nextcloud /
server
@@ -35,122 +35,122 @@ |
||
| 35 | 35 | |
| 36 | 36 | class BackupCodesProvider implements IProvider, IProvidesPersonalSettings { |
| 37 | 37 | |
| 38 | - /** @var string */ |
|
| 39 | - private $appName; |
|
| 40 | - |
|
| 41 | - /** @var BackupCodeStorage */ |
|
| 42 | - private $storage; |
|
| 43 | - |
|
| 44 | - /** @var IL10N */ |
|
| 45 | - private $l10n; |
|
| 46 | - |
|
| 47 | - /** @var AppManager */ |
|
| 48 | - private $appManager; |
|
| 49 | - |
|
| 50 | - /** |
|
| 51 | - * @param string $appName |
|
| 52 | - * @param BackupCodeStorage $storage |
|
| 53 | - * @param IL10N $l10n |
|
| 54 | - * @param AppManager $appManager |
|
| 55 | - */ |
|
| 56 | - public function __construct(string $appName, BackupCodeStorage $storage, IL10N $l10n, AppManager $appManager) { |
|
| 57 | - $this->appName = $appName; |
|
| 58 | - $this->l10n = $l10n; |
|
| 59 | - $this->storage = $storage; |
|
| 60 | - $this->appManager = $appManager; |
|
| 61 | - } |
|
| 62 | - |
|
| 63 | - /** |
|
| 64 | - * Get unique identifier of this 2FA provider |
|
| 65 | - * |
|
| 66 | - * @return string |
|
| 67 | - */ |
|
| 68 | - public function getId(): string { |
|
| 69 | - return 'backup_codes'; |
|
| 70 | - } |
|
| 71 | - |
|
| 72 | - /** |
|
| 73 | - * Get the display name for selecting the 2FA provider |
|
| 74 | - * |
|
| 75 | - * @return string |
|
| 76 | - */ |
|
| 77 | - public function getDisplayName(): string { |
|
| 78 | - return $this->l10n->t('Backup code'); |
|
| 79 | - } |
|
| 80 | - |
|
| 81 | - /** |
|
| 82 | - * Get the description for selecting the 2FA provider |
|
| 83 | - * |
|
| 84 | - * @return string |
|
| 85 | - */ |
|
| 86 | - public function getDescription(): string { |
|
| 87 | - return $this->l10n->t('Use backup code'); |
|
| 88 | - } |
|
| 89 | - |
|
| 90 | - /** |
|
| 91 | - * Get the template for rending the 2FA provider view |
|
| 92 | - * |
|
| 93 | - * @param IUser $user |
|
| 94 | - * @return Template |
|
| 95 | - */ |
|
| 96 | - public function getTemplate(IUser $user): Template { |
|
| 97 | - return new Template('twofactor_backupcodes', 'challenge'); |
|
| 98 | - } |
|
| 99 | - |
|
| 100 | - /** |
|
| 101 | - * Verify the given challenge |
|
| 102 | - * |
|
| 103 | - * @param IUser $user |
|
| 104 | - * @param string $challenge |
|
| 105 | - * @return bool |
|
| 106 | - */ |
|
| 107 | - public function verifyChallenge(IUser $user, string $challenge): bool { |
|
| 108 | - return $this->storage->validateCode($user, $challenge); |
|
| 109 | - } |
|
| 110 | - |
|
| 111 | - /** |
|
| 112 | - * Decides whether 2FA is enabled for the given user |
|
| 113 | - * |
|
| 114 | - * @param IUser $user |
|
| 115 | - * @return boolean |
|
| 116 | - */ |
|
| 117 | - public function isTwoFactorAuthEnabledForUser(IUser $user): bool { |
|
| 118 | - return $this->storage->hasBackupCodes($user); |
|
| 119 | - } |
|
| 120 | - |
|
| 121 | - /** |
|
| 122 | - * Determine whether backup codes should be active or not |
|
| 123 | - * |
|
| 124 | - * Backup codes only make sense if at least one 2FA provider is active, |
|
| 125 | - * hence this method checks all enabled apps on whether they provide 2FA |
|
| 126 | - * functionality or not. If there's at least one app, backup codes are |
|
| 127 | - * enabled on the personal settings page. |
|
| 128 | - * |
|
| 129 | - * @param IUser $user |
|
| 130 | - * @return boolean |
|
| 131 | - */ |
|
| 132 | - public function isActive(IUser $user): bool { |
|
| 133 | - $appIds = array_filter($this->appManager->getEnabledAppsForUser($user), function($appId) { |
|
| 134 | - return $appId !== $this->appName; |
|
| 135 | - }); |
|
| 136 | - foreach ($appIds as $appId) { |
|
| 137 | - $info = $this->appManager->getAppInfo($appId); |
|
| 138 | - if (isset($info['two-factor-providers']) && count($info['two-factor-providers']) > 0) { |
|
| 139 | - return true; |
|
| 140 | - } |
|
| 141 | - } |
|
| 142 | - return false; |
|
| 143 | - } |
|
| 144 | - |
|
| 145 | - /** |
|
| 146 | - * @param IUser $user |
|
| 147 | - * |
|
| 148 | - * @return IPersonalProviderSettings |
|
| 149 | - */ |
|
| 150 | - public function getPersonalSettings(IUser $user): IPersonalProviderSettings { |
|
| 151 | - $state = $this->storage->getBackupCodesState($user); |
|
| 152 | - return new Personal(base64_encode(json_encode($state))); |
|
| 153 | - } |
|
| 38 | + /** @var string */ |
|
| 39 | + private $appName; |
|
| 40 | + |
|
| 41 | + /** @var BackupCodeStorage */ |
|
| 42 | + private $storage; |
|
| 43 | + |
|
| 44 | + /** @var IL10N */ |
|
| 45 | + private $l10n; |
|
| 46 | + |
|
| 47 | + /** @var AppManager */ |
|
| 48 | + private $appManager; |
|
| 49 | + |
|
| 50 | + /** |
|
| 51 | + * @param string $appName |
|
| 52 | + * @param BackupCodeStorage $storage |
|
| 53 | + * @param IL10N $l10n |
|
| 54 | + * @param AppManager $appManager |
|
| 55 | + */ |
|
| 56 | + public function __construct(string $appName, BackupCodeStorage $storage, IL10N $l10n, AppManager $appManager) { |
|
| 57 | + $this->appName = $appName; |
|
| 58 | + $this->l10n = $l10n; |
|
| 59 | + $this->storage = $storage; |
|
| 60 | + $this->appManager = $appManager; |
|
| 61 | + } |
|
| 62 | + |
|
| 63 | + /** |
|
| 64 | + * Get unique identifier of this 2FA provider |
|
| 65 | + * |
|
| 66 | + * @return string |
|
| 67 | + */ |
|
| 68 | + public function getId(): string { |
|
| 69 | + return 'backup_codes'; |
|
| 70 | + } |
|
| 71 | + |
|
| 72 | + /** |
|
| 73 | + * Get the display name for selecting the 2FA provider |
|
| 74 | + * |
|
| 75 | + * @return string |
|
| 76 | + */ |
|
| 77 | + public function getDisplayName(): string { |
|
| 78 | + return $this->l10n->t('Backup code'); |
|
| 79 | + } |
|
| 80 | + |
|
| 81 | + /** |
|
| 82 | + * Get the description for selecting the 2FA provider |
|
| 83 | + * |
|
| 84 | + * @return string |
|
| 85 | + */ |
|
| 86 | + public function getDescription(): string { |
|
| 87 | + return $this->l10n->t('Use backup code'); |
|
| 88 | + } |
|
| 89 | + |
|
| 90 | + /** |
|
| 91 | + * Get the template for rending the 2FA provider view |
|
| 92 | + * |
|
| 93 | + * @param IUser $user |
|
| 94 | + * @return Template |
|
| 95 | + */ |
|
| 96 | + public function getTemplate(IUser $user): Template { |
|
| 97 | + return new Template('twofactor_backupcodes', 'challenge'); |
|
| 98 | + } |
|
| 99 | + |
|
| 100 | + /** |
|
| 101 | + * Verify the given challenge |
|
| 102 | + * |
|
| 103 | + * @param IUser $user |
|
| 104 | + * @param string $challenge |
|
| 105 | + * @return bool |
|
| 106 | + */ |
|
| 107 | + public function verifyChallenge(IUser $user, string $challenge): bool { |
|
| 108 | + return $this->storage->validateCode($user, $challenge); |
|
| 109 | + } |
|
| 110 | + |
|
| 111 | + /** |
|
| 112 | + * Decides whether 2FA is enabled for the given user |
|
| 113 | + * |
|
| 114 | + * @param IUser $user |
|
| 115 | + * @return boolean |
|
| 116 | + */ |
|
| 117 | + public function isTwoFactorAuthEnabledForUser(IUser $user): bool { |
|
| 118 | + return $this->storage->hasBackupCodes($user); |
|
| 119 | + } |
|
| 120 | + |
|
| 121 | + /** |
|
| 122 | + * Determine whether backup codes should be active or not |
|
| 123 | + * |
|
| 124 | + * Backup codes only make sense if at least one 2FA provider is active, |
|
| 125 | + * hence this method checks all enabled apps on whether they provide 2FA |
|
| 126 | + * functionality or not. If there's at least one app, backup codes are |
|
| 127 | + * enabled on the personal settings page. |
|
| 128 | + * |
|
| 129 | + * @param IUser $user |
|
| 130 | + * @return boolean |
|
| 131 | + */ |
|
| 132 | + public function isActive(IUser $user): bool { |
|
| 133 | + $appIds = array_filter($this->appManager->getEnabledAppsForUser($user), function($appId) { |
|
| 134 | + return $appId !== $this->appName; |
|
| 135 | + }); |
|
| 136 | + foreach ($appIds as $appId) { |
|
| 137 | + $info = $this->appManager->getAppInfo($appId); |
|
| 138 | + if (isset($info['two-factor-providers']) && count($info['two-factor-providers']) > 0) { |
|
| 139 | + return true; |
|
| 140 | + } |
|
| 141 | + } |
|
| 142 | + return false; |
|
| 143 | + } |
|
| 144 | + |
|
| 145 | + /** |
|
| 146 | + * @param IUser $user |
|
| 147 | + * |
|
| 148 | + * @return IPersonalProviderSettings |
|
| 149 | + */ |
|
| 150 | + public function getPersonalSettings(IUser $user): IPersonalProviderSettings { |
|
| 151 | + $state = $this->storage->getBackupCodesState($user); |
|
| 152 | + return new Personal(base64_encode(json_encode($state))); |
|
| 153 | + } |
|
| 154 | 154 | |
| 155 | 155 | } |
| 156 | 156 | |
@@ -29,17 +29,17 @@ |
||
| 29 | 29 | |
| 30 | 30 | class Personal implements IPersonalProviderSettings { |
| 31 | 31 | |
| 32 | - /** @var string */ |
|
| 33 | - private $state; |
|
| 34 | - |
|
| 35 | - public function __construct(string $state) { |
|
| 36 | - $this->state = $state; |
|
| 37 | - } |
|
| 38 | - |
|
| 39 | - public function getBody(): Template { |
|
| 40 | - $template = new Template('twofactor_backupcodes', 'personal'); |
|
| 41 | - $template->assign('state', $this->state); |
|
| 42 | - return $template; |
|
| 43 | - } |
|
| 32 | + /** @var string */ |
|
| 33 | + private $state; |
|
| 34 | + |
|
| 35 | + public function __construct(string $state) { |
|
| 36 | + $this->state = $state; |
|
| 37 | + } |
|
| 38 | + |
|
| 39 | + public function getBody(): Template { |
|
| 40 | + $template = new Template('twofactor_backupcodes', 'personal'); |
|
| 41 | + $template->assign('state', $this->state); |
|
| 42 | + return $template; |
|
| 43 | + } |
|
| 44 | 44 | |
| 45 | 45 | } |
