vendor/pimcore/pimcore/bundles/AdminBundle/EventListener/TwoFactorListener.php line 58

Open in your IDE?
  1. <?php
  3. /**
  4.  * Pimcore
  5.  *
  6.  * This source file is available under two different licenses:
  7.  * - GNU General Public License version 3 (GPLv3)
  8.  * - Pimcore Commercial License (PCL)
  9.  * Full copyright and license information is available in
  10.  * LICENSE.md which is distributed with this source code.
  11.  *
  12.  *  @copyright  Copyright (c) Pimcore GmbH (http://www.pimcore.org)
  13.  *  @license    http://www.pimcore.org/license     GPLv3 and PCL
  14.  */
  16. namespace Pimcore\Bundle\AdminBundle\EventListener;
  18. use Pimcore\Tool\Session;
  19. use Psr\Log\LoggerAwareTrait;
  20. use Scheb\TwoFactorBundle\Security\Authentication\Token\TwoFactorTokenInterface;
  21. use Scheb\TwoFactorBundle\Security\TwoFactor\Event\TwoFactorAuthenticationEvent;
  22. use Scheb\TwoFactorBundle\Security\TwoFactor\Provider\PreparationRecorderInterface;
  23. use Scheb\TwoFactorBundle\Security\TwoFactor\Provider\TwoFactorProviderRegistry;
  24. use Symfony\Component\HttpFoundation\Session\Attribute\AttributeBagInterface;
  26. /**
  27.  * @internal
  28.  */
  29. class TwoFactorListener
  30. {
  31.     use LoggerAwareTrait;
  33.     /**
  34.      * @var TwoFactorProviderRegistry
  35.      */
  36.     private $providerRegistry;
  38.     /**
  39.      * @var PreparationRecorderInterface
  40.      */
  41.     private $preparationRecorder;
  43.     public function __construct(TwoFactorProviderRegistry $providerRegistryPreparationRecorderInterface $preparationRecorder)
  44.     {
  45.         $this->providerRegistry $providerRegistry;
  46.         $this->preparationRecorder $preparationRecorder;
  47.     }
  49.     public function onAuthenticationComplete(TwoFactorAuthenticationEvent $event)
  50.     {
  51.         // this session flag is set in \Pimcore\Bundle\AdminBundle\Security\Guard\AdminAuthenticator
  52.         // @TODO: check if there's a nicer way of doing this, actually it feels a bit like a hack :)
  53.         Session::useSession(function (AttributeBagInterface $adminSession) {
  54.             $adminSession->set('2fa_required'false);
  55.         });
  56.     }
  58.     public function onAuthenticationAttempt(TwoFactorAuthenticationEvent $event)
  59.     {
  60.         $twoFactorToken $event->getToken();
  61.         if (!$twoFactorToken instanceof TwoFactorTokenInterface) {
  62.             return;
  63.         }
  65.         $providerName $twoFactorToken->getCurrentTwoFactorProvider();
  66.         if (null === $providerName) {
  67.             return;
  68.         }
  70.         $twoFactorToken->setTwoFactorProviderPrepared($providerName);
  71.         $firewallName $twoFactorToken->getProviderKey();
  73.         if ($this->preparationRecorder->isTwoFactorProviderPrepared($firewallName$providerName)) {
  74.             $this->logger->info(sprintf('Two-factor provider "%s" was already prepared.'$providerName));
  76.             return;
  77.         }
  79.         $user $twoFactorToken->getUser();
  80.         $this->providerRegistry->getProvider($providerName)->prepareAuthentication($user);
  82.         $this->preparationRecorder->setTwoFactorProviderPrepared($firewallName$providerName);
  83.         $this->logger->info(sprintf('Two-factor provider "%s" prepared.'$providerName));
  84.     }
  85. }