/**
* @param RevokeCommand $command
* @return bool
*/
public function revoke(RevokeCommand $command)
{
$apiCommand = new RevokeOwnSecondFactorCommand();
$apiCommand->identityId = $command->identityId;
$apiCommand->secondFactorId = $command->secondFactorId;
$result = $this->commandService->execute($apiCommand);
return $result->isSuccessful();
}
/**
* @param VerifyYubikeyOtpCommand $command
* @return ProofOfPossessionResult
*/
public function provePossession(VerifyYubikeyOtpCommand $command)
{
$verificationResult = $this->yubikeyService->verify($command);
if (!$verificationResult->isSuccessful()) {
if ($verificationResult->isClientError()) {
return ProofOfPossessionResult::invalidOtp();
} elseif ($verificationResult->isServerError()) {
return ProofOfPossessionResult::otpVerificationFailed();
}
throw new RuntimeException('Unexpected Verification result, result is not successful but has neither client nor server error');
}
$secondFactorId = Uuid::generate();
$otp = YubikeyOtp::fromString($command->otp);
$publicId = YubikeyPublicId::fromOtp($otp);
$provePossessionCommand = new ProveYubikeyPossessionCommand();
$provePossessionCommand->identityId = $command->identity;
$provePossessionCommand->secondFactorId = $secondFactorId;
$provePossessionCommand->yubikeyPublicId = $publicId->getYubikeyPublicId();
$result = $this->commandService->execute($provePossessionCommand);
if (!$result->isSuccessful()) {
return ProofOfPossessionResult::proofOfPossessionCommandFailed();
}
return ProofOfPossessionResult::secondFactorCreated($secondFactorId);
}
/**
* @param VerifySmsChallengeCommand $challengeCommand
* @return ProofOfPossessionResult
*/
public function provePossession(VerifySmsChallengeCommand $challengeCommand)
{
$stepupCommand = new VerifyPossessionOfPhoneCommand();
$stepupCommand->challenge = $challengeCommand->challenge;
$verification = $this->smsSecondFactorService->verifyPossession($stepupCommand);
if ($verification->didOtpExpire()) {
return ProofOfPossessionResult::challengeExpired();
} elseif ($verification->wasAttemptedTooManyTimes()) {
return ProofOfPossessionResult::tooManyAttempts();
} elseif (!$verification->wasSuccessful()) {
return ProofOfPossessionResult::incorrectChallenge();
}
$command = new ProvePhonePossessionCommand();
$command->identityId = $challengeCommand->identity;
$command->secondFactorId = Uuid::generate();
$command->phoneNumber = $verification->getPhoneNumber();
$result = $this->commandService->execute($command);
if (!$result->isSuccessful()) {
return ProofOfPossessionResult::proofOfPossessionCommandFailed();
}
return ProofOfPossessionResult::secondFactorCreated($command->secondFactorId);
}
