GenericValidation.php in Two-factor Authentication (TFA) 8
File
services_tfa/src/Plugin/ServiceDefinition/GenericValidation.php
View source
<?php
namespace Drupal\services_tfa\Plugin\ServiceDefinition;
use Drupal\Core\DependencyInjection\DependencySerializationTrait;
use Drupal\Core\Plugin\ContainerFactoryPluginInterface;
use Drupal\Core\Routing\RouteMatchInterface;
use Drupal\services\ServiceDefinitionBase;
use Drupal\tfa\TfaValidationPluginManager;
use Drupal\user\UserDataInterface;
use Symfony\Component\DependencyInjection\ContainerInterface;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;
use Symfony\Component\Serializer\SerializerInterface;
class GenericValidation extends ServiceDefinitionBase implements ContainerFactoryPluginInterface {
use DependencySerializationTrait;
protected $tfaValidationManager;
protected $validationPlugin;
protected $userData;
public function __construct(array $configuration, $plugin_id, $plugin_definition, UserDataInterface $user_data, TfaValidationPluginManager $tfa_validation_manager) {
parent::__construct($configuration, $plugin_id, $plugin_definition);
$this->userData = $user_data;
$this->tfaValidationManager = $tfa_validation_manager;
}
public static function create(ContainerInterface $container, array $configuration, $plugin_id, $plugin_definition) {
return new static($configuration, $plugin_id, $plugin_definition, $container
->get('user.data'), $container
->get('plugin.manager.tfa.validation'));
}
public function processRequest(Request $request, RouteMatchInterface $route_match, SerializerInterface $serializer) {
$uid = $request
->get('id');
$code = $request
->get('code');
$plugin_id = $request
->get('plugin_id');
if ($uid && $code && $plugin_id) {
$this->validationPlugin = $this->tfaValidationManager
->createInstance($plugin_id, [
'uid' => $uid,
]);
$valid = $this->validationPlugin
->validateRequest($code);
if ($this->validationPlugin
->isAlreadyAccepted()) {
throw new AccessDeniedHttpException('Invalid code, it was recently used for a login. Please try a new code.');
}
elseif (!$valid) {
throw new AccessDeniedHttpException('Invalid application code. Please try again.');
}
else {
return 1;
}
}
else {
throw new AccessDeniedHttpException('Required parameters missing.');
}
}
}