RecoveryCodesProvider implements MfaProviderInterface
MFA provider for authentication with recovery codes
should only be used by the TYPO3 Core
Table of Contents
Interfaces
- MfaProviderInterface
- To be implemented by all MFA providers.
Methods
- __construct() : mixed
- activate() : bool
- Activate the provider by hashing and storing the given recovery codes
- canProcess() : bool
- Check if a recovery code is given in the current request
- deactivate() : bool
- Handle the deactivate action by removing the provider entry
- handleRequest() : ResponseInterface
- Render the provider specific response for the given content type
- isActive() : bool
- Evaluate if the provider is activated by checking the active state from the provider properties. This provider furthermore has a mannerism that it only works if at least one other MFA provider is activated for the user.
- isLocked() : bool
- Evaluate if the provider is temporarily locked by checking the current attempts state from the provider properties and if there are still recovery codes left.
- unlock() : bool
- Handle the unlock action by resetting the attempts provider property and issuing new codes.
- update() : bool
- Handle changes of the provider by the user
- verify() : bool
- Verify the given recovery code and remove it from the provider properties if valid.
Methods
__construct()
public
__construct(MfaProviderRegistry $mfaProviderRegistry, Context $context, UriBuilder $uriBuilder, FlashMessageService $flashMessageService, HashService $hashService, ViewFactoryInterface $viewFactory) : mixed
Parameters
- $mfaProviderRegistry : MfaProviderRegistry
- $context : Context
- $uriBuilder : UriBuilder
- $flashMessageService : FlashMessageService
- $hashService : HashService
- $viewFactory : ViewFactoryInterface
activate()
Activate the provider by hashing and storing the given recovery codes
public
activate(ServerRequestInterface $request, MfaProviderPropertyManager $propertyManager) : bool
Parameters
- $request : ServerRequestInterface
- $propertyManager : MfaProviderPropertyManager
Return values
bool —TRUE in case operation was successful, FALSE otherwise
canProcess()
Check if a recovery code is given in the current request
public
canProcess(ServerRequestInterface $request) : bool
Parameters
- $request : ServerRequestInterface
Return values
booldeactivate()
Handle the deactivate action by removing the provider entry
public
deactivate(ServerRequestInterface $request, MfaProviderPropertyManager $propertyManager) : bool
Parameters
- $request : ServerRequestInterface
- $propertyManager : MfaProviderPropertyManager
Return values
bool —TRUE in case operation was successful, FALSE otherwise
handleRequest()
Render the provider specific response for the given content type
public
handleRequest(ServerRequestInterface $request, MfaProviderPropertyManager $propertyManager, MfaViewType $type) : ResponseInterface
Parameters
- $request : ServerRequestInterface
- $propertyManager : MfaProviderPropertyManager
- $type : MfaViewType
Tags
Return values
ResponseInterfaceisActive()
Evaluate if the provider is activated by checking the active state from the provider properties. This provider furthermore has a mannerism that it only works if at least one other MFA provider is activated for the user.
public
isActive(MfaProviderPropertyManager $propertyManager) : bool
Parameters
- $propertyManager : MfaProviderPropertyManager
Return values
boolisLocked()
Evaluate if the provider is temporarily locked by checking the current attempts state from the provider properties and if there are still recovery codes left.
public
isLocked(MfaProviderPropertyManager $propertyManager) : bool
Parameters
- $propertyManager : MfaProviderPropertyManager
Return values
boolunlock()
Handle the unlock action by resetting the attempts provider property and issuing new codes.
public
unlock(ServerRequestInterface $request, MfaProviderPropertyManager $propertyManager) : bool
Parameters
- $request : ServerRequestInterface
- $propertyManager : MfaProviderPropertyManager
Return values
bool —TRUE in case operation was successful, FALSE otherwise
update()
Handle changes of the provider by the user
public
update(ServerRequestInterface $request, MfaProviderPropertyManager $propertyManager) : bool
Parameters
- $request : ServerRequestInterface
- $propertyManager : MfaProviderPropertyManager
Return values
bool —TRUE in case operation was successful, FALSE otherwise
verify()
Verify the given recovery code and remove it from the provider properties if valid.
public
verify(ServerRequestInterface $request, MfaProviderPropertyManager $propertyManager) : bool
Parameters
- $request : ServerRequestInterface
- $propertyManager : MfaProviderPropertyManager