Package com.avoka.fc.core.service
Interface ITwoFactorAuthenticationService
- All Known Implementing Classes:
GoogleTwoFactorAuthenticationService
public interface ITwoFactorAuthenticationService
Provides a service to verify additional authentication factors (excluding the password) and enrol users for additional authentication factors securely via email.
- Since:
- 4.2.0
-
Field Summary
-
Method Summary
Modifier and TypeMethodDescriptionReturn the date after which users can no longer log on without providing additional authentication factors.boolean
Return whether users can currently log on without providing a token prior to having enrolled.boolean
isValid
(Object securityToken, UserAccount userAccount, jakarta.servlet.http.HttpServletRequest request) Checks additional authentication factors (not including the password) for a user.void
sendEnrolmentEmail
(UserAccount userAccount, Portal portal) Send an email with enrolment instructions to the given user.void
sendResetEmail
(UserAccount userAccount, Portal portal) Send an email with instructions on how to reset multi-factor authentication credentials.
-
Field Details
-
PROPERTY_END_OF_GRACE_PERIOD
The "endOfGracePeriod" property name.- See Also:
-
-
Method Details
-
isValid
boolean isValid(Object securityToken, UserAccount userAccount, jakarta.servlet.http.HttpServletRequest request) Checks additional authentication factors (not including the password) for a user.- Parameters:
securityToken
- an object containing additional authentication factors, e.g. a one-time passworduserAccount
- the user accountrequest
- the HTTP servlet request- Returns:
- true if the additional authentication factors were verified successfully, false otherwise
-
getEndOfGracePeriod
Date getEndOfGracePeriod()Return the date after which users can no longer log on without providing additional authentication factors. If not set, no grace period is being used. Note that once a user has been enrolled for multi-factor authentication, the grace period no longer applies.- Returns:
- the end of the grace period
-
isInGracePeriod
boolean isInGracePeriod()Return whether users can currently log on without providing a token prior to having enrolled.- Returns:
- whether a grace period is currently active
-
sendEnrolmentEmail
Send an email with enrolment instructions to the given user.- Parameters:
userAccount
- the user to enrol (required)portal
- the portal (required)
-
sendResetEmail
Send an email with instructions on how to reset multi-factor authentication credentials.- Parameters:
userAccount
- the user (required)portal
- the portal (required)
-