From 354ac17978479a02b65f59ba427017d64a951e51 Mon Sep 17 00:00:00 2001 From: Christoph Wurst Date: Wed, 8 Jun 2016 10:09:08 +0200 Subject: [PATCH 1/3] document 2FA provider development --- developer_manual/app/index.rst | 3 + developer_manual/app/two-factor-provider.rst | 103 +++++++++++++++++++ 2 files changed, 106 insertions(+) create mode 100644 developer_manual/app/two-factor-provider.rst diff --git a/developer_manual/app/index.rst b/developer_manual/app/index.rst index 75d3d0efd..9a26102ca 100644 --- a/developer_manual/app/index.rst +++ b/developer_manual/app/index.rst @@ -115,6 +115,9 @@ Creating, deleting, updating, searching, login and logout: * :doc:`users` +Writing a two-factor auth provider: +* :doc:`two-factor-provider` + Hooks ----- Listen on events like user creation and execute code: diff --git a/developer_manual/app/two-factor-provider.rst b/developer_manual/app/two-factor-provider.rst new file mode 100644 index 000000000..2776dcd5f --- /dev/null +++ b/developer_manual/app/two-factor-provider.rst @@ -0,0 +1,103 @@ +==================== +Two-factor Providers +==================== + +.. sectionauthor:: Christoph Wurst + +Two-factor auth providers apps are used to plug custom second factors into the ownCloud core. The following +code was taken from the `two-factor test app`_. + +.. _`two-factor test app`: https://github.com/ChristophWurst/twofactor_test + +Implementing a simple two-factor auth provider +============================================== +Two-factor auth providers must implement the ``OCP\Authentication\TwoFactorAuth\IProvider`` interface. The +example below shows a minimalistic example of such a provider. + +.. code-block:: php + + namespace OCA\TwoFactor_Test\Provider; + + use OCP\Authentication\TwoFactorAuth\IProvider; + use OCP\IUser; + use OCP\Template; + + class TwoFactorTestProvider implements IProvider { + + /** + * Get unique identifier of this 2FA provider + * + * @return string + */ + public function getId() { + return 'test'; + } + + /** + * Get the display name for selecting the 2FA provider + * + * @return string + */ + public function getDisplayName() { + return 'Test'; + } + + /** + * Get the description for selecting the 2FA provider + * + * @return string + */ + public function getDescription() { + return 'Use a test provider'; + } + + /** + * Get the template for rending the 2FA provider view + * + * @param IUser $user + * @return Template + */ + public function getTemplate(IUser $user) { + // If necessary, this is also the place where you might want + // to send out a code via e-mail or SMS. + + // 'challenge' is the name of the template + return new Template('twofactor_test', 'challenge'); + } + + /** + * Verify the given challenge + * + * @param IUser $user + * @param string $challenge + */ + public function verifyChallenge(IUser $user, $challenge) { + if ($challenge === 'passme') { + return true; + } + return false; + } + + /** + * Decides whether 2FA is enabled for the given user + * + * @param IUser $user + * @return boolean + */ + public function isTwoFactorAuthEnabledForUser(IUser $user) { + // 2FA is enforced for all users + return true; + } + + } + +Registering a two-factor auth provider +====================================== +You need to inform the ownCloud core that the app provides two-factor auth functionality. Two-factor +providers are registered via ``info.xml``. + +.. code-block:: XML + + + OCA\TwoFactor_Test\Provider\TwoFactorTestProvider + \ No newline at end of file From 5a1d209101ccf0b9a296a4850db3ff1c2a760897 Mon Sep 17 00:00:00 2001 From: Vincent Petry Date: Wed, 8 Jun 2016 13:41:33 +0200 Subject: [PATCH 2/3] Fix indents and spaces for two factor provider --- developer_manual/app/index.rst | 1 + developer_manual/app/two-factor-provider.rst | 118 ++++++++++--------- 2 files changed, 61 insertions(+), 58 deletions(-) diff --git a/developer_manual/app/index.rst b/developer_manual/app/index.rst index 9a26102ca..a95ae1f51 100644 --- a/developer_manual/app/index.rst +++ b/developer_manual/app/index.rst @@ -116,6 +116,7 @@ Creating, deleting, updating, searching, login and logout: * :doc:`users` Writing a two-factor auth provider: + * :doc:`two-factor-provider` Hooks diff --git a/developer_manual/app/two-factor-provider.rst b/developer_manual/app/two-factor-provider.rst index 2776dcd5f..30add5344 100644 --- a/developer_manual/app/two-factor-provider.rst +++ b/developer_manual/app/two-factor-provider.rst @@ -16,6 +16,8 @@ example below shows a minimalistic example of such a provider. .. code-block:: php + OCA\TwoFactor_Test\Provider\TwoFactorTestProvider - \ No newline at end of file + From b50ab08d2190abf2ff4996d9a34259e84d76413e Mon Sep 17 00:00:00 2001 From: Christoph Wurst Date: Wed, 8 Jun 2016 14:02:47 +0200 Subject: [PATCH 3/3] add two-factor-auth, code-signing to TOC --- developer_manual/app/index.rst | 2 ++ 1 file changed, 2 insertions(+) diff --git a/developer_manual/app/index.rst b/developer_manual/app/index.rst index a95ae1f51..92af52765 100644 --- a/developer_manual/app/index.rst +++ b/developer_manual/app/index.rst @@ -28,11 +28,13 @@ configuration filesystem users + two-factor-provider hooks backgroundjobs logging testing publishing + code_signing =============== App Development