OXDEV-9927 Create VerificatorCollector and move classes

Author: NikolaIvanovski

metadata.php

@@ -177,7 +177,7 @@
             'group' => 'two_factor_auth',
             'name'  => TwoFactorAuthModuleSettings::TWO_FACTOR_TYPE,
             'type'  => 'select',
-            'constraints' => 'otp|totp|both',
+            'constraints' => 'otp|totp',
             'value' => ''
         ],
     ],

src/Authentication/TwoFactorAuth/Controller/TwoFactorAuthController.php

@@ -4,11 +4,10 @@
 
 use OxidEsales\Eshop\Application\Controller\FrontendController;
 use OxidEsales\Eshop\Core\Registry;
-use OxidEsales\SecurityModule\Authentication\TwoFactorAuth\Service\Provider\OTP\Service\OTPServiceInterface;
+use OxidEsales\SecurityModule\Authentication\TwoFactorAuth\Service\AuthorizeServiceInterface;
 
 class TwoFactorAuthController extends FrontendController
 {
-
     protected $_sThisTemplate = '@oe_security_module/templates/two_factor_auth';
 
     private function handleOTP(): void
@@ -23,6 +22,9 @@ private function handleOTP(): void
 
     public function render()
     {
-        return parent::render(); // TODO: Change the autogenerated stub
+        $authorizeService = $this->getService(AuthorizeServiceInterface::class);
+        $authorizeService->generate();
+
+        exit;
     }
 }

src/Authentication/TwoFactorAuth/DTO/User.php

@@ -9,17 +9,23 @@
 
 namespace OxidEsales\SecurityModule\Authentication\TwoFactorAuth\DTO;
 
-use DateTimeInterface;
+use DateTimeImmutable;
 
 class User implements UserInterface
 {
     public function __construct(
+        private readonly string $userId,
         private readonly ?string $code,
         private readonly ?int $attempts,
-        private readonly ?DateTimeInterface $expiresAt,
+        private readonly ?int $expiresAt,
     ) {
     }
 
+    public function getId(): string
+    {
+        return $this->userId;
+    }
+
     public function getCode(): ?string
     {
         return $this->code;
@@ -30,8 +36,10 @@ public function getAttempts(): ?int
         return $this->attempts;
     }
 
-    public function getExpiresAt(): ?DateTimeInterface
+    public function getExpiresAt(): ?DateTimeImmutable
     {
-        return $this->expiresAt;
+        $dateTime = new DateTimeImmutable();
+
+        return $dateTime->setTimestamp($this->expiresAt);
     }
 }

src/Authentication/TwoFactorAuth/DTO/UserInterface.php

@@ -7,13 +7,15 @@
 
 namespace OxidEsales\SecurityModule\Authentication\TwoFactorAuth\DTO;
 
-use DateTimeInterface;
+use DateTimeImmutable;
 
 interface UserInterface
 {
+    public function getId(): string;
+
     public function getCode(): ?string;
 
     public function getAttempts(): ?int;
 
-    public function getExpiresAt(): ?DateTimeInterface;
+    public function getExpiresAt(): ?DateTimeImmutable;
 }

src/Authentication/TwoFactorAuth/Exception/VerificatorNotFoundException.php

@@ -0,0 +1,14 @@
+<?php
+
+/**
+ * Copyright © OXID eSales AG. All rights reserved.
+ * See LICENSE file for license details.
+ */
+
+declare(strict_types=1);
+
+namespace OxidEsales\SecurityModule\Authentication\TwoFactorAuth\Exception;
+
+class VerificatorNotFoundException extends \Exception
+{
+}

src/Authentication/TwoFactorAuth/Infrastructure/Repository/UserRepository.php

@@ -9,8 +9,9 @@
 
 namespace OxidEsales\SecurityModule\Authentication\TwoFactorAuth\Infrastructure\Repository;
 
+use DateTime;
 use OxidEsales\EshopCommunity\Internal\Framework\Database\QueryBuilderFactoryInterface;
-use OxidEsales\SecurityModule\Authentication\TwoFactorAuth\DataObject\UserInterface;
+use OxidEsales\SecurityModule\Authentication\TwoFactorAuth\DTO\User as UserDTO;
 use OxidEsales\SecurityModule\Authentication\TwoFactorAuth\Infrastructure\Factory\UserFactoryInterface;
 
 class UserRepository implements UserRepositoryInterface
@@ -21,21 +22,36 @@ public function __construct(
     ) {
     }
 
+    public function getUserOTPData(string $userId): UserDTO
+    {
+        //todo: exception if not found
+        //todo: use query builder
+        $userModel = $this->userFactory->create();
+        $userModel->load($userId);
+
+        return new UserDTO(
+            $userModel->getId(),
+            $userModel->getFieldData('OTPCODE'),
+            (int) $userModel->getFieldData('OTPATTEMPTS'),
+            new DateTime($userModel->getFieldData('OTPEXPIRETIME'))
+        );
+    }
+
     public function addOTPtoUser(string $userId, string $otp, int $expiresAt): bool
     {
         $userModel = $this->userFactory->create();
         $userModel->load($userId);
         $userModel->assign([
             'OESMOTPCODE'       => $otp,
-            'OESMOTPEXPTIME' => $expiresAt,
+            'OESMOTPEXPTIME'    => $expiresAt,
             'OESMOTPATTEMPTS'   => 0,
         ]);
         $userModel->save();
 
         return true;
     }
 
-    public function updateAttempts(string $userId, int $attempts): int
+    public function updateAttempts(string $userId, int $attempts): void
     {
         $userModel = $this->userFactory->create();
         $userModel->load($userId);

src/Authentication/TwoFactorAuth/Infrastructure/Repository/UserRepositoryInterface.php

@@ -7,9 +7,13 @@
 
 namespace OxidEsales\SecurityModule\Authentication\TwoFactorAuth\Infrastructure\Repository;
 
+use OxidEsales\SecurityModule\Authentication\TwoFactorAuth\DTO\User as UserDTO;
+
 interface UserRepositoryInterface
 {
-    public function updateAttempts(string $userId, int $attempts): int;
+    public function getUserOTPData(string $userId): UserDTO;
+
+    public function updateAttempts(string $userId, int $attempts): void;
 
     public function resetCodeFields(string $userId): void;
 

src/Authentication/TwoFactorAuth/Service/AuthorizeService.php

@@ -11,13 +11,37 @@
 
 class AuthorizeService implements AuthorizeServiceInterface
 {
+    public function __construct(
+        private ModuleSettingsServiceInterface $moduleSettings,
+        private VerificationCollectorServiceInterface $verificationCollectorService,
+        private NotifierCollectorInterface $notifierCollectorService,
+    ) {
+    }
+
     public function validate(): void
     {
-        //todo: call correct provider service to validate the code
+        $activeVerificator = $this->moduleSettings->getTwoFactorAuthType();
+
+        $verificator = $this->verificationCollectorService->getVerificator(
+            $activeVerificator
+        );
+        //todo: use transput to get the code from request
+        //todo: use session to get user id
+        $verificator->validateCode(uniqid(), uniqid());
     }
 
-    public function generate($userName): void
+    public function generate(): void
     {
-        //todo: call correct provider service to generate the code
+        $activeVerificator = $this->moduleSettings->getTwoFactorAuthType();
+
+        $verificator = $this->verificationCollectorService->getVerificator(
+            $activeVerificator
+        );
+        //todo: use session to get user id
+        $OTPCode = $verificator->generate(uniqid());
+
+        //todo: module setting?
+        $notifier = $this->notifierCollectorService->getNotifier('email');
+        $notifier->notify('localhost@localhost.local', $OTPCode);
     }
 }

src/Authentication/TwoFactorAuth/Service/AuthorizeServiceInterface.php

@@ -11,5 +11,5 @@ interface AuthorizeServiceInterface
 {
     public function validate(): void;
 
-    public function generate($userName): void;
+    public function generate(): void;
 }