summaryrefslogtreecommitdiffstats
path: root/apps/twofactor_backupcodes/lib
diff options
context:
space:
mode:
authorRoeland Jago Douma <roeland@famdouma.nl>2018-09-29 20:56:23 +0200
committerRoeland Jago Douma <roeland@famdouma.nl>2018-10-01 15:35:25 +0200
commit956fe1b86769c1a8a380a61ba72441f0e334e36a (patch)
tree5aa810228ca324dfe2d12a1f94f213d9ab657345 /apps/twofactor_backupcodes/lib
parenta95154642dd6535ebddebef4e6562e777f2094a4 (diff)
downloadnextcloud-server-956fe1b86769c1a8a380a61ba72441f0e334e36a.tar.gz
nextcloud-server-956fe1b86769c1a8a380a61ba72441f0e334e36a.zip
Generate backups code notification if not enable but 2fa is
Generate a notification to generate backup codes if you enable an other 2FA provider but backup codes are not yet generated. * Add event listner * Insert background job * Background job tests and emits notification every 2 weeks * If the backup codes are generated the next run will remove the job Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Diffstat (limited to 'apps/twofactor_backupcodes/lib')
-rw-r--r--apps/twofactor_backupcodes/lib/AppInfo/Application.php28
-rw-r--r--apps/twofactor_backupcodes/lib/BackgroundJob/RememberBackupCodesJob.php92
-rw-r--r--apps/twofactor_backupcodes/lib/Listener/ProviderEnabled.php61
-rw-r--r--apps/twofactor_backupcodes/lib/Notifications/Notifier.php64
4 files changed, 245 insertions, 0 deletions
diff --git a/apps/twofactor_backupcodes/lib/AppInfo/Application.php b/apps/twofactor_backupcodes/lib/AppInfo/Application.php
index d2541d87627..1af114a2791 100644
--- a/apps/twofactor_backupcodes/lib/AppInfo/Application.php
+++ b/apps/twofactor_backupcodes/lib/AppInfo/Application.php
@@ -29,8 +29,14 @@ use OCA\TwoFactorBackupCodes\Db\BackupCodeMapper;
use OCA\TwoFactorBackupCodes\Event\CodesGenerated;
use OCA\TwoFactorBackupCodes\Listener\ActivityPublisher;
use OCA\TwoFactorBackupCodes\Listener\IListener;
+use OCA\TwoFactorBackupCodes\Listener\ProviderEnabled;
use OCA\TwoFactorBackupCodes\Listener\RegistryUpdater;
+use OCA\TwoFactorBackupCodes\Notifications\Notifier;
use OCP\AppFramework\App;
+use OCP\Authentication\TwoFactorAuth\IRegistry;
+use OCP\Authentication\TwoFactorAuth\RegistryEvent;
+use OCP\IL10N;
+use OCP\Notification\IManager;
use OCP\Util;
use Symfony\Component\EventDispatcher\EventDispatcherInterface;
@@ -44,6 +50,7 @@ class Application extends App {
*/
public function register() {
$this->registerHooksAndEvents();
+ $this->registerNotification();
}
/**
@@ -66,6 +73,27 @@ class Application extends App {
$listener->handle($event);
}
});
+
+ $eventDispatcher->addListener(IRegistry::EVENT_PROVIDER_ENABLED, function(RegistryEvent $event) use ($container) {
+ /** @var IListener $listener */
+ $listener = $container->query(ProviderEnabled::class);
+ $listener->handle($event);
+ });
+ }
+
+ public function registerNotification() {
+ $container = $this->getContainer();
+ /** @var IManager $manager */
+ $manager = $container->query(IManager::class);
+ $manager->registerNotifier(
+ function() use ($container) {
+ return $container->query(Notifier::class);
+ },
+ function () use ($container) {
+ $l = $container->query(IL10N::class);
+ return ['id' => 'twofactor_backupcodes', 'name' => $l->t('Second-factor backup codes')];
+ }
+ );
}
public function deleteUser($params) {
diff --git a/apps/twofactor_backupcodes/lib/BackgroundJob/RememberBackupCodesJob.php b/apps/twofactor_backupcodes/lib/BackgroundJob/RememberBackupCodesJob.php
new file mode 100644
index 00000000000..1f227061feb
--- /dev/null
+++ b/apps/twofactor_backupcodes/lib/BackgroundJob/RememberBackupCodesJob.php
@@ -0,0 +1,92 @@
+<?php
+declare(strict_types=1);
+/**
+ * @copyright Copyright (c) 2018, Roeland Jago Douma <roeland@famdouma.nl>
+ *
+ * @author Roeland Jago Douma <roeland@famdouma.nl>
+ *
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+namespace OCA\TwoFactorBackupCodes\BackgroundJob;
+
+use OC\BackgroundJob\TimedJob;
+use OCP\AppFramework\Utility\ITimeFactory;
+use OCP\Authentication\TwoFactorAuth\IRegistry;
+use OCP\BackgroundJob\IJobList;
+use OCP\IUserManager;
+use OCP\Notification\IManager;
+
+class RememberBackupCodesJob extends TimedJob {
+
+ /** @var IRegistry */
+ private $registry;
+
+ /** @var IUserManager */
+ private $userManager;
+
+ /** @var ITimeFactory */
+ private $time;
+
+ /** @var IManager */
+ private $notificationManager;
+
+ /** @var IJobList */
+ private $jobList;
+
+ public function __construct(IRegistry $registry,
+ IUserManager $userManager,
+ ITimeFactory $timeFactory,
+ IManager $notificationManager,
+ IJobList $jobList) {
+ $this->registry = $registry;
+ $this->userManager = $userManager;
+ $this->time = $timeFactory;
+ $this->notificationManager = $notificationManager;
+ $this->jobList = $jobList;
+
+ $this->setInterval(60*60*24*14);
+ }
+
+ protected function run($argument) {
+ $uid = $argument['uid'];
+ $user = $this->userManager->get($uid);
+
+ if ($user === null) {
+ // We can't run with an invalid user
+ return;
+ }
+
+ $providers = $this->registry->getProviderStates($user);
+ if (isset($providers['backup_codes']) && $providers['backup_codes'] === true) {
+ // Backup codes already generated lets remove this job
+ $this->jobList->remove(self::class, $argument);
+ return;
+ }
+
+ $date = new \DateTime();
+ $date->setTimestamp($this->time->getTime());
+
+ $notification = $this->notificationManager->createNotification();
+ $notification->setApp('twofactor_backupcodes')
+ ->setUser($user->getUID())
+ ->setDateTime($date)
+ ->setObject('create', 'codes')
+ ->setSubject('create_backupcodes');
+ $this->notificationManager->notify($notification);
+ }
+}
diff --git a/apps/twofactor_backupcodes/lib/Listener/ProviderEnabled.php b/apps/twofactor_backupcodes/lib/Listener/ProviderEnabled.php
new file mode 100644
index 00000000000..48cbef66f1b
--- /dev/null
+++ b/apps/twofactor_backupcodes/lib/Listener/ProviderEnabled.php
@@ -0,0 +1,61 @@
+<?php
+declare(strict_types=1);
+/**
+ * @copyright Copyright (c) 2018, Roeland Jago Douma <roeland@famdouma.nl>
+ *
+ * @author Roeland Jago Douma <roeland@famdouma.nl>
+ *
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+namespace OCA\TwoFactorBackupCodes\Listener;
+
+use OCA\TwoFactorBackupCodes\BackgroundJob\RememberBackupCodesJob;
+use OCP\Authentication\TwoFactorAuth\IRegistry;
+use OCP\Authentication\TwoFactorAuth\RegistryEvent;
+use OCP\BackgroundJob\IJobList;
+use Symfony\Component\EventDispatcher\Event;
+
+class ProviderEnabled implements IListener {
+
+ /** @var IRegistry */
+ private $registry;
+
+ /** @var IJobList */
+ private $jobList;
+
+ public function __construct(IRegistry $registry,
+ IJobList $jobList) {
+ $this->registry = $registry;
+ $this->jobList = $jobList;
+ }
+
+ public function handle(Event $event) {
+ if (!($event instanceof RegistryEvent)) {
+ return;
+ }
+
+ $providers = $this->registry->getProviderStates($event->getUser());
+ if (isset($providers['backup_codes']) && $providers['backup_codes'] === true) {
+ // Backup codes already generated nothing to do here
+ return;
+ }
+
+ $this->jobList->add(RememberBackupCodesJob::class, ['uid' => $event->getUser()->getUID()]);
+ }
+
+}
diff --git a/apps/twofactor_backupcodes/lib/Notifications/Notifier.php b/apps/twofactor_backupcodes/lib/Notifications/Notifier.php
new file mode 100644
index 00000000000..3d5fedd93ea
--- /dev/null
+++ b/apps/twofactor_backupcodes/lib/Notifications/Notifier.php
@@ -0,0 +1,64 @@
+<?php
+declare(strict_types=1);
+/**
+ * @copyright Copyright (c) 2018, Roeland Jago Douma <roeland@famdouma.nl>
+ *
+ * @author Roeland Jago Douma <roeland@famdouma.nl>
+ *
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+namespace OCA\TwoFactorBackupCodes\Notifications;
+
+use OCP\L10N\IFactory;
+use OCP\Notification\INotification;
+use OCP\Notification\INotifier;
+
+class Notifier implements INotifier {
+
+ /** @var IFactory */
+ private $factory;
+
+ public function __construct(IFactory $factory) {
+ $this->factory = $factory;
+ }
+
+ public function prepare(INotification $notification, $languageCode) {
+ if ($notification->getApp() !== 'twofactor_backupcodes') {
+ // Not my app => throw
+ throw new \InvalidArgumentException();
+ }
+
+ // Read the language from the notification
+ $l = $this->factory->get('twofactor_backupcodes', $languageCode);
+
+ switch ($notification->getSubject()) {
+ case 'create_backupcodes':
+ $notification->setParsedSubject(
+ $l->t('Generate backup codes')
+ )->setParsedMessage(
+ $l->t('You have enabled two-factor authentication but have not yet generated backup codes. Be sure to do this in case you lose access to your second factor.')
+ );
+ return $notification;
+
+ default:
+ // Unknown subject => Unknown notification => throw
+ throw new \InvalidArgumentException();
+ }
+ }
+
+}