diff --git a/plugins/kolab_2fa/composer.json b/plugins/kolab_2fa/composer.json --- a/plugins/kolab_2fa/composer.json +++ b/plugins/kolab_2fa/composer.json @@ -21,8 +21,8 @@ "require": { "php": ">=5.3.0", "roundcube/plugin-installer": ">=0.1.3", - "spomky-labs/otphp": "~5.0.0", - "endroid/qrcode": "~1.5.0", + "spomky-labs/otphp": "~6.0.0", + "endroid/qrcode": "~1.7.0", "enygma/yubikey": "~3.2" } } diff --git a/plugins/kolab_2fa/kolab2fa.js b/plugins/kolab_2fa/kolab2fa.js --- a/plugins/kolab_2fa/kolab2fa.js +++ b/plugins/kolab_2fa/kolab2fa.js @@ -274,7 +274,12 @@ }); // callback for save action - rcmail.addEventListener('plugin.save_success', function(data) { + rcmail.addEventListener('plugin.kolab_2fa_save_success', function(data) { + // force object + if (rcmail.env.kolab_2fa_factors.length !== undefined) { + rcmail.env.kolab_2fa_factors = {}; + } + if (!data.active && rcmail.env.kolab_2fa_factors[data.id]) { delete rcmail.env.kolab_2fa_factors[data.id]; } diff --git a/plugins/kolab_2fa/kolab_2fa.php b/plugins/kolab_2fa/kolab_2fa.php --- a/plugins/kolab_2fa/kolab_2fa.php +++ b/plugins/kolab_2fa/kolab_2fa.php @@ -640,7 +640,7 @@ if ($success) { $this->api->output->show_message($data === false ? $this->gettext('factorremovesuccess') : $this->gettext('factorsavesuccess'), 'confirmation'); - $this->api->output->command('plugin.save_success', array('method' => $method, 'active' => $data !== false) + $save_data); + $this->api->output->command('plugin.kolab_2fa_save_success', array('id' => $method, 'active' => $data !== false) + $save_data); } else if ($errors) { $this->api->output->show_message($this->gettext('factorsaveerror'), 'error'); diff --git a/plugins/kolab_2fa/lib/Kolab2FA/Driver/HOTP.php b/plugins/kolab_2fa/lib/Kolab2FA/Driver/HOTP.php --- a/plugins/kolab_2fa/lib/Kolab2FA/Driver/HOTP.php +++ b/plugins/kolab_2fa/lib/Kolab2FA/Driver/HOTP.php @@ -58,7 +58,7 @@ ); // copy config options - $this->backend = new \Kolab2FA\OTP\HOTP(); + $this->backend = new \OTPHP\HOTP(); $this->backend ->setDigits($this->config['digits']) ->setDigest($this->config['digest']) diff --git a/plugins/kolab_2fa/lib/Kolab2FA/Driver/TOTP.php b/plugins/kolab_2fa/lib/Kolab2FA/Driver/TOTP.php --- a/plugins/kolab_2fa/lib/Kolab2FA/Driver/TOTP.php +++ b/plugins/kolab_2fa/lib/Kolab2FA/Driver/TOTP.php @@ -52,7 +52,7 @@ ); // copy config options - $this->backend = new \Kolab2FA\OTP\TOTP(); + $this->backend = new \OTPHP\TOTP(); $this->backend ->setDigits($this->config['digits']) ->setInterval($this->config['interval']) @@ -77,8 +77,8 @@ $this->backend->setLabel($this->username)->setSecret($secret); - // PHP gets a string, but we're comparing integers. - $code = (int)$code; + // we're comparing strings + $code = strval($code); // Pass a window to indicate the maximum timeslip between client (mobile // device) and server. diff --git a/plugins/kolab_2fa/lib/Kolab2FA/OTP/HOTP.php b/plugins/kolab_2fa/lib/Kolab2FA/OTP/HOTP.php deleted file mode 100644 --- a/plugins/kolab_2fa/lib/Kolab2FA/OTP/HOTP.php +++ /dev/null @@ -1,58 +0,0 @@ - - * - * Copyright (C) 2015, Kolab Systems AG - * - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License as - * published by the Free Software Foundation, either version 3 of the - * License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License - * along with this program. If not, see . - */ - - -namespace Kolab2FA\OTP; - -use OTPHP\HOTP as Base; - -class HOTP extends Base -{ - use OTP; - protected $counter = 0; - - public function setCounter($counter) - { - if (!is_integer($counter) || $counter < 0) { - throw new \Exception('Counter must be at least 0.'); - } - $this->counter = $counter; - - return $this; - } - - public function getCounter() - { - return $this->counter; - } - - public function updateCounter($counter) - { - $this->counter = $counter; - - return $this; - } -} \ No newline at end of file diff --git a/plugins/kolab_2fa/lib/Kolab2FA/OTP/OTP.php b/plugins/kolab_2fa/lib/Kolab2FA/OTP/OTP.php deleted file mode 100644 --- a/plugins/kolab_2fa/lib/Kolab2FA/OTP/OTP.php +++ /dev/null @@ -1,133 +0,0 @@ - - * - * Copyright (C) 2015, Kolab Systems AG - * - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License as - * published by the Free Software Foundation, either version 3 of the - * License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License - * along with this program. If not, see . - */ - -namespace Kolab2FA\OTP; - -trait OTP -{ - protected $secret = null; - protected $issuer = null; - protected $issuer_included_as_parameter = false; - protected $label = null; - protected $digest = 'sha1'; - protected $digits = 6; - - public function setSecret($secret) - { - $this->secret = $secret; - - return $this; - } - - public function getSecret() - { - return $this->secret; - } - - public function setLabel($label) - { - if ($this->hasSemicolon($label)) { - throw new \Exception('Label must not contain a semi-colon.'); - } - $this->label = $label; - - return $this; - } - - public function getLabel() - { - return $this->label; - } - - public function setIssuer($issuer) - { - if ($this->hasSemicolon($issuer)) { - throw new \Exception('Issuer must not contain a semi-colon.'); - } - $this->issuer = $issuer; - - return $this; - } - - public function getIssuer() - { - return $this->issuer; - } - - public function isIssuerIncludedAsParameter() - { - return $this->issuer_included_as_parameter; - } - - public function setIssuerIncludedAsParameter($issuer_included_as_parameter) - { - $this->issuer_included_as_parameter = $issuer_included_as_parameter; - - return $this; - } - - public function setDigits($digits) - { - if (!is_numeric($digits) || $digits < 1) { - throw new \Exception('Digits must be at least 1.'); - } - $this->digits = $digits; - - return $this; - } - - public function getDigits() - { - return $this->digits; - } - - public function setDigest($digest) - { - if (!in_array($digest, array('md5', 'sha1', 'sha256', 'sha512'))) { - throw new \Exception("'$digest' digest is not supported."); - } - $this->digest = $digest; - - return $this; - } - - public function getDigest() - { - return $this->digest; - } - - private function hasSemicolon($value) - { - $semicolons = array(':', '%3A', '%3a'); - foreach ($semicolons as $semicolon) { - if (false !== strpos($value, $semicolon)) { - return true; - } - } - - return false; - } -} \ No newline at end of file diff --git a/plugins/kolab_2fa/lib/Kolab2FA/OTP/TOTP.php b/plugins/kolab_2fa/lib/Kolab2FA/OTP/TOTP.php deleted file mode 100644 --- a/plugins/kolab_2fa/lib/Kolab2FA/OTP/TOTP.php +++ /dev/null @@ -1,50 +0,0 @@ - - * - * Copyright (C) 2015, Kolab Systems AG - * - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License as - * published by the Free Software Foundation, either version 3 of the - * License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License - * along with this program. If not, see . - */ - -namespace Kolab2FA\OTP; - -use OTPHP\TOTP as Base; - -class TOTP extends Base -{ - use OTP; - protected $interval = 30; - - public function setInterval($interval) - { - if (!is_integer($interval) || $interval < 1) { - throw new \Exception('Interval must be at least 1.'); - } - $this->interval = $interval; - - return $this; - } - - public function getInterval() - { - return $this->interval; - } -} \ No newline at end of file