View GitHub Repository server

Schedule Inspection
Subscribe
Passed
Push — master ( b6a24f...41eec8 )
by Daniel
15:31 queued 12s
created
Status
Category
Toggle Patches
core/Middleware/TwoFactorMiddleware.php 1 patch
Indentation   +115 added lines, -115 removed lines patch added patch discarded remove patch 
@@ -43,119 +43,119 @@
 
 block discarded – undo
43 43
44 44 
 class TwoFactorMiddleware extends Middleware {
45 45
46 
-	/** @var Manager */
47 
-	private $twoFactorManager;
48 
-
49 
-	/** @var Session */
50 
-	private $userSession;
51 
-
52 
-	/** @var ISession */
53 
-	private $session;
54 
-
55 
-	/** @var IURLGenerator */
56 
-	private $urlGenerator;
57 
-
58 
-	/** @var IControllerMethodReflector */
59 
-	private $reflector;
60 
-
61 
-	/** @var IRequest */
62 
-	private $request;
63 
-
64 
-	/**
65 
-	 * @param Manager $twoFactorManager
66 
-	 * @param Session $userSession
67 
-	 * @param ISession $session
68 
-	 * @param IURLGenerator $urlGenerator
69 
-	 */
70 
-	public function __construct(Manager $twoFactorManager, Session $userSession, ISession $session,
71 
-		IURLGenerator $urlGenerator, IControllerMethodReflector $reflector, IRequest $request) {
72 
-		$this->twoFactorManager = $twoFactorManager;
73 
-		$this->userSession = $userSession;
74 
-		$this->session = $session;
75 
-		$this->urlGenerator = $urlGenerator;
76 
-		$this->reflector = $reflector;
77 
-		$this->request = $request;
78 
-	}
79 
-
80 
-	/**
81 
-	 * @param Controller $controller
82 
-	 * @param string $methodName
83 
-	 */
84 
-	public function beforeController($controller, $methodName) {
85 
-		if ($this->reflector->hasAnnotation('PublicPage')) {
86 
-			// Don't block public pages
87 
-			return;
88 
-		}
89 
-
90 
-		if ($controller instanceof TwoFactorChallengeController
91 
-			&& $this->userSession->getUser() !== null
92 
-			&& !$this->reflector->hasAnnotation('TwoFactorSetUpDoneRequired')) {
93 
-			$providers = $this->twoFactorManager->getProviderSet($this->userSession->getUser());
94 
-
95 
-			if (!($providers->getProviders() === [] && !$providers->isProviderMissing())) {
96 
-				throw new TwoFactorAuthRequiredException();
97 
-			}
98 
-		}
99 
-
100 
-		if ($controller instanceof ALoginSetupController
101 
-			&& $this->userSession->getUser() !== null
102 
-			&& $this->twoFactorManager->needsSecondFactor($this->userSession->getUser())) {
103 
-			$providers = $this->twoFactorManager->getProviderSet($this->userSession->getUser());
104 
-
105 
-			if ($providers->getProviders() === [] && !$providers->isProviderMissing()) {
106 
-				return;
107 
-			}
108 
-		}
109 
-
110 
-		if ($controller instanceof LoginController && $methodName === 'logout') {
111 
-			// Don't block the logout page, to allow canceling the 2FA
112 
-			return;
113 
-		}
114 
-
115 
-		if ($this->userSession->isLoggedIn()) {
116 
-			$user = $this->userSession->getUser();
117 
-
118 
-			if ($this->session->exists('app_password') || $this->twoFactorManager->isTwoFactorAuthenticated($user)) {
119 
-				$this->checkTwoFactor($controller, $methodName, $user);
120 
-			} elseif ($controller instanceof TwoFactorChallengeController) {
121 
-				// Allow access to the two-factor controllers only if two-factor authentication
122 
-				// is in progress.
123 
-				throw new UserAlreadyLoggedInException();
124 
-			}
125 
-		}
126 
-		// TODO: dont check/enforce 2FA if a auth token is used
127 
-	}
128 
-
129 
-	private function checkTwoFactor(Controller $controller, $methodName, IUser $user) {
130 
-		// If two-factor auth is in progress disallow access to any controllers
131 
-		// defined within "LoginController".
132 
-		$needsSecondFactor = $this->twoFactorManager->needsSecondFactor($user);
133 
-		$twoFactor = $controller instanceof TwoFactorChallengeController;
134 
-
135 
-		// Disallow access to any controller if 2FA needs to be checked
136 
-		if ($needsSecondFactor && !$twoFactor) {
137 
-			throw new TwoFactorAuthRequiredException();
138 
-		}
139 
-
140 
-		// Allow access to the two-factor controllers only if two-factor authentication
141 
-		// is in progress.
142 
-		if (!$needsSecondFactor && $twoFactor) {
143 
-			throw new UserAlreadyLoggedInException();
144 
-		}
145 
-	}
146 
-
147 
-	public function afterException($controller, $methodName, Exception $exception) {
148 
-		if ($exception instanceof TwoFactorAuthRequiredException) {
149 
-			$params = [];
150 
-			if (isset($this->request->server['REQUEST_URI'])) {
151 
-				$params['redirect_url'] = $this->request->server['REQUEST_URI'];
152 
-			}
153 
-			return new RedirectResponse($this->urlGenerator->linkToRoute('core.TwoFactorChallenge.selectChallenge', $params));
154 
-		}
155 
-		if ($exception instanceof UserAlreadyLoggedInException) {
156 
-			return new RedirectResponse($this->urlGenerator->linkToRoute('files.view.index'));
157 
-		}
158 
-
159 
-		throw $exception;
160 
-	}
46 
+    /** @var Manager */
47 
+    private $twoFactorManager;
48 
+
49 
+    /** @var Session */
50 
+    private $userSession;
51 
+
52 
+    /** @var ISession */
53 
+    private $session;
54 
+
55 
+    /** @var IURLGenerator */
56 
+    private $urlGenerator;
57 
+
58 
+    /** @var IControllerMethodReflector */
59 
+    private $reflector;
60 
+
61 
+    /** @var IRequest */
62 
+    private $request;
63 
+
64 
+    /**
65 
+     * @param Manager $twoFactorManager
66 
+     * @param Session $userSession
67 
+     * @param ISession $session
68 
+     * @param IURLGenerator $urlGenerator
69 
+     */
70 
+    public function __construct(Manager $twoFactorManager, Session $userSession, ISession $session,
71 
+        IURLGenerator $urlGenerator, IControllerMethodReflector $reflector, IRequest $request) {
72 
+        $this->twoFactorManager = $twoFactorManager;
73 
+        $this->userSession = $userSession;
74 
+        $this->session = $session;
75 
+        $this->urlGenerator = $urlGenerator;
76 
+        $this->reflector = $reflector;
77 
+        $this->request = $request;
78 
+    }
79 
+
80 
+    /**
81 
+     * @param Controller $controller
82 
+     * @param string $methodName
83 
+     */
84 
+    public function beforeController($controller, $methodName) {
85 
+        if ($this->reflector->hasAnnotation('PublicPage')) {
86 
+            // Don't block public pages
87 
+            return;
88 
+        }
89 
+
90 
+        if ($controller instanceof TwoFactorChallengeController
91 
+            && $this->userSession->getUser() !== null
92 
+            && !$this->reflector->hasAnnotation('TwoFactorSetUpDoneRequired')) {
93 
+            $providers = $this->twoFactorManager->getProviderSet($this->userSession->getUser());
94 
+
95 
+            if (!($providers->getProviders() === [] && !$providers->isProviderMissing())) {
96 
+                throw new TwoFactorAuthRequiredException();
97 
+            }
98 
+        }
99 
+
100 
+        if ($controller instanceof ALoginSetupController
101 
+            && $this->userSession->getUser() !== null
102 
+            && $this->twoFactorManager->needsSecondFactor($this->userSession->getUser())) {
103 
+            $providers = $this->twoFactorManager->getProviderSet($this->userSession->getUser());
104 
+
105 
+            if ($providers->getProviders() === [] && !$providers->isProviderMissing()) {
106 
+                return;
107 
+            }
108 
+        }
109 
+
110 
+        if ($controller instanceof LoginController && $methodName === 'logout') {
111 
+            // Don't block the logout page, to allow canceling the 2FA
112 
+            return;
113 
+        }
114 
+
115 
+        if ($this->userSession->isLoggedIn()) {
116 
+            $user = $this->userSession->getUser();
117 
+
118 
+            if ($this->session->exists('app_password') || $this->twoFactorManager->isTwoFactorAuthenticated($user)) {
119 
+                $this->checkTwoFactor($controller, $methodName, $user);
120 
+            } elseif ($controller instanceof TwoFactorChallengeController) {
121 
+                // Allow access to the two-factor controllers only if two-factor authentication
122 
+                // is in progress.
123 
+                throw new UserAlreadyLoggedInException();
124 
+            }
125 
+        }
126 
+        // TODO: dont check/enforce 2FA if a auth token is used
127 
+    }
128 
+
129 
+    private function checkTwoFactor(Controller $controller, $methodName, IUser $user) {
130 
+        // If two-factor auth is in progress disallow access to any controllers
131 
+        // defined within "LoginController".
132 
+        $needsSecondFactor = $this->twoFactorManager->needsSecondFactor($user);
133 
+        $twoFactor = $controller instanceof TwoFactorChallengeController;
134 
+
135 
+        // Disallow access to any controller if 2FA needs to be checked
136 
+        if ($needsSecondFactor && !$twoFactor) {
137 
+            throw new TwoFactorAuthRequiredException();
138 
+        }
139 
+
140 
+        // Allow access to the two-factor controllers only if two-factor authentication
141 
+        // is in progress.
142 
+        if (!$needsSecondFactor && $twoFactor) {
143 
+            throw new UserAlreadyLoggedInException();
144 
+        }
145 
+    }
146 
+
147 
+    public function afterException($controller, $methodName, Exception $exception) {
148 
+        if ($exception instanceof TwoFactorAuthRequiredException) {
149 
+            $params = [];
150 
+            if (isset($this->request->server['REQUEST_URI'])) {
151 
+                $params['redirect_url'] = $this->request->server['REQUEST_URI'];
152 
+            }
153 
+            return new RedirectResponse($this->urlGenerator->linkToRoute('core.TwoFactorChallenge.selectChallenge', $params));
154 
+        }
155 
+        if ($exception instanceof UserAlreadyLoggedInException) {
156 
+            return new RedirectResponse($this->urlGenerator->linkToRoute('files.view.index'));
157 
+        }
158 
+
159 
+        throw $exception;
160 
+    }
161 161 
 }
Please login to merge, or discard this patch.