|
@@ 147-161 (lines=15) @@
|
| 144 |
|
$this->repository->save($identity); |
| 145 |
|
} |
| 146 |
|
|
| 147 |
|
public function handleProveYubikeyPossessionCommand(ProveYubikeyPossessionCommand $command) |
| 148 |
|
{ |
| 149 |
|
/** @var IdentityApi $identity */ |
| 150 |
|
$identity = $this->repository->load(new IdentityId($command->identityId)); |
| 151 |
|
|
| 152 |
|
$this->assertSecondFactorIsAllowedFor(new SecondFactorType('yubikey'), $identity->getInstitution()); |
| 153 |
|
|
| 154 |
|
$identity->provePossessionOfYubikey( |
| 155 |
|
new SecondFactorId($command->secondFactorId), |
| 156 |
|
new YubikeyPublicId($command->yubikeyPublicId), |
| 157 |
|
$this->configurableSettings->createNewEmailVerificationWindow() |
| 158 |
|
); |
| 159 |
|
|
| 160 |
|
$this->repository->save($identity); |
| 161 |
|
} |
| 162 |
|
|
| 163 |
|
/** |
| 164 |
|
* @param ProvePhonePossessionCommand $command |
|
@@ 166-180 (lines=15) @@
|
| 163 |
|
/** |
| 164 |
|
* @param ProvePhonePossessionCommand $command |
| 165 |
|
*/ |
| 166 |
|
public function handleProvePhonePossessionCommand(ProvePhonePossessionCommand $command) |
| 167 |
|
{ |
| 168 |
|
/** @var IdentityApi $identity */ |
| 169 |
|
$identity = $this->repository->load(new IdentityId($command->identityId)); |
| 170 |
|
|
| 171 |
|
$this->assertSecondFactorIsAllowedFor(new SecondFactorType('sms'), $identity->getInstitution()); |
| 172 |
|
|
| 173 |
|
$identity->provePossessionOfPhone( |
| 174 |
|
new SecondFactorId($command->secondFactorId), |
| 175 |
|
new PhoneNumber($command->phoneNumber), |
| 176 |
|
$this->configurableSettings->createNewEmailVerificationWindow() |
| 177 |
|
); |
| 178 |
|
|
| 179 |
|
$this->repository->save($identity); |
| 180 |
|
} |
| 181 |
|
|
| 182 |
|
/** |
| 183 |
|
* @param ProveGssfPossessionCommand $command |
|
@@ 185-201 (lines=17) @@
|
| 182 |
|
/** |
| 183 |
|
* @param ProveGssfPossessionCommand $command |
| 184 |
|
*/ |
| 185 |
|
public function handleProveGssfPossessionCommand(ProveGssfPossessionCommand $command) |
| 186 |
|
{ |
| 187 |
|
/** @var IdentityApi $identity */ |
| 188 |
|
$identity = $this->repository->load(new IdentityId($command->identityId)); |
| 189 |
|
|
| 190 |
|
// Assume tiqr is being used as it is the only GSSF currently supported |
| 191 |
|
$this->assertSecondFactorIsAllowedFor(new SecondFactorType('tiqr'), $identity->getInstitution()); |
| 192 |
|
|
| 193 |
|
$identity->provePossessionOfGssf( |
| 194 |
|
new SecondFactorId($command->secondFactorId), |
| 195 |
|
new StepupProvider($command->stepupProvider), |
| 196 |
|
new GssfId($command->gssfId), |
| 197 |
|
$this->configurableSettings->createNewEmailVerificationWindow() |
| 198 |
|
); |
| 199 |
|
|
| 200 |
|
$this->repository->save($identity); |
| 201 |
|
} |
| 202 |
|
|
| 203 |
|
public function handleProveU2fDevicePossessionCommand(ProveU2fDevicePossessionCommand $command) |
| 204 |
|
{ |
|
@@ 203-217 (lines=15) @@
|
| 200 |
|
$this->repository->save($identity); |
| 201 |
|
} |
| 202 |
|
|
| 203 |
|
public function handleProveU2fDevicePossessionCommand(ProveU2fDevicePossessionCommand $command) |
| 204 |
|
{ |
| 205 |
|
/** @var IdentityApi $identity */ |
| 206 |
|
$identity = $this->repository->load(new IdentityId($command->identityId)); |
| 207 |
|
|
| 208 |
|
$this->assertSecondFactorIsAllowedFor(new SecondFactorType('u2f'), $identity->getInstitution()); |
| 209 |
|
|
| 210 |
|
$identity->provePossessionOfU2fDevice( |
| 211 |
|
new SecondFactorId($command->secondFactorId), |
| 212 |
|
new U2fKeyHandle($command->keyHandle), |
| 213 |
|
$this->configurableSettings->createNewEmailVerificationWindow() |
| 214 |
|
); |
| 215 |
|
|
| 216 |
|
$this->repository->save($identity); |
| 217 |
|
} |
| 218 |
|
|
| 219 |
|
/** |
| 220 |
|
* @param VerifyEmailCommand $command |
OpenConext /
Stepup-Middleware
