From 3c5cf825b396eacdc3e2376137e010552796119e Mon Sep 17 00:00:00 2001 From: Roeland Jago Douma Date: Fri, 5 Mar 2021 16:02:17 +0100 Subject: [PATCH] Add real events for enabled 2fa providers for users * Shiny new events * Listener to still emit the old event Signed-off-by: Roeland Jago Douma --- lib/composer/composer/autoload_classmap.php | 2 + lib/composer/composer/autoload_static.php | 2 + .../Authentication/TwoFactorAuth/Manager.php | 20 ++++-- .../TwoFactorProviderForUserDisabled.php | 65 +++++++++++++++++++ .../TwoFactorProviderForUserEnabled.php | 65 +++++++++++++++++++ .../TwoFactorAuth/ManagerTest.php | 7 ++ 6 files changed, 157 insertions(+), 4 deletions(-) create mode 100644 lib/public/Authentication/TwoFactorAuth/TwoFactorProviderForUserDisabled.php create mode 100644 lib/public/Authentication/TwoFactorAuth/TwoFactorProviderForUserEnabled.php diff --git a/lib/composer/composer/autoload_classmap.php b/lib/composer/composer/autoload_classmap.php index 86d24ad031..92fd80d279 100644 --- a/lib/composer/composer/autoload_classmap.php +++ b/lib/composer/composer/autoload_classmap.php @@ -103,6 +103,8 @@ return array( 'OCP\\Authentication\\TwoFactorAuth\\RegistryEvent' => $baseDir . '/lib/public/Authentication/TwoFactorAuth/RegistryEvent.php', 'OCP\\Authentication\\TwoFactorAuth\\TwoFactorException' => $baseDir . '/lib/public/Authentication/TwoFactorAuth/TwoFactorException.php', 'OCP\\Authentication\\TwoFactorAuth\\TwoFactorProviderDisabled' => $baseDir . '/lib/public/Authentication/TwoFactorAuth/TwoFactorProviderDisabled.php', + 'OCP\\Authentication\\TwoFactorAuth\\TwoFactorProviderForUserDisabled' => $baseDir . '/lib/public/Authentication/TwoFactorAuth/TwoFactorProviderForUserDisabled.php', + 'OCP\\Authentication\\TwoFactorAuth\\TwoFactorProviderForUserEnabled' => $baseDir . '/lib/public/Authentication/TwoFactorAuth/TwoFactorProviderForUserEnabled.php', 'OCP\\AutoloadNotAllowedException' => $baseDir . '/lib/public/AutoloadNotAllowedException.php', 'OCP\\BackgroundJob' => $baseDir . '/lib/public/BackgroundJob.php', 'OCP\\BackgroundJob\\IJob' => $baseDir . '/lib/public/BackgroundJob/IJob.php', diff --git a/lib/composer/composer/autoload_static.php b/lib/composer/composer/autoload_static.php index 5cf2b9a2cb..7654e223b2 100644 --- a/lib/composer/composer/autoload_static.php +++ b/lib/composer/composer/autoload_static.php @@ -132,6 +132,8 @@ class ComposerStaticInit53792487c5a8370acc0b06b1a864ff4c 'OCP\\Authentication\\TwoFactorAuth\\RegistryEvent' => __DIR__ . '/../../..' . '/lib/public/Authentication/TwoFactorAuth/RegistryEvent.php', 'OCP\\Authentication\\TwoFactorAuth\\TwoFactorException' => __DIR__ . '/../../..' . '/lib/public/Authentication/TwoFactorAuth/TwoFactorException.php', 'OCP\\Authentication\\TwoFactorAuth\\TwoFactorProviderDisabled' => __DIR__ . '/../../..' . '/lib/public/Authentication/TwoFactorAuth/TwoFactorProviderDisabled.php', + 'OCP\\Authentication\\TwoFactorAuth\\TwoFactorProviderForUserDisabled' => __DIR__ . '/../../..' . '/lib/public/Authentication/TwoFactorAuth/TwoFactorProviderForUserDisabled.php', + 'OCP\\Authentication\\TwoFactorAuth\\TwoFactorProviderForUserEnabled' => __DIR__ . '/../../..' . '/lib/public/Authentication/TwoFactorAuth/TwoFactorProviderForUserEnabled.php', 'OCP\\AutoloadNotAllowedException' => __DIR__ . '/../../..' . '/lib/public/AutoloadNotAllowedException.php', 'OCP\\BackgroundJob' => __DIR__ . '/../../..' . '/lib/public/BackgroundJob.php', 'OCP\\BackgroundJob\\IJob' => __DIR__ . '/../../..' . '/lib/public/BackgroundJob/IJob.php', diff --git a/lib/private/Authentication/TwoFactorAuth/Manager.php b/lib/private/Authentication/TwoFactorAuth/Manager.php index d95cc8b1eb..4391f7d108 100644 --- a/lib/private/Authentication/TwoFactorAuth/Manager.php +++ b/lib/private/Authentication/TwoFactorAuth/Manager.php @@ -37,6 +37,9 @@ use OCP\AppFramework\Utility\ITimeFactory; use OCP\Authentication\TwoFactorAuth\IActivatableAtLogin; use OCP\Authentication\TwoFactorAuth\IProvider; use OCP\Authentication\TwoFactorAuth\IRegistry; +use OCP\Authentication\TwoFactorAuth\TwoFactorProviderForUserDisabled; +use OCP\Authentication\TwoFactorAuth\TwoFactorProviderForUserEnabled; +use OCP\EventDispatcher\IEventDispatcher; use OCP\IConfig; use OCP\ISession; use OCP\IUser; @@ -79,9 +82,12 @@ class Manager { /** @var ITimeFactory */ private $timeFactory; - /** @var EventDispatcherInterface */ + /** @var IEventDispatcher */ private $dispatcher; + /** @var EventDispatcherInterface */ + private $legacyDispatcher; + public function __construct(ProviderLoader $providerLoader, IRegistry $providerRegistry, MandatoryTwoFactor $mandatoryTwoFactor, @@ -91,7 +97,8 @@ class Manager { LoggerInterface $logger, TokenProvider $tokenProvider, ITimeFactory $timeFactory, - EventDispatcherInterface $eventDispatcher) { + IEventDispatcher $eventDispatcher, + EventDispatcherInterface $legacyDispatcher) { $this->providerLoader = $providerLoader; $this->providerRegistry = $providerRegistry; $this->mandatoryTwoFactor = $mandatoryTwoFactor; @@ -102,6 +109,7 @@ class Manager { $this->tokenProvider = $tokenProvider; $this->timeFactory = $timeFactory; $this->dispatcher = $eventDispatcher; + $this->legacyDispatcher = $legacyDispatcher; } /** @@ -267,14 +275,18 @@ class Manager { $this->config->deleteUserValue($user->getUID(), 'login_token_2fa', $tokenId); $dispatchEvent = new GenericEvent($user, ['provider' => $provider->getDisplayName()]); - $this->dispatcher->dispatch(IProvider::EVENT_SUCCESS, $dispatchEvent); + $this->legacyDispatcher->dispatch(IProvider::EVENT_SUCCESS, $dispatchEvent); + + $this->dispatcher->dispatchTyped(new TwoFactorProviderForUserEnabled($user, $provider)); $this->publishEvent($user, 'twofactor_success', [ 'provider' => $provider->getDisplayName(), ]); } else { $dispatchEvent = new GenericEvent($user, ['provider' => $provider->getDisplayName()]); - $this->dispatcher->dispatch(IProvider::EVENT_FAILED, $dispatchEvent); + $this->legacyDispatcher->dispatch(IProvider::EVENT_FAILED, $dispatchEvent); + + $this->dispatcher->dispatchTyped(new TwoFactorProviderForUserDisabled($user, $provider)); $this->publishEvent($user, 'twofactor_failed', [ 'provider' => $provider->getDisplayName(), diff --git a/lib/public/Authentication/TwoFactorAuth/TwoFactorProviderForUserDisabled.php b/lib/public/Authentication/TwoFactorAuth/TwoFactorProviderForUserDisabled.php new file mode 100644 index 0000000000..a0d20c3e39 --- /dev/null +++ b/lib/public/Authentication/TwoFactorAuth/TwoFactorProviderForUserDisabled.php @@ -0,0 +1,65 @@ + + * + * @author Roeland Jago Douma + * + * @license GNU AGPL version 3 or any later version + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see . + * + */ + +namespace OCP\Authentication\TwoFactorAuth; + +use OCP\EventDispatcher\Event; +use OCP\IUser; + +/** + * @since 22.0.0 + */ +class TwoFactorProviderForUserDisabled extends Event { + /** @var IProvider */ + private $provider; + + /** @var IUser */ + private $user; + + /** + * @since 22.0.0 + */ + public function __construct(IUser $user, IProvider $provider) { + $this->user = $user; + $this->provider = $provider; + } + + /** + * @return IUser + * @since 22.0.0 + */ + public function getUser(): IUser { + return $this->user; + } + + /** + * @return IProvider + * @since 22.0.0 + */ + public function getProvider(): IProvider { + return $this->provider; + } +} diff --git a/lib/public/Authentication/TwoFactorAuth/TwoFactorProviderForUserEnabled.php b/lib/public/Authentication/TwoFactorAuth/TwoFactorProviderForUserEnabled.php new file mode 100644 index 0000000000..c79669d6eb --- /dev/null +++ b/lib/public/Authentication/TwoFactorAuth/TwoFactorProviderForUserEnabled.php @@ -0,0 +1,65 @@ + + * + * @author Roeland Jago Douma + * + * @license GNU AGPL version 3 or any later version + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see . + * + */ + +namespace OCP\Authentication\TwoFactorAuth; + +use OCP\EventDispatcher\Event; +use OCP\IUser; + +/** + * @since 22.0.0 + */ +class TwoFactorProviderForUserEnabled extends Event { + /** @var IProvider */ + private $provider; + + /** @var IUser */ + private $user; + + /** + * @since 22.0.0 + */ + public function __construct(IUser $user, IProvider $provider) { + $this->user = $user; + $this->provider = $provider; + } + + /** + * @return IUser + * @since 22.0.0 + */ + public function getUser(): IUser { + return $this->user; + } + + /** + * @return IProvider + * @since 22.0.0 + */ + public function getProvider(): IProvider { + return $this->provider; + } +} diff --git a/tests/lib/Authentication/TwoFactorAuth/ManagerTest.php b/tests/lib/Authentication/TwoFactorAuth/ManagerTest.php index a04e0f05f9..fc921b8016 100644 --- a/tests/lib/Authentication/TwoFactorAuth/ManagerTest.php +++ b/tests/lib/Authentication/TwoFactorAuth/ManagerTest.php @@ -33,6 +33,7 @@ use OCP\AppFramework\Utility\ITimeFactory; use OCP\Authentication\TwoFactorAuth\IActivatableAtLogin; use OCP\Authentication\TwoFactorAuth\IProvider; use OCP\Authentication\TwoFactorAuth\IRegistry; +use OCP\EventDispatcher\IEventDispatcher; use OCP\IConfig; use OCP\ISession; use OCP\IUser; @@ -83,6 +84,9 @@ class ManagerTest extends TestCase { /** @var ITimeFactory|MockObject */ private $timeFactory; + /** @var IEventDispatcher|MockObject */ + private $newDispatcher; + /** @var EventDispatcherInterface|MockObject */ private $eventDispatcher; @@ -99,6 +103,7 @@ class ManagerTest extends TestCase { $this->logger = $this->createMock(LoggerInterface::class); $this->tokenProvider = $this->createMock(TokenProvider::class); $this->timeFactory = $this->createMock(ITimeFactory::class); + $this->newDispatcher = $this->createMock(IEventDispatcher::class); $this->eventDispatcher = $this->createMock(EventDispatcherInterface::class); $this->manager = new Manager( @@ -111,6 +116,7 @@ class ManagerTest extends TestCase { $this->logger, $this->tokenProvider, $this->timeFactory, + $this->newDispatcher, $this->eventDispatcher ); @@ -529,6 +535,7 @@ class ManagerTest extends TestCase { $this->logger, $this->tokenProvider, $this->timeFactory, + $this->newDispatcher, $this->eventDispatcher ]) ->setMethods(['loadTwoFactorApp', 'isTwoFactorAuthenticated'])// Do not actually load the apps