nextcloud /
server
@@ -22,18 +22,18 @@ discard block |
||
| 22 | 22 | */ |
| 23 | 23 | |
| 24 | 24 | script('settings', [ |
| 25 | - 'authtoken', |
|
| 26 | - 'authtoken_collection', |
|
| 27 | - 'templates', |
|
| 28 | - 'authtoken_view', |
|
| 29 | - 'settings/authtoken-init' |
|
| 25 | + 'authtoken', |
|
| 26 | + 'authtoken_collection', |
|
| 27 | + 'templates', |
|
| 28 | + 'authtoken_view', |
|
| 29 | + 'settings/authtoken-init' |
|
| 30 | 30 | ]); |
| 31 | 31 | |
| 32 | 32 | if($_['passwordChangeSupported']) { |
| 33 | - script('settings', 'security_password'); |
|
| 34 | - script('jquery-showpassword'); |
|
| 35 | - vendor_script('strengthify/jquery.strengthify'); |
|
| 36 | - vendor_style('strengthify/strengthify'); |
|
| 33 | + script('settings', 'security_password'); |
|
| 34 | + script('jquery-showpassword'); |
|
| 35 | + vendor_script('strengthify/jquery.strengthify'); |
|
| 36 | + vendor_style('strengthify/strengthify'); |
|
| 37 | 37 | } |
| 38 | 38 | |
| 39 | 39 | ?> |
@@ -106,27 +106,27 @@ discard block |
||
| 106 | 106 | <h2><?php p($l->t('Two-Factor Authentication'));?></h2> |
| 107 | 107 | <p class="settings-hint"> |
| 108 | 108 | <?php |
| 109 | - if ($_['twoFactorProviderData']['enabled']) { |
|
| 110 | - p($l->t('Two-factor authentication is enabled on your account.')); |
|
| 111 | - } else { |
|
| 112 | - p($l->t('Two-factor authentication is disabled on your account.')); |
|
| 113 | - } |
|
| 114 | - ?> |
|
| 109 | + if ($_['twoFactorProviderData']['enabled']) { |
|
| 110 | + p($l->t('Two-factor authentication is enabled on your account.')); |
|
| 111 | + } else { |
|
| 112 | + p($l->t('Two-factor authentication is disabled on your account.')); |
|
| 113 | + } |
|
| 114 | + ?> |
|
| 115 | 115 | </p> |
| 116 | 116 | <ul> |
| 117 | 117 | <?php foreach ($_['twoFactorProviderData']['providers'] as $data) { ?> |
| 118 | 118 | <li> |
| 119 | 119 | <?php |
| 120 | - /** @var \OCP\Authentication\TwoFactorAuth\IProvidesPersonalSettings $provider */ |
|
| 121 | - $provider = $data['provider']; |
|
| 122 | - if ($provider instanceof \OCP\Authentication\TwoFactorAuth\IProvidesIcons) { |
|
| 123 | - $icon = $provider->getDarkIcon(); |
|
| 124 | - } else { |
|
| 125 | - $icon = image_path('core', 'actions/password.svg'); |
|
| 126 | - } |
|
| 127 | - /** @var \OCP\Authentication\TwoFactorAuth\IPersonalProviderSettings $settings */ |
|
| 128 | - $settings = $data['settings']; |
|
| 129 | - ?> |
|
| 120 | + /** @var \OCP\Authentication\TwoFactorAuth\IProvidesPersonalSettings $provider */ |
|
| 121 | + $provider = $data['provider']; |
|
| 122 | + if ($provider instanceof \OCP\Authentication\TwoFactorAuth\IProvidesIcons) { |
|
| 123 | + $icon = $provider->getDarkIcon(); |
|
| 124 | + } else { |
|
| 125 | + $icon = image_path('core', 'actions/password.svg'); |
|
| 126 | + } |
|
| 127 | + /** @var \OCP\Authentication\TwoFactorAuth\IPersonalProviderSettings $settings */ |
|
| 128 | + $settings = $data['settings']; |
|
| 129 | + ?> |
|
| 130 | 130 | <h3> |
| 131 | 131 | <img class="two-factor-provider-settings-icon" src="<?php p($icon) ?>" alt=""> |
| 132 | 132 | <?php p($provider->getDisplayName()) ?> |
@@ -29,7 +29,7 @@ discard block |
||
| 29 | 29 | 'settings/authtoken-init' |
| 30 | 30 | ]); |
| 31 | 31 | |
| 32 | -if($_['passwordChangeSupported']) { |
|
| 32 | +if ($_['passwordChangeSupported']) { |
|
| 33 | 33 | script('settings', 'security_password'); |
| 34 | 34 | script('jquery-showpassword'); |
| 35 | 35 | vendor_script('strengthify/jquery.strengthify'); |
@@ -37,19 +37,19 @@ discard block |
||
| 37 | 37 | } |
| 38 | 38 | |
| 39 | 39 | ?> |
| 40 | -<?php if($_['passwordChangeSupported']) { ?> |
|
| 40 | +<?php if ($_['passwordChangeSupported']) { ?> |
|
| 41 | 41 | <div id="security-password" class="section"> |
| 42 | - <h2 class="inlineblock"><?php p($l->t('Password'));?></h2> |
|
| 42 | + <h2 class="inlineblock"><?php p($l->t('Password')); ?></h2> |
|
| 43 | 43 | <span id="password-error-msg" class="msg success hidden">Saved</span> |
| 44 | 44 | <div class="personal-settings-setting-box personal-settings-password-box"> |
| 45 | 45 | <form id="passwordform"> |
| 46 | 46 | <label for="pass1" class="hidden-visually"><?php p($l->t('Current password')); ?>: </label> |
| 47 | 47 | <input type="password" id="pass1" name="oldpassword" |
| 48 | - placeholder="<?php p($l->t('Current password'));?>" |
|
| 48 | + placeholder="<?php p($l->t('Current password')); ?>" |
|
| 49 | 49 | autocomplete="off" autocapitalize="none" autocorrect="off" /> |
| 50 | 50 | |
| 51 | 51 | <div class="personal-show-container"> |
| 52 | - <label for="pass2" class="hidden-visually"><?php p($l->t('New password'));?>: </label> |
|
| 52 | + <label for="pass2" class="hidden-visually"><?php p($l->t('New password')); ?>: </label> |
|
| 53 | 53 | <input type="password" id="pass2" name="newpassword" |
| 54 | 54 | placeholder="<?php p($l->t('New password')); ?>" |
| 55 | 55 | data-typetoggle="#personal-show" |
@@ -66,14 +66,14 @@ discard block |
||
| 66 | 66 | <?php } ?> |
| 67 | 67 | |
| 68 | 68 | <div id="security" class="section"> |
| 69 | - <h2><?php p($l->t('Devices & sessions'));?></h2> |
|
| 70 | - <p class="settings-hint hidden-when-empty"><?php p($l->t('Web, desktop and mobile clients currently logged in to your account.'));?></p> |
|
| 69 | + <h2><?php p($l->t('Devices & sessions')); ?></h2> |
|
| 70 | + <p class="settings-hint hidden-when-empty"><?php p($l->t('Web, desktop and mobile clients currently logged in to your account.')); ?></p> |
|
| 71 | 71 | <table class="icon-loading"> |
| 72 | 72 | <thead class="token-list-header"> |
| 73 | 73 | <tr> |
| 74 | 74 | <th></th> |
| 75 | - <th><?php p($l->t('Device'));?></th> |
|
| 76 | - <th><?php p($l->t('Last activity'));?></th> |
|
| 75 | + <th><?php p($l->t('Device')); ?></th> |
|
| 76 | + <th><?php p($l->t('Last activity')); ?></th> |
|
| 77 | 77 | <th></th> |
| 78 | 78 | </tr> |
| 79 | 79 | </thead> |
@@ -103,7 +103,7 @@ discard block |
||
| 103 | 103 | </div> |
| 104 | 104 | |
| 105 | 105 | <div id="two-factor-auth" class="section"> |
| 106 | - <h2><?php p($l->t('Two-Factor Authentication'));?></h2> |
|
| 106 | + <h2><?php p($l->t('Two-Factor Authentication')); ?></h2> |
|
| 107 | 107 | <p class="settings-hint"> |
| 108 | 108 | <?php |
| 109 | 109 | if ($_['twoFactorProviderData']['enabled']) { |
@@ -38,83 +38,83 @@ |
||
| 38 | 38 | |
| 39 | 39 | class Security implements ISettings { |
| 40 | 40 | |
| 41 | - /** @var IUserManager */ |
|
| 42 | - private $userManager; |
|
| 43 | - |
|
| 44 | - /** @var TwoFactorManager */ |
|
| 45 | - private $twoFactorManager; |
|
| 46 | - |
|
| 47 | - /** @var ProviderLoader */ |
|
| 48 | - private $providerLoader; |
|
| 49 | - |
|
| 50 | - /** @var IUserSession */ |
|
| 51 | - private $userSession; |
|
| 52 | - |
|
| 53 | - |
|
| 54 | - public function __construct(IUserManager $userManager, |
|
| 55 | - TwoFactorManager $providerManager, |
|
| 56 | - ProviderLoader $providerLoader, |
|
| 57 | - IUserSession $userSession) { |
|
| 58 | - $this->userManager = $userManager; |
|
| 59 | - $this->twoFactorManager = $providerManager; |
|
| 60 | - $this->providerLoader = $providerLoader; |
|
| 61 | - $this->userSession = $userSession; |
|
| 62 | - } |
|
| 63 | - |
|
| 64 | - /** |
|
| 65 | - * @return TemplateResponse returns the instance with all parameters set, ready to be rendered |
|
| 66 | - * @since 9.1 |
|
| 67 | - */ |
|
| 68 | - public function getForm() { |
|
| 69 | - $user = $this->userManager->get(\OC_User::getUser()); |
|
| 70 | - $passwordChangeSupported = false; |
|
| 71 | - if ($user !== null) { |
|
| 72 | - $passwordChangeSupported = $user->canChangePassword(); |
|
| 73 | - } |
|
| 74 | - |
|
| 75 | - return new TemplateResponse('settings', 'settings/personal/security', [ |
|
| 76 | - 'passwordChangeSupported' => $passwordChangeSupported, |
|
| 77 | - 'twoFactorProviderData' => $this->getTwoFactorProviderData(), |
|
| 78 | - ]); |
|
| 79 | - } |
|
| 80 | - |
|
| 81 | - /** |
|
| 82 | - * @return string the section ID, e.g. 'sharing' |
|
| 83 | - * @since 9.1 |
|
| 84 | - */ |
|
| 85 | - public function getSection() { |
|
| 86 | - return 'security'; |
|
| 87 | - } |
|
| 88 | - |
|
| 89 | - /** |
|
| 90 | - * @return int whether the form should be rather on the top or bottom of |
|
| 91 | - * the admin section. The forms are arranged in ascending order of the |
|
| 92 | - * priority values. It is required to return a value between 0 and 100. |
|
| 93 | - * |
|
| 94 | - * E.g.: 70 |
|
| 95 | - * @since 9.1 |
|
| 96 | - */ |
|
| 97 | - public function getPriority() { |
|
| 98 | - return 10; |
|
| 99 | - } |
|
| 100 | - |
|
| 101 | - private function getTwoFactorProviderData(): array { |
|
| 102 | - $user = $this->userSession->getUser(); |
|
| 103 | - if (is_null($user)) { |
|
| 104 | - // Actually impossible, but still … |
|
| 105 | - return []; |
|
| 106 | - } |
|
| 107 | - |
|
| 108 | - return [ |
|
| 109 | - 'isEnabled' => $this->twoFactorManager->isTwoFactorAuthenticated($user), |
|
| 110 | - 'providers' => array_map(function (IProvidesPersonalSettings $provider) use ($user) { |
|
| 111 | - return [ |
|
| 112 | - 'provider' => $provider, |
|
| 113 | - 'settings' => $provider->getPersonalSettings($user) |
|
| 114 | - ]; |
|
| 115 | - }, array_filter($this->providerLoader->getProviders($user), function (IProvider $provider) { |
|
| 116 | - return $provider instanceof IProvidesPersonalSettings; |
|
| 117 | - })) |
|
| 118 | - ]; |
|
| 119 | - } |
|
| 41 | + /** @var IUserManager */ |
|
| 42 | + private $userManager; |
|
| 43 | + |
|
| 44 | + /** @var TwoFactorManager */ |
|
| 45 | + private $twoFactorManager; |
|
| 46 | + |
|
| 47 | + /** @var ProviderLoader */ |
|
| 48 | + private $providerLoader; |
|
| 49 | + |
|
| 50 | + /** @var IUserSession */ |
|
| 51 | + private $userSession; |
|
| 52 | + |
|
| 53 | + |
|
| 54 | + public function __construct(IUserManager $userManager, |
|
| 55 | + TwoFactorManager $providerManager, |
|
| 56 | + ProviderLoader $providerLoader, |
|
| 57 | + IUserSession $userSession) { |
|
| 58 | + $this->userManager = $userManager; |
|
| 59 | + $this->twoFactorManager = $providerManager; |
|
| 60 | + $this->providerLoader = $providerLoader; |
|
| 61 | + $this->userSession = $userSession; |
|
| 62 | + } |
|
| 63 | + |
|
| 64 | + /** |
|
| 65 | + * @return TemplateResponse returns the instance with all parameters set, ready to be rendered |
|
| 66 | + * @since 9.1 |
|
| 67 | + */ |
|
| 68 | + public function getForm() { |
|
| 69 | + $user = $this->userManager->get(\OC_User::getUser()); |
|
| 70 | + $passwordChangeSupported = false; |
|
| 71 | + if ($user !== null) { |
|
| 72 | + $passwordChangeSupported = $user->canChangePassword(); |
|
| 73 | + } |
|
| 74 | + |
|
| 75 | + return new TemplateResponse('settings', 'settings/personal/security', [ |
|
| 76 | + 'passwordChangeSupported' => $passwordChangeSupported, |
|
| 77 | + 'twoFactorProviderData' => $this->getTwoFactorProviderData(), |
|
| 78 | + ]); |
|
| 79 | + } |
|
| 80 | + |
|
| 81 | + /** |
|
| 82 | + * @return string the section ID, e.g. 'sharing' |
|
| 83 | + * @since 9.1 |
|
| 84 | + */ |
|
| 85 | + public function getSection() { |
|
| 86 | + return 'security'; |
|
| 87 | + } |
|
| 88 | + |
|
| 89 | + /** |
|
| 90 | + * @return int whether the form should be rather on the top or bottom of |
|
| 91 | + * the admin section. The forms are arranged in ascending order of the |
|
| 92 | + * priority values. It is required to return a value between 0 and 100. |
|
| 93 | + * |
|
| 94 | + * E.g.: 70 |
|
| 95 | + * @since 9.1 |
|
| 96 | + */ |
|
| 97 | + public function getPriority() { |
|
| 98 | + return 10; |
|
| 99 | + } |
|
| 100 | + |
|
| 101 | + private function getTwoFactorProviderData(): array { |
|
| 102 | + $user = $this->userSession->getUser(); |
|
| 103 | + if (is_null($user)) { |
|
| 104 | + // Actually impossible, but still … |
|
| 105 | + return []; |
|
| 106 | + } |
|
| 107 | + |
|
| 108 | + return [ |
|
| 109 | + 'isEnabled' => $this->twoFactorManager->isTwoFactorAuthenticated($user), |
|
| 110 | + 'providers' => array_map(function (IProvidesPersonalSettings $provider) use ($user) { |
|
| 111 | + return [ |
|
| 112 | + 'provider' => $provider, |
|
| 113 | + 'settings' => $provider->getPersonalSettings($user) |
|
| 114 | + ]; |
|
| 115 | + }, array_filter($this->providerLoader->getProviders($user), function (IProvider $provider) { |
|
| 116 | + return $provider instanceof IProvidesPersonalSettings; |
|
| 117 | + })) |
|
| 118 | + ]; |
|
| 119 | + } |
|
| 120 | 120 | } |
@@ -107,12 +107,12 @@ |
||
| 107 | 107 | |
| 108 | 108 | return [ |
| 109 | 109 | 'isEnabled' => $this->twoFactorManager->isTwoFactorAuthenticated($user), |
| 110 | - 'providers' => array_map(function (IProvidesPersonalSettings $provider) use ($user) { |
|
| 110 | + 'providers' => array_map(function(IProvidesPersonalSettings $provider) use ($user) { |
|
| 111 | 111 | return [ |
| 112 | 112 | 'provider' => $provider, |
| 113 | 113 | 'settings' => $provider->getPersonalSettings($user) |
| 114 | 114 | ]; |
| 115 | - }, array_filter($this->providerLoader->getProviders($user), function (IProvider $provider) { |
|
| 115 | + }, array_filter($this->providerLoader->getProviders($user), function(IProvider $provider) { |
|
| 116 | 116 | return $provider instanceof IProvidesPersonalSettings; |
| 117 | 117 | })) |
| 118 | 118 | ]; |
@@ -33,11 +33,11 @@ |
||
| 33 | 33 | */ |
| 34 | 34 | interface IPersonalProviderSettings { |
| 35 | 35 | |
| 36 | - /** |
|
| 37 | - * @return Template |
|
| 38 | - * |
|
| 39 | - * @since 15.0.0 |
|
| 40 | - */ |
|
| 41 | - public function getBody(): Template; |
|
| 36 | + /** |
|
| 37 | + * @return Template |
|
| 38 | + * |
|
| 39 | + * @since 15.0.0 |
|
| 40 | + */ |
|
| 41 | + public function getBody(): Template; |
|
| 42 | 42 | |
| 43 | 43 | } |
@@ -35,13 +35,13 @@ |
||
| 35 | 35 | */ |
| 36 | 36 | interface IProvidesPersonalSettings extends IProvider { |
| 37 | 37 | |
| 38 | - /** |
|
| 39 | - * @param IUser $user |
|
| 40 | - * |
|
| 41 | - * @return IPersonalProviderSettings |
|
| 42 | - * |
|
| 43 | - * @since 15.0.0 |
|
| 44 | - */ |
|
| 45 | - public function getPersonalSettings(IUser $user): IPersonalProviderSettings; |
|
| 38 | + /** |
|
| 39 | + * @param IUser $user |
|
| 40 | + * |
|
| 41 | + * @return IPersonalProviderSettings |
|
| 42 | + * |
|
| 43 | + * @since 15.0.0 |
|
| 44 | + */ |
|
| 45 | + public function getPersonalSettings(IUser $user): IPersonalProviderSettings; |
|
| 46 | 46 | |
| 47 | 47 | } |
@@ -30,8 +30,8 @@ |
||
| 30 | 30 | |
| 31 | 31 | class Personal implements IPersonalProviderSettings { |
| 32 | 32 | |
| 33 | - public function getBody(): Template { |
|
| 34 | - return new Template('twofactor_backupcodes', 'personal'); |
|
| 35 | - } |
|
| 33 | + public function getBody(): Template { |
|
| 34 | + return new Template('twofactor_backupcodes', 'personal'); |
|
| 35 | + } |
|
| 36 | 36 | |
| 37 | 37 | } |
@@ -35,121 +35,121 @@ |
||
| 35 | 35 | |
| 36 | 36 | class BackupCodesProvider implements IProvider, IProvidesPersonalSettings { |
| 37 | 37 | |
| 38 | - /** @var string */ |
|
| 39 | - private $appName; |
|
| 40 | - |
|
| 41 | - /** @var BackupCodeStorage */ |
|
| 42 | - private $storage; |
|
| 43 | - |
|
| 44 | - /** @var IL10N */ |
|
| 45 | - private $l10n; |
|
| 46 | - |
|
| 47 | - /** @var AppManager */ |
|
| 48 | - private $appManager; |
|
| 49 | - |
|
| 50 | - /** |
|
| 51 | - * @param string $appName |
|
| 52 | - * @param BackupCodeStorage $storage |
|
| 53 | - * @param IL10N $l10n |
|
| 54 | - * @param AppManager $appManager |
|
| 55 | - */ |
|
| 56 | - public function __construct(string $appName, BackupCodeStorage $storage, IL10N $l10n, AppManager $appManager) { |
|
| 57 | - $this->appName = $appName; |
|
| 58 | - $this->l10n = $l10n; |
|
| 59 | - $this->storage = $storage; |
|
| 60 | - $this->appManager = $appManager; |
|
| 61 | - } |
|
| 62 | - |
|
| 63 | - /** |
|
| 64 | - * Get unique identifier of this 2FA provider |
|
| 65 | - * |
|
| 66 | - * @return string |
|
| 67 | - */ |
|
| 68 | - public function getId(): string { |
|
| 69 | - return 'backup_codes'; |
|
| 70 | - } |
|
| 71 | - |
|
| 72 | - /** |
|
| 73 | - * Get the display name for selecting the 2FA provider |
|
| 74 | - * |
|
| 75 | - * @return string |
|
| 76 | - */ |
|
| 77 | - public function getDisplayName(): string { |
|
| 78 | - return $this->l10n->t('Backup code'); |
|
| 79 | - } |
|
| 80 | - |
|
| 81 | - /** |
|
| 82 | - * Get the description for selecting the 2FA provider |
|
| 83 | - * |
|
| 84 | - * @return string |
|
| 85 | - */ |
|
| 86 | - public function getDescription(): string { |
|
| 87 | - return $this->l10n->t('Use backup code'); |
|
| 88 | - } |
|
| 89 | - |
|
| 90 | - /** |
|
| 91 | - * Get the template for rending the 2FA provider view |
|
| 92 | - * |
|
| 93 | - * @param IUser $user |
|
| 94 | - * @return Template |
|
| 95 | - */ |
|
| 96 | - public function getTemplate(IUser $user): Template { |
|
| 97 | - return new Template('twofactor_backupcodes', 'challenge'); |
|
| 98 | - } |
|
| 99 | - |
|
| 100 | - /** |
|
| 101 | - * Verify the given challenge |
|
| 102 | - * |
|
| 103 | - * @param IUser $user |
|
| 104 | - * @param string $challenge |
|
| 105 | - * @return bool |
|
| 106 | - */ |
|
| 107 | - public function verifyChallenge(IUser $user, string $challenge): bool { |
|
| 108 | - return $this->storage->validateCode($user, $challenge); |
|
| 109 | - } |
|
| 110 | - |
|
| 111 | - /** |
|
| 112 | - * Decides whether 2FA is enabled for the given user |
|
| 113 | - * |
|
| 114 | - * @param IUser $user |
|
| 115 | - * @return boolean |
|
| 116 | - */ |
|
| 117 | - public function isTwoFactorAuthEnabledForUser(IUser $user): bool { |
|
| 118 | - return $this->storage->hasBackupCodes($user); |
|
| 119 | - } |
|
| 120 | - |
|
| 121 | - /** |
|
| 122 | - * Determine whether backup codes should be active or not |
|
| 123 | - * |
|
| 124 | - * Backup codes only make sense if at least one 2FA provider is active, |
|
| 125 | - * hence this method checks all enabled apps on whether they provide 2FA |
|
| 126 | - * functionality or not. If there's at least one app, backup codes are |
|
| 127 | - * enabled on the personal settings page. |
|
| 128 | - * |
|
| 129 | - * @param IUser $user |
|
| 130 | - * @return boolean |
|
| 131 | - */ |
|
| 132 | - public function isActive(IUser $user): bool { |
|
| 133 | - $appIds = array_filter($this->appManager->getEnabledAppsForUser($user), function($appId) { |
|
| 134 | - return $appId !== $this->appName; |
|
| 135 | - }); |
|
| 136 | - foreach ($appIds as $appId) { |
|
| 137 | - $info = $this->appManager->getAppInfo($appId); |
|
| 138 | - if (isset($info['two-factor-providers']) && count($info['two-factor-providers']) > 0) { |
|
| 139 | - return true; |
|
| 140 | - } |
|
| 141 | - } |
|
| 142 | - return false; |
|
| 143 | - } |
|
| 144 | - |
|
| 145 | - /** |
|
| 146 | - * @param IUser $user |
|
| 147 | - * |
|
| 148 | - * @return IPersonalProviderSettings |
|
| 149 | - */ |
|
| 150 | - public function getPersonalSettings(IUser $user): IPersonalProviderSettings { |
|
| 151 | - return new Personal(); |
|
| 152 | - } |
|
| 38 | + /** @var string */ |
|
| 39 | + private $appName; |
|
| 40 | + |
|
| 41 | + /** @var BackupCodeStorage */ |
|
| 42 | + private $storage; |
|
| 43 | + |
|
| 44 | + /** @var IL10N */ |
|
| 45 | + private $l10n; |
|
| 46 | + |
|
| 47 | + /** @var AppManager */ |
|
| 48 | + private $appManager; |
|
| 49 | + |
|
| 50 | + /** |
|
| 51 | + * @param string $appName |
|
| 52 | + * @param BackupCodeStorage $storage |
|
| 53 | + * @param IL10N $l10n |
|
| 54 | + * @param AppManager $appManager |
|
| 55 | + */ |
|
| 56 | + public function __construct(string $appName, BackupCodeStorage $storage, IL10N $l10n, AppManager $appManager) { |
|
| 57 | + $this->appName = $appName; |
|
| 58 | + $this->l10n = $l10n; |
|
| 59 | + $this->storage = $storage; |
|
| 60 | + $this->appManager = $appManager; |
|
| 61 | + } |
|
| 62 | + |
|
| 63 | + /** |
|
| 64 | + * Get unique identifier of this 2FA provider |
|
| 65 | + * |
|
| 66 | + * @return string |
|
| 67 | + */ |
|
| 68 | + public function getId(): string { |
|
| 69 | + return 'backup_codes'; |
|
| 70 | + } |
|
| 71 | + |
|
| 72 | + /** |
|
| 73 | + * Get the display name for selecting the 2FA provider |
|
| 74 | + * |
|
| 75 | + * @return string |
|
| 76 | + */ |
|
| 77 | + public function getDisplayName(): string { |
|
| 78 | + return $this->l10n->t('Backup code'); |
|
| 79 | + } |
|
| 80 | + |
|
| 81 | + /** |
|
| 82 | + * Get the description for selecting the 2FA provider |
|
| 83 | + * |
|
| 84 | + * @return string |
|
| 85 | + */ |
|
| 86 | + public function getDescription(): string { |
|
| 87 | + return $this->l10n->t('Use backup code'); |
|
| 88 | + } |
|
| 89 | + |
|
| 90 | + /** |
|
| 91 | + * Get the template for rending the 2FA provider view |
|
| 92 | + * |
|
| 93 | + * @param IUser $user |
|
| 94 | + * @return Template |
|
| 95 | + */ |
|
| 96 | + public function getTemplate(IUser $user): Template { |
|
| 97 | + return new Template('twofactor_backupcodes', 'challenge'); |
|
| 98 | + } |
|
| 99 | + |
|
| 100 | + /** |
|
| 101 | + * Verify the given challenge |
|
| 102 | + * |
|
| 103 | + * @param IUser $user |
|
| 104 | + * @param string $challenge |
|
| 105 | + * @return bool |
|
| 106 | + */ |
|
| 107 | + public function verifyChallenge(IUser $user, string $challenge): bool { |
|
| 108 | + return $this->storage->validateCode($user, $challenge); |
|
| 109 | + } |
|
| 110 | + |
|
| 111 | + /** |
|
| 112 | + * Decides whether 2FA is enabled for the given user |
|
| 113 | + * |
|
| 114 | + * @param IUser $user |
|
| 115 | + * @return boolean |
|
| 116 | + */ |
|
| 117 | + public function isTwoFactorAuthEnabledForUser(IUser $user): bool { |
|
| 118 | + return $this->storage->hasBackupCodes($user); |
|
| 119 | + } |
|
| 120 | + |
|
| 121 | + /** |
|
| 122 | + * Determine whether backup codes should be active or not |
|
| 123 | + * |
|
| 124 | + * Backup codes only make sense if at least one 2FA provider is active, |
|
| 125 | + * hence this method checks all enabled apps on whether they provide 2FA |
|
| 126 | + * functionality or not. If there's at least one app, backup codes are |
|
| 127 | + * enabled on the personal settings page. |
|
| 128 | + * |
|
| 129 | + * @param IUser $user |
|
| 130 | + * @return boolean |
|
| 131 | + */ |
|
| 132 | + public function isActive(IUser $user): bool { |
|
| 133 | + $appIds = array_filter($this->appManager->getEnabledAppsForUser($user), function($appId) { |
|
| 134 | + return $appId !== $this->appName; |
|
| 135 | + }); |
|
| 136 | + foreach ($appIds as $appId) { |
|
| 137 | + $info = $this->appManager->getAppInfo($appId); |
|
| 138 | + if (isset($info['two-factor-providers']) && count($info['two-factor-providers']) > 0) { |
|
| 139 | + return true; |
|
| 140 | + } |
|
| 141 | + } |
|
| 142 | + return false; |
|
| 143 | + } |
|
| 144 | + |
|
| 145 | + /** |
|
| 146 | + * @param IUser $user |
|
| 147 | + * |
|
| 148 | + * @return IPersonalProviderSettings |
|
| 149 | + */ |
|
| 150 | + public function getPersonalSettings(IUser $user): IPersonalProviderSettings { |
|
| 151 | + return new Personal(); |
|
| 152 | + } |
|
| 153 | 153 | |
| 154 | 154 | } |
| 155 | 155 | |
