Changeset View
Changeset View
Standalone View
Standalone View
src/applications/auth/factor/PhabricatorSMSAuthFactor.php
Show First 20 Lines • Show All 165 Lines • ▼ Show 20 Lines | protected function newIssuedChallenges( | ||||
$challenge = $this->getChallengeForCurrentContext( | $challenge = $this->getChallengeForCurrentContext( | ||||
$config, | $config, | ||||
$viewer, | $viewer, | ||||
$challenges); | $challenges); | ||||
if ($challenge) { | if ($challenge) { | ||||
return array(); | return array(); | ||||
} | } | ||||
if (!$this->loadUserContactNumber($viewer)) { | |||||
$result = $this->newResult() | |||||
->setIsError(true) | |||||
->setErrorMessage( | |||||
pht( | |||||
'Your account has no primary contact number.')); | |||||
$this->throwResult($result); | |||||
} | |||||
if (!$this->isSMSMailerConfigured()) { | |||||
$result = $this->newResult() | |||||
->setIsError(true) | |||||
->setErrorMessage( | |||||
pht( | |||||
'No outbound mailer which can deliver SMS messages is '. | |||||
'configured.')); | |||||
$this->throwResult($result); | |||||
} | |||||
if (!$this->hasCSRF($config)) { | |||||
$result = $this->newResult() | |||||
->setIsContinue(true) | |||||
->setErrorMessage( | |||||
pht( | |||||
'A text message with an authorization code will be sent to your '. | |||||
'primary contact number.')); | |||||
$this->throwResult($result); | |||||
} | |||||
// Otherwise, issue a new challenge. | // Otherwise, issue a new challenge. | ||||
$challenge_code = $this->newSMSChallengeCode(); | $challenge_code = $this->newSMSChallengeCode(); | ||||
$envelope = new PhutilOpaqueEnvelope($challenge_code); | $envelope = new PhutilOpaqueEnvelope($challenge_code); | ||||
$this->sendSMSCodeToUser($envelope, $viewer); | $this->sendSMSCodeToUser($envelope, $viewer); | ||||
$ttl_seconds = phutil_units('15 minutes in seconds'); | $ttl_seconds = phutil_units('15 minutes in seconds'); | ||||
▲ Show 20 Lines • Show All 142 Lines • ▼ Show 20 Lines | protected function newMFASyncTokenProperties(PhabricatorUser $user) { | ||||
return array( | return array( | ||||
'code' => $sms_code, | 'code' => $sms_code, | ||||
); | ); | ||||
} | } | ||||
private function sendSMSCodeToUser( | private function sendSMSCodeToUser( | ||||
PhutilOpaqueEnvelope $envelope, | PhutilOpaqueEnvelope $envelope, | ||||
PhabricatorUser $user) { | PhabricatorUser $user) { | ||||
$uri = PhabricatorEnv::getURI('/'); | |||||
$uri = new PhutilURI($uri); | |||||
return id(new PhabricatorMetaMTAMail()) | return id(new PhabricatorMetaMTAMail()) | ||||
->setMessageType(PhabricatorMailSMSMessage::MESSAGETYPE) | ->setMessageType(PhabricatorMailSMSMessage::MESSAGETYPE) | ||||
->addTos(array($user->getPHID())) | ->addTos(array($user->getPHID())) | ||||
->setForceDelivery(true) | ->setForceDelivery(true) | ||||
->setSensitiveContent(true) | ->setSensitiveContent(true) | ||||
->setBody( | ->setBody( | ||||
pht( | pht( | ||||
'Phabricator (%s) MFA Code: %s', | 'Phabricator (%s) MFA Code: %s', | ||||
$uri->getDomain(), | $this->getInstallDisplayName(), | ||||
$envelope->openEnvelope())) | $envelope->openEnvelope())) | ||||
->save(); | ->save(); | ||||
} | } | ||||
private function normalizeSMSCode($code) { | private function normalizeSMSCode($code) { | ||||
return trim($code); | return trim($code); | ||||
} | } | ||||
private function getChallengeResponseParameterName( | |||||
PhabricatorAuthFactorConfig $config) { | |||||
return $this->getParameterName($config, 'sms.code'); | |||||
} | |||||
private function getChallengeResponseFromRequest( | |||||
PhabricatorAuthFactorConfig $config, | |||||
AphrontRequest $request) { | |||||
$name = $this->getChallengeResponseParameterName($config); | |||||
$value = $request->getStr($name); | |||||
$value = (string)$value; | |||||
$value = trim($value); | |||||
return $value; | |||||
} | |||||
} | } |