Changeset View
Changeset View
Standalone View
Standalone View
src/applications/auth/factor/PhabricatorTOTPAuthFactor.php
Show First 20 Lines • Show All 219 Lines • ▼ Show 20 Lines | protected function newResultFromIssuedChallenges( | ||||
$step_duration = $this->getTimestepDuration(); | $step_duration = $this->getTimestepDuration(); | ||||
$now = $this->getCurrentTimestep(); | $now = $this->getCurrentTimestep(); | ||||
$timesteps = $this->getAllowedTimesteps(); | $timesteps = $this->getAllowedTimesteps(); | ||||
$timesteps = array_fuse($timesteps); | $timesteps = array_fuse($timesteps); | ||||
$min_step = min($timesteps); | $min_step = min($timesteps); | ||||
$session_phid = $viewer->getSession()->getPHID(); | $session_phid = $viewer->getSession()->getPHID(); | ||||
$engine = $config->getSessionEngine(); | |||||
$workflow_key = $engine->getWorkflowKey(); | |||||
foreach ($challenges as $challenge) { | foreach ($challenges as $challenge) { | ||||
$challenge_timestep = (int)$challenge->getChallengeKey(); | $challenge_timestep = (int)$challenge->getChallengeKey(); | ||||
// This challenge isn't for one of the timesteps you'd be able to respond | |||||
// to if you submitted the form right now, so we're good to keep going. | |||||
if (!isset($timesteps[$challenge_timestep])) { | |||||
continue; | |||||
} | |||||
// This is the number of timesteps you need to wait for the problem | // This is the number of timesteps you need to wait for the problem | ||||
// timestep to leave the window, rounded up. | // timestep to leave the window, rounded up. | ||||
$wait_steps = ($challenge_timestep - $min_step) + 1; | $wait_steps = ($challenge_timestep - $min_step) + 1; | ||||
$wait_duration = ($wait_steps * $step_duration); | $wait_duration = ($wait_steps * $step_duration); | ||||
if ($challenge->getSessionPHID() !== $session_phid) { | if ($challenge->getSessionPHID() !== $session_phid) { | ||||
return $this->newResult() | return $this->newResult() | ||||
->setIsWait(true) | ->setIsWait(true) | ||||
->setErrorMessage( | ->setErrorMessage( | ||||
pht( | pht( | ||||
'This factor recently issued a challenge to a different login '. | 'This factor recently issued a challenge to a different login '. | ||||
'session. Wait %s seconds for the code to cycle, then try '. | 'session. Wait %s seconds for the code to cycle, then try '. | ||||
'again.', | 'again.', | ||||
new PhutilNumber($wait_duration))); | new PhutilNumber($wait_duration))); | ||||
} | } | ||||
if ($challenge->getWorkflowKey() !== $workflow_key) { | |||||
return $this->newResult() | |||||
->setIsWait(true) | |||||
->setErrorMessage( | |||||
pht( | |||||
'This factor recently issued a challenge for a different '. | |||||
'workflow. Wait %s seconds for the code to cycle, then try '. | |||||
'again.', | |||||
new PhutilNumber($wait_duration))); | |||||
} | |||||
} | } | ||||
return null; | return null; | ||||
} | } | ||||
protected function newResultFromChallengeResponse( | protected function newResultFromChallengeResponse( | ||||
PhabricatorAuthFactorConfig $config, | PhabricatorAuthFactorConfig $config, | ||||
PhabricatorUser $viewer, | PhabricatorUser $viewer, | ||||
▲ Show 20 Lines • Show All 158 Lines • Show Last 20 Lines |