vendor/pimcore/pimcore/bundles/AdminBundle/EventListener/TwoFactorListener.php line 50

Open in your IDE?
  1. <?php
  3. /**
  4.  * Pimcore
  5.  *
  6.  * This source file is available under two different licenses:
  7.  * - GNU General Public License version 3 (GPLv3)
  8.  * - Pimcore Commercial License (PCL)
  9.  * Full copyright and license information is available in
  10.  * LICENSE.md which is distributed with this source code.
  11.  *
  12.  *  @copyright  Copyright (c) Pimcore GmbH (http://www.pimcore.org)
  13.  *  @license    http://www.pimcore.org/license     GPLv3 and PCL
  14.  */
  16. namespace Pimcore\Bundle\AdminBundle\EventListener;
  18. use Pimcore\Bundle\AdminBundle\Security\Authentication\Token\TwoFactorRequiredToken;
  19. use Pimcore\Tool\Session;
  20. use Psr\Log\LoggerAwareTrait;
  21. use Scheb\TwoFactorBundle\Security\Authentication\Token\TwoFactorTokenInterface;
  22. use Scheb\TwoFactorBundle\Security\TwoFactor\Event\TwoFactorAuthenticationEvent;
  23. use Scheb\TwoFactorBundle\Security\TwoFactor\Provider\PreparationRecorderInterface;
  24. use Scheb\TwoFactorBundle\Security\TwoFactor\Provider\TwoFactorProviderRegistry;
  25. use Symfony\Component\HttpFoundation\Session\Attribute\AttributeBagInterface;
  27. /**
  28.  * @internal
  29.  */
  30. class TwoFactorListener
  31. {
  32.     use LoggerAwareTrait;
  34.     /**
  35.      * @var TwoFactorProviderRegistry
  36.      */
  37.     private $providerRegistry;
  39.     /**
  40.      * @var PreparationRecorderInterface
  41.      */
  42.     private $preparationRecorder;
  44.     public function __construct(TwoFactorProviderRegistry $providerRegistryPreparationRecorderInterface $preparationRecorder)
  45.     {
  46.         $this->providerRegistry $providerRegistry;
  47.         $this->preparationRecorder $preparationRecorder;
  48.     }
  50.     public function onAuthenticationComplete(TwoFactorAuthenticationEvent $event)
  51.     {
  52.         // this session flag is set in \Pimcore\Bundle\AdminBundle\Security\AdminAuthenticator
  53.         // or \Pimcore\Bundle\AdminBundle\Security\AdminAuthenticator (Authenticator Based Security)
  54.         // @TODO: check if there's a nicer way of doing this, actually it feels a bit like a hack :)
  55.         Session::useSession(function (AttributeBagInterface $adminSession) {
  56.             $adminSession->set('2fa_required'false);
  57.         });
  58.     }
  60.     public function onAuthenticationAttempt(TwoFactorAuthenticationEvent $event)
  61.     {
  62.         $twoFactorToken $event->getToken();
  63.         if (!$twoFactorToken instanceof TwoFactorTokenInterface) {
  64.             return;
  65.         }
  67.         $providerName $twoFactorToken->getCurrentTwoFactorProvider();
  68.         if (null === $providerName) {
  69.             return;
  70.         }
  72.         $twoFactorToken->setTwoFactorProviderPrepared($providerName);
  73.         if ($twoFactorToken instanceof TwoFactorRequiredToken) {
  74.             $firewallName $twoFactorToken->getFirewallName();
  75.         } else {
  76.             $firewallName $twoFactorToken->getProviderKey();
  77.         }
  79.         if ($this->preparationRecorder->isTwoFactorProviderPrepared($firewallName$providerName)) {
  80.             $this->logger->info(sprintf('Two-factor provider "%s" was already prepared.'$providerName));
  82.             return;
  83.         }
  85.         $user $twoFactorToken->getUser();
  86.         $this->providerRegistry->getProvider($providerName)->prepareAuthentication($user);
  88.         $this->preparationRecorder->setTwoFactorProviderPrepared($firewallName$providerName);
  89.         $this->logger->info(sprintf('Two-factor provider "%s" prepared.'$providerName));
  90.     }
  91. }