/** * Does login operation * @param string $username * @param string $password * @param string $yubikeyOTP * @param bool $writeCookie * @param bool $isPasswordEncrypted * * @throws RuntimeException (Codes: 1 - Incorrect login/password combination, * 2 - Account is disabled * 3 - User is not in Users group * 4 - Invalid Yubikey) */ public function doLogin($username, $password, $writeCookie = false, $isPasswordEncrypted = false, $yubikeyOTP = null) { parent::doLogin($username, $password, $writeCookie, $isPasswordEncrypted); if ($this->isYubikeyRequired($this->usr->getId())) { $available_yubikeys = $this->getAvailableYubikeysList($this->usr->getId()); if (!in_array($this->getYubikeyKeyByOTP($yubikeyOTP), $available_yubikeys)) { $this->doLogout(); throw new RuntimeException("Invalid Yubikey", static::EXCEPTION_INVALID_YUBIKEY); } else { try { $this->authYubikey->verify($yubikeyOTP); } catch (YubikeyException $e) { $this->doLogout(); throw new RuntimeException("Yubikey Validation Failed", static::EXCEPTION_INVALID_YUBIKEY); } } } }