Add real events for enabled 2fa providers for users

* Shiny new events
* Listener to still emit the old event

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
This commit is contained in:
Roeland Jago Douma 2021-03-05 16:02:17 +01:00
parent 90909ab9b9
commit 3c5cf825b3
6 changed files with 157 additions and 4 deletions

View File

@ -103,6 +103,8 @@ return array(
'OCP\\Authentication\\TwoFactorAuth\\RegistryEvent' => $baseDir . '/lib/public/Authentication/TwoFactorAuth/RegistryEvent.php',
'OCP\\Authentication\\TwoFactorAuth\\TwoFactorException' => $baseDir . '/lib/public/Authentication/TwoFactorAuth/TwoFactorException.php',
'OCP\\Authentication\\TwoFactorAuth\\TwoFactorProviderDisabled' => $baseDir . '/lib/public/Authentication/TwoFactorAuth/TwoFactorProviderDisabled.php',
'OCP\\Authentication\\TwoFactorAuth\\TwoFactorProviderForUserDisabled' => $baseDir . '/lib/public/Authentication/TwoFactorAuth/TwoFactorProviderForUserDisabled.php',
'OCP\\Authentication\\TwoFactorAuth\\TwoFactorProviderForUserEnabled' => $baseDir . '/lib/public/Authentication/TwoFactorAuth/TwoFactorProviderForUserEnabled.php',
'OCP\\AutoloadNotAllowedException' => $baseDir . '/lib/public/AutoloadNotAllowedException.php',
'OCP\\BackgroundJob' => $baseDir . '/lib/public/BackgroundJob.php',
'OCP\\BackgroundJob\\IJob' => $baseDir . '/lib/public/BackgroundJob/IJob.php',

View File

@ -132,6 +132,8 @@ class ComposerStaticInit53792487c5a8370acc0b06b1a864ff4c
'OCP\\Authentication\\TwoFactorAuth\\RegistryEvent' => __DIR__ . '/../../..' . '/lib/public/Authentication/TwoFactorAuth/RegistryEvent.php',
'OCP\\Authentication\\TwoFactorAuth\\TwoFactorException' => __DIR__ . '/../../..' . '/lib/public/Authentication/TwoFactorAuth/TwoFactorException.php',
'OCP\\Authentication\\TwoFactorAuth\\TwoFactorProviderDisabled' => __DIR__ . '/../../..' . '/lib/public/Authentication/TwoFactorAuth/TwoFactorProviderDisabled.php',
'OCP\\Authentication\\TwoFactorAuth\\TwoFactorProviderForUserDisabled' => __DIR__ . '/../../..' . '/lib/public/Authentication/TwoFactorAuth/TwoFactorProviderForUserDisabled.php',
'OCP\\Authentication\\TwoFactorAuth\\TwoFactorProviderForUserEnabled' => __DIR__ . '/../../..' . '/lib/public/Authentication/TwoFactorAuth/TwoFactorProviderForUserEnabled.php',
'OCP\\AutoloadNotAllowedException' => __DIR__ . '/../../..' . '/lib/public/AutoloadNotAllowedException.php',
'OCP\\BackgroundJob' => __DIR__ . '/../../..' . '/lib/public/BackgroundJob.php',
'OCP\\BackgroundJob\\IJob' => __DIR__ . '/../../..' . '/lib/public/BackgroundJob/IJob.php',

View File

@ -37,6 +37,9 @@ use OCP\AppFramework\Utility\ITimeFactory;
use OCP\Authentication\TwoFactorAuth\IActivatableAtLogin;
use OCP\Authentication\TwoFactorAuth\IProvider;
use OCP\Authentication\TwoFactorAuth\IRegistry;
use OCP\Authentication\TwoFactorAuth\TwoFactorProviderForUserDisabled;
use OCP\Authentication\TwoFactorAuth\TwoFactorProviderForUserEnabled;
use OCP\EventDispatcher\IEventDispatcher;
use OCP\IConfig;
use OCP\ISession;
use OCP\IUser;
@ -79,9 +82,12 @@ class Manager {
/** @var ITimeFactory */
private $timeFactory;
/** @var EventDispatcherInterface */
/** @var IEventDispatcher */
private $dispatcher;
/** @var EventDispatcherInterface */
private $legacyDispatcher;
public function __construct(ProviderLoader $providerLoader,
IRegistry $providerRegistry,
MandatoryTwoFactor $mandatoryTwoFactor,
@ -91,7 +97,8 @@ class Manager {
LoggerInterface $logger,
TokenProvider $tokenProvider,
ITimeFactory $timeFactory,
EventDispatcherInterface $eventDispatcher) {
IEventDispatcher $eventDispatcher,
EventDispatcherInterface $legacyDispatcher) {
$this->providerLoader = $providerLoader;
$this->providerRegistry = $providerRegistry;
$this->mandatoryTwoFactor = $mandatoryTwoFactor;
@ -102,6 +109,7 @@ class Manager {
$this->tokenProvider = $tokenProvider;
$this->timeFactory = $timeFactory;
$this->dispatcher = $eventDispatcher;
$this->legacyDispatcher = $legacyDispatcher;
}
/**
@ -267,14 +275,18 @@ class Manager {
$this->config->deleteUserValue($user->getUID(), 'login_token_2fa', $tokenId);
$dispatchEvent = new GenericEvent($user, ['provider' => $provider->getDisplayName()]);
$this->dispatcher->dispatch(IProvider::EVENT_SUCCESS, $dispatchEvent);
$this->legacyDispatcher->dispatch(IProvider::EVENT_SUCCESS, $dispatchEvent);
$this->dispatcher->dispatchTyped(new TwoFactorProviderForUserEnabled($user, $provider));
$this->publishEvent($user, 'twofactor_success', [
'provider' => $provider->getDisplayName(),
]);
} else {
$dispatchEvent = new GenericEvent($user, ['provider' => $provider->getDisplayName()]);
$this->dispatcher->dispatch(IProvider::EVENT_FAILED, $dispatchEvent);
$this->legacyDispatcher->dispatch(IProvider::EVENT_FAILED, $dispatchEvent);
$this->dispatcher->dispatchTyped(new TwoFactorProviderForUserDisabled($user, $provider));
$this->publishEvent($user, 'twofactor_failed', [
'provider' => $provider->getDisplayName(),

View File

@ -0,0 +1,65 @@
<?php
declare(strict_types=1);
/**
* @copyright Copyright (c) 2021 Roeland Jago Douma <roeland@famdouma.nl>
*
* @author Roeland Jago Douma <roeland@famdouma.nl>
*
* @license GNU AGPL version 3 or any later version
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
* published by the Free Software Foundation, either version 3 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
*/
namespace OCP\Authentication\TwoFactorAuth;
use OCP\EventDispatcher\Event;
use OCP\IUser;
/**
* @since 22.0.0
*/
class TwoFactorProviderForUserDisabled extends Event {
/** @var IProvider */
private $provider;
/** @var IUser */
private $user;
/**
* @since 22.0.0
*/
public function __construct(IUser $user, IProvider $provider) {
$this->user = $user;
$this->provider = $provider;
}
/**
* @return IUser
* @since 22.0.0
*/
public function getUser(): IUser {
return $this->user;
}
/**
* @return IProvider
* @since 22.0.0
*/
public function getProvider(): IProvider {
return $this->provider;
}
}

View File

@ -0,0 +1,65 @@
<?php
declare(strict_types=1);
/**
* @copyright Copyright (c) 2021 Roeland Jago Douma <roeland@famdouma.nl>
*
* @author Roeland Jago Douma <roeland@famdouma.nl>
*
* @license GNU AGPL version 3 or any later version
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
* published by the Free Software Foundation, either version 3 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
*/
namespace OCP\Authentication\TwoFactorAuth;
use OCP\EventDispatcher\Event;
use OCP\IUser;
/**
* @since 22.0.0
*/
class TwoFactorProviderForUserEnabled extends Event {
/** @var IProvider */
private $provider;
/** @var IUser */
private $user;
/**
* @since 22.0.0
*/
public function __construct(IUser $user, IProvider $provider) {
$this->user = $user;
$this->provider = $provider;
}
/**
* @return IUser
* @since 22.0.0
*/
public function getUser(): IUser {
return $this->user;
}
/**
* @return IProvider
* @since 22.0.0
*/
public function getProvider(): IProvider {
return $this->provider;
}
}

View File

@ -33,6 +33,7 @@ use OCP\AppFramework\Utility\ITimeFactory;
use OCP\Authentication\TwoFactorAuth\IActivatableAtLogin;
use OCP\Authentication\TwoFactorAuth\IProvider;
use OCP\Authentication\TwoFactorAuth\IRegistry;
use OCP\EventDispatcher\IEventDispatcher;
use OCP\IConfig;
use OCP\ISession;
use OCP\IUser;
@ -83,6 +84,9 @@ class ManagerTest extends TestCase {
/** @var ITimeFactory|MockObject */
private $timeFactory;
/** @var IEventDispatcher|MockObject */
private $newDispatcher;
/** @var EventDispatcherInterface|MockObject */
private $eventDispatcher;
@ -99,6 +103,7 @@ class ManagerTest extends TestCase {
$this->logger = $this->createMock(LoggerInterface::class);
$this->tokenProvider = $this->createMock(TokenProvider::class);
$this->timeFactory = $this->createMock(ITimeFactory::class);
$this->newDispatcher = $this->createMock(IEventDispatcher::class);
$this->eventDispatcher = $this->createMock(EventDispatcherInterface::class);
$this->manager = new Manager(
@ -111,6 +116,7 @@ class ManagerTest extends TestCase {
$this->logger,
$this->tokenProvider,
$this->timeFactory,
$this->newDispatcher,
$this->eventDispatcher
);
@ -529,6 +535,7 @@ class ManagerTest extends TestCase {
$this->logger,
$this->tokenProvider,
$this->timeFactory,
$this->newDispatcher,
$this->eventDispatcher
])
->setMethods(['loadTwoFactorApp', 'isTwoFactorAuthenticated'])// Do not actually load the apps