Page MenuHomePhabricator
Differential D20039 Diff 47880 src/applications/auth/factor/PhabricatorAuthFactor.php

Changeset View

Standalone View

View Options

src/applications/auth/factor/PhabricatorAuthFactor.php

Show First 20 LinesShow All 68 Lines▼ Show 20 Linesabstract class PhabricatorAuthFactor extends Phobject {
public function getConfigurationListDetails( public function getConfigurationListDetails(
PhabricatorAuthFactorConfig $config, PhabricatorAuthFactorConfig $config,
PhabricatorAuthFactorProvider $provider, PhabricatorAuthFactorProvider $provider,
PhabricatorUser $viewer) { PhabricatorUser $viewer) {
return null; return null;
} }
public function newEditEngineFields(
PhabricatorEditEngine $engine,
PhabricatorAuthFactorProvider $provider) {
return array();
}
/** /**
* Is this a factor which depends on the user's contact number? * Is this a factor which depends on the user's contact number?
* *
* If a user has a "contact number" factor configured, they can not modify * If a user has a "contact number" factor configured, they can not modify
* or switch their primary contact number. * or switch their primary contact number.
* *
* @return bool True if this factor should lock contact numbers. * @return bool True if this factor should lock contact numbers.
*/ */
▲ Show 20 LinesShow All 241 Lines▼ Show 20 Linesabstract class PhabricatorAuthFactor extends Phobject {
} }
/* -( Synchronizing New Factors )------------------------------------------ */ /* -( Synchronizing New Factors )------------------------------------------ */
final protected function loadMFASyncToken( final protected function loadMFASyncToken(
PhabricatorAuthFactorProvider $provider,
AphrontRequest $request, AphrontRequest $request,
AphrontFormView $form, AphrontFormView $form,
PhabricatorUser $user) { PhabricatorUser $user) {
// If the form included a synchronization key, load the corresponding // If the form included a synchronization key, load the corresponding
// token. The user must synchronize to a key we generated because this // token. The user must synchronize to a key we generated because this
// raises the barrier to theoretical attacks where an attacker might // raises the barrier to theoretical attacks where an attacker might
// provide a known key for factors like TOTP. // provide a known key for factors like TOTP.
▲ Show 20 LinesShow All 50 Lines▼ Show 20 Lines if (!$sync_token) {
$sync_token = id(new PhabricatorAuthTemporaryToken()) $sync_token = id(new PhabricatorAuthTemporaryToken())
->setIsNewTemporaryToken(true) ->setIsNewTemporaryToken(true)
->setTokenResource($user->getPHID()) ->setTokenResource($user->getPHID())
->setTokenType($sync_type) ->setTokenType($sync_type)
->setTokenCode($sync_key_digest) ->setTokenCode($sync_key_digest)
->setTokenExpires($now + $sync_ttl); ->setTokenExpires($now + $sync_ttl);
$properties = $this->newMFASyncTokenProperties($user); $properties = $this->newMFASyncTokenProperties(
$provider,
$user);
foreach ($properties as $key => $value) { foreach ($properties as $key => $value) {
$sync_token->setTemporaryTokenProperty($key, $value); $sync_token->setTemporaryTokenProperty($key, $value);
} }
$sync_token->save(); $sync_token->save();
} }
$form->addHiddenInput($this->getMFASyncTokenFormKey(), $sync_key); $form->addHiddenInput($this->getMFASyncTokenFormKey(), $sync_key);
return $sync_token; return $sync_token;
} }
protected function newMFASyncTokenProperties(PhabricatorUser $user) { protected function newMFASyncTokenProperties(
PhabricatorAuthFactorProvider $provider,
PhabricatorUser $user) {
return array(); return array();
} }
private function getMFASyncTokenFormKey() { private function getMFASyncTokenFormKey() {
return 'sync.key'; return 'sync.key';
} }
private function getMFASyncTokenTTL() { private function getMFASyncTokenTTL() {
▲ Show 20 LinesShow All 125 LinesShow Last 20 Lines
Phabricator · Built by Phacility