RecoveryCodesProvider implements MfaProviderInterface
MFA provider for authentication with recovery codes
should only be used by the TYPO3 Core
Table of Contents
Interfaces
- MfaProviderInterface
- To be implemented by all MFA providers.
Properties
- $context : Context
- $flashMessageService : FlashMessageService
- $mfaProviderRegistry : MfaProviderRegistry
- $uriBuilder : UriBuilder
Methods
- __construct() : mixed
- activate() : bool
- Activate the provider by hashing and storing the given recovery codes
- canProcess() : bool
- Check if a recovery code is given in the current request
- deactivate() : bool
- Handle the deactivate action by removing the provider entry
- handleRequest() : ResponseInterface
- Render the provider specific response for the given content type
- isActive() : bool
- Evaluate if the provider is activated by checking the active state from the provider properties. This provider furthermore has a mannerism that it only works if at least one other MFA provider is activated for the user.
- isLocked() : bool
- Evaluate if the provider is temporarily locked by checking the current attempts state from the provider properties and if there are still recovery codes left.
- unlock() : bool
- Handle the unlock action by resetting the attempts provider property and issuing new codes.
- update() : bool
- Handle changes of the provider by the user
- verify() : bool
- Verify the given recovery code and remove it from the provider properties if valid.
- activeProvidersExist() : bool
- Check if the current user has other active providers
- addFlashMessage() : void
- Add a custom flash message for this provider Note: The flash messages added by the main controller are still shown to the user.
- getDateTime() : string
- Return the timestamp as local time (date string) by applying the globally configured format
- getLanguageService() : LanguageService
- getMode() : string
- Determine the mode (used for the hash instance) based on the current users table
- getRecoveryCode() : string
- Internal helper method for fetching the recovery code from the request
Properties
$context
protected
Context
$context
$flashMessageService
protected
FlashMessageService
$flashMessageService
$mfaProviderRegistry
protected
MfaProviderRegistry
$mfaProviderRegistry
$uriBuilder
protected
UriBuilder
$uriBuilder
Methods
__construct()
public
__construct(MfaProviderRegistry $mfaProviderRegistry, Context $context, UriBuilder $uriBuilder, FlashMessageService $flashMessageService) : mixed
Parameters
- $mfaProviderRegistry : MfaProviderRegistry
- $context : Context
- $uriBuilder : UriBuilder
- $flashMessageService : FlashMessageService
activate()
Activate the provider by hashing and storing the given recovery codes
public
activate(ServerRequestInterface $request, MfaProviderPropertyManager $propertyManager) : bool
Parameters
- $request : ServerRequestInterface
- $propertyManager : MfaProviderPropertyManager
Return values
bool —TRUE in case operation was successful, FALSE otherwise
canProcess()
Check if a recovery code is given in the current request
public
canProcess(ServerRequestInterface $request) : bool
Parameters
- $request : ServerRequestInterface
Return values
booldeactivate()
Handle the deactivate action by removing the provider entry
public
deactivate(ServerRequestInterface $request, MfaProviderPropertyManager $propertyManager) : bool
Parameters
- $request : ServerRequestInterface
- $propertyManager : MfaProviderPropertyManager
Return values
bool —TRUE in case operation was successful, FALSE otherwise
handleRequest()
Render the provider specific response for the given content type
public
handleRequest(ServerRequestInterface $request, MfaProviderPropertyManager $propertyManager, string $type) : ResponseInterface
Parameters
- $request : ServerRequestInterface
- $propertyManager : MfaProviderPropertyManager
- $type : string
Tags
Return values
ResponseInterfaceisActive()
Evaluate if the provider is activated by checking the active state from the provider properties. This provider furthermore has a mannerism that it only works if at least one other MFA provider is activated for the user.
public
isActive(MfaProviderPropertyManager $propertyManager) : bool
Parameters
- $propertyManager : MfaProviderPropertyManager
Return values
boolisLocked()
Evaluate if the provider is temporarily locked by checking the current attempts state from the provider properties and if there are still recovery codes left.
public
isLocked(MfaProviderPropertyManager $propertyManager) : bool
Parameters
- $propertyManager : MfaProviderPropertyManager
Return values
boolunlock()
Handle the unlock action by resetting the attempts provider property and issuing new codes.
public
unlock(ServerRequestInterface $request, MfaProviderPropertyManager $propertyManager) : bool
Parameters
- $request : ServerRequestInterface
- $propertyManager : MfaProviderPropertyManager
Return values
bool —TRUE in case operation was successful, FALSE otherwise
update()
Handle changes of the provider by the user
public
update(ServerRequestInterface $request, MfaProviderPropertyManager $propertyManager) : bool
Parameters
- $request : ServerRequestInterface
- $propertyManager : MfaProviderPropertyManager
Return values
bool —TRUE in case operation was successful, FALSE otherwise
verify()
Verify the given recovery code and remove it from the provider properties if valid.
public
verify(ServerRequestInterface $request, MfaProviderPropertyManager $propertyManager) : bool
Parameters
- $request : ServerRequestInterface
- $propertyManager : MfaProviderPropertyManager
Return values
boolactiveProvidersExist()
Check if the current user has other active providers
protected
activeProvidersExist(MfaProviderPropertyManager $currentPropertyManager) : bool
Parameters
- $currentPropertyManager : MfaProviderPropertyManager
Return values
booladdFlashMessage()
Add a custom flash message for this provider Note: The flash messages added by the main controller are still shown to the user.
protected
addFlashMessage(string $message[, string $title = '' ][, ContextualFeedbackSeverity $severity = ContextualFeedbackSeverity::INFO ]) : void
Parameters
- $message : string
- $title : string = ''
- $severity : ContextualFeedbackSeverity = ContextualFeedbackSeverity::INFO
getDateTime()
Return the timestamp as local time (date string) by applying the globally configured format
protected
getDateTime(int $timestamp) : string
Parameters
- $timestamp : int
Return values
stringgetLanguageService()
protected
getLanguageService() : LanguageService
Return values
LanguageServicegetMode()
Determine the mode (used for the hash instance) based on the current users table
protected
getMode(MfaProviderPropertyManager $propertyManager) : string
Parameters
- $propertyManager : MfaProviderPropertyManager
Return values
stringgetRecoveryCode()
Internal helper method for fetching the recovery code from the request
protected
getRecoveryCode(ServerRequestInterface $request) : string
Parameters
- $request : ServerRequestInterface