diff --git a/src/applications/auth/engine/PhabricatorAuthSessionEngine.php b/src/applications/auth/engine/PhabricatorAuthSessionEngine.php index 98ec8b744a..4ce86e8f97 100644 --- a/src/applications/auth/engine/PhabricatorAuthSessionEngine.php +++ b/src/applications/auth/engine/PhabricatorAuthSessionEngine.php @@ -345,6 +345,33 @@ final class PhabricatorAuthSessionEngine extends Phobject { /* -( High Security )------------------------------------------------------ */ + /** + * Require the user respond to a high security (MFA) check. + * + * This method differs from @{method:requireHighSecuritySession} in that it + * does not upgrade the user's session as a side effect. This method is + * appropriate for one-time checks. + * + * @param PhabricatorUser User whose session needs to be in high security. + * @param AphrontReqeust Current request. + * @param string URI to return the user to if they cancel. + * @return PhabricatorAuthHighSecurityToken Security token. + * @task hisec + */ + public function requireHighSecurityToken( + PhabricatorUser $viewer, + AphrontRequest $request, + $cancel_uri) { + + return $this->newHighSecurityToken( + $viewer, + $request, + $cancel_uri, + false, + false); + } + + /** * Require high security, or prompt the user to enter high security. * @@ -352,6 +379,11 @@ final class PhabricatorAuthSessionEngine extends Phobject { * token. Otherwise, it will throw an exception which will eventually * be converted into a multi-factor authentication workflow. * + * This method upgrades the user's session to high security for a short + * period of time, and is appropriate if you anticipate they may need to + * take multiple high security actions. To perform a one-time check instead, + * use @{method:requireHighSecurityToken}. + * * @param PhabricatorUser User whose session needs to be in high security. * @param AphrontReqeust Current request. * @param string URI to return the user to if they cancel. @@ -367,11 +399,30 @@ final class PhabricatorAuthSessionEngine extends Phobject { $cancel_uri, $jump_into_hisec = false) { + return $this->newHighSecurityToken( + $viewer, + $request, + $cancel_uri, + false, + true); + } + + private function newHighSecurityToken( + PhabricatorUser $viewer, + AphrontRequest $request, + $cancel_uri, + $jump_into_hisec, + $upgrade_session) { + if (!$viewer->hasSession()) { throw new Exception( pht('Requiring a high-security session from a user with no session!')); } + // TODO: If a user answers a "requireHighSecurityToken()" prompt and hits + // a "requireHighSecuritySession()" prompt a short time later, the one-shot + // token should be good enough to upgrade the session. + $session = $viewer->getSession(); // Check if the session is already in high security mode. @@ -441,6 +492,11 @@ final class PhabricatorAuthSessionEngine extends Phobject { return $this->issueHighSecurityToken($session, true); } + // If we aren't upgrading the session itself, just issue a token. + if (!$upgrade_session) { + return $this->issueHighSecurityToken($session, true); + } + $until = time() + phutil_units('15 minutes in seconds'); $session->setHighSecurityUntil($until); diff --git a/src/applications/legalpad/controller/LegalpadDocumentSignController.php b/src/applications/legalpad/controller/LegalpadDocumentSignController.php index 1748dba452..8ef35e3493 100644 --- a/src/applications/legalpad/controller/LegalpadDocumentSignController.php +++ b/src/applications/legalpad/controller/LegalpadDocumentSignController.php @@ -149,15 +149,16 @@ final class LegalpadDocumentSignController extends LegalpadController { } $errors = array(); + $hisec_token = null; if ($request->isFormOrHisecPost() && !$has_signed) { // Require two-factor auth to sign legal documents. if ($viewer->isLoggedIn()) { - $engine = new PhabricatorAuthSessionEngine(); - $engine->requireHighSecuritySession( - $viewer, - $request, - '/'.$document->getMonogram()); + $hisec_token = id(new PhabricatorAuthSessionEngine()) + ->requireHighSecurityToken( + $viewer, + $request, + $document->getURI()); } list($form_data, $errors, $field_errors) = $this->readSignatureForm( diff --git a/src/applications/legalpad/storage/LegalpadDocument.php b/src/applications/legalpad/storage/LegalpadDocument.php index 55d1ef9fa9..004802de39 100644 --- a/src/applications/legalpad/storage/LegalpadDocument.php +++ b/src/applications/legalpad/storage/LegalpadDocument.php @@ -120,7 +120,7 @@ final class LegalpadDocument extends LegalpadDAO return 'L'.$this->getID(); } - public function getViewURI() { + public function getURI() { return '/'.$this->getMonogram(); }