-
Notifications
You must be signed in to change notification settings - Fork 5
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Require SMS recovery token authentication
When recovering a SF token using your recovery token, the SMS option did not require an SMS authentication. That was fixed in this PR During registration, the SMS auth step is not required as you just registered the SMS recovery token in that case. And that is enough proof of possession at that point. But during recovery of a SF token, you are required to prove possession of your recovery token. For the safe-store RT that would already work. See: https://www.pivotaltracker.com/story/show/185099092
- Loading branch information
Showing
13 changed files
with
258 additions
and
102 deletions.
There are no files selected for viewing
54 changes: 54 additions & 0 deletions
54
...fService/SelfServiceBundle/Command/SendRecoveryTokenSmsAuthenticationChallengeCommand.php
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,54 @@ | ||
<?php | ||
|
||
/** | ||
* Copyright 2022 SURFnet bv | ||
* | ||
* Licensed under the Apache License, Version 2.0 (the "License"); | ||
* you may not use this file except in compliance with the License. | ||
* You may obtain a copy of the License at | ||
* | ||
* http://www.apache.org/licenses/LICENSE-2.0 | ||
* | ||
* Unless required by applicable law or agreed to in writing, software | ||
* distributed under the License is distributed on an "AS IS" BASIS, | ||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
* See the License for the specific language governing permissions and | ||
* limitations under the License. | ||
*/ | ||
|
||
namespace Surfnet\StepupSelfService\SelfServiceBundle\Command; | ||
|
||
use Surfnet\StepupBundle\Value\PhoneNumber\InternationalPhoneNumber; | ||
use Surfnet\StepupSelfService\SelfServiceBundle\Service\SmsRecoveryTokenService; | ||
|
||
/** | ||
* @SuppressWarnings(PHPMD.LongClassName) | ||
*/ | ||
class SendRecoveryTokenSmsAuthenticationChallengeCommand implements SendSmsChallengeCommandInterface | ||
{ | ||
/** | ||
* @var InternationalPhoneNumber | ||
*/ | ||
public $identifier; | ||
|
||
/** | ||
* The requesting identity's ID (not name ID). | ||
* | ||
* @var string | ||
*/ | ||
public $identity; | ||
|
||
/** | ||
* The requesting identity's institution. | ||
* | ||
* @var string | ||
*/ | ||
public $institution; | ||
|
||
/** | ||
* An arbitrary token id, not recorded in Middleware. | ||
* This is used to do a preliminary proof of phone possession. | ||
* @var string | ||
*/ | ||
public $recoveryTokenId = SmsRecoveryTokenService::REGISTRATION_RECOVERY_TOKEN_ID; | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.