View source
<?php
include_once 'ga4php.php';
class GALoginGA extends GoogleAuthenticator {
public function getData($username) {
$result = db_select('ga_login')
->fields('ga_login', array(
'keydata',
))
->condition('name', $username)
->execute()
->fetchAssoc();
if (!$result) {
return FALSE;
}
if (module_exists('aes')) {
return aes_decrypt($result["keydata"]);
}
elseif (module_exists('encrypt')) {
return decrypt($result["keydata"]);
}
return $result["keydata"];
}
public function putData($username, $data) {
if (module_exists('aes')) {
$data = aes_encrypt($data);
}
elseif (module_exists('encrypt')) {
$data = encrypt($data);
}
$result = db_merge('ga_login')
->key(array(
'name' => $username,
))
->fields(array(
'keydata' => $data,
))
->execute();
if ($result) {
return TRUE;
}
else {
return FALSE;
}
}
public function getUsers() {
}
public function createEmptyData() {
$data = parent::createEmptyData();
$data["tokentype"] = "TOTP";
return $data;
}
public function unapprovedUser($username, $ttype = "HOTP", $key = "", $hexkey = "") {
$ttype = strtoupper($ttype);
if ($ttype != "HOTP" && $ttype != "TOTP") {
return FALSE;
}
if ($hexkey != "") {
$hkey = $hexkey;
}
else {
if ($key == "") {
$key = $this
->createBase32Key();
}
$hkey = $this
->helperb322hex($key);
}
$token = $this
->internalGetData($username);
$token["tokenkey"] = $hkey;
$token["tokentype"] = $ttype;
return $token;
}
public function createURL($user, $data = NULL) {
if (is_null($data)) {
return parent::createURL($user);
}
else {
$toktype = $data["tokentype"];
$key = $this
->helperhex2b32($data["tokenkey"]);
$counter = $data["tokencounter"] + 1;
$toktype = strtolower($toktype);
if ($toktype == "hotp") {
$url = "otpauth://{$toktype}/{$user}?secret={$key}&counter={$counter}";
}
else {
$url = "otpauth://{$toktype}/{$user}?secret={$key}";
}
return $url;
}
}
public function authenticateUser($username, $code, $tokendata = FALSE) {
if (preg_match("/[0-9][0-9][0-9][0-9][0-9][0-9]/", $code) < 1) {
$this->errorText = "6 digits please";
return FALSE;
}
if ($username && !$tokendata) {
$tokendata = $this
->internalGetData($username);
}
if ($tokendata["tokenkey"] == "") {
$this->errorText = "No Assigned Token";
return FALSE;
}
$ttype = $tokendata["tokentype"];
$tlid = $tokendata["tokencounter"];
$tkey = $tokendata["tokenkey"];
switch ($ttype) {
case "HOTP":
$st = $tlid + 1;
$en = $tlid + $this->hotpSkew;
for ($i = $st; $i < $en; $i++) {
$stest = $this
->oathHotp($tkey, $i);
if ($code == $stest) {
$tokendata["tokencounter"] = $i;
$this
->internalPutData($username, $tokendata);
return TRUE;
}
}
return FALSE;
case "TOTP":
$t_now = REQUEST_TIME;
$t_ear = $t_now - $this->totpSkew * $tokendata["tokentimer"];
$t_lat = $t_now + $this->totpSkew * $tokendata["tokentimer"];
$t_st = (int) ($t_ear / $tokendata["tokentimer"]);
$t_en = (int) ($t_lat / $tokendata["tokentimer"]);
if (isset($tokendata["tokencounter"]) && $tokendata["tokencounter"] >= $t_st) {
$t_st = $tokendata["tokencounter"] + 1;
}
for ($i = $t_st; $i <= $t_en; $i++) {
$stest = $this
->oathHotp($tkey, $i);
if ($code == $stest) {
$tokendata["tokencounter"] = $i;
$this
->internalPutData($username, $tokendata);
return TRUE;
}
}
break;
}
return FALSE;
}
}