‪TYPO3CMS  11.5
Public Member Functions | Protected Member Functions | Protected Attributes | Private Attributes | List of all members
TYPO3\CMS\Core\Authentication\Mfa\Provider\TotpProvider Class Reference
Inheritance diagram for TYPO3\CMS\Core\Authentication\Mfa\Provider\TotpProvider:
TYPO3\CMS\Core\Authentication\Mfa\MfaProviderInterface

Public Member Functions

 __construct (Context $context)
 
bool canProcess (ServerRequestInterface $request)
 
bool isActive (MfaProviderPropertyManager $propertyManager)
 
bool isLocked (MfaProviderPropertyManager $propertyManager)
 
bool verify (ServerRequestInterface $request, MfaProviderPropertyManager $propertyManager)
 
bool activate (ServerRequestInterface $request, MfaProviderPropertyManager $propertyManager)
 
bool update (ServerRequestInterface $request, MfaProviderPropertyManager $propertyManager)
 
bool unlock (ServerRequestInterface $request, MfaProviderPropertyManager $propertyManager)
 
bool deactivate (ServerRequestInterface $request, MfaProviderPropertyManager $propertyManager)
 
ResponseInterface handleRequest (ServerRequestInterface $request, MfaProviderPropertyManager $propertyManager, string $type)
 

Protected Member Functions

 prepareSetupView (StandaloneView $view, MfaProviderPropertyManager $propertyManager)
 
 prepareEditView (StandaloneView $view, MfaProviderPropertyManager $propertyManager)
 
 prepareAuthView (StandaloneView $view, MfaProviderPropertyManager $propertyManager)
 
string getTotp (ServerRequestInterface $request)
 
string getSvgQrCode (string $content)
 
string getDateTime (int $timestamp)
 

Protected Attributes

Context $context
 

Private Attributes

const MAX_ATTEMPTS = 3
 

Detailed Description

MFA provider for time-based one-time password authentication

should only be used by the TYPO3 Core

Definition at line 39 of file TotpProvider.php.

Constructor & Destructor Documentation

◆ __construct()

TYPO3\CMS\Core\Authentication\Mfa\Provider\TotpProvider::__construct ( Context  $context)

Definition at line 45 of file TotpProvider.php.

References TYPO3\CMS\Core\Authentication\Mfa\Provider\TotpProvider\$context.

Member Function Documentation

◆ activate()

bool TYPO3\CMS\Core\Authentication\Mfa\Provider\TotpProvider::activate ( ServerRequestInterface  $request,
MfaProviderPropertyManager  $propertyManager 
)

Activate the provider by checking the necessary parameters, verifying the TOTP and storing the provider properties.

Parameters
ServerRequestInterface$request
MfaProviderPropertyManager$propertyManager
Returns
‪bool

Implements TYPO3\CMS\Core\Authentication\Mfa\MfaProviderInterface.

Definition at line 127 of file TotpProvider.php.

References TYPO3\CMS\Core\Authentication\Mfa\Provider\TotpProvider\canProcess(), TYPO3\CMS\Core\Authentication\Mfa\MfaProviderPropertyManager\createProviderEntry(), TYPO3\CMS\Core\Authentication\Mfa\MfaProviderPropertyManager\hasProviderEntry(), TYPO3\CMS\Core\Authentication\Mfa\Provider\TotpProvider\isActive(), and TYPO3\CMS\Core\Authentication\Mfa\MfaProviderPropertyManager\updateProperties().

◆ canProcess()

bool TYPO3\CMS\Core\Authentication\Mfa\Provider\TotpProvider::canProcess ( ServerRequestInterface  $request)

Check if a TOTP is given in the current request

Parameters
ServerRequestInterface$request
Returns
‪bool

Implements TYPO3\CMS\Core\Authentication\Mfa\MfaProviderInterface.

Definition at line 56 of file TotpProvider.php.

References TYPO3\CMS\Core\Authentication\Mfa\Provider\TotpProvider\getTotp().

Referenced by TYPO3\CMS\Core\Authentication\Mfa\Provider\TotpProvider\activate().

◆ deactivate()

bool TYPO3\CMS\Core\Authentication\Mfa\Provider\TotpProvider::deactivate ( ServerRequestInterface  $request,
MfaProviderPropertyManager  $propertyManager 
)

Handle the deactivate action. For security reasons, the provider entry is completely deleted and setting up this provider again, will therefore create a brand new entry.

Parameters
ServerRequestInterface$request
MfaProviderPropertyManager$propertyManager
Returns
‪bool

Implements TYPO3\CMS\Core\Authentication\Mfa\MfaProviderInterface.

Definition at line 215 of file TotpProvider.php.

References TYPO3\CMS\Core\Authentication\Mfa\MfaProviderPropertyManager\deleteProviderEntry(), and TYPO3\CMS\Core\Authentication\Mfa\Provider\TotpProvider\isActive().

◆ getDateTime()

string TYPO3\CMS\Core\Authentication\Mfa\Provider\TotpProvider::getDateTime ( int  $timestamp)
protected

Return the timestamp as local time (date string) by applying the globally configured format

Parameters
int$timestamp
Returns
‪string

Definition at line 335 of file TotpProvider.php.

References $GLOBALS.

◆ getSvgQrCode()

string TYPO3\CMS\Core\Authentication\Mfa\Provider\TotpProvider::getSvgQrCode ( string  $content)
protected

Internal helper method for generating a svg QR-code for TOTP applications

Parameters
string$content
Returns
‪string

Definition at line 319 of file TotpProvider.php.

Referenced by TYPO3\CMS\Core\Authentication\Mfa\Provider\TotpProvider\prepareSetupView().

◆ getTotp()

string TYPO3\CMS\Core\Authentication\Mfa\Provider\TotpProvider::getTotp ( ServerRequestInterface  $request)
protected

Internal helper method for fetching the TOTP from the request

Parameters
ServerRequestInterface$request
Returns
‪string

Definition at line 308 of file TotpProvider.php.

Referenced by TYPO3\CMS\Core\Authentication\Mfa\Provider\TotpProvider\canProcess(), and TYPO3\CMS\Core\Authentication\Mfa\Provider\TotpProvider\verify().

◆ handleRequest()

ResponseInterface TYPO3\CMS\Core\Authentication\Mfa\Provider\TotpProvider::handleRequest ( ServerRequestInterface  $request,
MfaProviderPropertyManager  $propertyManager,
string  $type 
)

Initialize view and forward to the appropriate implementation based on the view type to be returned.

Parameters
ServerRequestInterface$request
MfaProviderPropertyManager$propertyManager
string$type
Returns
‪ResponseInterface

Implements TYPO3\CMS\Core\Authentication\Mfa\MfaProviderInterface.

Definition at line 235 of file TotpProvider.php.

References TYPO3\CMS\Core\Authentication\Mfa\MfaViewType\AUTH, TYPO3\CMS\Core\Authentication\Mfa\MfaViewType\EDIT, TYPO3\CMS\Core\Authentication\Mfa\MfaProviderPropertyManager\getIdentifier(), TYPO3\CMS\Core\Authentication\Mfa\Provider\TotpProvider\prepareAuthView(), TYPO3\CMS\Core\Authentication\Mfa\Provider\TotpProvider\prepareEditView(), TYPO3\CMS\Core\Authentication\Mfa\Provider\TotpProvider\prepareSetupView(), and TYPO3\CMS\Core\Authentication\Mfa\MfaViewType\SETUP.

◆ isActive()

bool TYPO3\CMS\Core\Authentication\Mfa\Provider\TotpProvider::isActive ( MfaProviderPropertyManager  $propertyManager)

Evaluate if the provider is activated by checking the active state and the secret from the provider properties.

Parameters
MfaProviderPropertyManager$propertyManager
Returns
‪bool

Implements TYPO3\CMS\Core\Authentication\Mfa\MfaProviderInterface.

Definition at line 68 of file TotpProvider.php.

References TYPO3\CMS\Core\Authentication\Mfa\MfaProviderPropertyManager\getProperty().

Referenced by TYPO3\CMS\Core\Authentication\Mfa\Provider\TotpProvider\activate(), TYPO3\CMS\Core\Authentication\Mfa\Provider\TotpProvider\deactivate(), TYPO3\CMS\Core\Authentication\Mfa\Provider\TotpProvider\unlock(), TYPO3\CMS\Core\Authentication\Mfa\Provider\TotpProvider\update(), and TYPO3\CMS\Core\Authentication\Mfa\Provider\TotpProvider\verify().

◆ isLocked()

bool TYPO3\CMS\Core\Authentication\Mfa\Provider\TotpProvider::isLocked ( MfaProviderPropertyManager  $propertyManager)

Evaluate if the provider is temporarily locked by checking the current attempts state from the provider properties.

Parameters
MfaProviderPropertyManager$propertyManager
Returns
‪bool

Implements TYPO3\CMS\Core\Authentication\Mfa\MfaProviderInterface.

Definition at line 81 of file TotpProvider.php.

References TYPO3\CMS\Core\Authentication\Mfa\MfaProviderPropertyManager\getProperty(), TYPO3\CMS\Core\Authentication\Mfa\MfaProviderPropertyManager\hasProviderEntry(), and TYPO3\CMS\Core\Authentication\Mfa\Provider\TotpProvider\MAX_ATTEMPTS.

Referenced by TYPO3\CMS\Core\Authentication\Mfa\Provider\TotpProvider\prepareAuthView(), TYPO3\CMS\Core\Authentication\Mfa\Provider\TotpProvider\unlock(), TYPO3\CMS\Core\Authentication\Mfa\Provider\TotpProvider\update(), and TYPO3\CMS\Core\Authentication\Mfa\Provider\TotpProvider\verify().

◆ prepareAuthView()

TYPO3\CMS\Core\Authentication\Mfa\Provider\TotpProvider::prepareAuthView ( StandaloneView  $view,
MfaProviderPropertyManager  $propertyManager 
)
protected

Set the template for the auth view where the user has to provide the TOTP

Definition at line 296 of file TotpProvider.php.

References TYPO3\CMS\Extbase\Mvc\View\ViewInterface\assign(), TYPO3\CMS\Core\Authentication\Mfa\Provider\TotpProvider\isLocked(), and TYPO3\CMS\Fluid\View\AbstractTemplateView\setTemplate().

Referenced by TYPO3\CMS\Core\Authentication\Mfa\Provider\TotpProvider\handleRequest().

◆ prepareEditView()

TYPO3\CMS\Core\Authentication\Mfa\Provider\TotpProvider::prepareEditView ( StandaloneView  $view,
MfaProviderPropertyManager  $propertyManager 
)
protected

Set the template and assign necessary variables for the edit view

Definition at line 283 of file TotpProvider.php.

References TYPO3\CMS\Extbase\Mvc\View\ViewInterface\assignMultiple(), TYPO3\CMS\Core\Authentication\Mfa\MfaProviderPropertyManager\getProperty(), and TYPO3\CMS\Fluid\View\AbstractTemplateView\setTemplate().

Referenced by TYPO3\CMS\Core\Authentication\Mfa\Provider\TotpProvider\handleRequest().

◆ prepareSetupView()

TYPO3\CMS\Core\Authentication\Mfa\Provider\TotpProvider::prepareSetupView ( StandaloneView  $view,
MfaProviderPropertyManager  $propertyManager 
)
protected

Generate a new shared secret, generate the otpauth URL and create a qr-code for improved usability. Set template and assign necessary variables for the setup view.

Definition at line 261 of file TotpProvider.php.

References $GLOBALS, TYPO3\CMS\Extbase\Mvc\View\ViewInterface\assignMultiple(), TYPO3\CMS\Core\Authentication\Mfa\Provider\Totp\generateEncodedSecret(), TYPO3\CMS\Core\Authentication\Mfa\Provider\TotpProvider\getSvgQrCode(), TYPO3\CMS\Core\Authentication\Mfa\MfaProviderPropertyManager\getUser(), and TYPO3\CMS\Fluid\View\AbstractTemplateView\setTemplate().

Referenced by TYPO3\CMS\Core\Authentication\Mfa\Provider\TotpProvider\handleRequest().

◆ unlock()

bool TYPO3\CMS\Core\Authentication\Mfa\Provider\TotpProvider::unlock ( ServerRequestInterface  $request,
MfaProviderPropertyManager  $propertyManager 
)

Handle the unlock action by resetting the attempts provider property

Parameters
ServerRequestInterface$request
MfaProviderPropertyManager$propertyManager
Returns
‪bool

Implements TYPO3\CMS\Core\Authentication\Mfa\MfaProviderInterface.

Definition at line 195 of file TotpProvider.php.

References TYPO3\CMS\Core\Authentication\Mfa\Provider\TotpProvider\isActive(), TYPO3\CMS\Core\Authentication\Mfa\Provider\TotpProvider\isLocked(), and TYPO3\CMS\Core\Authentication\Mfa\MfaProviderPropertyManager\updateProperties().

◆ update()

bool TYPO3\CMS\Core\Authentication\Mfa\Provider\TotpProvider::update ( ServerRequestInterface  $request,
MfaProviderPropertyManager  $propertyManager 
)

Handle the save action by updating the provider properties

Parameters
ServerRequestInterface$request
MfaProviderPropertyManager$propertyManager
Returns
‪bool

Implements TYPO3\CMS\Core\Authentication\Mfa\MfaProviderInterface.

Definition at line 172 of file TotpProvider.php.

References TYPO3\CMS\Core\Authentication\Mfa\Provider\TotpProvider\isActive(), TYPO3\CMS\Core\Authentication\Mfa\Provider\TotpProvider\isLocked(), and TYPO3\CMS\Core\Authentication\Mfa\MfaProviderPropertyManager\updateProperties().

◆ verify()

bool TYPO3\CMS\Core\Authentication\Mfa\Provider\TotpProvider::verify ( ServerRequestInterface  $request,
MfaProviderPropertyManager  $propertyManager 
)

Verify the given TOTP and update the provider properties in case the TOTP is valid.

Parameters
ServerRequestInterface$request
MfaProviderPropertyManager$propertyManager
Returns
‪bool

Implements TYPO3\CMS\Core\Authentication\Mfa\MfaProviderInterface.

Definition at line 97 of file TotpProvider.php.

References TYPO3\CMS\Core\Authentication\Mfa\MfaProviderPropertyManager\getProperty(), TYPO3\CMS\Core\Authentication\Mfa\Provider\TotpProvider\getTotp(), TYPO3\CMS\Core\Authentication\Mfa\Provider\TotpProvider\isActive(), TYPO3\CMS\Core\Authentication\Mfa\Provider\TotpProvider\isLocked(), and TYPO3\CMS\Core\Authentication\Mfa\MfaProviderPropertyManager\updateProperties().

Member Data Documentation

◆ $context

Context TYPO3\CMS\Core\Authentication\Mfa\Provider\TotpProvider::$context
protected

Definition at line 43 of file TotpProvider.php.

Referenced by TYPO3\CMS\Core\Authentication\Mfa\Provider\TotpProvider\__construct().

◆ MAX_ATTEMPTS

const TYPO3\CMS\Core\Authentication\Mfa\Provider\TotpProvider::MAX_ATTEMPTS = 3
private

Definition at line 41 of file TotpProvider.php.

Referenced by TYPO3\CMS\Core\Authentication\Mfa\Provider\TotpProvider\isLocked().