@@ 218-258 (lines=41) @@ | ||
215 | ); |
|
216 | } |
|
217 | ||
218 | public function provePossessionOfYubikey( |
|
219 | SecondFactorId $secondFactorId, |
|
220 | YubikeyPublicId $yubikeyPublicId, |
|
221 | $emailVerificationRequired, |
|
222 | EmailVerificationWindow $emailVerificationWindow |
|
223 | ) { |
|
224 | $this->assertNotForgotten(); |
|
225 | $this->assertUserMayAddSecondFactor(); |
|
226 | ||
227 | if ($emailVerificationRequired) { |
|
228 | $emailVerificationNonce = TokenGenerator::generateNonce(); |
|
229 | ||
230 | $this->apply( |
|
231 | new YubikeyPossessionProvenEvent( |
|
232 | $this->id, |
|
233 | $this->institution, |
|
234 | $secondFactorId, |
|
235 | $yubikeyPublicId, |
|
236 | $emailVerificationRequired, |
|
237 | $emailVerificationWindow, |
|
238 | $emailVerificationNonce, |
|
239 | $this->commonName, |
|
240 | $this->email, |
|
241 | $this->preferredLocale |
|
242 | ) |
|
243 | ); |
|
244 | } else { |
|
245 | $this->apply( |
|
246 | new YubikeyPossessionProvenAndVerifiedEvent( |
|
247 | $this->id, |
|
248 | $this->institution, |
|
249 | $secondFactorId, |
|
250 | $yubikeyPublicId, |
|
251 | $this->commonName, |
|
252 | $this->email, |
|
253 | DateTime::now(), |
|
254 | OtpGenerator::generate(8) |
|
255 | ) |
|
256 | ); |
|
257 | } |
|
258 | } |
|
259 | ||
260 | public function provePossessionOfPhone( |
|
261 | SecondFactorId $secondFactorId, |
|
@@ 260-300 (lines=41) @@ | ||
257 | } |
|
258 | } |
|
259 | ||
260 | public function provePossessionOfPhone( |
|
261 | SecondFactorId $secondFactorId, |
|
262 | PhoneNumber $phoneNumber, |
|
263 | $emailVerificationRequired, |
|
264 | EmailVerificationWindow $emailVerificationWindow |
|
265 | ) { |
|
266 | $this->assertNotForgotten(); |
|
267 | $this->assertUserMayAddSecondFactor(); |
|
268 | ||
269 | if ($emailVerificationRequired) { |
|
270 | $emailVerificationNonce = TokenGenerator::generateNonce(); |
|
271 | ||
272 | $this->apply( |
|
273 | new PhonePossessionProvenEvent( |
|
274 | $this->id, |
|
275 | $this->institution, |
|
276 | $secondFactorId, |
|
277 | $phoneNumber, |
|
278 | $emailVerificationRequired, |
|
279 | $emailVerificationWindow, |
|
280 | $emailVerificationNonce, |
|
281 | $this->commonName, |
|
282 | $this->email, |
|
283 | $this->preferredLocale |
|
284 | ) |
|
285 | ); |
|
286 | } else { |
|
287 | $this->apply( |
|
288 | new PhonePossessionProvenAndVerifiedEvent( |
|
289 | $this->id, |
|
290 | $this->institution, |
|
291 | $secondFactorId, |
|
292 | $phoneNumber, |
|
293 | $this->commonName, |
|
294 | $this->email, |
|
295 | DateTime::now(), |
|
296 | OtpGenerator::generate(8) |
|
297 | ) |
|
298 | ); |
|
299 | } |
|
300 | } |
|
301 | ||
302 | public function provePossessionOfGssf( |
|
303 | SecondFactorId $secondFactorId, |
|
@@ 302-345 (lines=44) @@ | ||
299 | } |
|
300 | } |
|
301 | ||
302 | public function provePossessionOfGssf( |
|
303 | SecondFactorId $secondFactorId, |
|
304 | StepupProvider $provider, |
|
305 | GssfId $gssfId, |
|
306 | $emailVerificationRequired, |
|
307 | EmailVerificationWindow $emailVerificationWindow |
|
308 | ) { |
|
309 | $this->assertNotForgotten(); |
|
310 | $this->assertUserMayAddSecondFactor(); |
|
311 | ||
312 | if ($emailVerificationRequired) { |
|
313 | $emailVerificationNonce = TokenGenerator::generateNonce(); |
|
314 | ||
315 | $this->apply( |
|
316 | new GssfPossessionProvenEvent( |
|
317 | $this->id, |
|
318 | $this->institution, |
|
319 | $secondFactorId, |
|
320 | $provider, |
|
321 | $gssfId, |
|
322 | $emailVerificationRequired, |
|
323 | $emailVerificationWindow, |
|
324 | $emailVerificationNonce, |
|
325 | $this->commonName, |
|
326 | $this->email, |
|
327 | $this->preferredLocale |
|
328 | ) |
|
329 | ); |
|
330 | } else { |
|
331 | $this->apply( |
|
332 | new GssfPossessionProvenAndVerifiedEvent( |
|
333 | $this->id, |
|
334 | $this->institution, |
|
335 | $secondFactorId, |
|
336 | $provider, |
|
337 | $gssfId, |
|
338 | $this->commonName, |
|
339 | $this->email, |
|
340 | DateTime::now(), |
|
341 | OtpGenerator::generate(8) |
|
342 | ) |
|
343 | ); |
|
344 | } |
|
345 | } |
|
346 | ||
347 | public function provePossessionOfU2fDevice( |
|
348 | SecondFactorId $secondFactorId, |
|
@@ 347-387 (lines=41) @@ | ||
344 | } |
|
345 | } |
|
346 | ||
347 | public function provePossessionOfU2fDevice( |
|
348 | SecondFactorId $secondFactorId, |
|
349 | U2fKeyHandle $keyHandle, |
|
350 | $emailVerificationRequired, |
|
351 | EmailVerificationWindow $emailVerificationWindow |
|
352 | ) { |
|
353 | $this->assertNotForgotten(); |
|
354 | $this->assertUserMayAddSecondFactor(); |
|
355 | ||
356 | if ($emailVerificationRequired) { |
|
357 | $emailVerificationNonce = TokenGenerator::generateNonce(); |
|
358 | ||
359 | $this->apply( |
|
360 | new U2fDevicePossessionProvenEvent( |
|
361 | $this->id, |
|
362 | $this->institution, |
|
363 | $secondFactorId, |
|
364 | $keyHandle, |
|
365 | $emailVerificationRequired, |
|
366 | $emailVerificationWindow, |
|
367 | $emailVerificationNonce, |
|
368 | $this->commonName, |
|
369 | $this->email, |
|
370 | $this->preferredLocale |
|
371 | ) |
|
372 | ); |
|
373 | } else { |
|
374 | $this->apply( |
|
375 | new U2fDevicePossessionProvenAndVerifiedEvent( |
|
376 | $this->id, |
|
377 | $this->institution, |
|
378 | $secondFactorId, |
|
379 | $keyHandle, |
|
380 | $this->commonName, |
|
381 | $this->email, |
|
382 | DateTime::now(), |
|
383 | OtpGenerator::generate(8) |
|
384 | ) |
|
385 | ); |
|
386 | } |
|
387 | } |
|
388 | ||
389 | public function verifyEmail($verificationNonce) |
|
390 | { |