From 5ff61c8d0f24278bcf93f0c0166e24ec994aa6a5 Mon Sep 17 00:00:00 2001 From: Piers Gillingham Date: Wed, 22 Mar 2023 10:50:25 +0900 Subject: [PATCH 1/8] =?UTF-8?q?=E3=82=B3=E3=83=BC=E3=83=89=E3=81=AE?= =?UTF-8?q?=E6=95=B4=E7=90=86?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- EventListener/CustomerTwoFactorAuthListener.php | 2 +- Repository/TwoFactorAuthCustomerCookieRepository.php | 8 +++++++- 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/EventListener/CustomerTwoFactorAuthListener.php b/EventListener/CustomerTwoFactorAuthListener.php index 31c2983..fa9b90c 100755 --- a/EventListener/CustomerTwoFactorAuthListener.php +++ b/EventListener/CustomerTwoFactorAuthListener.php @@ -207,7 +207,7 @@ public function logoutEvent(LogoutEvent $logoutEvent) { $this->customerTwoFactorAuthService->clear2AuthCookies($logoutEvent->getRequest(), $logoutEvent->getResponse()); $Customer = $this->requestContext->getCurrentUser(); - if ($Customer) { + if ($Customer !== null) { $this->twoFactorAuthCustomerCookieRepository->deleteByCustomer($Customer); } } diff --git a/Repository/TwoFactorAuthCustomerCookieRepository.php b/Repository/TwoFactorAuthCustomerCookieRepository.php index b68796a..3642cd5 100644 --- a/Repository/TwoFactorAuthCustomerCookieRepository.php +++ b/Repository/TwoFactorAuthCustomerCookieRepository.php @@ -138,7 +138,13 @@ public function deleteByCustomer(Customer $customer) $em = $this->getEntityManager(); $em->beginTransaction(); - $em->createQuery("DELETE Plugin\TwoFactorAuthCustomer42\Entity\TwoFactorAuthCustomerCookie tfcc WHERE tfcc.Customer = :customer")->execute(['customer' => $customer]); + $this->createQueryBuilder('tfcc') + ->delete() + ->where('tfcc.Customer = :customer') + ->setParameter('customer', $customer) + ->getQuery() + ->execute(); + $em->flush(); $em->commit(); From 26ed4b194aa421e844aede654c24a3d74c0ded25 Mon Sep 17 00:00:00 2001 From: Piers Gillingham Date: Wed, 22 Mar 2023 10:53:48 +0900 Subject: [PATCH 2/8] =?UTF-8?q?=E6=94=B9=E8=A1=8C=E3=81=AE=E8=BF=BD?= =?UTF-8?q?=E5=8A=A0?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- Repository/TwoFactorAuthCustomerCookieRepository.php | 1 + 1 file changed, 1 insertion(+) diff --git a/Repository/TwoFactorAuthCustomerCookieRepository.php b/Repository/TwoFactorAuthCustomerCookieRepository.php index 3642cd5..8d7d4f5 100644 --- a/Repository/TwoFactorAuthCustomerCookieRepository.php +++ b/Repository/TwoFactorAuthCustomerCookieRepository.php @@ -55,6 +55,7 @@ public function generateCookieData( int $CookieValueCharacterLength ): TwoFactorAuthCustomerCookie { /** @var TwoFactorAuthCustomerCookie[]|null $previousCookies */ + $previousCookies = $this->findOldCookies($customer, $cookieName); foreach ($previousCookies as $cookie) { $this->getEntityManager()->remove($cookie); From a0015a8d675f36de36226df092c6b58c6f565ec0 Mon Sep 17 00:00:00 2001 From: Piers Gillingham Date: Thu, 23 Mar 2023 10:56:29 +0900 Subject: [PATCH 3/8] =?UTF-8?q?API=E3=83=88=E3=83=BC=E3=82=AF=E3=83=B3?= =?UTF-8?q?=E9=A0=85=E7=9B=AE=E3=81=AE=E3=83=9E=E3=82=B9=E3=82=AD=E3=83=B3?= =?UTF-8?q?=E3=82=B0=20https://github.com/EC-CUBE/TwoFactorAuthCustomer42/?= =?UTF-8?q?issues/19?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- Resource/template/admin/config.twig | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Resource/template/admin/config.twig b/Resource/template/admin/config.twig index 21caf01..a914638 100644 --- a/Resource/template/admin/config.twig +++ b/Resource/template/admin/config.twig @@ -41,7 +41,7 @@ {{ 'admin.common.required'|trans }}
- {{ form_widget(form.api_secret) }} + {{ form_widget(form.api_secret, { type : 'password'}) }} {{ form_errors(form.api_secret) }}
From 23ca63d870c89ddc9f25809a1ceeb323807c1ad6 Mon Sep 17 00:00:00 2001 From: Piers Gillingham Date: Fri, 24 Mar 2023 18:21:12 +0900 Subject: [PATCH 4/8] =?UTF-8?q?findOneBy=E3=81=A7=E3=81=AF=E3=81=AA?= =?UTF-8?q?=E3=81=8Fcount=E3=82=92=E5=88=A9=E7=94=A8=E3=81=99=E3=82=8B?= =?UTF-8?q?=E3=82=88=E3=81=86=E3=81=AB=E4=BF=AE=E6=AD=A3=E3=81=97=E3=81=BE?= =?UTF-8?q?=E3=81=97=E3=81=9F=E3=80=82=20https://github.com/EC-CUBE/TwoFac?= =?UTF-8?q?torAuthCustomer42/pull/3#discussion=5Fr1147157803?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- Controller/CustomerPersonalValidationController.php | 4 ++-- Event.php | 2 +- .../Extension/Admin/TwoFactorAuthBaseSettingTypeExtension.php | 2 +- PluginManager.php | 4 ++-- 4 files changed, 6 insertions(+), 6 deletions(-) diff --git a/Controller/CustomerPersonalValidationController.php b/Controller/CustomerPersonalValidationController.php index ef3f382..37a930b 100644 --- a/Controller/CustomerPersonalValidationController.php +++ b/Controller/CustomerPersonalValidationController.php @@ -104,7 +104,7 @@ public function deviceAuthInputOneTime(Request $request, $secret_key) // 送信電話番号をセッションより取得 $phoneNumber = $this->session->get(CustomerTwoFactorAuthService::SESSION_AUTHED_PHONE_NUMBER); // 認証済みの電話番号でないかチェック - if ($this->customerRepository->findOneBy(['device_authed_phone_number' => $phoneNumber]) === null) { + if ($this->customerRepository->count(['device_authed_phone_number' => $phoneNumber]) === 0) { // 未認証であれば登録 $Customer->setDeviceAuthed(true); $Customer->setDeviceAuthedPhoneNumber($phoneNumber); @@ -175,7 +175,7 @@ public function deviceAuthSendOneTime(Request $request, $secret_key) if ($form->isSubmitted() && $form->isValid()) { // 認証済みの電話番号でないかチェック $phoneNumber = $form->get('phone_number')->getData(); - if ($this->customerRepository->findOneBy(['device_authed_phone_number' => $phoneNumber]) === null) { + if ($this->customerRepository->count(['device_authed_phone_number' => $phoneNumber]) === 0) { // 未認証の場合、入力電話番号へワンタイムコードを送信 $this->sendDeviceToken($Customer, $phoneNumber); // 送信電話番号をセッションへ一時格納 diff --git a/Event.php b/Event.php index 7aac073..54c7850 100644 --- a/Event.php +++ b/Event.php @@ -34,7 +34,7 @@ class Event implements EventSubscriberInterface */ public function __construct(TwoFactorAuthTypeRepository $twoFactorAuthTypeRepository) { - $this->hasActiveAuthType = $twoFactorAuthTypeRepository->findOneBy(['isDisabled' => false]) !== null; + $this->hasActiveAuthType = $twoFactorAuthTypeRepository->count(['isDisabled' => false]) > 0; } public static function getSubscribedEvents(): array diff --git a/Form/Type/Extension/Admin/TwoFactorAuthBaseSettingTypeExtension.php b/Form/Type/Extension/Admin/TwoFactorAuthBaseSettingTypeExtension.php index 80aed99..7efd56a 100644 --- a/Form/Type/Extension/Admin/TwoFactorAuthBaseSettingTypeExtension.php +++ b/Form/Type/Extension/Admin/TwoFactorAuthBaseSettingTypeExtension.php @@ -63,7 +63,7 @@ public function buildForm(FormBuilderInterface $builder, array $options) $builder->addEventListener(FormEvents::POST_SET_DATA, function (FormEvent $event) { $form = $event->getForm(); - if ($this->entityManager->getRepository(TwoFactorAuthType::class)->findOneBy(['isDisabled' => false]) !== null) { + if ($this->entityManager->getRepository(TwoFactorAuthType::class)->count(['isDisabled' => false]) > 0) { $form->add('two_factor_auth_use', ToggleSwitchType::class, [ 'required' => false, 'mapped' => true, diff --git a/PluginManager.php b/PluginManager.php index 06eceb9..c0f55e4 100644 --- a/PluginManager.php +++ b/PluginManager.php @@ -95,8 +95,8 @@ protected function copyTwigFiles(ContainerInterface $container) protected function createPages(EntityManagerInterface $em) { foreach ($this->pages as $p) { - $Page = $em->getRepository(Page::class)->findOneBy(['url' => $p[0]]); - if (!$Page) { + $hasPage = $em->getRepository(Page::class)->count(['url' => $p[0]]) > 0; + if (!$hasPage) { /** @var Page $Page */ $Page = $em->getRepository(Page::class)->newPage(); $Page->setEditType(Page::EDIT_TYPE_DEFAULT); From 129c07021bd2afe463c516b14b46e8da45e80ac2 Mon Sep 17 00:00:00 2001 From: Piers Gillingham Date: Fri, 24 Mar 2023 18:55:44 +0900 Subject: [PATCH 5/8] =?UTF-8?q?=E3=83=AF=E3=83=B3=E3=82=BF=E3=82=A4?= =?UTF-8?q?=E3=83=A0=E3=83=91=E3=82=B9=E3=83=AF=E3=83=BC=E3=83=89=E3=81=AE?= =?UTF-8?q?=E6=A1=81=E6=95=B0=E3=82=92=E5=AE=9A=E6=95=B0=E3=81=8B=E3=82=89?= =?UTF-8?q?=E7=92=B0=E5=A2=83=E5=A4=89=E6=95=B0=E3=81=AB=E7=A7=BB=E5=8B=95?= =?UTF-8?q?=E3=81=99=E3=82=8B=E3=80=82=20https://github.com/EC-CUBE/TwoFac?= =?UTF-8?q?torAuthCustomer42/pull/3#discussion=5Fr1147164107?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- Resource/config/services.yaml | 2 ++ Service/CustomerTwoFactorAuthService.php | 14 ++++++++------ 2 files changed, 10 insertions(+), 6 deletions(-) diff --git a/Resource/config/services.yaml b/Resource/config/services.yaml index 6be5676..d902e5f 100644 --- a/Resource/config/services.yaml +++ b/Resource/config/services.yaml @@ -20,6 +20,7 @@ parameters: env(PLUGIN_ECCUBE_2FA_ROUTE_CUSTOMER_COOKIE_NAME): 'plugin_eccube_route_customer_2fa' env(PLUGIN_ECCUBE_2FA_ROUTE_CUSTOMER_EXPIRE): '3600' env(PLUGIN_ECCUBE_2FA_ROUTE_COOKIE_VALUE_CHARACTER_LENGTH): '64' + env(PLUGIN_ECCUBE_2FA_ONE_TIME_TOKEN_LENGTH): '6' env(PLUGIN_ECCUBE_2FA_ONE_TIME_TOKEN_EXPIRE_AFTER_SECONDS): '300' plugin_eccube_2fa_customer_cookie_name: '%env(PLUGIN_ECCUBE_2FA_CUSTOMER_COOKIE_NAME)%' @@ -27,4 +28,5 @@ parameters: plugin_eccube_2fa_customer_expire: '%env(PLUGIN_ECCUBE_2FA_CUSTOMER_EXPIRE)%' plugin_eccube_2fa_route_customer_expire: '%env(PLUGIN_ECCUBE_2FA_ROUTE_CUSTOMER_EXPIRE)%' plugin_eccube_2fa_route_cookie_value_character_length: '%env(PLUGIN_ECCUBE_2FA_ROUTE_COOKIE_VALUE_CHARACTER_LENGTH)%' + plugin_eccube_2fa_one_time_token_length: '%env(PLUGIN_ECCUBE_2FA_ONE_TIME_TOKEN_LENGTH)%' plugin_eccube_2fa_one_time_token_expire_after_seconds: '%env(PLUGIN_ECCUBE_2FA_ONE_TIME_TOKEN_EXPIRE_AFTER_SECONDS)%' diff --git a/Service/CustomerTwoFactorAuthService.php b/Service/CustomerTwoFactorAuthService.php index de76427..8e95bd2 100644 --- a/Service/CustomerTwoFactorAuthService.php +++ b/Service/CustomerTwoFactorAuthService.php @@ -44,11 +44,6 @@ class CustomerTwoFactorAuthService */ public const SESSION_CALL_BACK_URL = 'plugin_eccube_customer_2fa_call_back_url'; - /** - * ワンタイムトークンの桁数 - */ - public const TOKEN_LENGTH = 6; - /** * @var ContainerInterface */ @@ -99,6 +94,11 @@ class CustomerTwoFactorAuthService */ private $twoFactorAuthConfig; + /** + * @var int + */ + private int $tokenLength; + /** * @var array */ @@ -156,6 +156,8 @@ public function __construct( $this->expire = (int) $this->eccubeConfig->get('plugin_eccube_2fa_customer_expire'); $this->route_expire = (int) $this->eccubeConfig->get('plugin_eccube_2fa_route_customer_expire'); + + $this->tokenLength = (int) $this->eccubeConfig->get('plugin_eccube_2fa_one_time_token_length'); $this->tokenActiveDurationSeconds = (int) $this->eccubeConfig->get('plugin_eccube_2fa_one_time_token_expire_after_seconds'); $this->twoFactorAuthConfig = $twoFactorAuthConfigRepository->findOne(); @@ -405,7 +407,7 @@ public function clear2AuthCookies(Request $request, Response $response) public function generateOneTimeTokenValue(?int $tokenLengthOverride = null): string { $token = ''; - for ($i = 0; $i < ($tokenLengthOverride ?? self::TOKEN_LENGTH); $i++) { + for ($i = 0; $i < ($tokenLengthOverride ?? $this->tokenLength); $i++) { $token .= random_int(0, 9); } From 244604cf1484fb3b480dbf9cf5266f1dc5aa0621 Mon Sep 17 00:00:00 2001 From: Piers Gillingham Date: Fri, 24 Mar 2023 19:04:45 +0900 Subject: [PATCH 6/8] =?UTF-8?q?=E3=82=B2=E3=83=83=E3=82=BF=E3=83=BC?= =?UTF-8?q?=E3=83=BB=E3=82=BB=E3=83=83=E3=82=BF=E3=83=BC=E9=96=A2=E6=95=B0?= =?UTF-8?q?=E5=90=8D=E3=81=AE=E3=83=AA=E3=83=95=E3=82=A1=E3=82=AF=E3=82=BF?= =?UTF-8?q?=E3=83=AA=E3=83=B3=E3=82=B0=20https://github.com/EC-CUBE/TwoFac?= =?UTF-8?q?torAuthCustomer42/pull/3#discussion=5Fr1147172574?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- Entity/TwoFactorAuthConfig.php | 8 ++++---- Service/CustomerTwoFactorAuthService.php | 2 +- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/Entity/TwoFactorAuthConfig.php b/Entity/TwoFactorAuthConfig.php index 63c8f8c..3e65013 100644 --- a/Entity/TwoFactorAuthConfig.php +++ b/Entity/TwoFactorAuthConfig.php @@ -136,7 +136,7 @@ public function setApiSecret($apiSecret) * * @return string */ - public function getFromPhonenumber() + public function getFromPhoneNumber() { return $this->from_phone_number; } @@ -144,13 +144,13 @@ public function getFromPhonenumber() /** * Set from phone number. * - * @param string $fromTel + * @param string $fromPhoneNumber * * @return TwoFactorAuthConfig */ - public function setFromPhonenumber($fromTel) + public function setFromPhoneNumber(string $fromPhoneNumber) { - $this->from_phone_number = $fromTel; + $this->from_phone_number = $fromPhoneNumber; return $this; } diff --git a/Service/CustomerTwoFactorAuthService.php b/Service/CustomerTwoFactorAuthService.php index 8e95bd2..9b65cbd 100644 --- a/Service/CustomerTwoFactorAuthService.php +++ b/Service/CustomerTwoFactorAuthService.php @@ -374,7 +374,7 @@ public function sendBySms($phoneNumber, $body) ->messages ->create('+81'.$phoneNumber, [ - 'from' => $this->twoFactorAuthConfig->getFromPhonenumber(), + 'from' => $this->twoFactorAuthConfig->getFromPhoneNumber(), 'body' => $body, ] ); From 8c6623334be175bfab777d5689be602900e32fb8 Mon Sep 17 00:00:00 2001 From: Piers Gillingham Date: Fri, 24 Mar 2023 20:34:34 +0900 Subject: [PATCH 7/8] =?UTF-8?q?=E3=82=B9=E3=83=AD=E3=83=83=E3=83=88?= =?UTF-8?q?=E3=83=AA=E3=83=B3=E3=82=B0=E3=83=91=E3=83=A9=E3=83=A1=E3=83=BC?= =?UTF-8?q?=E3=82=BF=E3=81=AF=E3=83=AB=E3=83=BC=E3=83=86=E3=82=A3=E3=83=B3?= =?UTF-8?q?=E3=82=B0=E5=90=8D=E3=81=A8=E5=90=88=E3=82=8F=E3=81=9B=E3=81=BE?= =?UTF-8?q?=E3=81=97=E3=81=9F=E3=80=82=20https://github.com/EC-CUBE/TwoFac?= =?UTF-8?q?torAuthCustomer42/pull/3#issuecomment-1482332934?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- Resource/config/services.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Resource/config/services.yaml b/Resource/config/services.yaml index d902e5f..ec18e61 100644 --- a/Resource/config/services.yaml +++ b/Resource/config/services.yaml @@ -1,6 +1,6 @@ eccube: rate_limiter: - device_auth_request: + plg_customer_2fa_device_auth_send_onetime: # 実行するルーティングを指定します。 route: plg_customer_2fa_device_auth_send_onetime # 実行するmethodを指定します。デフォルトはPOSTです。 From 075d7db68cfe11a964f7c48147e97c9a2fc2a1b6 Mon Sep 17 00:00:00 2001 From: Piers Gillingham Date: Wed, 29 Mar 2023 10:57:46 +0900 Subject: [PATCH 8/8] =?UTF-8?q?SMS=E3=83=88=E3=83=BC=E3=82=AF=E3=83=B3?= =?UTF-8?q?=E3=81=AE=E9=95=B7=E3=81=95=E3=81=AE=E3=82=AA=E3=83=BC=E3=83=90?= =?UTF-8?q?=E3=83=BC=E3=83=A9=E3=82=A4=E3=83=89=E3=83=91=E3=83=A9=E3=83=A1?= =?UTF-8?q?=E3=83=BC=E3=82=BF=E3=81=A8SMS=E6=9C=89=E5=8A=B9=E6=9C=9F?= =?UTF-8?q?=E9=99=90=E3=81=AE=E3=82=AA=E3=83=BC=E3=83=90=E3=83=BC=E3=83=A9?= =?UTF-8?q?=E3=82=A4=E3=83=89=E3=83=91=E3=83=A9=E3=83=A1=E3=83=BC=E3=82=BF?= =?UTF-8?q?=E3=82=92=E6=B6=88=E3=81=99=20https://github.com/EC-CUBE/TwoFac?= =?UTF-8?q?torAuthCustomer42/pull/42?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- Service/CustomerTwoFactorAuthService.php | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/Service/CustomerTwoFactorAuthService.php b/Service/CustomerTwoFactorAuthService.php index 9b65cbd..0abee73 100644 --- a/Service/CustomerTwoFactorAuthService.php +++ b/Service/CustomerTwoFactorAuthService.php @@ -404,10 +404,10 @@ public function clear2AuthCookies(Request $request, Response $response) /** * @throws \Exception - random_int()でphpのランダム機能が見つからないば場合 */ - public function generateOneTimeTokenValue(?int $tokenLengthOverride = null): string + public function generateOneTimeTokenValue(): string { $token = ''; - for ($i = 0; $i < ($tokenLengthOverride ?? $this->tokenLength); $i++) { + for ($i = 0; $i < $this->tokenLength; $i++) { $token .= random_int(0, 9); } @@ -417,9 +417,9 @@ public function generateOneTimeTokenValue(?int $tokenLengthOverride = null): str /** * @throws \Exception */ - public function generateExpiryDate(?int $tokenActiveDurationSecondsOverride = null): \DateTime + public function generateExpiryDate(): \DateTime { - return (new \DateTime())->add(new \DateInterval('PT'.($tokenActiveDurationSecondsOverride ?? $this->tokenActiveDurationSeconds).'S')); + return (new \DateTime())->add(new \DateInterval('PT'.$this->tokenActiveDurationSeconds.'S')); } public function hashOneTimeToken(string $token): string