/**
* @Template
* @param Request $request
* @param string $procedureId
* @return array|Response
*/
public function sendChallengeAction(Request $request, $procedureId)
{
$this->denyAccessUnlessGranted(['ROLE_RA']);
$logger = $this->get('ra.procedure_logger')->forProcedure($procedureId);
$logger->notice('Received request for Send SMS Challenge page');
if (!$this->getVettingService()->hasProcedure($procedureId)) {
$logger->notice(sprintf('Vetting procedure "%s" not found', $procedureId));
throw new NotFoundHttpException(sprintf('Vetting procedure "%s" not found', $procedureId));
}
$command = new SendSmsChallengeCommand();
$form = $this->createForm('ra_send_sms_challenge', $command)->handleRequest($request);
$vettingService = $this->getVettingService();
$phoneNumber = InternationalPhoneNumber::fromStringFormat($vettingService->getSecondFactorIdentifier($procedureId));
$otpRequestsRemaining = $vettingService->getSmsOtpRequestsRemainingCount();
$maximumOtpRequests = $vettingService->getSmsMaximumOtpRequestsCount();
$viewVariables = ['otpRequestsRemaining' => $otpRequestsRemaining, 'maximumOtpRequests' => $maximumOtpRequests];
if (!$form->isValid()) {
$logger->notice('Form has not been submitted, not sending SMS, rendering Send SMS Challenge page');
return array_merge($viewVariables, ['phoneNumber' => $phoneNumber, 'form' => $form->createView()]);
}
$logger->notice('Sending of SMS Challenge has been requested, sending OTP via SMS');
if ($vettingService->sendSmsChallenge($procedureId, $command)) {
$logger->notice('SMS Challenge successfully sent, redirecting to Proof of Possession page to verify challenge');
return $this->redirectToRoute('ra_vetting_sms_prove_possession', ['procedureId' => $procedureId]);
}
$form->addError(new FormError('ra.sms_send_challenge.send_sms_challenge_failed'));
$logger->notice('SMS Challenge could not be sent, added error to page to notify user and re-rendering send challenge page');
return array_merge($viewVariables, ['phoneNumber' => $phoneNumber, 'form' => $form->createView()]);
}
/**
* @test
* @dataProvider invalid_phone_numbers
* @expectedException \Surfnet\StepupBundle\Value\Exception\InvalidPhoneNumberFormatException
* @group value
*
* @param mixed $invalidPhoneNumber
*/
public function it_rejects_invalid_phone_numbers($invalidPhoneNumber)
{
InternationalPhoneNumber::fromStringFormat($invalidPhoneNumber);
}
/**
* @param string $procedureId
* @param SendSmsChallengeCommand $command
* @return bool
* @throws UnknownVettingProcedureException
* @throws DomainException
*/
public function sendSmsChallenge($procedureId, SendSmsChallengeCommand $command)
{
$procedure = $this->getProcedure($procedureId);
$phoneNumber = InternationalPhoneNumber::fromStringFormat($procedure->getSecondFactor()->secondFactorIdentifier);
$command->phoneNumber = $phoneNumber;
$command->body = $this->translator->trans('ra.vetting.sms.challenge_body');
$command->identity = $procedure->getSecondFactor()->identityId;
$command->institution = $procedure->getSecondFactor()->institution;
return $this->smsSecondFactorService->sendChallenge($command);
}
