1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
<?php
/**
* MageSpecialist
*
* NOTICE OF LICENSE
*
* This source file is subject to the Open Software License (OSL 3.0)
* that is bundled with this package in the file LICENSE.txt.
* It is also available through the world-wide-web at this URL:
* http://opensource.org/licenses/osl-3.0.php
* If you did not receive a copy of the license and are unable to
* obtain it through the world-wide-web, please send an email
* to info@magespecialist.it so we can send you a copy immediately.
*
* @category MSP
* @package MSP_TwoFactorAuth
* @copyright Copyright (c) 2017 Skeeller srl (http://www.magespecialist.it)
* @license http://opensource.org/licenses/osl-3.0.php Open Software License (OSL 3.0)
*/
namespace MSP\TwoFactorAuth\Observer;
use Magento\Backend\Model\Auth\Session;
use Magento\Backend\Model\UrlInterface;
use Magento\Framework\App\ActionFlag;
use Magento\Framework\App\Action\Action;
use Magento\Framework\Event\Observer;
use Magento\Framework\Event\ObserverInterface;
use MSP\TwoFactorAuth\Api\TfaInterface;
use MSP\TwoFactorAuth\Api\TfaSessionInterface;
use MSP\TwoFactorAuth\Api\TrustedManagerInterface;
class ControllerActionPredispatch implements ObserverInterface
{
/**
* @var TfaInterface
*/
private $tfa;
/**
* @var ActionFlag
*/
private $actionFlag;
/**
* @var UrlInterface
*/
private $url;
/**
* @var TfaSessionInterface
*/
private $tfaSession;
/**
* @var Session
*/
private $session;
/**
* @var TrustedManagerInterface
*/
private $trustedManager;
public function __construct(
TfaInterface $tfa,
ActionFlag $actionFlag,
UrlInterface $url,
Session $session,
TfaSessionInterface $tfaSession,
TrustedManagerInterface $trustedManager
) {
$this->tfa = $tfa;
$this->actionFlag = $actionFlag;
$this->url = $url;
$this->tfaSession = $tfaSession;
$this->session = $session;
$this->trustedManager = $trustedManager;
}
/**
* Get current user
* @return \Magento\User\Model\User|null
*/
private function getUser()
{
return $this->session->getUser();
}
/**
* @param Observer $observer
* @return void
*/
public function execute(Observer $observer)
{
if (!$this->tfa->isEnabled()) {
return;
}
/** @var $controllerAction \Magento\Backend\App\AbstractAction */
$controllerAction = $observer->getEvent()->getControllerAction();
$fullActionName = $controllerAction->getRequest()->getFullActionName();
if (in_array($fullActionName, $this->tfa->getAllowedUrls())) {
return;
}
$user = $this->getUser();
if ($user && !empty($this->tfa->getUserProviders($user->getId()))) {
$accessGranted = ($this->tfaSession->isGranted() || $this->trustedManager->isTrustedDevice()) &&
empty($this->tfa->getProvidersToActivate($user->getId()));
if (!$accessGranted) {
$this->actionFlag->set('', Action::FLAG_NO_DISPATCH, true);
$url = $this->url->getUrl('msp_twofactorauth/tfa/index');
$controllerAction->getResponse()->setRedirect($url);
}
}
}
}