function miniorange_2fa_inline_registration::handle_page_five_submit in Google Authenticator / 2 Factor Authentication - 2FA 8.2
Same name and namespace in other branches
- 8 src/Form/miniorange_2fa_inline_registration.php \Drupal\miniorange_2fa\form\miniorange_2fa_inline_registration::handle_page_five_submit()
2 calls to miniorange_2fa_inline_registration::handle_page_five_submit()
File
- src/
Form/ miniorange_2fa_inline_registration.php, line 744 - Page 1: Select Email address. Page 2: Verify OTP. Page 3: Select Auth Method. Page 4: Configure Auth Method. Page 5: Configure KBA.
Class
- miniorange_2fa_inline_registration
- @file Page 1: Select Email address. Page 2: Verify OTP. Page 3: Select Auth Method. Page 4: Configure Auth Method. Page 5: Configure KBA.
Namespace
Drupal\miniorange_2fa\formCode
function handle_page_five_submit(array $form, FormStateInterface $form_state) {
$form_state
->setRebuild();
$storage = $form_state
->getStorage();
$user_email = $storage['page_one_values']['mo_auth_user_email'];
$user_phone = isset($storage['page_four_values']['mo_auth_otpoversms_phone']) ? $storage['page_four_values']['mo_auth_otpoversms_phone'] : NULL;
$enable_kba = \Drupal::config('miniorange_2fa.settings')
->get('mo_auth_2fa_kba_questions') == 'Not_Allowed' ? false : true;
if ($enable_kba) {
$question1 = $form['mo_auth_question1']['#value'];
$answer1 = $form['mo_auth_answer1']['#value'];
$question2 = $form['mo_auth_question2']['#value'];
$answer2 = $form['mo_auth_answer2']['#value'];
$question3 = $form['mo_auth_question3']['#value'];
$answer3 = $form['mo_auth_answer3']['#value'];
$qa1 = array(
"question" => $question1,
"answer" => $answer1,
);
$qa2 = array(
"question" => $question2,
"answer" => $answer2,
);
$qa3 = array(
"question" => $question3,
"answer" => $answer3,
);
$kba = array(
$qa1,
$qa2,
$qa3,
);
}
$method = $storage['page_three_values']['mo_auth_method'];
$url_parts = MoAuthUtilities::mo_auth_get_url_parts();
end($url_parts);
$user_id = prev($url_parts);
$session = MoAuthUtilities::getSession();
$moMfaSession = $session
->get('mo_auth');
if (!isset($moMfaSession['uid']) || $moMfaSession['uid'] != $user_id) {
$session
->remove('mo_auth');
MoAuthUtilities::mo_add_loggers_for_failures(t('URL change detected'), 'error');
\Drupal::messenger()
->addError(t("Authentication failed try again. URL change detected while inline registration."), TRUE);
$url = Url::fromRoute('user.login')
->toString();
$response = new RedirectResponse($url);
$response
->send();
exit;
}
$customer = new MiniorangeCustomerProfile();
$miniorange_user = new MiniorangeUser($customer
->getCustomerID(), $user_email, $user_phone, NULL, $method == AuthenticationType::$AUTHY_AUTHENTICATOR['code'] || $method == AuthenticationType::$DUO_AUTHENTICATOR['code'] || $method == AuthenticationType::$MICROSOFT_AUTHENTICATOR['code'] || $method == AuthenticationType::$LASTPASS_AUTHENTICATOR['code'] ? AuthenticationType::$GOOGLE_AUTHENTICATOR['code'] : $method);
$bypass_register = true;
$enable_kba = \Drupal::config('miniorange_2fa.settings')
->get('mo_auth_2fa_kba_questions') == 'Not_Allowed' ? false : true;
if ($enable_kba) {
$auth_api_handler = new AuthenticationAPIHandler($customer
->getCustomerID(), $customer
->getAPIKey());
$response = $auth_api_handler
->register($miniorange_user, AuthenticationType::$KBA['code'], NULL, NULL, $kba);
$bypass_register = false;
}
if ($bypass_register || $response->status == 'SUCCESS') {
$user_api_handler = new UsersAPIHandler($customer
->getCustomerID(), $customer
->getAPIKey());
$user_update_response = $user_api_handler
->update($miniorange_user);
if ($user_update_response->status == 'SUCCESS') {
$database = \Drupal::database();
$fields = array(
'uid' => $user_id,
'configured_auth_methods' => AuthenticationType::$EMAIL_VERIFICATION['code'],
'miniorange_registered_email' => $user_email,
'activated_auth_methods' => $method,
);
$result = MoAuthUtilities::get_users_custom_attribute($user_id);
if (count($result) > 0) {
$database
->update('UserAuthenticationType')
->fields($fields)
->condition('uid', $user_id, '=')
->execute();
}
else {
try {
$database
->insert('UserAuthenticationType')
->fields($fields)
->execute();
} catch (\Exception $e) {
}
}
$configured_methods = MoAuthUtilities::mo_auth_get_configured_methods($user_id);
$available = MoAuthUtilities::check_for_userID($user_id);
if (!in_array($method, $configured_methods)) {
array_push($configured_methods, $method);
}
if ($method != AuthenticationType::$KBA['code'] && $enable_kba) {
array_push($configured_methods, AuthenticationType::$KBA['code']);
}
$config_methods = implode(', ', $configured_methods);
if ($available == TRUE) {
$database
->update('UserAuthenticationType')
->fields([
'configured_auth_methods' => $config_methods,
])
->condition('uid', $user_id, '=')
->execute();
}
else {
echo t("error while updating authentication method.");
exit;
}
$user = User::load($user_id);
user_login_finalize($user);
$custom_redirect_url = \Drupal::config('miniorange_2fa.settings')
->get('mo_auth_redirect_user_after_login');
$mo_redirect_url = isset($custom_redirect_url) && !empty($custom_redirect_url) ? $custom_redirect_url : Url::fromRoute('user.login')
->toString();
$response = new RedirectResponse($mo_redirect_url);
$response
->send();
}
}
elseif ($bypass_register || $response->status != 'SUCCESS') {
// Error out. Send to login.
MoAuthUtilities::mo_add_loggers_for_failures($response->message, 'error');
\Drupal::messenger()
->addError(t('Unable to setup the second factor. Please contact your administrator.'), TRUE);
$url = Url::fromRoute('user.login')
->toString();
$response = new RedirectResponse($url);
$response
->send();
}
}