You are here

Home » API reference » Google Authenticator login 7 » ga_login.class.php

class GALoginGA in Google Authenticator login 7

Hierarchy

Expanded class hierarchy of GALoginGA

File

./ga_login.class.php, line 12

View source 
class GALoginGA extends GoogleAuthenticator {

  /**
   * Load data associated with a user.
   */
  public function getData($username) {
    $result = db_select('ga_login')
      ->fields('ga_login', array(
      'keydata',
    ))
      ->condition('name', $username)
      ->execute()
      ->fetchAssoc();

    // Check the result.
    if (!$result) {
      return FALSE;
    }

    // Decrypt the data, if a plugin in available.
    if (module_exists('aes')) {
      return aes_decrypt($result["keydata"]);
    }
    elseif (module_exists('encrypt')) {
      return decrypt($result["keydata"]);
    }
    return $result["keydata"];
  }

  /**
   * Save data associated with a user.
   */
  public function putData($username, $data) {

    // Encrypt the data, if a plugin in available.
    if (module_exists('aes')) {
      $data = aes_encrypt($data);
    }
    elseif (module_exists('encrypt')) {
      $data = encrypt($data);
    }
    $result = db_merge('ga_login')
      ->key(array(
      'name' => $username,
    ))
      ->fields(array(
      'keydata' => $data,
    ))
      ->execute();
    if ($result) {
      return TRUE;
    }
    else {
      return FALSE;
    }
  }

  /**
   * Not used.
   */
  public function getUsers() {

    // Abstract function from base class.
  }

  /**
   * Create empty data.
   */
  public function createEmptyData() {
    $data = parent::createEmptyData();
    $data["tokentype"] = "TOTP";
    return $data;
  }

  /**
   * Create "user" withOUT insert.
   */
  public function unapprovedUser($username, $ttype = "HOTP", $key = "", $hexkey = "") {
    $ttype = strtoupper($ttype);
    if ($ttype != "HOTP" && $ttype != "TOTP") {
      return FALSE;
    }
    if ($hexkey != "") {
      $hkey = $hexkey;
    }
    else {
      if ($key == "") {
        $key = $this
          ->createBase32Key();
      }
      $hkey = $this
        ->helperb322hex($key);
    }
    $token = $this
      ->internalGetData($username);
    $token["tokenkey"] = $hkey;
    $token["tokentype"] = $ttype;
    return $token;
  }

  /**
   * Create authentication URL.
   */
  public function createURL($user, $data = NULL) {
    if (is_null($data)) {
      return parent::createURL($user);
    }
    else {
      $toktype = $data["tokentype"];
      $key = $this
        ->helperhex2b32($data["tokenkey"]);

      // Token counter should be one more then current token value,
      // otherwise it gets confused.
      $counter = $data["tokencounter"] + 1;
      $toktype = strtolower($toktype);
      if ($toktype == "hotp") {
        $url = "otpauth://{$toktype}/{$user}?secret={$key}&counter={$counter}";
      }
      else {
        $url = "otpauth://{$toktype}/{$user}?secret={$key}";
      }
      return $url;
    }
  }

  /**
   * Authenticate a user.
   */
  public function authenticateUser($username, $code, $tokendata = FALSE) {
    if (preg_match("/[0-9][0-9][0-9][0-9][0-9][0-9]/", $code) < 1) {
      $this->errorText = "6 digits please";
      return FALSE;
    }
    if ($username && !$tokendata) {
      $tokendata = $this
        ->internalGetData($username);
    }
    if ($tokendata["tokenkey"] == "") {
      $this->errorText = "No Assigned Token";
      return FALSE;
    }
    $ttype = $tokendata["tokentype"];
    $tlid = $tokendata["tokencounter"];
    $tkey = $tokendata["tokenkey"];
    switch ($ttype) {
      case "HOTP":
        $st = $tlid + 1;
        $en = $tlid + $this->hotpSkew;
        for ($i = $st; $i < $en; $i++) {
          $stest = $this
            ->oathHotp($tkey, $i);
          if ($code == $stest) {
            $tokendata["tokencounter"] = $i;
            $this
              ->internalPutData($username, $tokendata);
            return TRUE;
          }
        }
        return FALSE;
      case "TOTP":
        $t_now = REQUEST_TIME;
        $t_ear = $t_now - $this->totpSkew * $tokendata["tokentimer"];
        $t_lat = $t_now + $this->totpSkew * $tokendata["tokentimer"];
        $t_st = (int) ($t_ear / $tokendata["tokentimer"]);
        $t_en = (int) ($t_lat / $tokendata["tokentimer"]);

        // Make sure we only check against newer codes.
        if (isset($tokendata["tokencounter"]) && $tokendata["tokencounter"] >= $t_st) {
          $t_st = $tokendata["tokencounter"] + 1;
        }
        for ($i = $t_st; $i <= $t_en; $i++) {
          $stest = $this
            ->oathHotp($tkey, $i);
          if ($code == $stest) {
            $tokendata["tokencounter"] = $i;
            $this
              ->internalPutData($username, $tokendata);
            return TRUE;
          }
        }
        break;
    }
    return FALSE;
  }

}

Members

Namesort descending Modifiers Type Description Overrides
GALoginGA::authenticateUser public function Authenticate a user. Overrides GoogleAuthenticator::authenticateUser
GALoginGA::createEmptyData public function Create empty data. Overrides GoogleAuthenticator::createEmptyData
GALoginGA::createURL public function Create authentication URL. Overrides GoogleAuthenticator::createURL
GALoginGA::getData public function Load data associated with a user. Overrides GoogleAuthenticator::getData
GALoginGA::getUsers public function Not used. Overrides GoogleAuthenticator::getUsers
GALoginGA::putData public function Save data associated with a user. Overrides GoogleAuthenticator::putData
GALoginGA::unapprovedUser public function Create "user" withOUT insert.
GoogleAuthenticator::$errorCode private property
GoogleAuthenticator::$errorText private property
GoogleAuthenticator::$getDatafunction private property
GoogleAuthenticator::$hotpHuntValue protected property
GoogleAuthenticator::$hotpSkew protected property
GoogleAuthenticator::$putDatafunction private property
GoogleAuthenticator::$totpSkew protected property
GoogleAuthenticator::createBase32Key public function Creates a base 32 key (random).
GoogleAuthenticator::deleteUser public function Delete a user.
GoogleAuthenticator::getCustomData public function Load custom data.
GoogleAuthenticator::getErrorText public function Gets the error text associated with the last error.
GoogleAuthenticator::getKey public function Get hex key.
GoogleAuthenticator::getTokenType public function Get token type.
GoogleAuthenticator::hasToken public function Determine if the user has an actual token.
GoogleAuthenticator::helperb322hex public function Convert b32 to hex.
GoogleAuthenticator::helperhex2b32 public function Convert hax to b32.
GoogleAuthenticator::internalGetData public function Load internal data.
GoogleAuthenticator::internalPutData public function Store data.
GoogleAuthenticator::oathHotp public function Create HOTP.
GoogleAuthenticator::oathTruncate public function Truncate.
GoogleAuthenticator::resyncCode public function Resync codes.
GoogleAuthenticator::setCustomData public function Set custom data.
GoogleAuthenticator::setTokenType public function Sets the token type the user it going to use.
GoogleAuthenticator::setUser public function Create a user.
GoogleAuthenticator::setUserKey public function Sets a users key.
GoogleAuthenticator::__construct public function Constructor.