OpenStack Dashboard Charm

Add support for enabling TOTP

Bug #2058689 reported by Alan Baghumian
16
This bug affects 3 people
Affects Status Importance Assigned to Milestone
OpenStack Dashboard Charm
Fix Committed
Wishlist
Unassigned

Bug Description

Hello OpenStack Team!

OpenStack Bobcat introduced support for TOTP (Time Based One Time Passwords) in Horizon leveraging an existing feature in Keystone.

Unfortunately as of today this issue has not been implemented as a native OpenStack Dashboard Charm configuration option and would be a great addition.

I'm opening this Launchpad bug to request this new feature to be added.

Thanks much,
Alan

(1) https://www.openstack.org/blog/new-in-openstack-bobcat-horizon-team-introduces-time-based-one-time-password-totp-authentication-support/

Revision history for this message
Alex Kavanagh (ajkavanagh) wrote :

It should be a fairly simple addition to the charm, but may require backporting to yoga to be more widely available.

Changed in charm-openstack-dashboard:
importance: Undecided → Wishlist
status: New → Triaged
tags: added: good-first-bug
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to charm-openstack-dashboard (master)

Fix proposed to branch: master
Review: https://review.opendev.org/c/openstack/charm-openstack-dashboard/+/913991

Changed in charm-openstack-dashboard:
status: Triaged → In Progress
Revision history for this message
Carlos Bravo (bravocarlos) wrote : Re: Add support for enablong TOTP

Hi, I've submitted the following patch for review: https://review.opendev.org/c/openstack/charm-openstack-dashboard/+/913991.

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to charm-openstack-dashboard (master)

Fix proposed to branch: master
Review: https://review.opendev.org/c/openstack/charm-openstack-dashboard/+/914030

Edward Hope-Morley (hopem)
summary: - Add support for enablong TOTP
+ Add support for enabling TOTP
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to charm-openstack-dashboard (master)

Reviewed: https://review.opendev.org/c/openstack/charm-openstack-dashboard/+/913991
Committed: https://opendev.org/openstack/charm-openstack-dashboard/commit/ab66a192f46f375037d951587e9fb8bc03040830
Submitter: "Zuul (22348)"
Branch: master

commit ab66a192f46f375037d951587e9fb8bc03040830
Author: Carlos Bravo <email address hidden>
Date: Fri Mar 22 10:52:25 2024 -0400

    Added OPENSTACK_KEYSTONE_MFA_TOTP_ENABLED to config options

    Starting from Openstack Bobcat (2023.2) Multi Factor Authentication
    was added for Horizon. This change introduced a new variable called
    OPENSTACK_KEYSTONE_MFA_TOTP_ENABLED, which if set to True will display
    a new form requesting for the user's TOTP code for MFA enabled users.

    This change provides the missing OPENSTACK_KEYSTONE_MFA_TOTP_ENABLED
    config option for the charm, allowing the user to enable from the
    charm's configuration. If the value is set to True, the new bobcat
    template will render the following values:
    OPENSTACK_KEYSTONE_MFA_TOTP_ENABLED = True

    AUTHENTICATION_PLUGINS = [
        'openstack_auth.plugin.totp.TotpPlugin',
        'openstack_auth.plugin.password.PasswordPlugin',
        'openstack_auth.plugin.token.TokenPlugin'
    ]

    Closes-Bug: #2058689
    Change-Id: Ifedf587356693b58612b1fc4d7404f0f446158ce

Changed in charm-openstack-dashboard:
status: In Progress → Fix Committed
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.