Part-DB.Part-DB-server/src/EventSubscriber/U2FRegistrationSubscriber.php

<?php
/**
 * This file is part of Part-DB (https://github.com/Part-DB/Part-DB-symfony).
 *
 * Copyright (C) 2019 - 2020 Jan Böhmer (https://github.com/jbtronics)
 *
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU Affero General Public License as published
 * by the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU Affero General Public License for more details.
 *
 * You should have received a copy of the GNU Affero General Public License
 * along with this program.  If not, see <https://www.gnu.org/licenses/>.
 */

declare(strict_types=1);

/**
 * This file is part of Part-DB (https://github.com/Part-DB/Part-DB-symfony).
 *
 * Copyright (C) 2019 Jan Böhmer (https://github.com/jbtronics)
 *
 * This program is free software; you can redistribute it and/or
 * modify it under the terms of the GNU General Public License
 * as published by the Free Software Foundation; either version 2
 * of the License, or (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program; if not, write to the Free Software
 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA
 */

namespace App\EventSubscriber;

use App\Entity\UserSystem\U2FKey;
use App\Entity\UserSystem\User;
use App\Events\SecurityEvent;
use App\Events\SecurityEvents;
use Doctrine\ORM\EntityManagerInterface;
use R\U2FTwoFactorBundle\Event\RegisterEvent;
use Symfony\Component\EventDispatcher\EventDispatcher;
use Symfony\Component\EventDispatcher\EventSubscriberInterface;
use Symfony\Component\HttpFoundation\RedirectResponse;
use Symfony\Component\HttpFoundation\Session\Flash\FlashBagInterface;
use Symfony\Component\Routing\Generator\UrlGeneratorInterface;
use Symfony\Contracts\EventDispatcher\EventDispatcherInterface;

final class U2FRegistrationSubscriber implements EventSubscriberInterface
{
    private $em;

    private $demo_mode;
    private $flashBag;
    /**
     * @var UrlGeneratorInterface
     */
    private $router;

    /** @var EventDispatcher */
    private $eventDispatcher;

    public function __construct(UrlGeneratorInterface $router, EntityManagerInterface $entityManager, FlashBagInterface $flashBag, EventDispatcherInterface $eventDispatcher, bool $demo_mode)
    {
        $this->router = $router;
        $this->em = $entityManager;
        $this->demo_mode = $demo_mode;
        $this->flashBag = $flashBag;
        $this->eventDispatcher = $eventDispatcher;
    }

    public static function getSubscribedEvents(): array
    {
        return [
            'r_u2f_two_factor.register' => 'onRegister',
        ];
    }

    public function onRegister(RegisterEvent $event): void
    {
        //Skip adding of U2F key on demo mode
        if (! $this->demo_mode) {
            $user = $event->getUser();
            if (! $user instanceof User) {
                throw new \InvalidArgumentException('Only User objects can be registered for U2F!');
            }

            $registration = $event->getRegistration();
            $newKey = new U2FKey();
            $newKey->fromRegistrationData($registration);
            $newKey->setUser($user);
            $newKey->setName($event->getKeyName());

            // persist the new key
            $this->em->persist($newKey);
            $this->em->flush();
            $this->flashBag->add('success', 'tfa_u2f.key_added_successful');

            $security_event = new SecurityEvent($user);
            $this->eventDispatcher->dispatch($security_event, SecurityEvents::U2F_ADDED);
        }

        // generate new response, here we redirect the user to the fos user
        // profile
        $response = new RedirectResponse($this->router->generate('user_settings'));
        $event->setResponse($response);
    }
}
Added 2FA with U2F keys. 2019-12-29 13:35:30 +01:00			`<?php`
Changed license to AGPL3+ 2020-02-22 18:14:36 +01:00			`/**`
			`* This file is part of Part-DB (https://github.com/Part-DB/Part-DB-symfony).`
			`*`
			`* Copyright (C) 2019 - 2020 Jan Böhmer (https://github.com/jbtronics)`
			`*`
			`* This program is free software: you can redistribute it and/or modify`
			`* it under the terms of the GNU Affero General Public License as published`
			`* by the Free Software Foundation, either version 3 of the License, or`
			`* (at your option) any later version.`
			`*`
			`* This program is distributed in the hope that it will be useful,`
			`* but WITHOUT ANY WARRANTY; without even the implied warranty of`
			`* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the`
			`* GNU Affero General Public License for more details.`
			`*`
			`* You should have received a copy of the GNU Affero General Public License`
			`* along with this program. If not, see <https://www.gnu.org/licenses/>.`
			`*/`
Applied code style rules to src/ 2020-01-05 15:46:58 +01:00
			`declare(strict_types=1);`

Updated copyright headers. 2019-12-31 17:58:01 +01:00			`/**`
			`* This file is part of Part-DB (https://github.com/Part-DB/Part-DB-symfony).`
			`*`
			`* Copyright (C) 2019 Jan Böhmer (https://github.com/jbtronics)`
			`*`
			`* This program is free software; you can redistribute it and/or`
			`* modify it under the terms of the GNU General Public License`
			`* as published by the Free Software Foundation; either version 2`
			`* of the License, or (at your option) any later version.`
			`*`
			`* This program is distributed in the hope that it will be useful,`
			`* but WITHOUT ANY WARRANTY; without even the implied warranty of`
			`* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the`
			`* GNU General Public License for more details.`
			`*`
			`* You should have received a copy of the GNU General Public License`
			`* along with this program; if not, write to the Free Software`
			`* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA`
			`*/`
Added 2FA with U2F keys. 2019-12-29 13:35:30 +01:00
			`namespace App\EventSubscriber;`

			`use App\Entity\UserSystem\U2FKey;`
Fixed PHPstan issues for level 5. 2020-02-01 19:42:28 +01:00			`use App\Entity\UserSystem\User;`
Log security related events like password reset, 2FA method added, etc. 2020-04-03 18:27:47 +02:00			`use App\Events\SecurityEvent;`
			`use App\Events\SecurityEvents;`
Added 2FA with U2F keys. 2019-12-29 13:35:30 +01:00			`use Doctrine\ORM\EntityManagerInterface;`
			`use R\U2FTwoFactorBundle\Event\RegisterEvent;`
Log security related events like password reset, 2FA method added, etc. 2020-04-03 18:27:47 +02:00			`use Symfony\Component\EventDispatcher\EventDispatcher;`
Added 2FA with U2F keys. 2019-12-29 13:35:30 +01:00			`use Symfony\Component\EventDispatcher\EventSubscriberInterface;`
			`use Symfony\Component\HttpFoundation\RedirectResponse;`
Disable 2FA settings when demo mode is active. 2019-12-31 18:12:15 +01:00			`use Symfony\Component\HttpFoundation\Session\Flash\FlashBagInterface;`
Added 2FA with U2F keys. 2019-12-29 13:35:30 +01:00			`use Symfony\Component\Routing\Generator\UrlGeneratorInterface;`
Log security related events like password reset, 2FA method added, etc. 2020-04-03 18:27:47 +02:00			`use Symfony\Contracts\EventDispatcher\EventDispatcherInterface;`
Added 2FA with U2F keys. 2019-12-29 13:35:30 +01:00
Applied symplify rules to codebase. 2020-01-05 22:49:00 +01:00			`final class U2FRegistrationSubscriber implements EventSubscriberInterface`
Added 2FA with U2F keys. 2019-12-29 13:35:30 +01:00			`{`
Fixed coding style. 2020-02-01 16:17:20 +01:00			`private $em;`
Added 2FA with U2F keys. 2019-12-29 13:35:30 +01:00
Fixed coding style. 2020-02-01 16:17:20 +01:00			`private $demo_mode;`
			`private $flashBag;`
Applied symplify rules to codebase. 2020-01-05 22:49:00 +01:00			`/**`
			`* @var UrlGeneratorInterface`
			`*/`
Applied code style rules to src/ 2020-01-05 15:46:58 +01:00			`private $router;`
Disable 2FA settings when demo mode is active. 2019-12-31 18:12:15 +01:00
Log security related events like password reset, 2FA method added, etc. 2020-04-03 18:27:47 +02:00			`/** @var EventDispatcher */`
			`private $eventDispatcher;`

			`public function __construct(UrlGeneratorInterface $router, EntityManagerInterface $entityManager, FlashBagInterface $flashBag, EventDispatcherInterface $eventDispatcher, bool $demo_mode)`
Added 2FA with U2F keys. 2019-12-29 13:35:30 +01:00			`{`
			`$this->router = $router;`
			`$this->em = $entityManager;`
Disable 2FA settings when demo mode is active. 2019-12-31 18:12:15 +01:00			`$this->demo_mode = $demo_mode;`
			`$this->flashBag = $flashBag;`
Log security related events like password reset, 2FA method added, etc. 2020-04-03 18:27:47 +02:00			`$this->eventDispatcher = $eventDispatcher;`
Added 2FA with U2F keys. 2019-12-29 13:35:30 +01:00			`}`

			`public static function getSubscribedEvents(): array`
			`{`
Fixed code style. 2020-01-04 20:24:09 +01:00			`return [`
Added 2FA with U2F keys. 2019-12-29 13:35:30 +01:00			`'r_u2f_two_factor.register' => 'onRegister',`
Fixed code style. 2020-01-04 20:24:09 +01:00			`];`
Added 2FA with U2F keys. 2019-12-29 13:35:30 +01:00			`}`

			`public function onRegister(RegisterEvent $event): void`
			`{`
Disable 2FA settings when demo mode is active. 2019-12-31 18:12:15 +01:00			`//Skip adding of U2F key on demo mode`
Applied code style rules to src/ 2020-01-05 15:46:58 +01:00			`if (! $this->demo_mode) {`
Disable 2FA settings when demo mode is active. 2019-12-31 18:12:15 +01:00			`$user = $event->getUser();`
Fixed coding style. 2020-03-15 13:56:31 +01:00			`if (! $user instanceof User) {`
			`throw new \InvalidArgumentException('Only User objects can be registered for U2F!');`
Fixed PHPstan issues for level 5. 2020-02-01 19:42:28 +01:00			`}`

Disable 2FA settings when demo mode is active. 2019-12-31 18:12:15 +01:00			`$registration = $event->getRegistration();`
			`$newKey = new U2FKey();`
			`$newKey->fromRegistrationData($registration);`
			`$newKey->setUser($user);`
			`$newKey->setName($event->getKeyName());`
Added 2FA with U2F keys. 2019-12-29 13:35:30 +01:00
Disable 2FA settings when demo mode is active. 2019-12-31 18:12:15 +01:00			`// persist the new key`
			`$this->em->persist($newKey);`
			`$this->em->flush();`
			`$this->flashBag->add('success', 'tfa_u2f.key_added_successful');`
Log security related events like password reset, 2FA method added, etc. 2020-04-03 18:27:47 +02:00
			`$security_event = new SecurityEvent($user);`
			`$this->eventDispatcher->dispatch($security_event, SecurityEvents::U2F_ADDED);`
Disable 2FA settings when demo mode is active. 2019-12-31 18:12:15 +01:00			`}`
Added 2FA with U2F keys. 2019-12-29 13:35:30 +01:00
			`// generate new response, here we redirect the user to the fos user`
			`// profile`
			`$response = new RedirectResponse($this->router->generate('user_settings'));`
			`$event->setResponse($response);`
			`}`
Fixed code style. 2020-01-04 20:24:09 +01:00			`}`