Changeset View
Changeset View
Standalone View
Standalone View
src/applications/auth/engine/PhabricatorAuthSessionEngine.php
Show First 20 Lines • Show All 490 Lines • ▼ Show 20 Lines | if ($request->isHTTPPost()) { | ||||
new PhabricatorAuthTryFactorAction(), | new PhabricatorAuthTryFactorAction(), | ||||
1); | 1); | ||||
$ok = true; | $ok = true; | ||||
foreach ($factors as $factor) { | foreach ($factors as $factor) { | ||||
$id = $factor->getID(); | $id = $factor->getID(); | ||||
$impl = $factor->requireImplementation(); | $impl = $factor->requireImplementation(); | ||||
$validation_results[$id] = $impl->processValidateFactorForm( | $validation_result = $impl->processValidateFactorForm( | ||||
$factor, | $factor, | ||||
$viewer, | $viewer, | ||||
$request); | $request); | ||||
if (!$impl->isFactorValid($factor, $validation_results[$id])) { | if (!($validation_result instanceof PhabricatorAuthFactorResult)) { | ||||
throw new Exception( | |||||
pht( | |||||
'Expected "processValidateFactorForm()" to return an object '. | |||||
'of class "%s"; got something else (from "%s").', | |||||
'PhabricatorAuthFactorResult', | |||||
get_class($impl))); | |||||
} | |||||
if (!$validation_result->getIsValid()) { | |||||
$ok = false; | $ok = false; | ||||
amckinley: Does this type checking live here because someone might have added their own implementation of… | |||||
Done Inline ActionsYeah, this is just a guard rail in case someone has another MFA implementation somewhere that's expecting it can return a string or a picture of a dog or something. epriestley: Yeah, this is just a guard rail in case someone has another MFA implementation somewhere that's… | |||||
} | } | ||||
$validation_results[$id] = $validation_result; | |||||
} | } | ||||
if ($ok) { | if ($ok) { | ||||
// Give the user a credit back for a successful factor verification. | // Give the user a credit back for a successful factor verification. | ||||
PhabricatorSystemActionEngine::willTakeAction( | PhabricatorSystemActionEngine::willTakeAction( | ||||
array($viewer->getPHID()), | array($viewer->getPHID()), | ||||
new PhabricatorAuthTryFactorAction(), | new PhabricatorAuthTryFactorAction(), | ||||
-1); | -1); | ||||
▲ Show 20 Lines • Show All 75 Lines • ▼ Show 20 Lines | /* -( High Security )------------------------------------------------------ */ | ||||
* @return AphrontFormView Renderable form. | * @return AphrontFormView Renderable form. | ||||
* @task hisec | * @task hisec | ||||
*/ | */ | ||||
public function renderHighSecurityForm( | public function renderHighSecurityForm( | ||||
array $factors, | array $factors, | ||||
array $validation_results, | array $validation_results, | ||||
PhabricatorUser $viewer, | PhabricatorUser $viewer, | ||||
AphrontRequest $request) { | AphrontRequest $request) { | ||||
assert_instances_of($validation_results, 'PhabricatorAuthFactorResult'); | |||||
$form = id(new AphrontFormView()) | $form = id(new AphrontFormView()) | ||||
->setUser($viewer) | ->setUser($viewer) | ||||
->appendRemarkupInstructions(''); | ->appendRemarkupInstructions(''); | ||||
foreach ($factors as $factor) { | foreach ($factors as $factor) { | ||||
$result = idx($validation_results, $factor->getID()); | |||||
$factor->requireImplementation()->renderValidateFactorForm( | $factor->requireImplementation()->renderValidateFactorForm( | ||||
$factor, | $factor, | ||||
$form, | $form, | ||||
$viewer, | $viewer, | ||||
idx($validation_results, $factor->getID())); | $result); | ||||
} | } | ||||
$form->appendRemarkupInstructions(''); | $form->appendRemarkupInstructions(''); | ||||
return $form; | return $form; | ||||
} | } | ||||
▲ Show 20 Lines • Show All 324 Lines • Show Last 20 Lines |
Does this type checking live here because someone might have added their own implementation of PhabricatorAuthFactor?