|
1
|
|
|
<?php |
|
2
|
|
|
/** |
|
3
|
|
|
* This file is part of the login-cidadao project or it's bundles. |
|
4
|
|
|
* |
|
5
|
|
|
* (c) Guilherme Donato <guilhermednt on github> |
|
6
|
|
|
* |
|
7
|
|
|
* For the full copyright and license information, please view the LICENSE |
|
8
|
|
|
* file that was distributed with this source code. |
|
9
|
|
|
*/ |
|
10
|
|
|
|
|
11
|
|
|
namespace LoginCidadao\CoreBundle\Security; |
|
12
|
|
|
|
|
13
|
|
|
use Doctrine\ORM\EntityManagerInterface; |
|
14
|
|
|
use LoginCidadao\CoreBundle\Entity\BackupCode; |
|
15
|
|
|
use LoginCidadao\CoreBundle\Model\PersonInterface; |
|
16
|
|
|
use Scheb\TwoFactorBundle\Security\TwoFactor\Provider\Google\GoogleAuthenticator; |
|
17
|
|
|
|
|
18
|
|
|
class TwoFactorAuthenticationService |
|
19
|
|
|
{ |
|
20
|
|
|
/** @var EntityManagerInterface */ |
|
21
|
|
|
private $em; |
|
22
|
|
|
|
|
23
|
|
|
/** @var GoogleAuthenticator */ |
|
24
|
|
|
private $twoFactor; |
|
25
|
|
|
|
|
26
|
|
|
/** |
|
27
|
|
|
* TwoFactorAuthenticationService constructor. |
|
28
|
|
|
* @param EntityManagerInterface $em |
|
29
|
|
|
* @param GoogleAuthenticator $twoFactor |
|
30
|
|
|
*/ |
|
31
|
|
|
public function __construct(EntityManagerInterface $em, GoogleAuthenticator $twoFactor) |
|
32
|
|
|
{ |
|
33
|
|
|
$this->em = $em; |
|
34
|
|
|
$this->twoFactor = $twoFactor; |
|
35
|
|
|
} |
|
36
|
|
|
|
|
37
|
|
|
public function enable(PersonInterface $person, $verificationCode) |
|
|
|
|
|
|
38
|
|
|
{ |
|
39
|
|
|
if (!$this->twoFactor->checkCode($person, $verificationCode)) { |
|
40
|
|
|
throw new \InvalidArgumentException('Invalid code! Make sure you configured your app correctly and your smartphone\'s time is adjusted.'); |
|
41
|
|
|
} |
|
42
|
|
|
|
|
43
|
|
|
$this->generateBackupCodes($person); |
|
44
|
|
|
$this->em->persist($person); |
|
45
|
|
|
$this->em->flush(); |
|
46
|
|
|
|
|
47
|
|
|
return true; |
|
48
|
|
|
} |
|
49
|
|
|
|
|
50
|
|
|
public function disable(PersonInterface $person) |
|
|
|
|
|
|
51
|
|
|
{ |
|
52
|
|
|
$this->removeBackupCodes($person); |
|
53
|
|
|
$person->setGoogleAuthenticatorSecret(null); |
|
54
|
|
|
|
|
55
|
|
|
$this->em->persist($person); |
|
56
|
|
|
$this->em->flush(); |
|
57
|
|
|
|
|
58
|
|
|
return true; |
|
59
|
|
|
} |
|
60
|
|
|
|
|
61
|
|
|
public function generateSecret() |
|
62
|
|
|
{ |
|
63
|
|
|
return $this->twoFactor->generateSecret(); |
|
64
|
|
|
} |
|
65
|
|
|
|
|
66
|
|
|
public function getSecretUrl(PersonInterface $person) |
|
67
|
|
|
{ |
|
68
|
|
|
return $this->twoFactor->getUrl($person); |
|
69
|
|
|
} |
|
70
|
|
|
|
|
71
|
|
|
/** |
|
72
|
|
|
* @param PersonInterface $person |
|
73
|
|
|
* @return BackupCode[] |
|
74
|
|
|
*/ |
|
75
|
|
|
public function generateBackupCodes(PersonInterface $person) |
|
76
|
|
|
{ |
|
77
|
|
|
$backupCodes = []; |
|
78
|
|
|
while (count($backupCodes) < 10) { |
|
79
|
|
|
$code = bin2hex(random_bytes(5)); |
|
80
|
|
|
$backupCode = new BackupCode(); |
|
81
|
|
|
$backupCode->setPerson($person); |
|
82
|
|
|
$backupCode->setCode($code); |
|
83
|
|
|
$backupCodes[] = $backupCode; |
|
84
|
|
|
$this->em->persist($backupCode); |
|
85
|
|
|
} |
|
86
|
|
|
|
|
87
|
|
|
return $backupCodes; |
|
88
|
|
|
} |
|
89
|
|
|
|
|
90
|
|
|
public function removeBackupCodes(PersonInterface $person) |
|
|
|
|
|
|
91
|
|
|
{ |
|
92
|
|
|
$backupCodes = $person->getBackupCodes(); |
|
93
|
|
|
foreach ($backupCodes as $backupCode) { |
|
94
|
|
|
$this->em->remove($backupCode); |
|
95
|
|
|
} |
|
96
|
|
|
|
|
97
|
|
|
return true; |
|
98
|
|
|
} |
|
99
|
|
|
} |
|
100
|
|
|
|
PROCERGS /
login-cidadao
Loading history...
This check examines a number of code elements and verifies that they conform to the given naming conventions.
You can set conventions for local variables, abstract classes, utility classes, constant, properties, methods, parameters, interfaces, classes, exceptions and special methods.