FileAccess Orion

Handler extends SecuredServerPlugin
in package

Implement google authenticator handler

This class provides interfaces for custom second factor handling It does add the capabilities to login screen and dialog as well as to the user csc widget

Tags
category

Plugin

author

Tobias Teichner webmaster@teichner.biz

since

File available since v0.134

Table of Contents

$config  : stdClass|null
Buffer for configuration
$defaultPermissions  : array<string|int, mixed>
The default permission set
$dir  : string
The implementation directory
$name  : string
Name of the plugin
$google  : GoogleAuthenticatorLib|null
The instance of the Google library
$req  : Request|null
Store request
__construct()  : mixed
set the plugin name
GetAccessList()  : array<string|int, mixed>
Name()  : string
OnAfterRestUserPassword()  : void
Called on after reset before register the session
OnAfterUserLoginByPassword()  : void
Called on after login before register the session
OnBeforeSaveOwnUser()  : void
OnBeforeUserAdminSave()  : void
OnGetEntityAttributes()  : void
OnGetGdprRelevantServiceImplementations()  : void
OnMapArrayIncludes()  : void
OnPreUserRegisterSession()  : void
Called on after login before register the session
OnRegisterWidgetIncludes()  : void
OnRenderLoginExtra()  : void
OnRenderLoginExtraPre()  : void
OnUserAdminLoad()  : mixed
OnUserOwnLoad()  : void
OnWebLogin()  : void
Called before login function when the items
RegisterHooks()  : mixed
RequestOnUrlParsed()  : mixed
ServeRequest()  : mixed
settings()  : Result|object
Get/Set the settings
SetupTemplate()  : mixed
handleConfig()  : void
Handle the context requests
hasAccess()  : bool
Check if endpoint is accessible for this user group
isInContext()  : bool
Is in certain context?
setupAttributes()  : void
Set up the permission attribute table
confirm()  : void
generateQrCode()  : string
Generates a URL that is used to show a QR code.
GetQrCode()  : void
handleAccountPatch()  : void
handleConfigPreset()  : void
Handle the context requests
handleLogin()  : void
publicKey()  : Key
Register()  : mixed
request()  : Request
Get the request object
resolveUserByToken()  : User|null
Resolve a user by token
SecondFactorClient()  : GoogleAuthenticatorLib|null
Get the api instance
sendGoogleAuthMail()  : void
Send the email including the users secret and the qr code
verifyToken()  : stdClass|null

Properties

$defaultPermissions

The default permission set

protected array<string|int, mixed> $defaultPermissions = [['endpoint' => 'config', 'root' => true, 'admin' => true]]

$req

Store request

private Request|null $req = null

Holds the request object instance

A system request instance

Methods

__construct()

set the plugin name

public __construct() : mixed

Handler constructor.

Return values
mixed

GetAccessList()

public GetAccessList(User $user) : array<string|int, mixed>
Parameters
$user : User
Return values
array<string|int, mixed>

OnAfterRestUserPassword()

Called on after reset before register the session

public OnAfterRestUserPassword(HookArgument $param) : void
Parameters
$param : HookArgument
Return values
void

OnAfterUserLoginByPassword()

Called on after login before register the session

public OnAfterUserLoginByPassword(HookArgument $param) : void
Parameters
$param : HookArgument
Return values
void

OnGetEntityAttributes()

public OnGetEntityAttributes( $reference) : void
Parameters
$reference :

HookArgument

Return values
void

OnGetGdprRelevantServiceImplementations()

public OnGetGdprRelevantServiceImplementations(HookArgument $param) : void
Parameters
$param : HookArgument
Return values
void

OnMapArrayIncludes()

public OnMapArrayIncludes( $param) : void
Parameters
$param :

HookArgument

Return values
void

OnPreUserRegisterSession()

Called on after login before register the session

public OnPreUserRegisterSession(HookArgument $param) : void
Parameters
$param : HookArgument
Return values
void

OnRegisterWidgetIncludes()

public OnRegisterWidgetIncludes( $param) : void
Parameters
$param :

HookArgument

Return values
void

OnRenderLoginExtra()

public OnRenderLoginExtra( $param) : void
Parameters
$param :

HookArgument

Return values
void

OnRenderLoginExtraPre()

public OnRenderLoginExtraPre( $param) : void
Parameters
$param :

HookArgument

Return values
void

OnWebLogin()

Called before login function when the items

public OnWebLogin(HookArgument $param) : void
Parameters
$param : HookArgument
Return values
void

RegisterHooks()

public RegisterHooks() : mixed
Tags
inheritDoc
Return values
mixed

settings()

Get/Set the settings

public settings([mixed $new = null ]) : Result|object

This method is cached per instance

Parameters
$new : mixed = null

New set of settings to store

Return values
Result|object

SetupTemplate()

public SetupTemplate([mixed $data = null ]) : mixed
Parameters
$data : mixed = null
Tags
inheritDoc
Return values
mixed

hasAccess()

Check if endpoint is accessible for this user group

protected hasAccess(string|array<string|int, string> $right[, Response|null $response = null ][, User|null $user = null ]) : bool
Parameters
$right : string|array<string|int, string>
$response : Response|null = null
$user : User|null = null
Return values
bool

isInContext()

Is in certain context?

protected isInContext(HookArgument $param, string $type, string $widget) : bool
Parameters
$param : HookArgument

The hook argument

$type : string

The type can be scss, css and js to search in widgets or _ to search in global includes

$widget : string

The widget to search for

Return values
bool

setupAttributes()

Set up the permission attribute table

protected setupAttributes( &$attributes,  $l) : void
Parameters
$attributes :

array List of attributes

$l :

string The language

Return values
void

generateQrCode()

Generates a URL that is used to show a QR code.

private generateQrCode(string $accountName, string $secret[, string|null $issuer = null ][, int $size = 200 ]) : string

Account names may not contain a double colon (:). Valid account name examples:

  • "John.Doe@gmail.com"
  • "John Doe"
  • "John_Doe_976"

The Issuer may not contain a double colon (:). The issuer is recommended to pass along. If used, it will also be appended before the accountName.

The previous examples with the issuer "Acme inc" would result in label:

  • "Acme inc:John.Doe@gmail.com"
  • "Acme inc:John Doe"
  • "Acme inc:John_Doe_976"

The contents of the label, issuer and secret will be encoded to generate a valid URL.

Parameters
$accountName : string

The account name to show and identify

$secret : string

The secret is the generated secret unique to that user

$issuer : string|null = null

Where you log in to

$size : int = 200

Image size in pixels, 200 will make it 200x200

Return values
string

handleConfigPreset()

Handle the context requests

private handleConfigPreset(Request $request, Response $response) : void
Parameters
$request : Request
$response : Response
Return values
void

handleLogin()

private handleLogin(Response $response) : void
Parameters
$response : Response
Return values
void

publicKey()

private publicKey(string $kid) : Key
Parameters
$kid : string
Return values
Key

request()

Get the request object

private request() : Request

Get the registered request object.

Return values
Request

A system http request

resolveUserByToken()

Resolve a user by token

private resolveUserByToken(string $token) : User|null
Parameters
$token : string
Return values
User|null

sendGoogleAuthMail()

Send the email including the users secret and the qr code

private sendGoogleAuthMail(string|null $id, Response $response) : void
Parameters
$id : string|null
$response : Response
Return values
void

verifyToken()

private verifyToken(string $token) : stdClass|null
Parameters
$token : string
Return values
stdClass|null

Search results