app/Plugin/TwoFactorAuthCustomer42/EventListener/CustomerPersonalValidationListener.php line 97

Open in your IDE?
  1. <?php
  3. /*
  4.  * This file is part of EC-CUBE
  5.  *
  6.  * Copyright(c) EC-CUBE CO.,LTD. All Rights Reserved.
  7.  *
  8.  * http://www.ec-cube.co.jp/
  9.  *
  10.  * For the full copyright and license information, please view the LICENSE
  11.  * file that was distributed with this source code.
  12.  */
  14. namespace Plugin\TwoFactorAuthCustomer42\EventListener;
  16. use Eccube\Entity\BaseInfo;
  17. use Eccube\Repository\BaseInfoRepository;
  18. use Eccube\Repository\CustomerRepository;
  19. use Eccube\Request\Context;
  20. use Plugin\TwoFactorAuthCustomer42\Repository\TwoFactorAuthTypeRepository;
  21. use Plugin\TwoFactorAuthCustomer42\Service\CustomerTwoFactorAuthService;
  22. use Symfony\Component\EventDispatcher\EventSubscriberInterface;
  23. use Symfony\Component\HttpFoundation\RedirectResponse;
  24. use Symfony\Component\HttpFoundation\Session\Session;
  25. use Symfony\Component\HttpKernel\Event\ControllerArgumentsEvent;
  26. use Symfony\Component\HttpKernel\Exception\NotFoundHttpException;
  27. use Symfony\Component\HttpKernel\KernelEvents;
  28. use Symfony\Component\Routing\Generator\UrlGeneratorInterface;
  30. class CustomerPersonalValidationListener implements EventSubscriberInterface
  31. {
  32.     /**
  33.      * アクティベーション
  34.      */
  35.     public const ACTIVATE_ROUTE 'entry_activate';
  36.     /**
  37.      * @var Context
  38.      */
  39.     protected $requestContext;
  40.     /**
  41.      * @var UrlGeneratorInterface
  42.      */
  43.     protected $router;
  44.     /**
  45.      * @var CustomerTwoFactorAuthService
  46.      */
  47.     protected $customerTwoFactorAuthService;
  48.     /**
  49.      * @var BaseInfoRepository
  50.      */
  51.     protected BaseInfoRepository $baseInfoRepository;
  52.     /**
  53.      * @var CustomerRepository
  54.      */
  55.     protected CustomerRepository $customerRepository;
  56.     /**
  57.      * @var BaseInfo|object|null
  58.      */
  59.     protected $baseInfo;
  61.     /**
  62.      * @param Context $requestContext
  63.      * @param UrlGeneratorInterface $router
  64.      * @param CustomerTwoFactorAuthService $customerTwoFactorAuthService
  65.      * @param BaseInfoRepository $baseInfoRepository
  66.      * @param CustomerRepository $customerRepository
  67.      */
  68.     public function __construct(
  69.         Context $requestContext,
  70.         UrlGeneratorInterface $router,
  71.         CustomerTwoFactorAuthService $customerTwoFactorAuthService,
  72.         BaseInfoRepository $baseInfoRepository,
  73.         CustomerRepository $customerRepository
  74.     ) {
  75.         $this->requestContext $requestContext;
  76.         $this->router $router;
  77.         $this->customerTwoFactorAuthService $customerTwoFactorAuthService;
  78.         $this->baseInfo $baseInfoRepository->find(1);
  79.         $this->customerRepository $customerRepository;
  80.     }
  82.     /**
  83.      * @return array
  84.      */
  85.     public static function getSubscribedEvents(): array
  86.     {
  87.         return [
  88.             KernelEvents::CONTROLLER_ARGUMENTS => ['onKernelController'7],
  89.         ];
  90.     }
  92.     /**
  93.      * リクエスト受信時イベントハンドラ.
  94.      *
  95.      * @param ControllerArgumentsEvent $event
  96.      */
  97.     public function onKernelController(ControllerArgumentsEvent $event)
  98.     {
  99.         if (!$event->isMainRequest()) {
  100.             // サブリクエストの場合、処理なし
  101.             return;
  102.         }
  104.         if ($this->requestContext->isAdmin()) {
  105.             // バックエンドURLの場合、処理なし
  106.             return;
  107.         }
  109.         if (
  110.             ($this->baseInfo->isOptionCustomerActivate() && !$this->baseInfo->isOptionActivateDevice())
  111.             ||
  112.             !$this->baseInfo->isOptionCustomerActivate()
  113.         ) {
  114.             // デバイス認証なし かつ 2段階認証使用しない場合は処理なし
  115.             return;
  116.         }
  118.         $route $event->getRequest()->attributes->get('_route');
  120.         if ($this->isActivationRoute($route)) {
  121.             // デバイス認証(アクティベーション前に介入)
  122.             $this->deviceAuth($event);
  123.         }
  124.     }
  126.     /**
  127.      * アクティベーションルートかチェック.
  128.      *
  129.      * @param string $route
  130.      *
  131.      * @return bool
  132.      */
  133.     private function isActivationRoute(string $route): bool
  134.     {
  135.         // ルートで認証
  136.         return $route === self::ACTIVATE_ROUTE;
  137.     }
  139.     /**
  140.      * デバイス認証.
  141.      *
  142.      * @param mixed $event
  143.      *
  144.      * @throws NotFoundHttpException
  145.      */
  146.     private function deviceAuth($event)
  147.     {
  148.         // アクティベーション
  149.         $secret_key $event->getRequest()->attributes->get('secret_key');
  151.         $Customer $this->customerRepository->getProvisionalCustomerBySecretKey($secret_key);
  152.         if (is_null($Customer)) {
  153.             throw new NotFoundHttpException();
  154.         }
  156.         if ($Customer->isDeviceAuthed()) {
  157.             return;
  158.         }
  160.         // デバイス認証されていない場合
  161.         if ($this->baseInfo->isOptionActivateDevice() && $this->baseInfo->isOptionCustomerActivate()) {
  162.             // 仮会員登録機能:有効 / SMSによる本人認証:有効の場合 デバイス認証画面へリダイレクト
  163.             $url $this->router->generate(
  164.                 'plg_customer_2fa_device_auth_send_onetime',
  165.                 ['secret_key' => $secret_key]
  166.             );
  168.             $event->setController(function () use ($url) {
  169.                 return new RedirectResponse($url302);
  170.             });
  171.         }
  172.     }
  173. }