Changeset View
Changeset View
Standalone View
Standalone View
src/applications/auth/engine/PhabricatorAuthSessionEngine.php
| Show First 20 Lines • Show All 511 Lines • ▼ Show 20 Lines | private function newHighSecurityToken( | ||||
| // issue a challenge yet" response. Load all issued challenges which are | // issue a challenge yet" response. Load all issued challenges which are | ||||
| // currently valid. | // currently valid. | ||||
| $challenges = id(new PhabricatorAuthChallengeQuery()) | $challenges = id(new PhabricatorAuthChallengeQuery()) | ||||
| ->setViewer($viewer) | ->setViewer($viewer) | ||||
| ->withFactorPHIDs(mpull($factors, 'getPHID')) | ->withFactorPHIDs(mpull($factors, 'getPHID')) | ||||
| ->withUserPHIDs(array($viewer->getPHID())) | ->withUserPHIDs(array($viewer->getPHID())) | ||||
| ->withChallengeTTLBetween($now, null) | ->withChallengeTTLBetween($now, null) | ||||
| ->execute(); | ->execute(); | ||||
| PhabricatorAuthChallenge::newChallengeResponsesFromRequest( | |||||
| $challenges, | |||||
| $request); | |||||
| $challenge_map = mgroup($challenges, 'getFactorPHID'); | $challenge_map = mgroup($challenges, 'getFactorPHID'); | ||||
| $validation_results = array(); | $validation_results = array(); | ||||
| $ok = true; | $ok = true; | ||||
| // Validate each factor against issued challenges. For example, this | // Validate each factor against issued challenges. For example, this | ||||
| // prevents you from receiving or responding to a TOTP challenge if another | // prevents you from receiving or responding to a TOTP challenge if another | ||||
| // challenge was recently issued to a different session. | // challenge was recently issued to a different session. | ||||
| ▲ Show 20 Lines • Show All 177 Lines • ▼ Show 20 Lines | public function renderHighSecurityForm( | ||||
| PhabricatorUser $viewer, | PhabricatorUser $viewer, | ||||
| AphrontRequest $request) { | AphrontRequest $request) { | ||||
| assert_instances_of($validation_results, 'PhabricatorAuthFactorResult'); | assert_instances_of($validation_results, 'PhabricatorAuthFactorResult'); | ||||
| $form = id(new AphrontFormView()) | $form = id(new AphrontFormView()) | ||||
| ->setUser($viewer) | ->setUser($viewer) | ||||
| ->appendRemarkupInstructions(''); | ->appendRemarkupInstructions(''); | ||||
| $answered = array(); | |||||
| foreach ($factors as $factor) { | foreach ($factors as $factor) { | ||||
| $result = $validation_results[$factor->getPHID()]; | $result = $validation_results[$factor->getPHID()]; | ||||
| $factor->requireImplementation()->renderValidateFactorForm( | $factor->requireImplementation()->renderValidateFactorForm( | ||||
| $factor, | $factor, | ||||
| $form, | $form, | ||||
| $viewer, | $viewer, | ||||
| $result); | $result); | ||||
| $answered_challenge = $result->getAnsweredChallenge(); | |||||
| if ($answered_challenge) { | |||||
| $answered[] = $answered_challenge; | |||||
| } | |||||
| } | } | ||||
| $form->appendRemarkupInstructions(''); | $form->appendRemarkupInstructions(''); | ||||
| if ($answered) { | |||||
| $http_params = PhabricatorAuthChallenge::newHTTPParametersFromChallenges( | |||||
| $answered); | |||||
| foreach ($http_params as $key => $value) { | |||||
| $form->addHiddenInput($key, $value); | |||||
| } | |||||
| } | |||||
| return $form; | return $form; | ||||
| } | } | ||||
| /** | /** | ||||
| * Strip the high security flag from a session. | * Strip the high security flag from a session. | ||||
| * | * | ||||
| * Kicks a session out of high security and logs the exit. | * Kicks a session out of high security and logs the exit. | ||||
| ▲ Show 20 Lines • Show All 320 Lines • Show Last 20 Lines | |||||