Merge feature/ENG-1111/mfa-lambda

src/FusionAuth/FusionAuthClient.php

@@ -265,6 +265,28 @@ public function checkChangePasswordUsingId($changePasswordId)
         ->go();
   }
 
+  /**
+   * Check to see if the user must obtain a Trust Token Id in order to complete a change password request.
+   * When a user has enabled Two-Factor authentication, before you are allowed to use the Change Password API to change
+   * your password, you must obtain a Trust Token by completing a Two-Factor Step-Up authentication.
+   * 
+   * An HTTP status code of 400 with a general error code of [TrustTokenRequired] indicates that a Trust Token is required to make a POST request to this API.
+   *
+   * @param string $changePasswordId The change password Id used to find the user. This value is generated by FusionAuth once the change password workflow has been initiated.
+   * @param string $ipAddress (Optional) IP address of the user changing their password. This is used for MFA risk assessment.
+   *
+   * @return ClientResponse The ClientResponse.
+   * @throws \Exception
+   */
+  public function checkChangePasswordUsingIdAndIPAddress($changePasswordId, $ipAddress = NULL)
+  {
+    return $this->startAnonymous()->uri("/api/user/change-password")
+        ->urlSegment($changePasswordId)
+        ->urlParameter("ipAddress", $ipAddress)
+        ->get()
+        ->go();
+  }
+
   /**
    * Check to see if the user must obtain a Trust Token Id in order to complete a change password request.
    * When a user has enabled Two-Factor authentication, before you are allowed to use the Change Password API to change
@@ -285,6 +307,28 @@ public function checkChangePasswordUsingJWT($encodedJWT)
         ->go();
   }
 
+  /**
+   * Check to see if the user must obtain a Trust Token Id in order to complete a change password request.
+   * When a user has enabled Two-Factor authentication, before you are allowed to use the Change Password API to change
+   * your password, you must obtain a Trust Token by completing a Two-Factor Step-Up authentication.
+   * 
+   * An HTTP status code of 400 with a general error code of [TrustTokenRequired] indicates that a Trust Token is required to make a POST request to this API.
+   *
+   * @param string $encodedJWT The encoded JWT (access token).
+   * @param string $ipAddress (Optional) IP address of the user changing their password. This is used for MFA risk assessment.
+   *
+   * @return ClientResponse The ClientResponse.
+   * @throws \Exception
+   */
+  public function checkChangePasswordUsingJWTAndIPAddress($encodedJWT, $ipAddress = NULL)
+  {
+    return $this->startAnonymous()->uri("/api/user/change-password")
+        ->authorization("Bearer " . $encodedJWT)
+        ->urlParameter("ipAddress", $ipAddress)
+        ->get()
+        ->go();
+  }
+
   /**
    * Check to see if the user must obtain a Trust Request Id in order to complete a change password request.
    * When a user has enabled Two-Factor authentication, before you are allowed to use the Change Password API to change
@@ -305,6 +349,28 @@ public function checkChangePasswordUsingLoginId($loginId)
         ->go();
   }
 
+  /**
+   * Check to see if the user must obtain a Trust Request Id in order to complete a change password request.
+   * When a user has enabled Two-Factor authentication, before you are allowed to use the Change Password API to change
+   * your password, you must obtain a Trust Request Id by completing a Two-Factor Step-Up authentication.
+   * 
+   * An HTTP status code of 400 with a general error code of [TrustTokenRequired] indicates that a Trust Token is required to make a POST request to this API.
+   *
+   * @param string $loginId The loginId (email or username) of the User that you intend to change the password for.
+   * @param string $ipAddress (Optional) IP address of the user changing their password. This is used for MFA risk assessment.
+   *
+   * @return ClientResponse The ClientResponse.
+   * @throws \Exception
+   */
+  public function checkChangePasswordUsingLoginIdAndIPAddress($loginId, $ipAddress = NULL)
+  {
+    return $this->start()->uri("/api/user/change-password")
+        ->urlParameter("loginId", $loginId)
+        ->urlParameter("ipAddress", $ipAddress)
+        ->get()
+        ->go();
+  }
+
   /**
    * Check to see if the user must obtain a Trust Request Id in order to complete a change password request.
    * When a user has enabled Two-Factor authentication, before you are allowed to use the Change Password API to change
@@ -327,6 +393,30 @@ public function checkChangePasswordUsingLoginIdAndLoginIdTypes($loginId, $loginI
         ->go();
   }
 
+  /**
+   * Check to see if the user must obtain a Trust Request Id in order to complete a change password request.
+   * When a user has enabled Two-Factor authentication, before you are allowed to use the Change Password API to change
+   * your password, you must obtain a Trust Request Id by completing a Two-Factor Step-Up authentication.
+   * 
+   * An HTTP status code of 400 with a general error code of [TrustTokenRequired] indicates that a Trust Token is required to make a POST request to this API.
+   *
+   * @param string $loginId The loginId of the User that you intend to change the password for.
+   * @param array $loginIdTypes The identity types that FusionAuth will compare the loginId to.
+   * @param string $ipAddress (Optional) IP address of the user changing their password. This is used for MFA risk assessment.
+   *
+   * @return ClientResponse The ClientResponse.
+   * @throws \Exception
+   */
+  public function checkChangePasswordUsingLoginIdAndLoginIdTypesAndIPAddress($loginId, $loginIdTypes, $ipAddress = NULL)
+  {
+    return $this->start()->uri("/api/user/change-password")
+        ->urlParameter("loginId", $loginId)
+        ->urlParameter("loginIdTypes", $loginIdTypes)
+        ->urlParameter("ipAddress", $ipAddress)
+        ->get()
+        ->go();
+  }
+
   /**
    * Make a Client Credentials grant request to obtain an access token.
    *
@@ -4346,6 +4436,26 @@ public function retrieveTwoFactorStatus($userId, $applicationId, $twoFactorTrust
         ->go();
   }
 
+  /**
+   * Retrieve a user's two-factor status.
+   * 
+   * This can be used to see if a user will need to complete a two-factor challenge to complete a login,
+   * and optionally identify the state of the two-factor trust across various applications. This operation
+   * provides more payload options than retrieveTwoFactorStatus.
+   *
+   * @param array $request The request object that contains all the information used to check the status.
+   *
+   * @return ClientResponse The ClientResponse.
+   * @throws \Exception
+   */
+  public function retrieveTwoFactorStatusWithRequest($request)
+  {
+    return $this->start()->uri("/api/two-factor/status")
+        ->bodyHandler(new JSONBodyHandler($request))
+        ->post()
+        ->go();
+  }
+
   /**
    * Retrieves the user for the given Id.
    *