/**
* Authenticates against the supplied adapter
*
* @? This is currently a BC break the original takes an auth adapter as a parameter. This still conforms to the interface though.
*
* @param array $authenticationContext
* @return Result
*/
public function authenticate($authenticationContext = [])
{
$event = new Authenticate();
$event->setTarget($this);
$event->setParams($authenticationContext);
$event->setPreviousResult($this->getResult());
$this->events->triggerEvent($event);
$result = $event->getResult();
if ($result->isValid()) {
$event = new AuthenticationSucceeded();
} else {
$event = new AuthenticationFailed();
}
$event->setTarget($this);
$event->setResult($result);
$event->setParams($authenticationContext);
$this->events->trigger($event);
/**
* ZF-7546 - prevent multiple successive calls from storing inconsistent results
* Ensure storage has clean state
*/
if ($this->hasIdentity()) {
$this->clearIdentity();
}
$this->getStorage()->write($result);
return $result;
}
public function onAuthenticationFailed(\Zend\Authentication\Event\Authenticate $event)
{
$identity = $event->getParam('identity');
if ($identity !== null) {
$this->authFails[$identity]++;
}
$ip = $event->getParam('ip');
if ($ip !== null) {
$this->authFails[$ip]++;
}
}
public function onAuthenticate(Authenticate $event)
{
$result = $event->getResult();
if ($result instanceof Result && $result->isValid()) {
//If a previous adapter has already returned a valid result don't change that
return null;
}
if ($this->adapter instanceof ValidatableAdapterInterface) {
$this->adapter->setIdentity($event->getParam('identity'));
$this->adapter->setCredential($event->getParam('credential'));
}
$result = $this->adapter->authenticate();
$event->setResult($result);
return $result;
}
public function onAuthenticate(\Zend\Authentication\Event\Authenticate $event)
{
$result = $event->getResult();
if ($result->isValid()) {
$prevResult = $event->getPreviousResult();
$identity = $result->getIdentity();
if ($prevResult !== null) {
$identity = $prevResult->getIdentity();
}
if (isset($identity['do2fa']) && $identity['do2fa']) {
$twoFactorResponse = $event->getParam('twoFactorResponse');
if (isset($twoFactorResponse)) {
if ($prevResult !== null && isset($prevResult->twoFactorToken) && $twoFactorResponse === $prevResult->twoFactorToken) {
$result = new \Zend\Authentication\Result(\Zend\Authentication\Result::SUCCESS, $identity);
$event->setResult($result);
return $result;
}
}
$result = new \Zend\Authentication\Result(-4, $identity, 'Requires 2 factor Auth');
$result->twoFactorToken = 'efg456';
//generate randomly
$event->setResult($result);
$event->stopPropagation();
return $result;
}
}
return $result;
}
public function onAuthenticationFailed(\Zend\Authentication\Event\Authenticate $event)
{
$this->log->warn(sprintf('Authenication Failure for (%s) from (%s)', $event->getParam('identity'), $event->getParam('ip')));
}
