blob: 0dcb6cddab748f4d9a248ba66c56056c22e4b7a1 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
|
<?php
declare(strict_types = 1);
/**
* @author Christoph Wurst <christoph@winzerhof-wurst.at>
*
* Two-factor TOTP
*
* This code is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License, version 3,
* as published by the Free Software Foundation.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License, version 3,
* along with this program. If not, see <http://www.gnu.org/licenses/>
*
*/
namespace OCA\TwoFactorTOTP\Service;
use OCA\TwoFactorTOTP\Exception\NoTotpSecretFoundException;
use OCA\TwoFactorTOTP\Exception\TotpSecretAlreadySet;
use OCP\AppFramework\Db\DoesNotExistException;
use OCP\IUser;
interface ITotp {
public const STATE_DISABLED = 0;
public const STATE_CREATED = 1;
public const STATE_ENABLED = 2;
/**
* @param IUser $user
*/
public function hasSecret(IUser $user);
/**
* Create a new secret
*
* Note: the newly generated secret is disabled by default, because
* the user should once confirm that the OTP app was set up successfully.
*
* @param IUser $user
* @return string the newly created secret
* @throws TotpSecretAlreadySet
*/
public function createSecret(IUser $user): string;
/**
* Enable OTP for the given user. The secret has to be generated
* beforehand, using ITotp::createSecret
*
* @param IUser $user
* @param string $key for verification
* @return bool whether the key is valid and the secret has been enabled
* @throws DoesNotExistException
* @throws NoTotpSecretFoundException
*/
public function enable(IUser $user, $key): bool;
/**
* @param IUser $user
*/
public function deleteSecret(IUser $user, bool $byAdmin = false);
/**
* @param IUser $user
* @param string $key
*/
public function validateSecret(IUser $user, $key): bool;
}
|
