/**
  * @param VerifyYubikeyPublicIdCommand $command
  * @return VerificationResult
  */
 public function verifyYubikeyPublicId(VerifyYubikeyPublicIdCommand $command)
 {
     $verifyOtpCommand = new VerifyYubikeyOtpCommand();
     $verifyOtpCommand->otp = $command->otp;
     $verifyOtpCommand->identityId = $command->identityId;
     $verifyOtpCommand->institution = $command->institution;
     $verificationResult = $this->yubikeyService->verify($verifyOtpCommand);
     if (YubikeyOtp::isValid($command->otp)) {
         $otp = YubikeyOtp::fromString($command->otp);
         $publicId = YubikeyPublicId::fromOtp($otp);
     } else {
         $publicId = null;
     }
     if ($verificationResult->isServerError()) {
         return new VerificationResult(VerificationResult::RESULT_OTP_VERIFICATION_FAILED, $publicId);
     } elseif ($verificationResult->isClientError()) {
         return new VerificationResult(VerificationResult::RESULT_OTP_INVALID, $publicId);
     }
     if ($publicId->getYubikeyPublicId() !== $command->expectedPublicId) {
         $this->logger->notice('Yubikey used by registrant during vetting did not match the one used during registration.');
         return new VerificationResult(VerificationResult::RESULT_PUBLIC_ID_DID_NOT_MATCH, $publicId);
     }
     $this->logger->info('Yubikey used by registrant during vetting matches the one used during registration.');
     return new VerificationResult(VerificationResult::RESULT_PUBLIC_ID_MATCHED, $publicId);
 }
 /**
  * @param VerifyYubikeyOtpCommand $command
  * @return ProofOfPossessionResult
  */
 public function provePossession(VerifyYubikeyOtpCommand $command)
 {
     $verificationResult = $this->yubikeyService->verify($command);
     if (!$verificationResult->isSuccessful()) {
         if ($verificationResult->isClientError()) {
             return ProofOfPossessionResult::invalidOtp();
         } elseif ($verificationResult->isServerError()) {
             return ProofOfPossessionResult::otpVerificationFailed();
         }
         throw new RuntimeException('Unexpected Verification result, result is not successful but has neither client nor server error');
     }
     $secondFactorId = Uuid::generate();
     $otp = YubikeyOtp::fromString($command->otp);
     $publicId = YubikeyPublicId::fromOtp($otp);
     $provePossessionCommand = new ProveYubikeyPossessionCommand();
     $provePossessionCommand->identityId = $command->identity;
     $provePossessionCommand->secondFactorId = $secondFactorId;
     $provePossessionCommand->yubikeyPublicId = $publicId->getYubikeyPublicId();
     $result = $this->commandService->execute($provePossessionCommand);
     if (!$result->isSuccessful()) {
         return ProofOfPossessionResult::proofOfPossessionCommandFailed();
     }
     return ProofOfPossessionResult::secondFactorCreated($secondFactorId);
 }
Exemplo n.º 3
0
 /**
  * @test
  * @group value
  * @dataProvider otpProvider
  *
  * @param string $otpString
  * @param string $yubikeyPublicId
  */
 public function it_accepts_valid_modhex_formats($otpString, $yubikeyPublicId)
 {
     $otp = YubikeyOtp::fromString($otpString);
     $id = YubikeyPublicId::fromOtp($otp);
     $this->assertEquals($yubikeyPublicId, $id->getYubikeyPublicId());
 }
Exemplo n.º 4
0
 /**
  * @dataProvider nonOtpStrings
  * @param string $string
  */
 public function testItDoesntAcceptInvalidOtps($string)
 {
     $this->assertFalse(YubikeyOtp::isValid($string));
 }