レビュー用PR_2023_03_24に関しての修正

Controller/CustomerPersonalValidationController.php

@@ -104,7 +104,7 @@ public function deviceAuthInputOneTime(Request $request, $secret_key)
                     // 送信電話番号をセッションより取得
                     $phoneNumber = $this->session->get(CustomerTwoFactorAuthService::SESSION_AUTHED_PHONE_NUMBER);
                     // 認証済みの電話番号でないかチェック
-                    if ($this->customerRepository->findOneBy(['device_authed_phone_number' => $phoneNumber]) === null) {
+                    if ($this->customerRepository->count(['device_authed_phone_number' => $phoneNumber]) === 0) {
                         // 未認証であれば登録
                         $Customer->setDeviceAuthed(true);
                         $Customer->setDeviceAuthedPhoneNumber($phoneNumber);
@@ -175,7 +175,7 @@ public function deviceAuthSendOneTime(Request $request, $secret_key)
             if ($form->isSubmitted() && $form->isValid()) {
                 // 認証済みの電話番号でないかチェック
                 $phoneNumber = $form->get('phone_number')->getData();
-                if ($this->customerRepository->findOneBy(['device_authed_phone_number' => $phoneNumber]) === null) {
+                if ($this->customerRepository->count(['device_authed_phone_number' => $phoneNumber]) === 0) {
                     // 未認証の場合、入力電話番号へワンタイムコードを送信
                     $this->sendDeviceToken($Customer, $phoneNumber);
                     // 送信電話番号をセッションへ一時格納

Entity/TwoFactorAuthConfig.php

@@ -136,21 +136,21 @@ public function setApiSecret($apiSecret)
      *
      * @return string
      */
-    public function getFromPhonenumber()
+    public function getFromPhoneNumber()
     {
         return $this->from_phone_number;
     }
 
     /**
      * Set from phone number.
      *
-     * @param string $fromTel
+     * @param string $fromPhoneNumber
      *
      * @return TwoFactorAuthConfig
      */
-    public function setFromPhonenumber($fromTel)
+    public function setFromPhoneNumber(string $fromPhoneNumber)
     {
-        $this->from_phone_number = $fromTel;
+        $this->from_phone_number = $fromPhoneNumber;
 
         return $this;
     }

Event.php

@@ -34,7 +34,7 @@ class Event implements EventSubscriberInterface
      */
     public function __construct(TwoFactorAuthTypeRepository $twoFactorAuthTypeRepository)
     {
-        $this->hasActiveAuthType = $twoFactorAuthTypeRepository->findOneBy(['isDisabled' => false]) !== null;
+        $this->hasActiveAuthType = $twoFactorAuthTypeRepository->count(['isDisabled' => false]) > 0;
     }
 
     public static function getSubscribedEvents(): array

EventListener/CustomerTwoFactorAuthListener.php

@@ -207,7 +207,7 @@ public function logoutEvent(LogoutEvent $logoutEvent)
     {
         $this->customerTwoFactorAuthService->clear2AuthCookies($logoutEvent->getRequest(), $logoutEvent->getResponse());
         $Customer = $this->requestContext->getCurrentUser();
-        if ($Customer) {
+        if ($Customer !== null) {
             $this->twoFactorAuthCustomerCookieRepository->deleteByCustomer($Customer);
         }
     }

Form/Type/Extension/Admin/TwoFactorAuthBaseSettingTypeExtension.php

@@ -63,7 +63,7 @@ public function buildForm(FormBuilderInterface $builder, array $options)
         $builder->addEventListener(FormEvents::POST_SET_DATA, function (FormEvent $event) {
             $form = $event->getForm();
 
-            if ($this->entityManager->getRepository(TwoFactorAuthType::class)->findOneBy(['isDisabled' => false]) !== null) {
+            if ($this->entityManager->getRepository(TwoFactorAuthType::class)->count(['isDisabled' => false]) > 0) {
                 $form->add('two_factor_auth_use', ToggleSwitchType::class, [
                     'required' => false,
                     'mapped' => true,

PluginManager.php

@@ -95,8 +95,8 @@ protected function copyTwigFiles(ContainerInterface $container)
     protected function createPages(EntityManagerInterface $em)
     {
         foreach ($this->pages as $p) {
-            $Page = $em->getRepository(Page::class)->findOneBy(['url' => $p[0]]);
-            if (!$Page) {
+            $hasPage = $em->getRepository(Page::class)->count(['url' => $p[0]]) > 0;
+            if (!$hasPage) {
                 /** @var Page $Page */
                 $Page = $em->getRepository(Page::class)->newPage();
                 $Page->setEditType(Page::EDIT_TYPE_DEFAULT);

Repository/TwoFactorAuthCustomerCookieRepository.php

@@ -55,6 +55,7 @@ public function generateCookieData(
         int $CookieValueCharacterLength
     ): TwoFactorAuthCustomerCookie {
         /** @var TwoFactorAuthCustomerCookie[]|null $previousCookies */
+
         $previousCookies = $this->findOldCookies($customer, $cookieName);
         foreach ($previousCookies as $cookie) {
             $this->getEntityManager()->remove($cookie);
@@ -138,7 +139,13 @@ public function deleteByCustomer(Customer $customer)
         $em = $this->getEntityManager();
         $em->beginTransaction();
 
-        $em->createQuery("DELETE Plugin\TwoFactorAuthCustomer42\Entity\TwoFactorAuthCustomerCookie tfcc WHERE tfcc.Customer = :customer")->execute(['customer' => $customer]);
+        $this->createQueryBuilder('tfcc')
+            ->delete()
+            ->where('tfcc.Customer = :customer')
+            ->setParameter('customer', $customer)
+            ->getQuery()
+            ->execute();
+
         $em->flush();
 
         $em->commit();

Resource/config/services.yaml

@@ -1,6 +1,6 @@
 eccube:
   rate_limiter:
-    device_auth_request:
+    plg_customer_2fa_device_auth_send_onetime:
       # 実行するルーティングを指定します。
       route: plg_customer_2fa_device_auth_send_onetime
       # 実行するmethodを指定します。デフォルトはPOSTです。
@@ -20,11 +20,13 @@ parameters:
   env(PLUGIN_ECCUBE_2FA_ROUTE_CUSTOMER_COOKIE_NAME): 'plugin_eccube_route_customer_2fa'
   env(PLUGIN_ECCUBE_2FA_ROUTE_CUSTOMER_EXPIRE): '3600'
   env(PLUGIN_ECCUBE_2FA_ROUTE_COOKIE_VALUE_CHARACTER_LENGTH): '64'
+  env(PLUGIN_ECCUBE_2FA_ONE_TIME_TOKEN_LENGTH): '6'
   env(PLUGIN_ECCUBE_2FA_ONE_TIME_TOKEN_EXPIRE_AFTER_SECONDS): '300'
 
   plugin_eccube_2fa_customer_cookie_name: '%env(PLUGIN_ECCUBE_2FA_CUSTOMER_COOKIE_NAME)%'
   plugin_eccube_2fa_route_customer_cookie_name: '%env(PLUGIN_ECCUBE_2FA_ROUTE_CUSTOMER_COOKIE_NAME)%'
   plugin_eccube_2fa_customer_expire: '%env(PLUGIN_ECCUBE_2FA_CUSTOMER_EXPIRE)%'
   plugin_eccube_2fa_route_customer_expire: '%env(PLUGIN_ECCUBE_2FA_ROUTE_CUSTOMER_EXPIRE)%'
   plugin_eccube_2fa_route_cookie_value_character_length: '%env(PLUGIN_ECCUBE_2FA_ROUTE_COOKIE_VALUE_CHARACTER_LENGTH)%'
+  plugin_eccube_2fa_one_time_token_length: '%env(PLUGIN_ECCUBE_2FA_ONE_TIME_TOKEN_LENGTH)%'
   plugin_eccube_2fa_one_time_token_expire_after_seconds: '%env(PLUGIN_ECCUBE_2FA_ONE_TIME_TOKEN_EXPIRE_AFTER_SECONDS)%'

Service/CustomerTwoFactorAuthService.php

@@ -44,11 +44,6 @@ class CustomerTwoFactorAuthService
      */
     public const SESSION_CALL_BACK_URL = 'plugin_eccube_customer_2fa_call_back_url';
 
-    /**
-     * ワンタイムトークンの桁数
-     */
-    public const TOKEN_LENGTH = 6;
-
     /**
      * @var ContainerInterface
      */
@@ -99,6 +94,11 @@ class CustomerTwoFactorAuthService
      */
     private $twoFactorAuthConfig;
 
+    /**
+     * @var int
+     */
+    private int $tokenLength;
+
     /**
      * @var array
      */
@@ -156,6 +156,8 @@ public function __construct(
 
         $this->expire = (int) $this->eccubeConfig->get('plugin_eccube_2fa_customer_expire');
         $this->route_expire = (int) $this->eccubeConfig->get('plugin_eccube_2fa_route_customer_expire');
+
+        $this->tokenLength = (int) $this->eccubeConfig->get('plugin_eccube_2fa_one_time_token_length');
         $this->tokenActiveDurationSeconds = (int) $this->eccubeConfig->get('plugin_eccube_2fa_one_time_token_expire_after_seconds');
 
         $this->twoFactorAuthConfig = $twoFactorAuthConfigRepository->findOne();
@@ -372,7 +374,7 @@ public function sendBySms($phoneNumber, $body)
             ->messages
             ->create('+81'.$phoneNumber,
                 [
-                    'from' => $this->twoFactorAuthConfig->getFromPhonenumber(),
+                    'from' => $this->twoFactorAuthConfig->getFromPhoneNumber(),
                     'body' => $body,
                 ]
             );
@@ -402,10 +404,10 @@ public function clear2AuthCookies(Request $request, Response $response)
     /**
      * @throws \Exception - random_int()でphpのランダム機能が見つからないば場合
      */
-    public function generateOneTimeTokenValue(?int $tokenLengthOverride = null): string
+    public function generateOneTimeTokenValue(): string
     {
         $token = '';
-        for ($i = 0; $i < ($tokenLengthOverride ?? self::TOKEN_LENGTH); $i++) {
+        for ($i = 0; $i < $this->tokenLength; $i++) {
             $token .= random_int(0, 9);
         }
 
@@ -415,9 +417,9 @@ public function generateOneTimeTokenValue(?int $tokenLengthOverride = null): str
     /**
      * @throws \Exception
      */
-    public function generateExpiryDate(?int $tokenActiveDurationSecondsOverride = null): \DateTime
+    public function generateExpiryDate(): \DateTime
     {
-        return (new \DateTime())->add(new \DateInterval('PT'.($tokenActiveDurationSecondsOverride ?? $this->tokenActiveDurationSeconds).'S'));
+        return (new \DateTime())->add(new \DateInterval('PT'.$this->tokenActiveDurationSeconds.'S'));
     }
 
     public function hashOneTimeToken(string $token): string