You are here

Home » API reference » Google Authenticator / 2 Factor Authentication - 2FA 8.2 » miniorange_2fa_inline_registration.php » miniorange_2fa_inline_registration

function miniorange_2fa_inline_registration::handle_page_two_submit in Google Authenticator / 2 Factor Authentication - 2FA 8.2

Same name and namespace in other branches
  1. 8 src/Form/miniorange_2fa_inline_registration.php \Drupal\miniorange_2fa\form\miniorange_2fa_inline_registration::handle_page_two_submit()

File

src/Form/miniorange_2fa_inline_registration.php, line 295
Page 1: Select Email address. Page 2: Verify OTP. Page 3: Select Auth Method. Page 4: Configure Auth Method. Page 5: Configure KBA.

Class

miniorange_2fa_inline_registration
@file Page 1: Select Email address. Page 2: Verify OTP. Page 3: Select Auth Method. Page 4: Configure Auth Method. Page 5: Configure KBA.

Namespace

Drupal\miniorange_2fa\form

Code

function handle_page_two_submit(array $form, FormStateInterface $form_state) {
  global $base_url;
  $storage = $form_state
    ->getStorage();
  $token = str_replace(' ', '', $form['mo_auth_verify_token']['#value']);
  $challenge_response = $storage[0]['user_challenge_response'];
  $validate_response = $this
    ->validate_otp_for_user($challenge_response->txId, $token);
  if (is_object($validate_response) && $validate_response->status == 'FAILED') {
    $page = [
      'page_two' => TRUE,
      'page_one_values' => $storage['page_one_values'],
      [
        'user_search_response' => $storage[0]['user_search_response'],
        'user_challenge_response' => $storage[0]['user_challenge_response'],
      ],
    ];
    $form_state
      ->setStorage($page);
    $_SESSION['success_status'] = FALSE;
    $form_state
      ->setRebuild();
    return $form;
  }
  elseif (is_object($validate_response) && $validate_response->status != 'SUCCESS') {
    unset($_SESSION['success_status']);
    $form_state
      ->setRebuild();
    MoAuthUtilities::mo_add_loggers_for_failures($validate_response->message, 'error');
    \Drupal::messenger()
      ->addError(t('An error occurred while registering the user.'), TRUE);
    $url = Url::fromRoute('user.login')
      ->toString();
    $response = new RedirectResponse($url);
    $response
      ->send();
  }
  $form_state
    ->setRebuild();
  $email = $storage['page_one_values']['mo_auth_user_email'];
  $user_search_response = $storage[0]['user_search_response'];
  $customer = new MiniorangeCustomerProfile();
  $miniorange_user = new MiniorangeUser($customer
    ->getCustomerID(), $email, NULL, NULL, AuthenticationType::$EMAIL_VERIFICATION['code']);
  $user_api_handler = new UsersAPIHandler($customer
    ->getCustomerID(), $customer
    ->getAPIKey());
  if ($user_search_response->status == 'USER_NOT_FOUND') {
    $storage['page_one_values']["mo_2fa_new_user"] = TRUE;
    $create_response = $user_api_handler
      ->create($miniorange_user);
  }
  else {
    $storage['page_one_values']["mo_2fa_new_user"] = FALSE;
  }

  /* Check whether user creation limit is exceeded or not */
  if (isset($create_response) && isset($create_response->status) && isset($create_response->message) && $create_response->status == 'ERROR' && $create_response->message == t('Your user creation limit has been completed. Please upgrade your license to add more users.')) {
    \Drupal::configFactory()
      ->getEditable('miniorange_2fa.settings')
      ->set('mo_user_limit_exceed', TRUE)
      ->save();
  }
  else {
    \Drupal::configFactory()
      ->getEditable('miniorange_2fa.settings')
      ->clear('mo_user_limit_exceed')
      ->save();
  }
  if (isset($create_response) && isset($create_response->status) && $create_response->status == 'ERROR') {
    unset($_SESSION['success_status']);
    $form_state
      ->setRebuild();
    MoAuthUtilities::mo_add_loggers_for_failures($create_response->message, 'error');
    \Drupal::messenger()
      ->addError(t('An error occurred while creating the user. Please contact your administrator.'));
    $url = Url::fromRoute('user.login')
      ->toString();
    $response = new RedirectResponse($url);
    $response
      ->send();
    exit;
  }

  // Update User Auth method to OUT OF BAND EMAIL
  $user_update_response = $user_api_handler
    ->update($miniorange_user);
  if ($user_update_response->status == 'SUCCESS') {
    $page = [
      'page_two_values' => $form_state
        ->getValues(),
      'page_one_values' => $storage['page_one_values'],
    ];

    // check if there is only one option to choose in step 3
    $selectedMfaMethods = MoAuthUtilities::get_2fa_methods_for_inline_registration(TRUE);
    $nextPage = "page_three";
    if (count($selectedMfaMethods) === 1) {
      $nextPage = "page_four";
      $selectedMfaMethodCode = array_keys($selectedMfaMethods)[0];
      if ($selectedMfaMethodCode === AuthenticationType::$EMAIL['code'] || $selectedMfaMethodCode === AuthenticationType::$EMAIL_VERIFICATION['code']) {
        $nextPage = "page_five";
      }
      $page["page_three_values"] = array(
        "mo_auth_method" => $selectedMfaMethodCode,
      );
    }
    $page[$nextPage] = TRUE;
    $form_state
      ->setStorage($page);
    return;
  }

  // Handle error. return to login.
}