}
+
 		return $providers;
 	}
 

inc/class-settings.php

@@ -11,7 +11,8 @@
  *  authenticator_attachment: string,
  *  user_verification_requirement: string,
  *  timeout: int,
- *  u2f_hack: bool
+ *  u2f_hack: bool,
+ *  disable_u2f: bool,
  * }
  *
  * @template-implements ArrayAccess<string, scalar>
@@ -31,6 +32,7 @@ final class Settings implements ArrayAccess {
 		'user_verification_requirement' => 'preferred',
 		'timeout'                       => 0,
 		'u2f_hack'                      => true,
+		'disable_u2f'                   => false,
 	];
 
 	/**
@@ -116,4 +118,8 @@ public function get_timeout(): int {
 	public function get_u2f_hack(): bool {
 		return $this->options['u2f_hack'];
 	}
+
+	public function get_disable_u2f(): bool {
+		return $this->options['disable_u2f'];
+	}
 }

index.php

@@ -2,7 +2,7 @@
 /*
  * Plugin Name: WebAuthn Provider for Two Factor
  * Description: WebAuthn Provider for Two Factor plugin.
- * Version: 1.0.3
+ * Version: 1.0.4
  * Author: Volodymyr Kolesnykov
  * License: MIT
  * Text Domain: two-factor-provider-webauthn

lang/two-factor-provider-webauthn-ru_RU.po

@@ -3,9 +3,9 @@
 msgid ""
 msgstr ""
 "Project-Id-Version: WebAuthn Provider for Two Factor 1.0.0\n"
-"Report-Msgid-Bugs-To: https://wordpress.org/support/plugin/two-factor-"
+"Report-Msgid-Bugs-To: https://wordpress.org/support/plugin/wp-two-factor-"
 "provider-webauthn\n"
-"POT-Creation-Date: 2022-02-21T21:24:41+02:00\n"
+"POT-Creation-Date: 2022-05-17T07:26:06+00:00\n"
 "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
 "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
 "Language-Team: LANGUAGE <LL@li.org>\n"
@@ -94,6 +94,11 @@ msgid ""
 "em>: user verification is required for successful authentication. Please "
 "note that not all browsers support this setting.<br/>"
 msgstr ""
+"<em>Не проверять</em>: проверка пользователя не требуется (например, по соображениям "
+"сведения к минимуму вмешательств в процесс взаимодействия с пользователем).<br/"
+"><em>По возможности</em>: проверка пользователя (например, ввод PIN-кода) "
+"может выполняться, но не является необходимой для успешной аутентификации.<br/><em>Проверять</"
+"em>: проверка пользователя необходима для успешной аутентификации. Обратите внимение, что не все браузеры поддерживают данную опцию.<br/>"
 
 #: inc/class-adminsettings.php:94
 msgid "Timeout"
@@ -124,31 +129,41 @@ msgstr ""
 "зарегистрирован при помощи U2F; если да, то поддержка AppID включается "
 "принудительно."
 
-#: inc/class-ajax.php:33
+#: inc/class-adminsettings.php:127
+msgid "Disable old U2F provider"
+msgstr ""
+
+#: inc/class-adminsettings.php:133
+msgid ""
+"This option allows you to turn off the old U2F provider in the Two Factor "
+"plugin."
+msgstr "Данная опция позволяет отключить старый провайдер U2F в плагине Two Factor."
+
+#: inc/class-ajax.php:32
 msgid "The nonce has expired. Please reload the page and try again."
 msgstr ""
 "Срок действия одноразового номера истёк. Пожалуйста, обновите страницу и "
 "попытайтесь выполнить действие снова."
 
-#: inc/class-ajax.php:85
+#: inc/class-ajax.php:84
 msgid "Unable to retrieve the registration context."
 msgstr "Не удалось получить контекст регистрации."
 
-#: inc/class-ajax.php:95 inc/class-ajax.php:124
+#: inc/class-ajax.php:94 inc/class-ajax.php:123
 #: inc/class-webauthn-provider.php:118
 msgid "Bad request."
 msgstr "Неверный запрос."
 
-#: inc/class-ajax.php:111
+#: inc/class-ajax.php:110
 #, fuzzy
 msgid "Unable to save the key to the database."
 msgstr "Не удалось получить контекст регистрации."
 
-#: inc/class-ajax.php:151
+#: inc/class-ajax.php:150
 msgid "Key name cannot be empty."
 msgstr "Имя ключа не может быть пустым."
 
-#: inc/class-ajax.php:160
+#: inc/class-ajax.php:159
 msgid "Failed to rename the key."
 msgstr "Не удалось переименовать ключ."
 
@@ -199,7 +214,7 @@ msgstr "Не удалось получить контекст аутентифи
 
 #: inc/class-webauthn-user.php:52
 msgid "Unable to save the user handle to the database."
-msgstr ""
+msgstr "Не удалось сохранить дескриптор пользователя в базу данных."
 
 #: views/login.php:2
 msgid "Please insert (and tap) your security key."

lang/two-factor-provider-webauthn.pot

@@ -2,14 +2,14 @@
 # This file is distributed under the MIT.
 msgid ""
 msgstr ""
-"Project-Id-Version: WebAuthn Provider for Two Factor 1.0.3\n"
-"Report-Msgid-Bugs-To: https://wordpress.org/support/plugin/two-factor-provider-webauthn\n"
+"Project-Id-Version: WebAuthn Provider for Two Factor 1.0.4\n"
+"Report-Msgid-Bugs-To: https://wordpress.org/support/plugin/wp-two-factor-provider-webauthn\n"
 "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
 "Language-Team: LANGUAGE <LL@li.org>\n"
 "MIME-Version: 1.0\n"
 "Content-Type: text/plain; charset=UTF-8\n"
 "Content-Transfer-Encoding: 8bit\n"
-"POT-Creation-Date: 2022-02-21T21:24:41+02:00\n"
+"POT-Creation-Date: 2022-05-17T07:36:42+00:00\n"
 "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
 "X-Generator: WP-CLI 2.6.0\n"
 "X-Domain: two-factor-provider-webauthn\n"
@@ -96,29 +96,37 @@ msgstr ""
 msgid "Chrome for Android sometimes ignores the AppID extension required for interoperability between the old U2F and the modern WebAuthn protocol.<br/>When enabled, this hack enables the check whether the security key used was registered with U2F and if so, forces the use of the AppID extension."
 msgstr ""
 
-#: inc/class-ajax.php:33
+#: inc/class-adminsettings.php:127
+msgid "Disable old U2F provider"
+msgstr ""
+
+#: inc/class-adminsettings.php:133
+msgid "This option allows you to turn off the old U2F provider in the Two Factor plugin."
+msgstr ""
+
+#: inc/class-ajax.php:32
 msgid "The nonce has expired. Please reload the page and try again."
 msgstr ""
 
-#: inc/class-ajax.php:85
+#: inc/class-ajax.php:84
 msgid "Unable to retrieve the registration context."
 msgstr ""
 
-#: inc/class-ajax.php:95
-#: inc/class-ajax.php:124
+#: inc/class-ajax.php:94
+#: inc/class-ajax.php:123
 #: inc/class-webauthn-provider.php:118
 msgid "Bad request."
 msgstr ""
 
-#: inc/class-ajax.php:111
+#: inc/class-ajax.php:110
 msgid "Unable to save the key to the database."
 msgstr ""
 
-#: inc/class-ajax.php:151
+#: inc/class-ajax.php:150
 msgid "Key name cannot be empty."
 msgstr ""
 
-#: inc/class-ajax.php:160
+#: inc/class-ajax.php:159
 msgid "Failed to rename the key."
 msgstr ""
 

readme.txt

@@ -33,6 +33,12 @@ Be the first to ask.
 
 == Changelog ==
 
+= 1.0.4 =
+* Update translations
+* GH-93: add an option to turn off the old U2F provider
+* Update dependencies
+* Add more E2E tests
+
 = 1.0.3 =
 * GH-33: increase length of credential_id column to solve issues with Chrome on Mac
 * GH-38: fix bugs preventing plugin uninstallation