You are here

Home » API reference » Google Authenticator / 2 Factor Authentication - 2FA 8.2 » miniorange_2fa_inline_registration.php » miniorange_2fa_inline_registration

function miniorange_2fa_inline_registration::handle_page_four_submit in Google Authenticator / 2 Factor Authentication - 2FA 8.2

Same name and namespace in other branches
  1. 8 src/Form/miniorange_2fa_inline_registration.php \Drupal\miniorange_2fa\form\miniorange_2fa_inline_registration::handle_page_four_submit()

File

src/Form/miniorange_2fa_inline_registration.php, line 611
Page 1: Select Email address. Page 2: Verify OTP. Page 3: Select Auth Method. Page 4: Configure Auth Method. Page 5: Configure KBA.

Class

miniorange_2fa_inline_registration
@file Page 1: Select Email address. Page 2: Verify OTP. Page 3: Select Auth Method. Page 4: Configure Auth Method. Page 5: Configure KBA.

Namespace

Drupal\miniorange_2fa\form

Code

function handle_page_four_submit(array $form, FormStateInterface $form_state) {
  $storage = $form_state
    ->getStorage();
  $method = $storage['page_three_values']['mo_auth_method'];
  $form_state
    ->setRebuild();
  if ($method == AuthenticationType::$GOOGLE_AUTHENTICATOR['code'] || $method == AuthenticationType::$MICROSOFT_AUTHENTICATOR['code'] || $method == AuthenticationType::$AUTHY_AUTHENTICATOR['code'] || $method == AuthenticationType::$LASTPASS_AUTHENTICATOR['code'] || $method == AuthenticationType::$DUO_AUTHENTICATOR['code']) {
    $email = $storage['page_one_values']['mo_auth_user_email'];
    $google_auth_response = $storage['page_four_values']['google_auth_response'];
    $token = $form['mo_auth_googleauth_token']['#value'];
    $secret = $google_auth_response->secret;
    $customer = new MiniorangeCustomerProfile();
    $miniorange_user = new MiniorangeUser($customer
      ->getCustomerID(), $email, NULL, NULL, AuthenticationType::$GOOGLE_AUTHENTICATOR['code']);
    $auth_api_handler = new AuthenticationAPIHandler($customer
      ->getCustomerID(), $customer
      ->getAPIKey());
    $response = $auth_api_handler
      ->register($miniorange_user, AuthenticationType::$GOOGLE_AUTHENTICATOR['code'], $secret, $token, NULL);
    if ($response->status == 'SUCCESS') {
      $page = [
        'page_five' => TRUE,
        'page_four_values' => $form_state
          ->getValues(),
        'page_three_values' => $storage['page_three_values'],
        'page_two_values' => $storage['page_two_values'],
        'page_one_values' => $storage['page_one_values'],
      ];
      $_SESSION['success_status'] = TRUE;
      $form_state
        ->setStorage($page);
      return;
    }
    elseif ($response->status == 'FAILED') {

      // Passcode incorrect. Try again - Show error form
      $page = [
        'page_four' => TRUE,
        'page_four_values' => [
          'google_auth_response' => $storage['page_four_values']['google_auth_response'],
        ],
        'page_three_values' => $storage['page_three_values'],
        'page_two_values' => $storage['page_two_values'],
        'page_one_values' => $storage['page_one_values'],
      ];
      $form_state
        ->setStorage($page);
      $_SESSION['success_status'] = FALSE;
      $form_state
        ->setRebuild();
      return;
    }
    elseif ($response->status != 'SUCCESS') {
      $form_state
        ->setRebuild();
      unset($_SESSION['success_status']);
      MoAuthUtilities::mo_add_loggers_for_failures($response->message, 'error');
      \Drupal::messenger()
        ->addError(t('An error occurred while registering the user.'), TRUE);
      $url = Url::fromRoute('user.login')
        ->toString();
      $response = new RedirectResponse($url);
      $response
        ->send();
    }
  }
  elseif ($method == AuthenticationType::$QR_CODE['code'] || $method == AuthenticationType::$SOFT_TOKEN['code'] || $method == AuthenticationType::$PUSH_NOTIFICATIONS['code']) {
    $qrcode_response = $storage['page_four_values']['qrcode_response'];
    $customer = new MiniorangeCustomerProfile();
    $auth_api_handler = new AuthenticationAPIHandler($customer
      ->getCustomerID(), $customer
      ->getAPIKey());
    $response = $auth_api_handler
      ->getRegistrationStatus($qrcode_response->txId);
    if ($response->status == 'SUCCESS') {
      $page = [
        'page_five' => TRUE,
        'page_four_values' => $form_state
          ->getValues(),
        'page_three_values' => $storage['page_three_values'],
        'page_two_values' => $storage['page_two_values'],
        'page_one_values' => $storage['page_one_values'],
      ];
      $form_state
        ->setStorage($page);
      return;
    }
  }
  elseif ($method == AuthenticationType::$HARDWARE_TOKEN['code'] || $method == AuthenticationType::$SMS['code'] || $method == AuthenticationType::$SMS_AND_EMAIL['code'] || $method == AuthenticationType::$EMAIL['code'] || $method == AuthenticationType::$OTP_OVER_PHONE['code']) {
    $input = $form_state
      ->getUserInput();
    $phone = isset($input['mo_auth_otpoversms_phone']) ? str_replace(' ', '', $input['mo_auth_otpoversms_phone']) : '';
    $email = $storage['page_one_values']['mo_auth_user_email'];
    $customer = new MiniorangeCustomerProfile();
    if ($method == AuthenticationType::$SMS_AND_EMAIL['code']) {
      $miniorange_user = new MiniorangeUser($customer
        ->getCustomerID(), NULL, $phone, NULL, $method, $email);
    }
    elseif ($method == AuthenticationType::$EMAIL['code']) {
      $miniorange_user = new MiniorangeUser($customer
        ->getCustomerID(), NULL, NULL, NULL, $method, $email);
    }
    elseif ($method == AuthenticationType::$OTP_OVER_PHONE['code'] || $method == AuthenticationType::$SMS['code']) {
      $miniorange_user = new MiniorangeUser($customer
        ->getCustomerID(), NULL, $phone, NULL, $method, NULL);
    }
    elseif ($method == AuthenticationType::$HARDWARE_TOKEN['code']) {
      $miniorange_user = new MiniorangeUser($customer
        ->getCustomerID(), $email, null, NULL, $method, NULL);
    }
    $auth_api_handler = new AuthenticationAPIHandler($customer
      ->getCustomerID(), $customer
      ->getAPIKey());
    $response = $auth_api_handler
      ->challenge($miniorange_user);
    if (is_object($response) && $response->status == 'SUCCESS') {
      $page = [
        'page_otp_validate' => TRUE,
        'page_four_values' => $form_state
          ->getValues(),
        [
          'user_challenge_response' => $response,
        ],
        'page_three_values' => $storage['page_three_values'],
        'page_two_values' => $storage['page_two_values'],
        'page_one_values' => $storage['page_one_values'],
      ];
      $_SESSION['message'] = 'INVALID OTP';
      $_SESSION['success_status'] = TRUE;
      $form_state
        ->setStorage($page);
      return;
    }
    elseif (is_object($response) && $response->status == 'FAILED') {

      //$error = $response->message;
      $page = [
        'Page_four' => TRUE,
        'page_three_values' => $storage['page_three_values'],
        'page_two_values' => $storage['page_two_values'],
        'page_one_values' => $storage['page_one_values'],
      ];
      if ($method == AuthenticationType::$HARDWARE_TOKEN['code']) {
        $_SESSION['message'] = t('Error during creating a Hardware Token challenge. You may choose other methods.');
      }
      $_SESSION['message'] = t('Error during sending OTP. You may choose other methods.');
      $_SESSION['success_status'] = FALSE;
      $form_state
        ->setStorage($page);
      $form_state
        ->setRebuild();
      return;
    }
  }
  elseif ($method == AuthenticationType::$KBA['code']) {
    $this
      ->handle_page_five_submit($form, $form_state);
    return;
  }

  // Handle all error
}