競合の修正

Controller/Admin/ConfigController.php

@@ -14,7 +14,6 @@
 namespace Plugin\TwoFactorAuthCustomer42\Controller\Admin;
 
 use Eccube\Controller\AbstractController;
-use Eccube\Repository\BaseInfoRepository;
 use Plugin\TwoFactorAuthCustomer42\Form\Type\TwoFactorAuthConfigType;
 use Plugin\TwoFactorAuthCustomer42\Repository\TwoFactorAuthConfigRepository;
 use Sensio\Bundle\FrameworkExtraBundle\Configuration\Template;

Controller/CustomerPersonalValidationController.php

@@ -66,7 +66,7 @@ public function __construct(
     /**
      * (デバイス認証時)デバイス認証ワンタイムトークン入力画面.
      *
-     * @Route("/two_factor_auth/device_auth/input_onetime/{secret_key}", name="plg_customer_2fa_device_auth_input_onetime", methods={"GET", "POST"})
+     * @Route("/two_factor_auth/device_auth/input_onetime/{secret_key}", name="plg_customer_2fa_device_auth_input_onetime", requirements={"secret_key" = "^[a-zA-Z0-9]+$"}, methods={"GET", "POST"})
      * @Template("TwoFactorAuthCustomer42/Resource/template/default/device_auth/input.twig")
      *
      * @param Request $request
@@ -84,6 +84,9 @@ public function deviceAuthInputOneTime(Request $request, $secret_key)
         $error = null;
         /** @var Customer $Customer */
         $Customer = $this->customerRepository->getProvisionalCustomerBySecretKey($secret_key);
+        if ($Customer === null) {
+            throw $this->createNotFoundException();
+        }
         $builder = $this->formFactory->createBuilder(TwoFactorAuthSmsTypeCustomer::class);
         // 入力フォーム生成
         $form = $builder->getForm();
@@ -98,22 +101,24 @@ public function deviceAuthInputOneTime(Request $request, $secret_key)
                     // ワンタイムトークン一致
                     // 送信電話番号をセッションより取得
                     $phoneNumber = $this->session->get(CustomerTwoFactorAuthService::SESSION_AUTHED_PHONE_NUMBER);
-                    // 他のデバイスで既に認証済みの電話番号かチェック
-                    if ($this->customerRepository->findOneBy(['device_authed_phone_number' => $phoneNumber]) == null) {
+                    // 認証済みの電話番号でないかチェック
+                    if ($this->customerRepository->findOneBy(['device_authed_phone_number' => $phoneNumber]) === null) {
+                        // 未認証であれば登録
                         $Customer->setDeviceAuthed(true);
                         $Customer->setDeviceAuthedPhoneNumber($phoneNumber);
                         $Customer->setDeviceAuthOneTimeToken(null);
                         $Customer->setDeviceAuthOneTimeTokenExpire(null);
                         $this->entityManager->persist($Customer);
                         $this->entityManager->flush();
                         $this->session->remove(CustomerTwoFactorAuthService::SESSION_AUTHED_PHONE_NUMBER);
-    
+
                         // アクティベーション実行
                         return $this->redirectToRoute(
                             'entry_activate',
                             ['secret_key' => $secret_key]
                         );
                     } else {
+                        // 認証済の場合はスキップ
                         log_warning('[デバイス認証(SMS)] 既に認証済みの電話番号指定');
                         $error = trans('front.2fa.onetime.invalid_message__reinput');
                     }
@@ -134,7 +139,7 @@ public function deviceAuthInputOneTime(Request $request, $secret_key)
     /**
      * (デバイス認証時)デバイス認証 送信先入力画面.
      *
-     * @Route("/two_factor_auth/device_auth/send_onetime/{secret_key}", name="plg_customer_2fa_device_auth_send_onetime", methods={"GET", "POST"})
+     * @Route("/two_factor_auth/device_auth/send_onetime/{secret_key}", name="plg_customer_2fa_device_auth_send_onetime", requirements={"secret_key" = "^[a-zA-Z0-9]+$"}, methods={"GET", "POST"})
      * @Template("TwoFactorAuthCustomer42/Resource/template/default/device_auth/send.twig")
      *
      * @param Request $request
@@ -152,24 +157,27 @@ public function deviceAuthSendOneTime(Request $request, $secret_key)
         $error = null;
         /** @var Customer $Customer */
         $Customer = $this->customerRepository->getProvisionalCustomerBySecretKey($secret_key);
+        if ($Customer === null) {
+            throw $this->createNotFoundException();
+        }
         $builder = $this->formFactory->createBuilder(TwoFactorAuthPhoneNumberTypeCustomer::class);
         // 入力フォーム生成
         $form = $builder->getForm();
         if ('POST' === $request->getMethod()) {
             $form->handleRequest($request);
             if ($form->isSubmitted() && $form->isValid()) {
-                // 他のデバイスで既に認証済みの電話番号かチェック
+                // 認証済みの電話番号でないかチェック
                 $phoneNumber = $form->get('phone_number')->getData();
-                if ($this->customerRepository->findOneBy(['device_authed_phone_number' => $phoneNumber]) == null) {
-                    // 認証されていない電話番号の場合
-                    // 入力電話番号へワンタイムコードを送信
+                if ($this->customerRepository->findOneBy(['device_authed_phone_number' => $phoneNumber]) === null) {
+                    // 未認証の場合、入力電話番号へワンタイムコードを送信
                     $this->sendDeviceToken($Customer, $phoneNumber);
                     // 送信電話番号をセッションへ一時格納
                     $this->session->set(
                         CustomerTwoFactorAuthService::SESSION_AUTHED_PHONE_NUMBER,
                         $phoneNumber
                     );
                 } else {
+                    // 認証済の場合はスキップ
                     log_warning('[デバイス認証(SMS)] 既に認証済みの電話番号指定');
                 }
 
@@ -243,20 +251,4 @@ private function checkDeviceToken($Customer, $token): bool
 
         return true;
     }
-
-    /**
-     * デバイス認証済みか否か.
-     *
-     * @return boolean
-     */
-    protected function isDeviceAuthed(): bool
-    {
-        /** @var Customer $Customer */
-        $Customer = $this->getUser();
-        if ($Customer != null && $Customer->isDeviceAuthed()) {
-            return true;
-        }
-
-        return false;
-    }
 }

Entity/BaseInfoTrait.php

@@ -1,5 +1,16 @@
 <?php
 
+/*
+ * This file is part of EC-CUBE
+ *
+ * Copyright(c) EC-CUBE CO.,LTD. All Rights Reserved.
+ *
+ * http://www.ec-cube.co.jp/
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
 namespace Plugin\TwoFactorAuthCustomer42\Entity;
 
 use Doctrine\ORM\Mapping as ORM;
@@ -12,10 +23,13 @@ trait BaseInfoTrait
 {
     /**
      * 2段階認証機能の利用
+     *
      * @var bool
+     *
      * @ORM\Column(name="two_factor_auth_use", type="boolean", nullable=false, options={"default":false})
      */
     private bool $two_factor_auth_use;
+
     /**
      * @return bool
      */
@@ -34,10 +48,13 @@ public function setTwoFactorAuthUse(bool $two_factor_auth_use): void
 
     /**
      * SMS通知の設定
+     *
      * @var bool
+     *
      * @ORM\Column(name="option_activate_device", type="boolean", nullable=false, options={"default":false})
      */
     private bool $option_activate_device;
+
     /**
      * @return bool
      */
@@ -53,5 +70,4 @@ public function setOptionActivateDevice(bool $option_activate_device): void
     {
         $this->option_activate_device = $option_activate_device;
     }
-
 }

Entity/TwoFactorAuthConfig.php

@@ -168,6 +168,7 @@ public function setIncludeRoutes($include_routes = null)
 
         return $this;
     }
+
     /**
      * Get include_routes.
      *

Entity/TwoFactorAuthType.php

@@ -15,7 +15,6 @@
 
 use Doctrine\ORM\Mapping as ORM;
 use Eccube\Entity\AbstractEntity;
-use Doctrine\Common\Collections\ArrayCollection;
 use Symfony\Bridge\Doctrine\Validator\Constraints\UniqueEntity;
 
 /**
@@ -140,5 +139,4 @@ public function setIsDisabled(bool $isDisabled): void
     {
         $this->isDisabled = $isDisabled;
     }
-
 }

EventListener/CustomerTwoFactorAuthListener.php

@@ -233,6 +233,7 @@ public function onLoginSuccess(LoginSuccessEvent $event)
      * ログアウトする前に全ての2FA認証クッキーを消す
      *
      * @param LogoutEvent $logoutEvent ログアウトイベント
+     *
      * @return void
      */
     public function logoutEvent(LogoutEvent $logoutEvent)

Form/Type/Extension/Admin/TwoFactorAuthBaseSettingTypeExtension.php

@@ -55,11 +55,11 @@ public function buildForm(FormBuilderInterface $builder, array $options)
             $form = $event->getForm();
             $form->add('two_factor_auth_use', ToggleSwitchType::class, [
                 'required' => false,
-                'mapped' => true
+                'mapped' => true,
             ])
             ->add('option_activate_device', ToggleSwitchType::class, [
                 'required' => false,
-                'mapped' => true
+                'mapped' => true,
             ])
             ;
         });

Form/Type/Extension/Admin/TwoFactorAuthCustomerTypeExtension.php

@@ -1,5 +1,16 @@
 <?php
 
+/*
+ * This file is part of EC-CUBE
+ *
+ * Copyright(c) EC-CUBE CO.,LTD. All Rights Reserved.
+ *
+ * http://www.ec-cube.co.jp/
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
 namespace Plugin\TwoFactorAuthCustomer42\Form\Type\Extension\Admin;
 
 use Doctrine\ORM\EntityManagerInterface;

Form/Type/TwoFactorAuthConfigType.php

@@ -1,5 +1,16 @@
 <?php
 
+/*
+ * This file is part of EC-CUBE
+ *
+ * Copyright(c) EC-CUBE CO.,LTD. All Rights Reserved.
+ *
+ * http://www.ec-cube.co.jp/
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
 namespace Plugin\TwoFactorAuthCustomer42\Form\Type;
 
 use Eccube\Common\EccubeConfig;
@@ -30,7 +41,6 @@ public function __construct(EccubeConfig $eccubeConfig)
 
     public function buildForm(FormBuilderInterface $builder, array $options)
     {
-
         $builder
             ->add('api_key', TextType::class, [
                 'required' => true,
@@ -40,7 +50,7 @@ public function buildForm(FormBuilderInterface $builder, array $options)
                     new Assert\Regex(
                         [
                             'pattern' => '/^[a-zA-Z0-9]+$/i',
-                            'message' => 'form_error.graph_only'
+                            'message' => 'form_error.graph_only',
                         ]
                     ),
                 ],
@@ -53,7 +63,7 @@ public function buildForm(FormBuilderInterface $builder, array $options)
                     new Assert\Regex(
                         [
                             'pattern' => '/^[a-zA-Z0-9]+$/i',
-                            'message' => 'form_error.graph_only'
+                            'message' => 'form_error.graph_only',
                         ]
                     ),
                 ],
@@ -66,7 +76,7 @@ public function buildForm(FormBuilderInterface $builder, array $options)
                     new Assert\Regex(
                         [
                             'pattern' => '/^[0-9]+$/i',
-                            'message' => 'form_error.numeric_only'
+                            'message' => 'form_error.numeric_only',
                         ]
                     ),
                 ],
@@ -83,6 +93,7 @@ public function buildForm(FormBuilderInterface $builder, array $options)
 
     /**
      * {@inheritDoc}
+     *
      * @see \Symfony\Component\Form\AbstractType::configureOptions()
      */
     public function configureOptions(OptionsResolver $resolver)
@@ -91,5 +102,4 @@ public function configureOptions(OptionsResolver $resolver)
             'data_class' => TwoFactorAuthConfig::class,
         ]);
     }
-
 }

Form/Type/TwoFactorAuthSmsTypeCustomer.php

@@ -42,7 +42,7 @@ public function buildForm(FormBuilderInterface $builder, array $options)
                     'style' => 'width: 100px;',
                 ],
             ])
-            ;
+        ;
     }
 
     /**

PluginManager.php

@@ -18,9 +18,9 @@
 use Eccube\Entity\Page;
 use Eccube\Entity\PageLayout;
 use Eccube\Plugin\AbstractPluginManager;
+use Plugin\TwoFactorAuthCustomer42\Entity\TwoFactorAuthConfig;
 use Symfony\Component\DependencyInjection\ContainerInterface;
 use Symfony\Component\Filesystem\Filesystem;
-use Plugin\TwoFactorAuthCustomer42\Entity\TwoFactorAuthConfig;
 
 /**
  * Class PluginManager.
@@ -183,5 +183,4 @@ protected function createConfig(EntityManagerInterface $em)
         $em->persist($TwoFactorAuthConfig);
         $em->flush();
     }
-
 }

Repository/TwoFactorAuthConfigRepository.php

@@ -13,8 +13,8 @@
 
 namespace Plugin\TwoFactorAuthCustomer42\Repository;
 
-use Eccube\Repository\AbstractRepository;
 use Doctrine\Persistence\ManagerRegistry;
+use Eccube\Repository\AbstractRepository;
 use Plugin\TwoFactorAuthCustomer42\Entity\TwoFactorAuthConfig;
 
 /**

Repository/TwoFactorAuthCustomerCookieRepository.php

@@ -119,6 +119,7 @@ public function searchForCookie(Customer $customer, string $cookieName)
      *
      * @param Customer $customer
      * @param string $cookieName
+     *
      * @return float|int|mixed|string
      */
     public function findOldCookies(Customer $customer, string $cookieName)

Repository/TwoFactorAuthTypeRepository.php

@@ -13,8 +13,8 @@
 
 namespace Plugin\TwoFactorAuthCustomer42\Repository;
 
-use Eccube\Repository\AbstractRepository;
 use Doctrine\Persistence\ManagerRegistry;
+use Eccube\Repository\AbstractRepository;
 use Plugin\TwoFactorAuthCustomer42\Entity\TwoFactorAuthType;
 
 /**
@@ -36,12 +36,10 @@ public function __construct(ManagerRegistry $registry)
     }
 
     /**
-     *
      * @return $result
      */
     public function findOne()
     {
         return $this->findOneBy([], ['id' => 'DESC']);
     }
-
 }