OpenConext /
Stepup-Middleware
| @@ 698-725 (lines=28) @@ | ||
| 695 | $this->vettedSecondFactors->set((string) $secondFactor->getId(), $secondFactor); |
|
| 696 | } |
|
| 697 | ||
| 698 | protected function applyYubikeyPossessionProvenEvent(YubikeyPossessionProvenEvent $event) |
|
| 699 | { |
|
| 700 | $secondFactorType = new SecondFactorType('yubikey'); |
|
| 701 | ||
| 702 | if ($event->emailVerificationRequired) { |
|
| 703 | $secondFactor = UnverifiedSecondFactor::create( |
|
| 704 | $event->secondFactorId, |
|
| 705 | $this, |
|
| 706 | $secondFactorType, |
|
| 707 | $event->yubikeyPublicId, |
|
| 708 | $event->emailVerificationWindow, |
|
| 709 | $event->emailVerificationNonce |
|
| 710 | ); |
|
| 711 | ||
| 712 | $this->unverifiedSecondFactors->set((string)$secondFactor->getId(), $secondFactor); |
|
| 713 | } else { |
|
| 714 | $secondFactor = VerifiedSecondFactor::create( |
|
| 715 | $event->secondFactorId, |
|
| 716 | $this, |
|
| 717 | $secondFactorType, |
|
| 718 | $event->yubikeyPublicId, |
|
| 719 | DateTime::now(), |
|
| 720 | OtpGenerator::generate(8) |
|
| 721 | ); |
|
| 722 | ||
| 723 | $this->verifiedSecondFactors->set((string)$secondFactor->getId(), $secondFactor); |
|
| 724 | } |
|
| 725 | } |
|
| 726 | ||
| 727 | protected function applyPhonePossessionProvenEvent(PhonePossessionProvenEvent $event) |
|
| 728 | { |
|
| @@ 727-754 (lines=28) @@ | ||
| 724 | } |
|
| 725 | } |
|
| 726 | ||
| 727 | protected function applyPhonePossessionProvenEvent(PhonePossessionProvenEvent $event) |
|
| 728 | { |
|
| 729 | $secondFactorType = new SecondFactorType('sms'); |
|
| 730 | ||
| 731 | if ($event->emailVerificationRequired) { |
|
| 732 | $secondFactor = UnverifiedSecondFactor::create( |
|
| 733 | $event->secondFactorId, |
|
| 734 | $this, |
|
| 735 | $secondFactorType, |
|
| 736 | $event->phoneNumber, |
|
| 737 | $event->emailVerificationWindow, |
|
| 738 | $event->emailVerificationNonce |
|
| 739 | ); |
|
| 740 | ||
| 741 | $this->unverifiedSecondFactors->set((string)$secondFactor->getId(), $secondFactor); |
|
| 742 | } else { |
|
| 743 | $secondFactor = VerifiedSecondFactor::create( |
|
| 744 | $event->secondFactorId, |
|
| 745 | $this, |
|
| 746 | $secondFactorType, |
|
| 747 | $event->phoneNumber, |
|
| 748 | DateTime::now(), |
|
| 749 | OtpGenerator::generate(8) |
|
| 750 | ); |
|
| 751 | ||
| 752 | $this->verifiedSecondFactors->set((string)$secondFactor->getId(), $secondFactor); |
|
| 753 | } |
|
| 754 | } |
|
| 755 | ||
| 756 | protected function applyGssfPossessionProvenEvent(GssfPossessionProvenEvent $event) |
|
| 757 | { |
|
| @@ 756-792 (lines=37) @@ | ||
| 753 | } |
|
| 754 | } |
|
| 755 | ||
| 756 | protected function applyGssfPossessionProvenEvent(GssfPossessionProvenEvent $event) |
|
| 757 | { |
|
| 758 | $secondFactorType = new SecondFactorType((string)$event->stepupProvider); |
|
| 759 | ||
| 760 | if ($event->emailVerificationRequired) { |
|
| 761 | $secondFactor = UnverifiedSecondFactor::create( |
|
| 762 | $event->secondFactorId, |
|
| 763 | $this, |
|
| 764 | $secondFactorType, |
|
| 765 | $event->gssfId, |
|
| 766 | $event->emailVerificationWindow, |
|
| 767 | $event->emailVerificationNonce |
|
| 768 | ); |
|
| 769 | ||
| 770 | $this->unverifiedSecondFactors->set((string)$secondFactor->getId(), $secondFactor); |
|
| 771 | } else { |
|
| 772 | // WIP! Culprit here! |
|
| 773 | // |
|
| 774 | // In 2.7, we can't create the verified second factor here, |
|
| 775 | // because that's done via the email verified event. Post 2.7, we |
|
| 776 | // want to create it directly. But that's in conflict because this |
|
| 777 | // breaks replay of old events. |
|
| 778 | // |
|
| 779 | // To solve this, we need to introduce a version on the event to |
|
| 780 | // distinguish between version 2.7 and 2.8. |
|
| 781 | $secondFactor = VerifiedSecondFactor::create( |
|
| 782 | $event->secondFactorId, |
|
| 783 | $this, |
|
| 784 | $secondFactorType, |
|
| 785 | $event->gssfId, |
|
| 786 | DateTime::now(), |
|
| 787 | OtpGenerator::generate(8) |
|
| 788 | ); |
|
| 789 | ||
| 790 | $this->verifiedSecondFactors->set((string)$secondFactor->getId(), $secondFactor); |
|
| 791 | } |
|
| 792 | } |
|
| 793 | ||
| 794 | protected function applyU2fDevicePossessionProvenEvent(U2fDevicePossessionProvenEvent $event) |
|
| 795 | { |
|
| @@ 794-821 (lines=28) @@ | ||
| 791 | } |
|
| 792 | } |
|
| 793 | ||
| 794 | protected function applyU2fDevicePossessionProvenEvent(U2fDevicePossessionProvenEvent $event) |
|
| 795 | { |
|
| 796 | $secondFactorType = new SecondFactorType('u2f'); |
|
| 797 | ||
| 798 | if ($event->emailVerificationRequired) { |
|
| 799 | $secondFactor = UnverifiedSecondFactor::create( |
|
| 800 | $event->secondFactorId, |
|
| 801 | $this, |
|
| 802 | $secondFactorType, |
|
| 803 | $event->keyHandle, |
|
| 804 | $event->emailVerificationWindow, |
|
| 805 | $event->emailVerificationNonce |
|
| 806 | ); |
|
| 807 | ||
| 808 | $this->unverifiedSecondFactors->set((string)$secondFactor->getId(), $secondFactor); |
|
| 809 | } else { |
|
| 810 | $secondFactor = VerifiedSecondFactor::create( |
|
| 811 | $event->secondFactorId, |
|
| 812 | $this, |
|
| 813 | $secondFactorType, |
|
| 814 | $event->keyHandle, |
|
| 815 | DateTime::now(), |
|
| 816 | OtpGenerator::generate(8) |
|
| 817 | ); |
|
| 818 | ||
| 819 | $this->verifiedSecondFactors->set((string)$secondFactor->getId(), $secondFactor); |
|
| 820 | } |
|
| 821 | } |
|
| 822 | ||
| 823 | protected function applyEmailVerifiedEvent(EmailVerifiedEvent $event) |
|
| 824 | { |
|
