enwikipedia-acc /
waca
@@ -22,67 +22,67 @@ |
||
| 22 | 22 | |
| 23 | 23 | class AuthenticationManager |
| 24 | 24 | { |
| 25 | - const AUTH_OK = 1; |
|
| 26 | - const AUTH_FAIL = 2; |
|
| 27 | - const AUTH_REQUIRE_NEXT_STAGE = 3; |
|
| 28 | - private $typeMap = array(); |
|
| 29 | - /** |
|
| 30 | - * @var PdoDatabase |
|
| 31 | - */ |
|
| 32 | - private $database; |
|
| 25 | + const AUTH_OK = 1; |
|
| 26 | + const AUTH_FAIL = 2; |
|
| 27 | + const AUTH_REQUIRE_NEXT_STAGE = 3; |
|
| 28 | + private $typeMap = array(); |
|
| 29 | + /** |
|
| 30 | + * @var PdoDatabase |
|
| 31 | + */ |
|
| 32 | + private $database; |
|
| 33 | 33 | |
| 34 | - /** |
|
| 35 | - * AuthenticationManager constructor. |
|
| 36 | - * |
|
| 37 | - * @param PdoDatabase $database |
|
| 38 | - * @param SiteConfiguration $siteConfiguration |
|
| 39 | - * @param HttpHelper $httpHelper |
|
| 40 | - */ |
|
| 41 | - public function __construct(PdoDatabase $database, SiteConfiguration $siteConfiguration, HttpHelper $httpHelper) |
|
| 42 | - { |
|
| 43 | - // setup providers |
|
| 44 | - // note on type map: this *must* be the value in the database, as this is what it maps. |
|
| 45 | - $this->typeMap['password'] = new PasswordCredentialProvider($database, $siteConfiguration); |
|
| 46 | - $this->typeMap['yubikeyotp'] = new YubikeyOtpCredentialProvider($database, $siteConfiguration, $httpHelper); |
|
| 47 | - $this->typeMap['totp'] = new TotpCredentialProvider($database, $siteConfiguration); |
|
| 48 | - $this->typeMap['scratch'] = new ScratchTokenCredentialProvider($database, $siteConfiguration); |
|
| 49 | - $this->typeMap['u2f'] = new U2FCredentialProvider($database, $siteConfiguration); |
|
| 50 | - $this->database = $database; |
|
| 51 | - } |
|
| 34 | + /** |
|
| 35 | + * AuthenticationManager constructor. |
|
| 36 | + * |
|
| 37 | + * @param PdoDatabase $database |
|
| 38 | + * @param SiteConfiguration $siteConfiguration |
|
| 39 | + * @param HttpHelper $httpHelper |
|
| 40 | + */ |
|
| 41 | + public function __construct(PdoDatabase $database, SiteConfiguration $siteConfiguration, HttpHelper $httpHelper) |
|
| 42 | + { |
|
| 43 | + // setup providers |
|
| 44 | + // note on type map: this *must* be the value in the database, as this is what it maps. |
|
| 45 | + $this->typeMap['password'] = new PasswordCredentialProvider($database, $siteConfiguration); |
|
| 46 | + $this->typeMap['yubikeyotp'] = new YubikeyOtpCredentialProvider($database, $siteConfiguration, $httpHelper); |
|
| 47 | + $this->typeMap['totp'] = new TotpCredentialProvider($database, $siteConfiguration); |
|
| 48 | + $this->typeMap['scratch'] = new ScratchTokenCredentialProvider($database, $siteConfiguration); |
|
| 49 | + $this->typeMap['u2f'] = new U2FCredentialProvider($database, $siteConfiguration); |
|
| 50 | + $this->database = $database; |
|
| 51 | + } |
|
| 52 | 52 | |
| 53 | - public function authenticate(User $user, $data, $stage) |
|
| 54 | - { |
|
| 55 | - $sql = 'SELECT type FROM credential WHERE user = :user AND factor = :stage AND disabled = 0 ORDER BY priority ASC'; |
|
| 56 | - $statement = $this->database->prepare($sql); |
|
| 57 | - $statement->execute(array(':user' => $user->getId(), ':stage' => $stage)); |
|
| 58 | - $options = $statement->fetchAll(PDO::FETCH_COLUMN); |
|
| 53 | + public function authenticate(User $user, $data, $stage) |
|
| 54 | + { |
|
| 55 | + $sql = 'SELECT type FROM credential WHERE user = :user AND factor = :stage AND disabled = 0 ORDER BY priority ASC'; |
|
| 56 | + $statement = $this->database->prepare($sql); |
|
| 57 | + $statement->execute(array(':user' => $user->getId(), ':stage' => $stage)); |
|
| 58 | + $options = $statement->fetchAll(PDO::FETCH_COLUMN); |
|
| 59 | 59 | |
| 60 | - $sql = 'SELECT count(DISTINCT factor) FROM credential WHERE user = :user AND factor > :stage AND disabled = 0 AND type <> :scratch'; |
|
| 61 | - $statement = $this->database->prepare($sql); |
|
| 62 | - $statement->execute(array(':user' => $user->getId(), ':stage' => $stage, ':scratch' => 'scratch')); |
|
| 63 | - $requiredFactors = $statement->fetchColumn(); |
|
| 60 | + $sql = 'SELECT count(DISTINCT factor) FROM credential WHERE user = :user AND factor > :stage AND disabled = 0 AND type <> :scratch'; |
|
| 61 | + $statement = $this->database->prepare($sql); |
|
| 62 | + $statement->execute(array(':user' => $user->getId(), ':stage' => $stage, ':scratch' => 'scratch')); |
|
| 63 | + $requiredFactors = $statement->fetchColumn(); |
|
| 64 | 64 | |
| 65 | - // prep the correct OK response based on how many factors are ahead of this one |
|
| 66 | - $success = self::AUTH_OK; |
|
| 67 | - if ($requiredFactors > 0) { |
|
| 68 | - $success = self::AUTH_REQUIRE_NEXT_STAGE; |
|
| 69 | - } |
|
| 65 | + // prep the correct OK response based on how many factors are ahead of this one |
|
| 66 | + $success = self::AUTH_OK; |
|
| 67 | + if ($requiredFactors > 0) { |
|
| 68 | + $success = self::AUTH_REQUIRE_NEXT_STAGE; |
|
| 69 | + } |
|
| 70 | 70 | |
| 71 | - foreach ($options as $type) { |
|
| 72 | - if (!isset($this->typeMap[$type])) { |
|
| 73 | - // does this type have a credentialProvider registered? |
|
| 74 | - continue; |
|
| 75 | - } |
|
| 71 | + foreach ($options as $type) { |
|
| 72 | + if (!isset($this->typeMap[$type])) { |
|
| 73 | + // does this type have a credentialProvider registered? |
|
| 74 | + continue; |
|
| 75 | + } |
|
| 76 | 76 | |
| 77 | - /** @var ICredentialProvider $credentialProvider */ |
|
| 78 | - $credentialProvider = $this->typeMap[$type]; |
|
| 79 | - if ($credentialProvider->authenticate($user, $data)) { |
|
| 80 | - return $success; |
|
| 81 | - } |
|
| 82 | - } |
|
| 77 | + /** @var ICredentialProvider $credentialProvider */ |
|
| 78 | + $credentialProvider = $this->typeMap[$type]; |
|
| 79 | + if ($credentialProvider->authenticate($user, $data)) { |
|
| 80 | + return $success; |
|
| 81 | + } |
|
| 82 | + } |
|
| 83 | 83 | |
| 84 | - // We've iterated over all the available providers for this stage. |
|
| 85 | - // They all hate you. |
|
| 86 | - return self::AUTH_FAIL; |
|
| 87 | - } |
|
| 84 | + // We've iterated over all the available providers for this stage. |
|
| 85 | + // They all hate you. |
|
| 86 | + return self::AUTH_FAIL; |
|
| 87 | + } |
|
| 88 | 88 | } |
| 89 | 89 | \ No newline at end of file |
@@ -14,9 +14,9 @@ |
||
| 14 | 14 | |
| 15 | 15 | function smarty_modifier_nlimplode($list, $conjunction = 'or') |
| 16 | 16 | { |
| 17 | - $last = array_pop($list); |
|
| 18 | - if ($list) { |
|
| 19 | - return implode(', ', $list) . ', ' . $conjunction . ' ' . $last; |
|
| 20 | - } |
|
| 21 | - return $last; |
|
| 17 | + $last = array_pop($list); |
|
| 18 | + if ($list) { |
|
| 19 | + return implode(', ', $list) . ', ' . $conjunction . ' ' . $last; |
|
| 20 | + } |
|
| 21 | + return $last; |
|
| 22 | 22 | } |
| 23 | 23 | \ No newline at end of file |
@@ -16,7 +16,7 @@ |
||
| 16 | 16 | { |
| 17 | 17 | $last = array_pop($list); |
| 18 | 18 | if ($list) { |
| 19 | - return implode(', ', $list) . ', ' . $conjunction . ' ' . $last; |
|
| 19 | + return implode(', ', $list).', '.$conjunction.' '.$last; |
|
| 20 | 20 | } |
| 21 | 21 | return $last; |
| 22 | 22 | } |
| 23 | 23 | \ No newline at end of file |
@@ -8,10 +8,10 @@ |
||
| 8 | 8 | |
| 9 | 9 | function smarty_modifier_demodhex($input) |
| 10 | 10 | { |
| 11 | - $hex = preg_replace( |
|
| 12 | - array('/c/', '/b/', '/d/', '/e/', '/f/', '/g/', '/h/', '/i/', '/j/', '/k/', '/l/', '/n/', '/r/', '/t/', '/u/', '/v/'), |
|
| 13 | - array('0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'a', 'b', 'c', 'd', 'e', 'f'), |
|
| 14 | - $input); |
|
| 11 | + $hex = preg_replace( |
|
| 12 | + array('/c/', '/b/', '/d/', '/e/', '/f/', '/g/', '/h/', '/i/', '/j/', '/k/', '/l/', '/n/', '/r/', '/t/', '/u/', '/v/'), |
|
| 13 | + array('0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'a', 'b', 'c', 'd', 'e', 'f'), |
|
| 14 | + $input); |
|
| 15 | 15 | |
| 16 | - return hexdec($hex); |
|
| 16 | + return hexdec($hex); |
|
| 17 | 17 | } |
| 18 | 18 | \ No newline at end of file |
