mirror of
https://we.phorge.it/source/phorge.git
synced 2025-01-12 07:41:04 +01:00
Get rid of "throwResult()" for control flow in MFA factors
Summary: Depends on D20034. Ref T13222. This is just cleanup -- I thought we'd have like two of these, but we ended up having a whole lot in Duo and a decent number in SMS. Just let factors return a result explicitly if they can make a decision early. I think using `instanceof` for control flow is a lesser evil than using `catch`, on the balance. Test Plan: `grep`, went through enroll/gate flows on SMS and Duo. Reviewers: amckinley Reviewed By: amckinley Maniphest Tasks: T13222 Differential Revision: https://secure.phabricator.com/D20035
This commit is contained in:
parent
bce44385e1
commit
29b4fad941
5 changed files with 24 additions and 40 deletions
|
@ -2241,7 +2241,6 @@ phutil_register_library_map(array(
|
||||||
'PhabricatorAuthFactorProviderTransactionType' => 'applications/auth/xaction/PhabricatorAuthFactorProviderTransactionType.php',
|
'PhabricatorAuthFactorProviderTransactionType' => 'applications/auth/xaction/PhabricatorAuthFactorProviderTransactionType.php',
|
||||||
'PhabricatorAuthFactorProviderViewController' => 'applications/auth/controller/mfa/PhabricatorAuthFactorProviderViewController.php',
|
'PhabricatorAuthFactorProviderViewController' => 'applications/auth/controller/mfa/PhabricatorAuthFactorProviderViewController.php',
|
||||||
'PhabricatorAuthFactorResult' => 'applications/auth/factor/PhabricatorAuthFactorResult.php',
|
'PhabricatorAuthFactorResult' => 'applications/auth/factor/PhabricatorAuthFactorResult.php',
|
||||||
'PhabricatorAuthFactorResultException' => 'applications/auth/exception/PhabricatorAuthFactorResultException.php',
|
|
||||||
'PhabricatorAuthFactorTestCase' => 'applications/auth/factor/__tests__/PhabricatorAuthFactorTestCase.php',
|
'PhabricatorAuthFactorTestCase' => 'applications/auth/factor/__tests__/PhabricatorAuthFactorTestCase.php',
|
||||||
'PhabricatorAuthFinishController' => 'applications/auth/controller/PhabricatorAuthFinishController.php',
|
'PhabricatorAuthFinishController' => 'applications/auth/controller/PhabricatorAuthFinishController.php',
|
||||||
'PhabricatorAuthHMACKey' => 'applications/auth/storage/PhabricatorAuthHMACKey.php',
|
'PhabricatorAuthHMACKey' => 'applications/auth/storage/PhabricatorAuthHMACKey.php',
|
||||||
|
@ -7970,7 +7969,6 @@ phutil_register_library_map(array(
|
||||||
'PhabricatorAuthFactorProviderTransactionType' => 'PhabricatorModularTransactionType',
|
'PhabricatorAuthFactorProviderTransactionType' => 'PhabricatorModularTransactionType',
|
||||||
'PhabricatorAuthFactorProviderViewController' => 'PhabricatorAuthFactorProviderController',
|
'PhabricatorAuthFactorProviderViewController' => 'PhabricatorAuthFactorProviderController',
|
||||||
'PhabricatorAuthFactorResult' => 'Phobject',
|
'PhabricatorAuthFactorResult' => 'Phobject',
|
||||||
'PhabricatorAuthFactorResultException' => 'Exception',
|
|
||||||
'PhabricatorAuthFactorTestCase' => 'PhabricatorTestCase',
|
'PhabricatorAuthFactorTestCase' => 'PhabricatorTestCase',
|
||||||
'PhabricatorAuthFinishController' => 'PhabricatorAuthController',
|
'PhabricatorAuthFinishController' => 'PhabricatorAuthController',
|
||||||
'PhabricatorAuthHMACKey' => 'PhabricatorAuthDAO',
|
'PhabricatorAuthHMACKey' => 'PhabricatorAuthDAO',
|
||||||
|
|
|
@ -540,14 +540,22 @@ final class PhabricatorAuthSessionEngine extends Phobject {
|
||||||
$provider = $factor->getFactorProvider();
|
$provider = $factor->getFactorProvider();
|
||||||
$impl = $provider->getFactor();
|
$impl = $provider->getFactor();
|
||||||
|
|
||||||
try {
|
|
||||||
$new_challenges = $impl->getNewIssuedChallenges(
|
$new_challenges = $impl->getNewIssuedChallenges(
|
||||||
$factor,
|
$factor,
|
||||||
$viewer,
|
$viewer,
|
||||||
$issued_challenges);
|
$issued_challenges);
|
||||||
} catch (PhabricatorAuthFactorResultException $ex) {
|
|
||||||
|
// NOTE: We may get a list of challenges back, or may just get an early
|
||||||
|
// result. For example, this can happen on an SMS factor if all SMS
|
||||||
|
// mailers have been disabled.
|
||||||
|
if ($new_challenges instanceof PhabricatorAuthFactorResult) {
|
||||||
|
$result = $new_challenges;
|
||||||
|
|
||||||
|
if (!$result->getIsValid()) {
|
||||||
$ok = false;
|
$ok = false;
|
||||||
$validation_results[$factor_phid] = $ex->getResult();
|
}
|
||||||
|
|
||||||
|
$validation_results[$factor_phid] = $result;
|
||||||
$challenge_map[$factor_phid] = $issued_challenges;
|
$challenge_map[$factor_phid] = $issued_challenges;
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,17 +0,0 @@
|
||||||
<?php
|
|
||||||
|
|
||||||
final class PhabricatorAuthFactorResultException
|
|
||||||
extends Exception {
|
|
||||||
|
|
||||||
private $result;
|
|
||||||
|
|
||||||
public function __construct(PhabricatorAuthFactorResult $result) {
|
|
||||||
$this->result = $result;
|
|
||||||
parent::__construct();
|
|
||||||
}
|
|
||||||
|
|
||||||
public function getResult() {
|
|
||||||
return $this->result;
|
|
||||||
}
|
|
||||||
|
|
||||||
}
|
|
|
@ -141,6 +141,11 @@ abstract class PhabricatorAuthFactor extends Phobject {
|
||||||
$viewer,
|
$viewer,
|
||||||
$challenges);
|
$challenges);
|
||||||
|
|
||||||
|
if ($new_challenges instanceof PhabricatorAuthFactorResult) {
|
||||||
|
unset($unguarded);
|
||||||
|
return $new_challenges;
|
||||||
|
}
|
||||||
|
|
||||||
assert_instances_of($new_challenges, 'PhabricatorAuthChallenge');
|
assert_instances_of($new_challenges, 'PhabricatorAuthChallenge');
|
||||||
|
|
||||||
foreach ($new_challenges as $new_challenge) {
|
foreach ($new_challenges as $new_challenge) {
|
||||||
|
@ -493,10 +498,6 @@ abstract class PhabricatorAuthFactor extends Phobject {
|
||||||
$rows);
|
$rows);
|
||||||
}
|
}
|
||||||
|
|
||||||
final protected function throwResult(PhabricatorAuthFactorResult $result) {
|
|
||||||
throw new PhabricatorAuthFactorResultException($result);
|
|
||||||
}
|
|
||||||
|
|
||||||
final protected function getInstallDisplayName() {
|
final protected function getInstallDisplayName() {
|
||||||
$uri = PhabricatorEnv::getURI('/');
|
$uri = PhabricatorEnv::getURI('/');
|
||||||
$uri = new PhutilURI($uri);
|
$uri = new PhutilURI($uri);
|
||||||
|
|
|
@ -195,35 +195,29 @@ final class PhabricatorSMSAuthFactor
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!$this->loadUserContactNumber($viewer)) {
|
if (!$this->loadUserContactNumber($viewer)) {
|
||||||
$result = $this->newResult()
|
return $this->newResult()
|
||||||
->setIsError(true)
|
->setIsError(true)
|
||||||
->setErrorMessage(
|
->setErrorMessage(
|
||||||
pht(
|
pht(
|
||||||
'Your account has no primary contact number.'));
|
'Your account has no primary contact number.'));
|
||||||
|
|
||||||
$this->throwResult($result);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!$this->isSMSMailerConfigured()) {
|
if (!$this->isSMSMailerConfigured()) {
|
||||||
$result = $this->newResult()
|
return $this->newResult()
|
||||||
->setIsError(true)
|
->setIsError(true)
|
||||||
->setErrorMessage(
|
->setErrorMessage(
|
||||||
pht(
|
pht(
|
||||||
'No outbound mailer which can deliver SMS messages is '.
|
'No outbound mailer which can deliver SMS messages is '.
|
||||||
'configured.'));
|
'configured.'));
|
||||||
|
|
||||||
$this->throwResult($result);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!$this->hasCSRF($config)) {
|
if (!$this->hasCSRF($config)) {
|
||||||
$result = $this->newResult()
|
return $this->newResult()
|
||||||
->setIsContinue(true)
|
->setIsContinue(true)
|
||||||
->setErrorMessage(
|
->setErrorMessage(
|
||||||
pht(
|
pht(
|
||||||
'A text message with an authorization code will be sent to your '.
|
'A text message with an authorization code will be sent to your '.
|
||||||
'primary contact number.'));
|
'primary contact number.'));
|
||||||
|
|
||||||
$this->throwResult($result);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
// Otherwise, issue a new challenge.
|
// Otherwise, issue a new challenge.
|
||||||
|
|
Loading…
Reference in a new issue