vendor/scheb/2fa-bundle/Security/Http/EventListener/AbstractCheckCodeListener.php line 29

Open in your IDE?
  1. <?php
  3. declare(strict_types=1);
  5. namespace Scheb\TwoFactorBundle\Security\Http\EventListener;
  7. use Scheb\TwoFactorBundle\Security\Http\Authenticator\Passport\Credentials\TwoFactorCodeCredentials;
  8. use Scheb\TwoFactorBundle\Security\Http\Authenticator\Passport\TwoFactorPassport;
  9. use Scheb\TwoFactorBundle\Security\TwoFactor\Provider\PreparationRecorderInterface;
  10. use Symfony\Component\EventDispatcher\EventSubscriberInterface;
  11. use Symfony\Component\Security\Core\Exception\AuthenticationException;
  12. use Symfony\Component\Security\Http\Event\CheckPassportEvent;
  14. /**
  15.  * @internal
  16.  */
  17. abstract class AbstractCheckCodeListener implements EventSubscriberInterface
  18. {
  19.     /**
  20.      * @var PreparationRecorderInterface
  21.      */
  22.     private $preparationRecorder;
  24.     public function __construct(PreparationRecorderInterface $preparationRecorder)
  25.     {
  26.         $this->preparationRecorder $preparationRecorder;
  27.     }
  29.     public function checkPassport(CheckPassportEvent $event): void
  30.     {
  31.         $passport $event->getPassport();
  32.         if (!($passport instanceof TwoFactorPassport && $passport->hasBadge(TwoFactorCodeCredentials::class))) {
  33.             return;
  34.         }
  36.         /** @var TwoFactorCodeCredentials $credentialsBadge */
  37.         $credentialsBadge $passport->getBadge(TwoFactorCodeCredentials::class);
  38.         if ($credentialsBadge->isResolved()) {
  39.             return;
  40.         }
  42.         $token $passport->getTwoFactorToken();
  43.         $providerName $token->getCurrentTwoFactorProvider();
  44.         if (!$providerName) {
  45.             throw new AuthenticationException('There is no active two-factor provider.');
  46.         }
  48.         if (!$this->preparationRecorder->isTwoFactorProviderPrepared($token->getProviderKey(true), $providerName)) {
  49.             throw new AuthenticationException(sprintf('The two-factor provider "%s" has not been prepared.'$providerName));
  50.         }
  52.         $user $token->getUser();
  53.         if (null === $user) {
  54.             throw new \RuntimeException('Security token must provide a user.');
  55.         }
  57.         if ($this->isValidCode($providerName$user$credentialsBadge->getCode())) {
  58.             $token->setTwoFactorProviderComplete($providerName);
  59.             $credentialsBadge->markResolved();
  60.         }
  61.     }
  63.     /**
  64.      * @param object|string $user
  65.      */
  66.     abstract protected function isValidCode(string $providerName$userstring $code): bool;
  67. }