‪TYPO3CMS  ‪main
Public Member Functions | Protected Member Functions | Private Attributes | List of all members
TYPO3\CMS\Core\Authentication\Mfa\Provider\TotpProvider Class Reference
Inheritance diagram for TYPO3\CMS\Core\Authentication\Mfa\Provider\TotpProvider:
TYPO3\CMS\Core\Authentication\Mfa\MfaProviderInterface

Public Member Functions

 __construct (protected readonly Context $context, protected readonly HashService $hashService)
 
 canProcess (ServerRequestInterface $request)
 
 isActive (MfaProviderPropertyManager $propertyManager)
 
 isLocked (MfaProviderPropertyManager $propertyManager)
 
 verify (ServerRequestInterface $request, MfaProviderPropertyManager $propertyManager)
 
 activate (ServerRequestInterface $request, MfaProviderPropertyManager $propertyManager)
 
 update (ServerRequestInterface $request, MfaProviderPropertyManager $propertyManager)
 
 unlock (ServerRequestInterface $request, MfaProviderPropertyManager $propertyManager)
 
 deactivate (ServerRequestInterface $request, MfaProviderPropertyManager $propertyManager)
 
 handleRequest (ServerRequestInterface $request, MfaProviderPropertyManager $propertyManager, MfaViewType $type)
 
- ‪Public Member Functions inherited from ‪TYPO3\CMS\Core\Authentication\Mfa\MfaProviderInterface
 handleRequest (ServerRequestInterface $request, MfaProviderPropertyManager $propertyManager, MfaViewType $type)
 

Protected Member Functions

 prepareSetupView (StandaloneView $view, MfaProviderPropertyManager $propertyManager)
 
 prepareEditView (StandaloneView $view, MfaProviderPropertyManager $propertyManager)
 
 prepareAuthView (StandaloneView $view, MfaProviderPropertyManager $propertyManager)
 
 getTotp (ServerRequestInterface $request)
 
 getSvgQrCode (string $content)
 
 getDateTime (int $timestamp)
 

Private Attributes

const MAX_ATTEMPTS = 3
 

Detailed Description

MFA provider for time-based one-time password authentication

should only be used by the TYPO3 Core

Definition at line 40 of file TotpProvider.php.

Constructor & Destructor Documentation

◆ __construct()

TYPO3\CMS\Core\Authentication\Mfa\Provider\TotpProvider::__construct ( protected readonly Context  $context,
protected readonly HashService  $hashService 
)

Definition at line 44 of file TotpProvider.php.

Member Function Documentation

◆ activate()

TYPO3\CMS\Core\Authentication\Mfa\Provider\TotpProvider::activate ( ServerRequestInterface  $request,
MfaProviderPropertyManager  $propertyManager 
)

Activate the provider by checking the necessary parameters, verifying the TOTP and storing the provider properties.

Implements TYPO3\CMS\Core\Authentication\Mfa\MfaProviderInterface.

Definition at line 106 of file TotpProvider.php.

References TYPO3\CMS\Core\Authentication\Mfa\Provider\TotpProvider\canProcess(), TYPO3\CMS\Core\Authentication\Mfa\MfaProviderPropertyManager\createProviderEntry(), TYPO3\CMS\Core\Authentication\Mfa\MfaProviderPropertyManager\hasProviderEntry(), TYPO3\CMS\Core\Authentication\Mfa\Provider\TotpProvider\isActive(), and TYPO3\CMS\Core\Authentication\Mfa\MfaProviderPropertyManager\updateProperties().

◆ canProcess()

TYPO3\CMS\Core\Authentication\Mfa\Provider\TotpProvider::canProcess ( ServerRequestInterface  $request)

Check if a TOTP is given in the current request

Implements TYPO3\CMS\Core\Authentication\Mfa\MfaProviderInterface.

Definition at line 49 of file TotpProvider.php.

References TYPO3\CMS\Core\Authentication\Mfa\Provider\TotpProvider\getTotp().

Referenced by TYPO3\CMS\Core\Authentication\Mfa\Provider\TotpProvider\activate().

◆ deactivate()

TYPO3\CMS\Core\Authentication\Mfa\Provider\TotpProvider::deactivate ( ServerRequestInterface  $request,
MfaProviderPropertyManager  $propertyManager 
)

Handle the deactivate action. For security reasons, the provider entry is completely deleted and setting up this provider again, will therefore create a brand new entry.

Implements TYPO3\CMS\Core\Authentication\Mfa\MfaProviderInterface.

Definition at line 182 of file TotpProvider.php.

References TYPO3\CMS\Core\Authentication\Mfa\MfaProviderPropertyManager\deleteProviderEntry(), and TYPO3\CMS\Core\Authentication\Mfa\Provider\TotpProvider\isActive().

◆ getDateTime()

TYPO3\CMS\Core\Authentication\Mfa\Provider\TotpProvider::getDateTime ( int  $timestamp)
protected

Return the timestamp as local time (date string) by applying the globally configured format

Definition at line 288 of file TotpProvider.php.

References $GLOBALS.

◆ getSvgQrCode()

TYPO3\CMS\Core\Authentication\Mfa\Provider\TotpProvider::getSvgQrCode ( string  $content)
protected

Internal helper method for generating a svg QR-code for TOTP applications

Definition at line 275 of file TotpProvider.php.

Referenced by TYPO3\CMS\Core\Authentication\Mfa\Provider\TotpProvider\prepareSetupView().

◆ getTotp()

TYPO3\CMS\Core\Authentication\Mfa\Provider\TotpProvider::getTotp ( ServerRequestInterface  $request)
protected

Internal helper method for fetching the TOTP from the request

Definition at line 267 of file TotpProvider.php.

Referenced by TYPO3\CMS\Core\Authentication\Mfa\Provider\TotpProvider\canProcess(), and TYPO3\CMS\Core\Authentication\Mfa\Provider\TotpProvider\verify().

◆ handleRequest()

TYPO3\CMS\Core\Authentication\Mfa\Provider\TotpProvider::handleRequest ( ServerRequestInterface  $request,
MfaProviderPropertyManager  $propertyManager,
MfaViewType  $type 
)

Initialize view and forward to the appropriate implementation based on the view type to be returned.

Definition at line 197 of file TotpProvider.php.

References TYPO3\CMS\Core\Authentication\Mfa\AUTH, TYPO3\CMS\Core\Authentication\Mfa\MfaProviderPropertyManager\getIdentifier(), TYPO3\CMS\Core\Authentication\Mfa\Provider\TotpProvider\prepareAuthView(), TYPO3\CMS\Core\Authentication\Mfa\Provider\TotpProvider\prepareEditView(), and TYPO3\CMS\Core\Authentication\Mfa\Provider\TotpProvider\prepareSetupView().

◆ isActive()

TYPO3\CMS\Core\Authentication\Mfa\Provider\TotpProvider::isActive ( MfaProviderPropertyManager  $propertyManager)

Evaluate if the provider is activated by checking the active state and the secret from the provider properties.

Implements TYPO3\CMS\Core\Authentication\Mfa\MfaProviderInterface.

Definition at line 58 of file TotpProvider.php.

References TYPO3\CMS\Core\Authentication\Mfa\MfaProviderPropertyManager\getProperty().

Referenced by TYPO3\CMS\Core\Authentication\Mfa\Provider\TotpProvider\activate(), TYPO3\CMS\Core\Authentication\Mfa\Provider\TotpProvider\deactivate(), TYPO3\CMS\Core\Authentication\Mfa\Provider\TotpProvider\unlock(), TYPO3\CMS\Core\Authentication\Mfa\Provider\TotpProvider\update(), and TYPO3\CMS\Core\Authentication\Mfa\Provider\TotpProvider\verify().

◆ isLocked()

TYPO3\CMS\Core\Authentication\Mfa\Provider\TotpProvider::isLocked ( MfaProviderPropertyManager  $propertyManager)

Evaluate if the provider is temporarily locked by checking the current attempts state from the provider properties.

Implements TYPO3\CMS\Core\Authentication\Mfa\MfaProviderInterface.

Definition at line 68 of file TotpProvider.php.

References TYPO3\CMS\Core\Authentication\Mfa\MfaProviderPropertyManager\getProperty(), TYPO3\CMS\Core\Authentication\Mfa\MfaProviderPropertyManager\hasProviderEntry(), and TYPO3\CMS\Core\Authentication\Mfa\Provider\TotpProvider\MAX_ATTEMPTS.

Referenced by TYPO3\CMS\Core\Authentication\Mfa\Provider\TotpProvider\prepareAuthView(), TYPO3\CMS\Core\Authentication\Mfa\Provider\TotpProvider\unlock(), TYPO3\CMS\Core\Authentication\Mfa\Provider\TotpProvider\update(), and TYPO3\CMS\Core\Authentication\Mfa\Provider\TotpProvider\verify().

◆ prepareAuthView()

TYPO3\CMS\Core\Authentication\Mfa\Provider\TotpProvider::prepareAuthView ( StandaloneView  $view,
MfaProviderPropertyManager  $propertyManager 
)
protected

Set the template for the auth view where the user has to provide the TOTP

Definition at line 258 of file TotpProvider.php.

References TYPO3\CMS\Core\Authentication\Mfa\Provider\TotpProvider\isLocked(), and TYPO3\CMS\Fluid\View\AbstractTemplateView\setTemplate().

Referenced by TYPO3\CMS\Core\Authentication\Mfa\Provider\TotpProvider\handleRequest().

◆ prepareEditView()

TYPO3\CMS\Core\Authentication\Mfa\Provider\TotpProvider::prepareEditView ( StandaloneView  $view,
MfaProviderPropertyManager  $propertyManager 
)
protected

Set the template and assign necessary variables for the edit view

Definition at line 245 of file TotpProvider.php.

References TYPO3\CMS\Core\Authentication\Mfa\MfaProviderPropertyManager\getProperty(), and TYPO3\CMS\Fluid\View\AbstractTemplateView\setTemplate().

Referenced by TYPO3\CMS\Core\Authentication\Mfa\Provider\TotpProvider\handleRequest().

◆ prepareSetupView()

TYPO3\CMS\Core\Authentication\Mfa\Provider\TotpProvider::prepareSetupView ( StandaloneView  $view,
MfaProviderPropertyManager  $propertyManager 
)
protected

Generate a new shared secret, generate the otpauth URL and create a qr-code for improved usability. Set template and assign necessary variables for the setup view.

Definition at line 223 of file TotpProvider.php.

References $GLOBALS, TYPO3\CMS\Core\Authentication\Mfa\Provider\Totp\generateEncodedSecret(), TYPO3\CMS\Core\Authentication\Mfa\Provider\TotpProvider\getSvgQrCode(), TYPO3\CMS\Core\Authentication\Mfa\MfaProviderPropertyManager\getUser(), and TYPO3\CMS\Fluid\View\AbstractTemplateView\setTemplate().

Referenced by TYPO3\CMS\Core\Authentication\Mfa\Provider\TotpProvider\handleRequest().

◆ unlock()

TYPO3\CMS\Core\Authentication\Mfa\Provider\TotpProvider::unlock ( ServerRequestInterface  $request,
MfaProviderPropertyManager  $propertyManager 
)

Handle the unlock action by resetting the attempts provider property

Implements TYPO3\CMS\Core\Authentication\Mfa\MfaProviderInterface.

Definition at line 166 of file TotpProvider.php.

References TYPO3\CMS\Core\Authentication\Mfa\Provider\TotpProvider\isActive(), TYPO3\CMS\Core\Authentication\Mfa\Provider\TotpProvider\isLocked(), and TYPO3\CMS\Core\Authentication\Mfa\MfaProviderPropertyManager\updateProperties().

◆ update()

TYPO3\CMS\Core\Authentication\Mfa\Provider\TotpProvider::update ( ServerRequestInterface  $request,
MfaProviderPropertyManager  $propertyManager 
)

Handle the save action by updating the provider properties

Implements TYPO3\CMS\Core\Authentication\Mfa\MfaProviderInterface.

Definition at line 147 of file TotpProvider.php.

References TYPO3\CMS\Core\Authentication\Mfa\Provider\TotpProvider\isActive(), TYPO3\CMS\Core\Authentication\Mfa\Provider\TotpProvider\isLocked(), and TYPO3\CMS\Core\Authentication\Mfa\MfaProviderPropertyManager\updateProperties().

◆ verify()

TYPO3\CMS\Core\Authentication\Mfa\Provider\TotpProvider::verify ( ServerRequestInterface  $request,
MfaProviderPropertyManager  $propertyManager 
)

Verify the given TOTP and update the provider properties in case the TOTP is valid.

Implements TYPO3\CMS\Core\Authentication\Mfa\MfaProviderInterface.

Definition at line 80 of file TotpProvider.php.

References TYPO3\CMS\Core\Authentication\Mfa\MfaProviderPropertyManager\getProperty(), TYPO3\CMS\Core\Authentication\Mfa\Provider\TotpProvider\getTotp(), TYPO3\CMS\Core\Authentication\Mfa\Provider\TotpProvider\isActive(), TYPO3\CMS\Core\Authentication\Mfa\Provider\TotpProvider\isLocked(), and TYPO3\CMS\Core\Authentication\Mfa\MfaProviderPropertyManager\updateProperties().

Member Data Documentation

◆ MAX_ATTEMPTS

const TYPO3\CMS\Core\Authentication\Mfa\Provider\TotpProvider::MAX_ATTEMPTS = 3
private

Definition at line 42 of file TotpProvider.php.

Referenced by TYPO3\CMS\Core\Authentication\Mfa\Provider\TotpProvider\isLocked().