/**
* @test
* @group yubikey
*/
public function a_failed_proof_of_possession_command_gives_an_unsuccessful_result_without_second_factor_id()
{
$result = ProofOfPossessionResult::proofOfPossessionCommandFailed();
$this->assertFalse($result->isSuccessful());
$this->assertNull($result->getSecondFactorId());
$this->assertTrue($result->didProofOfPossessionCommandFail());
$this->assertFalse($result->didOtpVerificationFail());
$this->assertFalse($result->isOtpInvalid());
}
/**
* @param VerifyYubikeyOtpCommand $command
* @return ProofOfPossessionResult
*/
public function provePossession(VerifyYubikeyOtpCommand $command)
{
$verificationResult = $this->yubikeyService->verify($command);
if (!$verificationResult->isSuccessful()) {
if ($verificationResult->isClientError()) {
return ProofOfPossessionResult::invalidOtp();
} elseif ($verificationResult->isServerError()) {
return ProofOfPossessionResult::otpVerificationFailed();
}
throw new RuntimeException('Unexpected Verification result, result is not successful but has neither client nor server error');
}
$secondFactorId = Uuid::generate();
$otp = YubikeyOtp::fromString($command->otp);
$publicId = YubikeyPublicId::fromOtp($otp);
$provePossessionCommand = new ProveYubikeyPossessionCommand();
$provePossessionCommand->identityId = $command->identity;
$provePossessionCommand->secondFactorId = $secondFactorId;
$provePossessionCommand->yubikeyPublicId = $publicId->getYubikeyPublicId();
$result = $this->commandService->execute($provePossessionCommand);
if (!$result->isSuccessful()) {
return ProofOfPossessionResult::proofOfPossessionCommandFailed();
}
return ProofOfPossessionResult::secondFactorCreated($secondFactorId);
}