Changeset View
Changeset View
Standalone View
Standalone View
src/applications/auth/factor/PhabricatorTOTPAuthFactor.php
Show First 20 Lines • Show All 196 Lines • ▼ Show 20 Lines | final class PhabricatorTOTPAuthFactor extends PhabricatorAuthFactor { | ||||
} | } | ||||
public function renderValidateFactorForm( | public function renderValidateFactorForm( | ||||
PhabricatorAuthFactorConfig $config, | PhabricatorAuthFactorConfig $config, | ||||
AphrontFormView $form, | AphrontFormView $form, | ||||
PhabricatorUser $viewer, | PhabricatorUser $viewer, | ||||
PhabricatorAuthFactorResult $result) { | PhabricatorAuthFactorResult $result) { | ||||
$control = $this->newAutomaticControl($result); | |||||
if (!$control) { | |||||
$value = $result->getValue(); | $value = $result->getValue(); | ||||
$error = $result->getErrorMessage(); | $error = $result->getErrorMessage(); | ||||
$is_wait = $result->getIsWait(); | |||||
if ($is_wait) { | |||||
$control = id(new AphrontFormMarkupControl()) | |||||
->setValue($error) | |||||
->setError(pht('Wait')); | |||||
} else { | |||||
$control = id(new PHUIFormNumberControl()) | $control = id(new PHUIFormNumberControl()) | ||||
->setName($this->getParameterName($config, 'totpcode')) | ->setName($this->getParameterName($config, 'totpcode')) | ||||
->setDisableAutocomplete(true) | ->setDisableAutocomplete(true) | ||||
->setValue($value) | ->setValue($value) | ||||
->setError($error); | ->setError($error); | ||||
} | } | ||||
$control | $control | ||||
▲ Show 20 Lines • Show All 94 Lines • ▼ Show 20 Lines | if (count($challenges) !== 1) { | ||||
pht( | pht( | ||||
'Reached TOTP challenge validation with an unexpected number of '. | 'Reached TOTP challenge validation with an unexpected number of '. | ||||
'unexpired challenges (%d), expected exactly one.', | 'unexpired challenges (%d), expected exactly one.', | ||||
phutil_count($challenges))); | phutil_count($challenges))); | ||||
} | } | ||||
$challenge = head($challenges); | $challenge = head($challenges); | ||||
// If the client has already provided a valid answer to this challenge and | |||||
// submitted a token proving they answered it, we're all set. | |||||
if ($challenge->getIsAnsweredChallenge()) { | |||||
return $result->setAnsweredChallenge($challenge); | |||||
} | |||||
$challenge_timestep = (int)$challenge->getChallengeKey(); | $challenge_timestep = (int)$challenge->getChallengeKey(); | ||||
$current_timestep = $this->getCurrentTimestep(); | $current_timestep = $this->getCurrentTimestep(); | ||||
$challenge_timesteps = $this->getAllowedTimesteps($challenge_timestep); | $challenge_timesteps = $this->getAllowedTimesteps($challenge_timestep); | ||||
$current_timesteps = $this->getAllowedTimesteps($current_timestep); | $current_timesteps = $this->getAllowedTimesteps($current_timestep); | ||||
// We require responses be both valid for the challenge and valid for the | // We require responses be both valid for the challenge and valid for the | ||||
// current timestep. A longer challenge TTL doesn't let you use older | // current timestep. A longer challenge TTL doesn't let you use older | ||||
▲ Show 20 Lines • Show All 165 Lines • Show Last 20 Lines |