File tree Expand file tree Collapse file tree 7 files changed +15
-72
lines changed
Test/Integration/Controller/Adminhtml/Duo Expand file tree Collapse file tree 7 files changed +15
-72
lines changed Original file line number Diff line number Diff line change @@ -53,7 +53,6 @@ protected function _getElementHtml(AbstractElement $element)
5353 'twofactorauth_duo_client_id ' ,
5454 'twofactorauth_duo_client_secret ' ,
5555 'twofactorauth_duo_api_hostname ' ,
56- 'twofactorauth_duo_failmode ' ,
5756 'twofactorauth_duo_integration_key ' ,
5857 'twofactorauth_duo_secret_key ' ,
5958 ]
Original file line number Diff line number Diff line change 1111use Magento \Backend \Block \Template ;
1212use Magento \Backend \Model \Auth \Session ;
1313use Magento \Framework \Exception \LocalizedException ;
14+ use Magento \TwoFactorAuth \Model \Provider \Engine \DuoSecurity ;
1415
1516/**
1617 * @api
1718 */
1819class Auth extends Template
1920{
21+ /**
22+ * @var DuoSecurity
23+ */
24+ private $ duoSecurity
25+
2026 /**
2127 * @var Session
2228 */
@@ -25,14 +31,17 @@ class Auth extends Template
2531 /**
2632 * @param Template\Context $context
2733 * @param Session $session
34+ * @param DuoSecurity $duoSecurity
2835 * @param array $data
2936 */
3037 public function __construct (
3138 Template \Context $ context
3239 Session $ session
40+ DuoSecurity $ duoSecurity
3341 array $ data
3442 ) {
3543 parent ::__construct ($ context$ data
44+ $ this duoSecurity = $ duoSecurity
3645 $ this session = $ session
3746 }
3847
Original file line number Diff line number Diff line change 11<?php
22/**
3- * Copyright © Magento, Inc. All rights reserved.
4- * See COPYING.txt for license details .
3+ * Copyright 2020 Adobe
4+ * All Rights Reserved .
55 */
6+
67declare (strict_types=1 );
78
89namespace Magento \TwoFactorAuth \Controller \Adminhtml \Duo ;
@@ -117,12 +118,8 @@ public function execute()
117118 $ state$ this duoSecurity ->generateDuoState ();
118119 $ this session ->setDuoState ($ state
119120 $ response$ this duoSecurity ->initiateAuth ($ username$ state
120- if ($ response'status ' ] === 'open ' ) {
121- // If fail mode is "open", skip the Duo prompt.
122- $ this messageManager ->addErrorMessage ($ response'message ' ]);
123- }
124- if ($ response'status ' ] === 'closed ' ) {
125- // If fail mode is "closed", show an error message.
121+ if ($ response'status ' ] === 'failure ' ) {
122+ // if health check fails, skip the Duo prompt and choose different 2FA.
126123 $ this messageManager ->addErrorMessage ($ response'message ' ]);
127124 }
128125
Load Diff This file was deleted.
Original file line number Diff line number Diff line change @@ -57,11 +57,6 @@ class DuoSecurity implements EngineInterface
5757 */
5858 public const XML_PATH_SKEY = 'twofactorauth/duo/secret_key ' ;
5959
60- /**
61- * Configuration path for Duo Mode
62- */
63- public const DUO_FAILMODE = 'twofactorauth/duo/duo_failmode ' ;
64-
6560 /**
6661 * @var ScopeConfigInterface
6762 */
@@ -142,16 +137,6 @@ private function getClientId(): string
142137 return $ this scopeConfig ->getValue (static ::XML_PATH_CLIENT_ID );
143138 }
144139
145- /**
146- * Get Duo Mode
147- *
148- * @return string
149- */
150- public function getDuoFailmode (): string
151- {
152- return strtoupper ($ this scopeConfig ->getValue (static ::DUO_FAILMODE ));
153- }
154-
155140 /**
156141 * Get callback URL
157142 *
@@ -241,27 +226,14 @@ public function isEnabled(): bool
241226 */
242227 public function initiateAuth ($ usernamestring $ statearray
243228 {
244- $ duoFailMode$ this getDuoFailmode ();
245229 try {
246230 $ this healthCheck ();
247231 } catch (DuoException $ e
248- if ($ duoFailMode"OPEN " ) {
249- return [
250- 'status ' => 'open ' ,
251- 'redirect_url ' => '' ,
252- 'message ' => __ (
253- "Login 'applicable',
254- but 2FA Not Performed. Switch to other 2FA Provider.
255- Confirm Duo client/secret/host values are correct "
256- )
257- ];
258- } else {
259232 return [
260- 'status ' => 'closed ' ,
233+ 'status ' => 'failure ' ,
261234 'redirect_url ' => '' ,
262235 'message ' => __ ("2FA Unavailable. Confirm Duo client/secret/host values are correct " )
263236 ];
264- }
265237 }
266238
267239 return [
Original file line number Diff line number Diff line change @@ -52,7 +52,6 @@ public function testTokenAccess(): void
5252 * @magentoConfigFixture default/twofactorauth/duo/integration_key abc123
5353 * @magentoConfigFixture default/twofactorauth/duo/api_hostname test.duosecurity.com
5454 * @magentoConfigFixture default/twofactorauth/duo/secret_key abc123
55- * @magentoConfigFixture default/twofactorauth/duo/duo_failmode open
5655 * phpcs:disable Generic.CodeAnalysis.UselessOverridingMethod
5756 */
5857 public function testAclHasAccess ()
@@ -68,7 +67,6 @@ public function testAclHasAccess()
6867 * @magentoConfigFixture default/twofactorauth/duo/integration_key abc123
6968 * @magentoConfigFixture default/twofactorauth/duo/api_hostname test.duosecurity.com
7069 * @magentoConfigFixture default/twofactorauth/duo/secret_key abc123
71- * @magentoConfigFixture default/twofactorauth/duo/duo_failmode open
7270 * phpcs:disable Generic.CodeAnalysis.UselessOverridingMethod
7371 */
7472 public function testAclNoAccess ()
Original file line number Diff line number Diff line change 7878 <label >API hostname</label >
7979 <backend_model >Magento\TwoFactorAuth\Model\Config\Backend\Duo\ApiHostname</backend_model >
8080 </field >
81- <field id =" duo_failmode" translate =" label comment" type =" select" sortOrder =" 50" showInDefault =" 1"
82- showInWebsite =" 0" showInStore =" 0"
83- <label >Duo Failmode</label >
84- <source_model >Magento\TwoFactorAuth\Model\Config\Source\DuoFailmode</source_model >
85- </field >
8681 <field id =" integration_key" translate =" label comment" type =" text" sortOrder =" 60" showInDefault =" 1"
8782 showInWebsite =" 0" showInStore =" 0"
8883 <label >Integration Key</label >
You can’t perform that action at this time.
0 commit comments