90 lines
No EOL
3.6 KiB
PHP
90 lines
No EOL
3.6 KiB
PHP
<?php
|
|
|
|
namespace Socialbox\Classes\StandardMethods;
|
|
|
|
use Exception;
|
|
use Socialbox\Abstracts\Method;
|
|
use Socialbox\Classes\Cryptography;
|
|
use Socialbox\Enums\Flags\SessionFlags;
|
|
use Socialbox\Enums\StandardError;
|
|
use Socialbox\Exceptions\DatabaseOperationException;
|
|
use Socialbox\Exceptions\StandardException;
|
|
use Socialbox\Interfaces\SerializableInterface;
|
|
use Socialbox\Managers\OneTimePasswordManager;
|
|
use Socialbox\Managers\PasswordManager;
|
|
use Socialbox\Managers\SessionManager;
|
|
use Socialbox\Objects\ClientRequest;
|
|
use Socialbox\Objects\RpcRequest;
|
|
|
|
class SettingsSetOtp extends Method
|
|
{
|
|
/**
|
|
* @inheritDoc
|
|
*/
|
|
public static function execute(ClientRequest $request, RpcRequest $rpcRequest): ?SerializableInterface
|
|
{
|
|
$peer = $request->getPeer();
|
|
|
|
try
|
|
{
|
|
if (OneTimePasswordManager::usesOtp($peer->getUuid()))
|
|
{
|
|
return $rpcRequest->produceError(StandardError::METHOD_NOT_ALLOWED, "Cannot set One Time Password when one is already set, use 'settingsUpdateOtp' instead");
|
|
}
|
|
}
|
|
catch (DatabaseOperationException $e)
|
|
{
|
|
throw new StandardException('Failed to check One Time Password due to an internal exception', StandardError::INTERNAL_SERVER_ERROR, $e);
|
|
}
|
|
|
|
try
|
|
{
|
|
$usesPassword = PasswordManager::usesPassword($peer);
|
|
}
|
|
catch (DatabaseOperationException $e)
|
|
{
|
|
throw new StandardException('Failed to check password usage due to an internal exception', StandardError::INTERNAL_SERVER_ERROR, $e);
|
|
}
|
|
|
|
// Password verification is required to set an OTP if a password is set
|
|
if($usesPassword)
|
|
{
|
|
if(!$rpcRequest->containsParameter('password'))
|
|
{
|
|
return $rpcRequest->produceError(StandardError::RPC_INVALID_ARGUMENTS, 'When a password is set, the current password must be provided to set an OTP');
|
|
}
|
|
|
|
if(!Cryptography::validateSha512($rpcRequest->getParameter('password')))
|
|
{
|
|
return $rpcRequest->produceError(StandardError::RPC_INVALID_ARGUMENTS, 'The provided password is not a valid SHA-512 hash');
|
|
}
|
|
|
|
try
|
|
{
|
|
if(!PasswordManager::verifyPassword($peer, $rpcRequest->getParameter('password')))
|
|
{
|
|
return $rpcRequest->produceError(StandardError::FORBIDDEN, 'The provided password is incorrect');
|
|
}
|
|
}
|
|
catch(Exception $e)
|
|
{
|
|
throw new StandardException('Failed to verify password due to an internal exception', StandardError::INTERNAL_SERVER_ERROR, $e);
|
|
}
|
|
}
|
|
|
|
try
|
|
{
|
|
// Create a new OTP and return the OTP URI to the client
|
|
$totpUri = OneTimePasswordManager::createOtp($peer);
|
|
|
|
// Remove the SET_PASSWORD flag & update the session flow if necessary
|
|
SessionManager::updateFlow($request->getSession(), [SessionFlags::SET_OTP]);
|
|
}
|
|
catch(Exception $e)
|
|
{
|
|
throw new StandardException('Failed to set password due to an internal exception', StandardError::INTERNAL_SERVER_ERROR, $e);
|
|
}
|
|
|
|
return $rpcRequest->produceResponse($totpUri);
|
|
}
|
|
} |