Changeset View
Changeset View
Standalone View
Standalone View
plugins/kolab_2fa/lib/Kolab2FA/Driver/TOTP.php
Show First 20 Lines • Show All 46 Lines • ▼ Show 20 Lines | public function init($config) | ||||
'type' => 'text', | 'type' => 'text', | ||||
'private' => true, | 'private' => true, | ||||
'label' => 'secret', | 'label' => 'secret', | ||||
'generator' => 'generate_secret', | 'generator' => 'generate_secret', | ||||
), | ), | ||||
); | ); | ||||
// copy config options | // copy config options | ||||
$this->backend = new \Kolab2FA\OTP\TOTP(); | $this->backend = new \OTPHP\TOTP(); | ||||
$this->backend | $this->backend | ||||
->setDigits($this->config['digits']) | ->setDigits($this->config['digits']) | ||||
->setInterval($this->config['interval']) | ->setInterval($this->config['interval']) | ||||
->setDigest($this->config['digest']) | ->setDigest($this->config['digest']) | ||||
->setIssuer($this->config['issuer']) | ->setIssuer($this->config['issuer']) | ||||
->setIssuerIncludedAsParameter(true); | ->setIssuerIncludedAsParameter(true); | ||||
} | } | ||||
/** | /** | ||||
* | * | ||||
*/ | */ | ||||
public function verify($code, $timestamp = null) | public function verify($code, $timestamp = null) | ||||
{ | { | ||||
// get my secret from the user storage | // get my secret from the user storage | ||||
$secret = $this->get('secret'); | $secret = $this->get('secret'); | ||||
if (!strlen($secret)) { | if (!strlen($secret)) { | ||||
// LOG: "no secret set for user $this->username" | // LOG: "no secret set for user $this->username" | ||||
// rcube::console("VERIFY TOTP: no secret set for user $this->username"); | // rcube::console("VERIFY TOTP: no secret set for user $this->username"); | ||||
return false; | return false; | ||||
} | } | ||||
$this->backend->setLabel($this->username)->setSecret($secret); | $this->backend->setLabel($this->username)->setSecret($secret); | ||||
// PHP gets a string, but we're comparing integers. | // we're comparing strings | ||||
$code = (int)$code; | $code = strval($code); | ||||
// Pass a window to indicate the maximum timeslip between client (mobile | // Pass a window to indicate the maximum timeslip between client (mobile | ||||
// device) and server. | // device) and server. | ||||
$pass = $this->backend->verify($code, $timestamp, 150); | $pass = $this->backend->verify($code, $timestamp, 150); | ||||
// try all codes from $timestamp till now | // try all codes from $timestamp till now | ||||
if (!$pass && $timestamp) { | if (!$pass && $timestamp) { | ||||
$now = time(); | $now = time(); | ||||
Show All 31 Lines |