/** * @param VerifySmsChallengeCommand $challengeCommand * @return ProofOfPossessionResult */ public function provePossession(VerifySmsChallengeCommand $challengeCommand) { $stepupCommand = new VerifyPossessionOfPhoneCommand(); $stepupCommand->challenge = $challengeCommand->challenge; $verification = $this->smsSecondFactorService->verifyPossession($stepupCommand); if ($verification->didOtpExpire()) { return ProofOfPossessionResult::challengeExpired(); } elseif ($verification->wasAttemptedTooManyTimes()) { return ProofOfPossessionResult::tooManyAttempts(); } elseif (!$verification->wasSuccessful()) { return ProofOfPossessionResult::incorrectChallenge(); } $command = new ProvePhonePossessionCommand(); $command->identityId = $challengeCommand->identity; $command->secondFactorId = Uuid::generate(); $command->phoneNumber = $verification->getPhoneNumber(); $result = $this->commandService->execute($command); if (!$result->isSuccessful()) { return ProofOfPossessionResult::proofOfPossessionCommandFailed(); } return ProofOfPossessionResult::secondFactorCreated($command->secondFactorId); }