You are here

public function MiniorangeCustomerSetup::send_otp_token in Google Authenticator / 2 Factor Authentication - 2FA 7

File

classes/CustomerSetup.php, line 133
Contains miniOrange Customer class.

Class

MiniorangeCustomerSetup
@file This class represents configuration for customer.

Code

public function send_otp_token($uKey, $authType, $cKey, $apiKey) {
  $url = MoAuthConstants::getBaseUrl() . MoAuthConstants::$AUTH_CHALLENGE_API;
  $ch = curl_init($url);

  /** The customer Key provided to you */
  $customerKey = $cKey;

  /** Current time in milliseconds since midnight, January 1, 1970 UTC. */
  $currentTimeInMillis = round(microtime(true) * 1000);

  /** Creating the Hash using SHA-512 algorithm */
  $stringToHash = $customerKey . number_format($currentTimeInMillis, 0, '', '') . $apiKey;
  $hashValue = hash("sha512", $stringToHash);
  $customerKeyHeader = "Customer-Key: " . $customerKey;
  $timestampHeader = "Timestamp: " . number_format($currentTimeInMillis, 0, '', '');
  $authorizationHeader = "Authorization: " . $hashValue;
  if ($authType == 'EMAIL') {
    $fields = array(
      'customerKey' => $customerKey,
      'email' => $uKey['email'],
      'authType' => $authType,
      'transactionName' => 'Drupal 2 Factor Authentication Plugin',
    );
  }
  else {
    if ($authType == 'OTP_OVER_SMS' || $authType == 'OTP_OVER_SMS_AND_EMAIL' || $authType == 'OTP_OVER_EMAIL' || $authType == 'PHONE_VERIFICATION') {
      if ($authType == 'OTP_OVER_SMS') {
        $authType = "SMS";
      }
      elseif ($authType == 'PHONE_VERIFICATION') {
        $authType = "PHONE VERIFICATION";
      }
      elseif ($authType == 'OTP_OVER_SMS_AND_EMAIL') {
        $authType = "SMS AND EMAIL";
      }
      elseif ($authType == 'OTP_OVER_EMAIL') {
        $authType = "OTP OVER EMAIL";
      }
      $phone = isset($uKey['phone']) ? $uKey['phone'] : '';
      $email = isset($uKey['email']) ? $uKey['email'] : '';
      if ($authType == 'SMS AND EMAIL') {
        $fields = array(
          'customerKey' => $customerKey,
          'phone' => $phone,
          'email' => $email,
          'authType' => $authType,
        );
      }
      elseif ($authType == 'OTP OVER EMAIL') {
        $fields = array(
          'customerKey' => $customerKey,
          'email' => $email,
          'authType' => $authType,
        );
      }
      else {
        $fields = array(
          'customerKey' => $customerKey,
          'phone' => $phone,
          'authType' => $authType,
        );
      }
    }
  }
  $field_string = json_encode($fields);
  curl_setopt($ch, CURLOPT_FOLLOWLOCATION, false);
  curl_setopt($ch, CURLOPT_ENCODING, "");
  curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
  curl_setopt($ch, CURLOPT_AUTOREFERER, true);
  curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);

  # required for https urls
  curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);

  # required for https urls
  curl_setopt($ch, CURLOPT_MAXREDIRS, 10);
  curl_setopt($ch, CURLOPT_HTTPHEADER, array(
    "Content-Type: application/json",
    $customerKeyHeader,
    $timestampHeader,
    $authorizationHeader,
  ));
  curl_setopt($ch, CURLOPT_POST, true);
  curl_setopt($ch, CURLOPT_POSTFIELDS, $field_string);
  curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5);
  curl_setopt($ch, CURLOPT_TIMEOUT, 20);
  $content = curl_exec($ch);
  if (curl_errno($ch)) {
    return null;
  }
  curl_close($ch);
  return $content;
}