diff options
| author | Christoph Wurst <christoph@winzerhof-wurst.at> | 2018-05-22 08:52:16 +0200 |
|---|---|---|
| committer | Christoph Wurst <christoph@winzerhof-wurst.at> | 2018-06-20 08:30:26 +0200 |
| commit | 13d93f5b25aa3e663146349583a0a8e01b216f7a (patch) | |
| tree | 494950eefa4b27c980ebce22eeafa58eab08892d /lib/public/Authentication | |
| parent | cad8824a8e7da7fcf61960b6502b307672651c2b (diff) | |
| download | nextcloud-server-13d93f5b25aa3e663146349583a0a8e01b216f7a.tar.gz nextcloud-server-13d93f5b25aa3e663146349583a0a8e01b216f7a.zip | |
Make 2FA providers stateful
This adds persistence to the Nextcloud server 2FA logic so that the server
knows which 2FA providers are enabled for a specific user at any time, even
when the provider is not available.
The `IStatefulProvider` interface was added as tagging interface for providers
that are compatible with this new API.
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
Diffstat (limited to 'lib/public/Authentication')
| -rw-r--r-- | lib/public/Authentication/TwoFactorAuth/IRegistry.php | 65 |
1 files changed, 65 insertions, 0 deletions
diff --git a/lib/public/Authentication/TwoFactorAuth/IRegistry.php b/lib/public/Authentication/TwoFactorAuth/IRegistry.php new file mode 100644 index 00000000000..5013892d402 --- /dev/null +++ b/lib/public/Authentication/TwoFactorAuth/IRegistry.php @@ -0,0 +1,65 @@ +<?php + +declare(strict_types = 1); + +/** + * @copyright 2018 Christoph Wurst <christoph@winzerhof-wurst.at> + * + * @author 2018 Christoph Wurst <christoph@winzerhof-wurst.at> + * + * @license GNU AGPL version 3 or any later version + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + */ + +namespace OCP\Authentication\TwoFactorAuth; + +use OCP\IUser; + +/** + * Nextcloud 2FA provider registry for stateful 2FA providers + * + * This service keeps track of which providers are currently active for a specific + * user. Stateful 2FA providers (IStatefulProvider) must use this service to save + * their enabled/disabled state. + * + * @since 14.0.0 + */ +interface IRegistry { + + /** + * Get a key-value map of providers and their enabled/disabled state for + * the given user. + * + * @since 14.0.0 + * @return string[] where the array key is the provider ID (string) and the + * value is the enabled state (bool) + */ + public function getProviderStates(IUser $user): array; + + /** + * Enable the given 2FA provider for the given user + * + * @since 14.0.0 + */ + public function enableProviderFor(IProvider $provider, IUser $user); + + /** + * Disable the given 2FA provider for the given user + * + * @since 14.0.0 + */ + public function disableProviderFor(IProvider $provider, IUser $user); +} |