MfaProviderInterface

To be implemented by all MFA providers.

Table of Contents

Methods

activate()  : bool
Activate / register this provider for the user
canProcess()  : bool
Check if the current request can be handled by this provider (e.g.
deactivate()  : bool
Deactivate this provider for the user
handleRequest()  : ResponseInterface
Generate the provider specific response for the given view type.
isActive()  : bool
Check if provider is active for the user by e.g. checking the user record for some provider specific active state.
isLocked()  : bool
Check if provider is temporarily locked for the user, because of e.g. to much false authentication attempts. This differs from the "isActive" state on purpose, so please DO NOT use the "isActive" state for such check internally. This will allow attackers to easily circumvent MFA!
unlock()  : bool
Unlock this provider for the user
update()  : bool
Handle changes of the provider by the user
verify()  : bool
Verifies the MFA request

Methods

activate()

Activate / register this provider for the user

public activate(ServerRequestInterface $request, MfaProviderPropertyManager $propertyManager) : bool
Parameters
$request : ServerRequestInterface
$propertyManager : MfaProviderPropertyManager
Return values
bool

TRUE in case operation was successful, FALSE otherwise

canProcess()

Check if the current request can be handled by this provider (e.g.

public canProcess(ServerRequestInterface $request) : bool

necessary query arguments are set).

Parameters
$request : ServerRequestInterface
Return values
bool

deactivate()

Deactivate this provider for the user

public deactivate(ServerRequestInterface $request, MfaProviderPropertyManager $propertyManager) : bool
Parameters
$request : ServerRequestInterface
$propertyManager : MfaProviderPropertyManager
Return values
bool

TRUE in case operation was successful, FALSE otherwise

handleRequest()

Generate the provider specific response for the given view type.

public handleRequest(ServerRequestInterface $request, MfaProviderPropertyManager $propertyManager, string $type) : ResponseInterface

Note: Currently the calling controller only evaluates the response body and directly injects it into the corresponding view. It's however planned to also take further information like headers into account.

Parameters
$request : ServerRequestInterface
$propertyManager : MfaProviderPropertyManager
$type : string
Tags
see
MfaViewType
Return values
ResponseInterface

isLocked()

Check if provider is temporarily locked for the user, because of e.g. to much false authentication attempts. This differs from the "isActive" state on purpose, so please DO NOT use the "isActive" state for such check internally. This will allow attackers to easily circumvent MFA!

public isLocked(MfaProviderPropertyManager $propertyManager) : bool
Parameters
$propertyManager : MfaProviderPropertyManager
Return values
bool

unlock()

Unlock this provider for the user

public unlock(ServerRequestInterface $request, MfaProviderPropertyManager $propertyManager) : bool
Parameters
$request : ServerRequestInterface
$propertyManager : MfaProviderPropertyManager
Return values
bool

TRUE in case operation was successful, FALSE otherwise

update()

Handle changes of the provider by the user

public update(ServerRequestInterface $request, MfaProviderPropertyManager $propertyManager) : bool
Parameters
$request : ServerRequestInterface
$propertyManager : MfaProviderPropertyManager
Return values
bool

TRUE in case operation was successful, FALSE otherwise


        
On this page

Search results