Changeset View
Changeset View
Standalone View
Standalone View
src/applications/auth/factor/PhabricatorAuthFactor.php
Show First 20 Lines • Show All 68 Lines • ▼ Show 20 Lines | abstract class PhabricatorAuthFactor extends Phobject { | ||||
public function getConfigurationListDetails( | public function getConfigurationListDetails( | ||||
PhabricatorAuthFactorConfig $config, | PhabricatorAuthFactorConfig $config, | ||||
PhabricatorAuthFactorProvider $provider, | PhabricatorAuthFactorProvider $provider, | ||||
PhabricatorUser $viewer) { | PhabricatorUser $viewer) { | ||||
return null; | return null; | ||||
} | } | ||||
public function newEditEngineFields( | |||||
PhabricatorEditEngine $engine, | |||||
PhabricatorAuthFactorProvider $provider) { | |||||
return array(); | |||||
} | |||||
/** | /** | ||||
* Is this a factor which depends on the user's contact number? | * Is this a factor which depends on the user's contact number? | ||||
* | * | ||||
* If a user has a "contact number" factor configured, they can not modify | * If a user has a "contact number" factor configured, they can not modify | ||||
* or switch their primary contact number. | * or switch their primary contact number. | ||||
* | * | ||||
* @return bool True if this factor should lock contact numbers. | * @return bool True if this factor should lock contact numbers. | ||||
*/ | */ | ||||
▲ Show 20 Lines • Show All 241 Lines • ▼ Show 20 Lines | abstract class PhabricatorAuthFactor extends Phobject { | ||||
} | } | ||||
/* -( Synchronizing New Factors )------------------------------------------ */ | /* -( Synchronizing New Factors )------------------------------------------ */ | ||||
final protected function loadMFASyncToken( | final protected function loadMFASyncToken( | ||||
PhabricatorAuthFactorProvider $provider, | |||||
AphrontRequest $request, | AphrontRequest $request, | ||||
AphrontFormView $form, | AphrontFormView $form, | ||||
PhabricatorUser $user) { | PhabricatorUser $user) { | ||||
// If the form included a synchronization key, load the corresponding | // If the form included a synchronization key, load the corresponding | ||||
// token. The user must synchronize to a key we generated because this | // token. The user must synchronize to a key we generated because this | ||||
// raises the barrier to theoretical attacks where an attacker might | // raises the barrier to theoretical attacks where an attacker might | ||||
// provide a known key for factors like TOTP. | // provide a known key for factors like TOTP. | ||||
▲ Show 20 Lines • Show All 50 Lines • ▼ Show 20 Lines | if (!$sync_token) { | ||||
$sync_token = id(new PhabricatorAuthTemporaryToken()) | $sync_token = id(new PhabricatorAuthTemporaryToken()) | ||||
->setIsNewTemporaryToken(true) | ->setIsNewTemporaryToken(true) | ||||
->setTokenResource($user->getPHID()) | ->setTokenResource($user->getPHID()) | ||||
->setTokenType($sync_type) | ->setTokenType($sync_type) | ||||
->setTokenCode($sync_key_digest) | ->setTokenCode($sync_key_digest) | ||||
->setTokenExpires($now + $sync_ttl); | ->setTokenExpires($now + $sync_ttl); | ||||
$properties = $this->newMFASyncTokenProperties($user); | $properties = $this->newMFASyncTokenProperties( | ||||
$provider, | |||||
$user); | |||||
foreach ($properties as $key => $value) { | foreach ($properties as $key => $value) { | ||||
$sync_token->setTemporaryTokenProperty($key, $value); | $sync_token->setTemporaryTokenProperty($key, $value); | ||||
} | } | ||||
$sync_token->save(); | $sync_token->save(); | ||||
} | } | ||||
$form->addHiddenInput($this->getMFASyncTokenFormKey(), $sync_key); | $form->addHiddenInput($this->getMFASyncTokenFormKey(), $sync_key); | ||||
return $sync_token; | return $sync_token; | ||||
} | } | ||||
protected function newMFASyncTokenProperties(PhabricatorUser $user) { | protected function newMFASyncTokenProperties( | ||||
PhabricatorAuthFactorProvider $provider, | |||||
PhabricatorUser $user) { | |||||
return array(); | return array(); | ||||
} | } | ||||
private function getMFASyncTokenFormKey() { | private function getMFASyncTokenFormKey() { | ||||
return 'sync.key'; | return 'sync.key'; | ||||
} | } | ||||
private function getMFASyncTokenTTL() { | private function getMFASyncTokenTTL() { | ||||
▲ Show 20 Lines • Show All 125 Lines • Show Last 20 Lines |