OXDEV-9078 Implement challenge trigger method

Author: Sieg

src/Authentication/TwoFactorAuth/OTP/OtpFacade.php

@@ -9,15 +9,23 @@
 
 namespace OxidEsales\SecurityModule\Authentication\TwoFactorAuth\OTP;
 
+use OxidEsales\Eshop\Core\Utils;
+use OxidEsales\SecurityModule\Authentication\TwoFactorAuth\OTP\Notifier\Factory\OtpNotifierFactoryInterface;
 use OxidEsales\SecurityModule\Authentication\TwoFactorAuth\OTP\Service\OtpChallengeStateServiceInterface;
+use OxidEsales\SecurityModule\Authentication\TwoFactorAuth\OTP\Service\OtpCodeGeneratorServiceInterface;
 use OxidEsales\SecurityModule\Authentication\TwoFactorAuth\OTP\Service\OtpCodeValidatorServiceInterface;
+use OxidEsales\SecurityModule\Authentication\TwoFactorAuth\Settings\TwoFASettingsInterface;
 use OxidEsales\SecurityModule\Authentication\TwoFactorAuth\Service\TwoFAServiceInterface;
 
 class OtpFacade implements TwoFAServiceInterface
 {
     public function __construct(
         private OtpChallengeStateServiceInterface $stateService,
         private OtpCodeValidatorServiceInterface $codeValidator,
+        private OtpCodeGeneratorServiceInterface $codeGenerator,
+        private OtpNotifierFactoryInterface $notifierFactory,
+        private TwoFASettingsInterface $settings,
+        private Utils $utils,
     ) {
     }
 
@@ -34,7 +42,12 @@ public function isVerified(string $userId): bool
 
     public function triggerChallenge(string $userId): void
     {
-        // todo-critical: implement
+        $code = $this->codeGenerator->generateCode();
+
+        $this->stateService->createChallengeState($userId, $code);
+        $this->notifierFactory->create($userId)->notify($userId, $code);
+
+        $this->utils->redirect($this->settings->getVerificationUrl());
     }
 
     public function invalidateChallenge(string $userId): void

src/Authentication/TwoFactorAuth/OTP/services.yaml

@@ -7,5 +7,7 @@ services:
   _defaults:
     autowire: true
     public: false
+    bind:
+      OxidEsales\Eshop\Core\Utils: '@=service("OxidEsales\\SecurityModule\\Core\\Registry").getUtils()'
 
   OxidEsales\SecurityModule\Authentication\TwoFactorAuth\OTP\OtpFacade: ~

src/Authentication/TwoFactorAuth/services.yaml

@@ -4,4 +4,5 @@ imports:
   - { resource: Transput/services.yaml }
   - { resource: Controller/services.yaml }
   - { resource: Factory/services.yaml }
+  - { resource: Settings/services.yaml }
   - { resource: OTP/services.yaml }

tests/Unit/Authentication/TwoFactorAuth/OTP/OtpFacadeTest.php

@@ -10,9 +10,14 @@
 namespace OxidEsales\SecurityModule\Tests\Unit\Authentication\TwoFactorAuth\OTP;
 
 use DateTimeImmutable;
+use OxidEsales\Eshop\Core\Utils;
+use OxidEsales\SecurityModule\Authentication\TwoFactorAuth\OTP\Notifier\Factory\OtpNotifierFactoryInterface;
+use OxidEsales\SecurityModule\Authentication\TwoFactorAuth\OTP\Notifier\OtpNotifierInterface;
 use OxidEsales\SecurityModule\Authentication\TwoFactorAuth\OTP\OtpFacade;
 use OxidEsales\SecurityModule\Authentication\TwoFactorAuth\OTP\Service\OtpChallengeStateServiceInterface;
+use OxidEsales\SecurityModule\Authentication\TwoFactorAuth\OTP\Service\OtpCodeGeneratorServiceInterface;
 use OxidEsales\SecurityModule\Authentication\TwoFactorAuth\OTP\Service\OtpCodeValidatorServiceInterface;
+use OxidEsales\SecurityModule\Authentication\TwoFactorAuth\Settings\TwoFASettingsInterface;
 use OxidEsales\SecurityModule\Authentication\TwoFactorAuth\OTP\DTO\OtpChallengeStateInterface;
 use OxidEsales\SecurityModule\Authentication\TwoFactorAuth\Service\TwoFAServiceInterface;
 use PHPUnit\Framework\Attributes\Test;
@@ -113,13 +118,59 @@ public function verifyTriggersCodeValidator(): void
         $sut->verify(userId: $userId, code: $code);
     }
 
+    #[Test]
+    public function triggerChallengeGeneratesCodeCreatesStateAndNotifies(): void
+    {
+        $codeGeneratorStub = $this->createStub(OtpCodeGeneratorServiceInterface::class);
+        $codeGeneratorStub->method('generateCode')->willReturn($code = uniqid());
+
+        $stateServiceSpy = $this->createMock(OtpChallengeStateServiceInterface::class);
+        $stateServiceSpy->expects($this->once())
+            ->method('createChallengeState')
+            ->with($userId = uniqid(), $code);
+
+        $notifierSpy = $this->createMock(OtpNotifierInterface::class);
+        $notifierSpy->expects($this->once())
+            ->method('notify')
+            ->with($userId, $code);
+
+        $notifierFactoryStub = $this->createStub(OtpNotifierFactoryInterface::class);
+        $notifierFactoryStub->method('create')->willReturn($notifierSpy);
+
+        $settingsStub = $this->createStub(TwoFASettingsInterface::class);
+        $settingsStub->method('getVerificationUrl')->willReturn($verificationUrl = uniqid());
+
+        $utilsSpy = $this->createMock(Utils::class);
+        $utilsSpy->expects($this->once())
+            ->method('redirect')
+            ->with($verificationUrl);
+
+        $sut = $this->getSut(
+            stateService: $stateServiceSpy,
+            codeGenerator: $codeGeneratorStub,
+            notifierFactory: $notifierFactoryStub,
+            settings: $settingsStub,
+            utils: $utilsSpy,
+        );
+
+        $sut->triggerChallenge(userId: $userId);
+    }
+
     private function getSut(
         OtpChallengeStateServiceInterface $stateService = null,
         OtpCodeValidatorServiceInterface $codeValidator = null,
+        OtpCodeGeneratorServiceInterface $codeGenerator = null,
+        OtpNotifierFactoryInterface $notifierFactory = null,
+        TwoFASettingsInterface $settings = null,
+        Utils $utils = null,
     ): OtpFacade {
         return new OtpFacade(
             stateService: $stateService ?? $this->createStub(OtpChallengeStateServiceInterface::class),
             codeValidator: $codeValidator ?? $this->createStub(OtpCodeValidatorServiceInterface::class),
+            codeGenerator: $codeGenerator ?? $this->createStub(OtpCodeGeneratorServiceInterface::class),
+            notifierFactory: $notifierFactory ?? $this->createStub(OtpNotifierFactoryInterface::class),
+            settings: $settings ?? $this->createStub(TwoFASettingsInterface::class),
+            utils: $utils ?? $this->createStub(Utils::class),
         );
     }
 }