diff --git a/src/FusionAuth/FusionAuthClient.php b/src/FusionAuth/FusionAuthClient.php index 3a702f8..48d0f39 100644 --- a/src/FusionAuth/FusionAuthClient.php +++ b/src/FusionAuth/FusionAuthClient.php @@ -265,6 +265,28 @@ public function checkChangePasswordUsingId($changePasswordId) ->go(); } + /** + * Check to see if the user must obtain a Trust Token Id in order to complete a change password request. + * When a user has enabled Two-Factor authentication, before you are allowed to use the Change Password API to change + * your password, you must obtain a Trust Token by completing a Two-Factor Step-Up authentication. + * + * An HTTP status code of 400 with a general error code of [TrustTokenRequired] indicates that a Trust Token is required to make a POST request to this API. + * + * @param string $changePasswordId The change password Id used to find the user. This value is generated by FusionAuth once the change password workflow has been initiated. + * @param string $ipAddress (Optional) IP address of the user changing their password. This is used for MFA risk assessment. + * + * @return ClientResponse The ClientResponse. + * @throws \Exception + */ + public function checkChangePasswordUsingIdAndIPAddress($changePasswordId, $ipAddress = NULL) + { + return $this->startAnonymous()->uri("/api/user/change-password") + ->urlSegment($changePasswordId) + ->urlParameter("ipAddress", $ipAddress) + ->get() + ->go(); + } + /** * Check to see if the user must obtain a Trust Token Id in order to complete a change password request. * When a user has enabled Two-Factor authentication, before you are allowed to use the Change Password API to change @@ -285,6 +307,28 @@ public function checkChangePasswordUsingJWT($encodedJWT) ->go(); } + /** + * Check to see if the user must obtain a Trust Token Id in order to complete a change password request. + * When a user has enabled Two-Factor authentication, before you are allowed to use the Change Password API to change + * your password, you must obtain a Trust Token by completing a Two-Factor Step-Up authentication. + * + * An HTTP status code of 400 with a general error code of [TrustTokenRequired] indicates that a Trust Token is required to make a POST request to this API. + * + * @param string $encodedJWT The encoded JWT (access token). + * @param string $ipAddress (Optional) IP address of the user changing their password. This is used for MFA risk assessment. + * + * @return ClientResponse The ClientResponse. + * @throws \Exception + */ + public function checkChangePasswordUsingJWTAndIPAddress($encodedJWT, $ipAddress = NULL) + { + return $this->startAnonymous()->uri("/api/user/change-password") + ->authorization("Bearer " . $encodedJWT) + ->urlParameter("ipAddress", $ipAddress) + ->get() + ->go(); + } + /** * Check to see if the user must obtain a Trust Request Id in order to complete a change password request. * When a user has enabled Two-Factor authentication, before you are allowed to use the Change Password API to change @@ -305,6 +349,28 @@ public function checkChangePasswordUsingLoginId($loginId) ->go(); } + /** + * Check to see if the user must obtain a Trust Request Id in order to complete a change password request. + * When a user has enabled Two-Factor authentication, before you are allowed to use the Change Password API to change + * your password, you must obtain a Trust Request Id by completing a Two-Factor Step-Up authentication. + * + * An HTTP status code of 400 with a general error code of [TrustTokenRequired] indicates that a Trust Token is required to make a POST request to this API. + * + * @param string $loginId The loginId (email or username) of the User that you intend to change the password for. + * @param string $ipAddress (Optional) IP address of the user changing their password. This is used for MFA risk assessment. + * + * @return ClientResponse The ClientResponse. + * @throws \Exception + */ + public function checkChangePasswordUsingLoginIdAndIPAddress($loginId, $ipAddress = NULL) + { + return $this->start()->uri("/api/user/change-password") + ->urlParameter("loginId", $loginId) + ->urlParameter("ipAddress", $ipAddress) + ->get() + ->go(); + } + /** * Check to see if the user must obtain a Trust Request Id in order to complete a change password request. * When a user has enabled Two-Factor authentication, before you are allowed to use the Change Password API to change @@ -327,6 +393,30 @@ public function checkChangePasswordUsingLoginIdAndLoginIdTypes($loginId, $loginI ->go(); } + /** + * Check to see if the user must obtain a Trust Request Id in order to complete a change password request. + * When a user has enabled Two-Factor authentication, before you are allowed to use the Change Password API to change + * your password, you must obtain a Trust Request Id by completing a Two-Factor Step-Up authentication. + * + * An HTTP status code of 400 with a general error code of [TrustTokenRequired] indicates that a Trust Token is required to make a POST request to this API. + * + * @param string $loginId The loginId of the User that you intend to change the password for. + * @param array $loginIdTypes The identity types that FusionAuth will compare the loginId to. + * @param string $ipAddress (Optional) IP address of the user changing their password. This is used for MFA risk assessment. + * + * @return ClientResponse The ClientResponse. + * @throws \Exception + */ + public function checkChangePasswordUsingLoginIdAndLoginIdTypesAndIPAddress($loginId, $loginIdTypes, $ipAddress = NULL) + { + return $this->start()->uri("/api/user/change-password") + ->urlParameter("loginId", $loginId) + ->urlParameter("loginIdTypes", $loginIdTypes) + ->urlParameter("ipAddress", $ipAddress) + ->get() + ->go(); + } + /** * Make a Client Credentials grant request to obtain an access token. * @@ -4346,6 +4436,26 @@ public function retrieveTwoFactorStatus($userId, $applicationId, $twoFactorTrust ->go(); } + /** + * Retrieve a user's two-factor status. + * + * This can be used to see if a user will need to complete a two-factor challenge to complete a login, + * and optionally identify the state of the two-factor trust across various applications. This operation + * provides more payload options than retrieveTwoFactorStatus. + * + * @param array $request The request object that contains all the information used to check the status. + * + * @return ClientResponse The ClientResponse. + * @throws \Exception + */ + public function retrieveTwoFactorStatusWithRequest($request) + { + return $this->start()->uri("/api/two-factor/status") + ->bodyHandler(new JSONBodyHandler($request)) + ->post() + ->go(); + } + /** * Retrieves the user for the given Id. *