Changeset View
Changeset View
Standalone View
Standalone View
src/applications/auth/engine/PhabricatorAuthSessionEngine.php
Show First 20 Lines • Show All 511 Lines • ▼ Show 20 Lines | private function newHighSecurityToken( | ||||
// issue a challenge yet" response. Load all issued challenges which are | // issue a challenge yet" response. Load all issued challenges which are | ||||
// currently valid. | // currently valid. | ||||
$challenges = id(new PhabricatorAuthChallengeQuery()) | $challenges = id(new PhabricatorAuthChallengeQuery()) | ||||
->setViewer($viewer) | ->setViewer($viewer) | ||||
->withFactorPHIDs(mpull($factors, 'getPHID')) | ->withFactorPHIDs(mpull($factors, 'getPHID')) | ||||
->withUserPHIDs(array($viewer->getPHID())) | ->withUserPHIDs(array($viewer->getPHID())) | ||||
->withChallengeTTLBetween($now, null) | ->withChallengeTTLBetween($now, null) | ||||
->execute(); | ->execute(); | ||||
PhabricatorAuthChallenge::newChallengeResponsesFromRequest( | |||||
$challenges, | |||||
$request); | |||||
$challenge_map = mgroup($challenges, 'getFactorPHID'); | $challenge_map = mgroup($challenges, 'getFactorPHID'); | ||||
$validation_results = array(); | $validation_results = array(); | ||||
$ok = true; | $ok = true; | ||||
// Validate each factor against issued challenges. For example, this | // Validate each factor against issued challenges. For example, this | ||||
// prevents you from receiving or responding to a TOTP challenge if another | // prevents you from receiving or responding to a TOTP challenge if another | ||||
// challenge was recently issued to a different session. | // challenge was recently issued to a different session. | ||||
▲ Show 20 Lines • Show All 177 Lines • ▼ Show 20 Lines | public function renderHighSecurityForm( | ||||
PhabricatorUser $viewer, | PhabricatorUser $viewer, | ||||
AphrontRequest $request) { | AphrontRequest $request) { | ||||
assert_instances_of($validation_results, 'PhabricatorAuthFactorResult'); | assert_instances_of($validation_results, 'PhabricatorAuthFactorResult'); | ||||
$form = id(new AphrontFormView()) | $form = id(new AphrontFormView()) | ||||
->setUser($viewer) | ->setUser($viewer) | ||||
->appendRemarkupInstructions(''); | ->appendRemarkupInstructions(''); | ||||
$answered = array(); | |||||
foreach ($factors as $factor) { | foreach ($factors as $factor) { | ||||
$result = $validation_results[$factor->getPHID()]; | $result = $validation_results[$factor->getPHID()]; | ||||
$factor->requireImplementation()->renderValidateFactorForm( | $factor->requireImplementation()->renderValidateFactorForm( | ||||
$factor, | $factor, | ||||
$form, | $form, | ||||
$viewer, | $viewer, | ||||
$result); | $result); | ||||
$answered_challenge = $result->getAnsweredChallenge(); | |||||
if ($answered_challenge) { | |||||
$answered[] = $answered_challenge; | |||||
} | |||||
} | } | ||||
$form->appendRemarkupInstructions(''); | $form->appendRemarkupInstructions(''); | ||||
if ($answered) { | |||||
$http_params = PhabricatorAuthChallenge::newHTTPParametersFromChallenges( | |||||
$answered); | |||||
foreach ($http_params as $key => $value) { | |||||
$form->addHiddenInput($key, $value); | |||||
} | |||||
} | |||||
return $form; | return $form; | ||||
} | } | ||||
/** | /** | ||||
* Strip the high security flag from a session. | * Strip the high security flag from a session. | ||||
* | * | ||||
* Kicks a session out of high security and logs the exit. | * Kicks a session out of high security and logs the exit. | ||||
▲ Show 20 Lines • Show All 320 Lines • Show Last 20 Lines |