diff options
author | Christoph Wurst <christoph@winzerhof-wurst.at> | 2018-09-29 18:57:00 +0200 |
---|---|---|
committer | Roeland Jago Douma <roeland@famdouma.nl> | 2018-09-30 11:47:29 +0200 |
commit | 259c0ce11dedeacd225c0776bfc783386f061c5f (patch) | |
tree | f4664c1873a3131cecd10af2e6177bdc663e3bde /core | |
parent | eec7f9ec28ec4fb7f1baa8e3536b74af08a552ec (diff) | |
download | nextcloud-server-259c0ce11dedeacd225c0776bfc783386f061c5f.tar.gz nextcloud-server-259c0ce11dedeacd225c0776bfc783386f061c5f.zip |
Add mandatory 2FA service/class
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
Diffstat (limited to 'core')
-rw-r--r-- | core/Command/TwoFactorAuth/Enforce.php | 91 | ||||
-rw-r--r-- | core/register_command.php | 1 |
2 files changed, 92 insertions, 0 deletions
diff --git a/core/Command/TwoFactorAuth/Enforce.php b/core/Command/TwoFactorAuth/Enforce.php new file mode 100644 index 00000000000..44103e718e4 --- /dev/null +++ b/core/Command/TwoFactorAuth/Enforce.php @@ -0,0 +1,91 @@ +<?php + +declare(strict_types=1); + +/** + * @copyright 2018 Christoph Wurst <christoph@winzerhof-wurst.at> + * + * @author 2018 Christoph Wurst <christoph@winzerhof-wurst.at> + * + * @license GNU AGPL version 3 or any later version + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + */ + +namespace OC\Core\Command\TwoFactorAuth; + +use OC\Authentication\TwoFactorAuth\MandatoryTwoFactor; +use Symfony\Component\Console\Command\Command; +use Symfony\Component\Console\Input\InputInterface; +use Symfony\Component\Console\Input\InputOption; +use Symfony\Component\Console\Output\OutputInterface; + +class Enforce extends Command { + + /** @var MandatoryTwoFactor */ + private $mandatoryTwoFactor; + + public function __construct(MandatoryTwoFactor $mandatoryTwoFactor) { + parent::__construct(); + + $this->mandatoryTwoFactor = $mandatoryTwoFactor; + } + + protected function configure() { + $this->setName('twofactorauth:enforce'); + $this->setDescription('Enabled/disable enforced two-factor authentication'); + $this->addOption( + 'on', + null, + InputOption::VALUE_NONE, + 'enforce two-factor authentication' + ); + $this->addOption( + 'off', + null, + InputOption::VALUE_NONE, + 'don\'t enforce two-factor authenticaton' + ); + } + + protected function execute(InputInterface $input, OutputInterface $output) { + if ($input->getOption('on')) { + $this->mandatoryTwoFactor->setEnforced(true); + } elseif ($input->getOption('off')) { + $this->mandatoryTwoFactor->setEnforced(false); + } + + if ($this->mandatoryTwoFactor->isEnforced()) { + $this->writeEnforced($output); + } else { + $this->writeNotEnforced($output); + } + } + + /** + * @param OutputInterface $output + */ + protected function writeEnforced(OutputInterface $output) { + $output->writeln('Two-factor authentication is enforced for all users'); + } + + /** + * @param OutputInterface $output + */ + protected function writeNotEnforced(OutputInterface $output) { + $output->writeln('Two-factor authentication is not enforced'); + } + +} diff --git a/core/register_command.php b/core/register_command.php index ed0220e7055..af8d9977c7f 100644 --- a/core/register_command.php +++ b/core/register_command.php @@ -67,6 +67,7 @@ if (\OC::$server->getConfig()->getSystemValue('installed', false)) { $application->add(new OC\Core\Command\App\ListApps(\OC::$server->getAppManager())); $application->add(\OC::$server->query(\OC\Core\Command\TwoFactorAuth\Cleanup::class)); + $application->add(\OC::$server->query(\OC\Core\Command\TwoFactorAuth\Enforce::class)); $application->add(\OC::$server->query(\OC\Core\Command\TwoFactorAuth\Enable::class)); $application->add(\OC::$server->query(\OC\Core\Command\TwoFactorAuth\Disable::class)); $application->add(\OC::$server->query(\OC\Core\Command\TwoFactorAuth\State::class)); |