src/applications/auth/engine/PhabricatorAuthSessionEngine.php

	Show First 20 Lines • Show All 383 Lines • ▼ Show 20 Lines		/* -( High Security )------------------------------------------------------ */
	/**			/**
	* Require the user respond to a high security (MFA) check.			* Require the user respond to a high security (MFA) check.
	*			*
	* This method differs from @{method:requireHighSecuritySession} in that it			* This method differs from @{method:requireHighSecuritySession} in that it
	* does not upgrade the user's session as a side effect. This method is			* does not upgrade the user's session as a side effect. This method is
	* appropriate for one-time checks.			* appropriate for one-time checks.
	*			*
	* @param PhabricatorUser User whose session needs to be in high security.			* @param PhabricatorUser User whose session needs to be in high security.
	* @param AphrontReqeust Current request.			* @param AphrontRequest Current request.
	* @param string URI to return the user to if they cancel.			* @param string URI to return the user to if they cancel.
	* @return PhabricatorAuthHighSecurityToken Security token.			* @return PhabricatorAuthHighSecurityToken Security token.
	* @task hisec			* @task hisec
	*/			*/
	public function requireHighSecurityToken(			public function requireHighSecurityToken(
	PhabricatorUser $viewer,			PhabricatorUser $viewer,
	AphrontRequest $request,			AphrontRequest $request,
	$cancel_uri) {			$cancel_uri) {
	Show All 15 Lines		/* -( High Security )------------------------------------------------------ */
	* be converted into a multi-factor authentication workflow.			* be converted into a multi-factor authentication workflow.
	*			*
	* This method upgrades the user's session to high security for a short			* This method upgrades the user's session to high security for a short
	* period of time, and is appropriate if you anticipate they may need to			* period of time, and is appropriate if you anticipate they may need to
	* take multiple high security actions. To perform a one-time check instead,			* take multiple high security actions. To perform a one-time check instead,
	* use @{method:requireHighSecurityToken}.			* use @{method:requireHighSecurityToken}.
	*			*
	* @param PhabricatorUser User whose session needs to be in high security.			* @param PhabricatorUser User whose session needs to be in high security.
	* @param AphrontReqeust Current request.			* @param AphrontRequest Current request.
	amckinleyUnsubmitted Not Done Inline Actions amckinley: {F6372160}
	* @param string URI to return the user to if they cancel.			* @param string URI to return the user to if they cancel.
	* @param bool True to jump partial sessions directly into high			* @param bool True to jump partial sessions directly into high
	* security instead of just upgrading them to full			* security instead of just upgrading them to full
	* sessions.			* sessions.
	* @return PhabricatorAuthHighSecurityToken Security token.			* @return PhabricatorAuthHighSecurityToken Security token.
	* @task hisec			* @task hisec
	*/			*/
	public function requireHighSecuritySession(			public function requireHighSecuritySession(
	▲ Show 20 Lines • Show All 738 Lines • Show Last 20 Lines