You are here

class MiniorangeCustomerSetup in Google Authenticator / 2 Factor Authentication - 2FA 8

Same name and namespace in other branches
  1. 8.2 src/MiniorangeCustomerSetup.php \Drupal\miniorange_2fa\MiniorangeCustomerSetup

@file This class represents configuration for customer.

Hierarchy

Expanded class hierarchy of MiniorangeCustomerSetup

5 files declare their use of MiniorangeCustomerSetup
configure_otp_over_email.php in src/Form/configure_otp_over_email.php
configure_otp_over_phone.php in src/Form/configure_otp_over_phone.php
configure_otp_over_sms.php in src/Form/configure_otp_over_sms.php
configure_otp_over_sms_and_email.php in src/Form/configure_otp_over_sms_and_email.php
MoAuthCustomerSetup.php in src/Form/MoAuthCustomerSetup.php
Contains form for customer setup.

File

src/MiniorangeCustomerSetup.php, line 11
Contains miniOrange Customer class.

Namespace

Drupal\miniorange_2fa
View source
class MiniorangeCustomerSetup {
  public $email;
  public $phone;
  public $customerKey;
  public $transactionId;
  public $password;
  public $otpToken;
  public $defaultCustomerId;
  public $defaultCustomerApiKey;

  /**
   * Constructor.
   */
  public function __construct($email, $phone, $password, $otp_token) {
    $this->email = $email;
    $this->phone = $phone;
    $this->password = $password;
    $this->otpToken = $otp_token;
    $this->defaultCustomerId = MoAuthConstants::$DEFAULT_CUSTOMER_ID;
    $this->defaultCustomerApiKey = MoAuthConstants::$DEFAULT_CUSTOMER_API_KEY;
  }

  /**
   * Check if customer exists.
   */
  public function checkCustomer() {
    $url = MoAuthConstants::$CUSTOMER_CHECK_API;
    $fields = array(
      'email' => $this->email,
    );
    $json = json_encode($fields);
    $response = MoAuthUtilities::callService($this->defaultCustomerId, $this->defaultCustomerApiKey, $url, $json);
    if (json_last_error() == JSON_ERROR_NONE && strcasecmp($response->status, 'CURL_ERROR') == 0) {
      \Drupal::logger('miniorange_2fa')
        ->error($response->message);
    }
    return $response;
  }

  /**
   * Create Customer.
   */
  public function createCustomer() {
    $url = MoAuthConstants::$CUSTOMER_CREATE_API;
    $fields = array(
      'companyName' => $_SERVER['SERVER_NAME'],
      'areaOfInterest' => MoAuthConstants::$PLUGIN_NAME,
      'email' => $this->email,
      'phone' => $this->phone,
      'password' => $this->password,
    );
    $json = json_encode($fields);
    $response = MoAuthUtilities::callService($this->defaultCustomerId, $this->defaultCustomerApiKey, $url, $json);
    if (json_last_error() == JSON_ERROR_NONE && strcasecmp($response->status, 'CURL_ERROR')) {
      \Drupal::logger('miniorange_2fa')
        ->error($response->message);
    }
    return $response;
  }

  /**
   * Get Customer Keys.
   */
  public function getCustomerKeys() {
    $url = MoAuthConstants::$CUSTOMER_GET_API;
    $fields = array(
      'email' => $this->email,
      'password' => $this->password,
    );
    $json = json_encode($fields);
    $response = MoAuthUtilities::callService($this->defaultCustomerId, $this->defaultCustomerApiKey, $url, $json);
    if (json_last_error() == JSON_ERROR_NONE && empty($response->apiKey)) {
      \Drupal::logger('miniorange_2fa')
        ->error($response->message);
    }
    return $response;
  }

  /**
   * Send OTP.
   */
  public function sendOtp() {
    $url = MoAuthConstants::$AUTH_CHALLENGE_API;
    $username = \Drupal::config('miniorange_2fa.settings')
      ->get('mo_auth_customer_admin_email');
    $fields = array(
      'customerKey' => $this->defaultCustomerId,
      'email' => $username,
      'authType' => AuthenticationType::$EMAIL['code'],
    );
    $json = json_encode($fields);
    $response = MoAuthUtilities::callService($this->defaultCustomerId, $this->defaultCustomerApiKey, $url, $json);
    if (json_last_error() == JSON_ERROR_NONE && strcasecmp($response->status, 'CURL_ERROR') == 0) {
      \Drupal::logger('miniorange_2fa')
        ->error($response->message);
    }
    return $response;
  }
  public function send_otp_token($uKey, $authType, $cKey, $api_Key) {
    $url = MoAuthConstants::$AUTH_CHALLENGE_API;
    $ch = curl_init($url);

    /* The customer Key provided to you */
    $customerKey = $cKey;

    /* The customer API Key provided to you */
    $apiKey = $api_Key;

    /* Current time in milliseconds since midnight, January 1, 1970 UTC. */
    $currentTimeInMillis = round(microtime(true) * 1000);

    /* Creating the Hash using SHA-512 algorithm */
    $stringToHash = $customerKey . number_format($currentTimeInMillis, 0, '', '') . $apiKey;
    $hashValue = hash("sha512", $stringToHash);
    $customerKeyHeader = "Customer-Key: " . $customerKey;
    $timestampHeader = "Timestamp: " . number_format($currentTimeInMillis, 0, '', '');
    $authorizationHeader = "Authorization: " . $hashValue;
    $fields = '';
    if ($authType == 'EMAIL') {
      $fields = array(
        'customerKey' => $customerKey,
        'email' => $uKey['email'],
        'authType' => $authType,
        'transactionName' => 'Drupal 2 Factor Authentication Plugin',
      );
    }
    else {
      if ($authType == 'OTP_OVER_SMS' || $authType == 'OTP_OVER_SMS_AND_EMAIL' || $authType == 'OTP_OVER_EMAIL' || $authType == 'PHONE_VERIFICATION') {
        if ($authType == 'OTP_OVER_SMS') {
          $authType = "SMS";
        }
        elseif ($authType == 'PHONE_VERIFICATION') {
          $authType = "PHONE VERIFICATION";
        }
        elseif ($authType == 'OTP_OVER_SMS_AND_EMAIL') {
          $authType = "SMS AND EMAIL";
        }
        elseif ($authType == 'OTP_OVER_EMAIL') {
          $authType = "OTP OVER EMAIL";
        }
        if ($authType == 'SMS AND EMAIL') {
          $phone = isset($uKey['phone']) ? $uKey['phone'] : '';
          $email = isset($uKey['email']) ? $uKey['email'] : '';
          $fields = array(
            'customerKey' => $customerKey,
            'phone' => $phone,
            'email' => $email,
            'authType' => $authType,
          );
        }
        else {
          if ($authType == 'OTP OVER EMAIL') {
            $email = isset($uKey['email']) ? $uKey['email'] : '';
            $fields = array(
              'customerKey' => $customerKey,
              'email' => $email,
              'authType' => $authType,
            );
          }
          else {
            $fields = array(
              'customerKey' => $customerKey,
              'phone' => $uKey,
              'authType' => $authType,
            );
          }
        }
      }
      else {
        $fields = array(
          'customerKey' => $customerKey,
          'username' => $uKey,
          'authType' => $authType,
          'transactionName' => 'Drupal 2 Factor Authentication Plugin',
        );
      }
    }
    $field_string = json_encode($fields);
    curl_setopt($ch, CURLOPT_FOLLOWLOCATION, false);
    curl_setopt($ch, CURLOPT_ENCODING, "");
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
    curl_setopt($ch, CURLOPT_AUTOREFERER, true);
    curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);

    # required for https urls
    curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);

    # required for https urls
    curl_setopt($ch, CURLOPT_MAXREDIRS, 10);
    curl_setopt($ch, CURLOPT_HTTPHEADER, array(
      "Content-Type: application/json",
      $customerKeyHeader,
      $timestampHeader,
      $authorizationHeader,
    ));
    curl_setopt($ch, CURLOPT_POST, true);
    curl_setopt($ch, CURLOPT_POSTFIELDS, $field_string);
    curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5);
    curl_setopt($ch, CURLOPT_TIMEOUT, 20);
    $content = curl_exec($ch);
    if (curl_errno($ch)) {
      return null;
    }
    curl_close($ch);
    return $content;
  }

  /**
   * Validate OTP.
   */
  public function validate_otp_token($transactionId, $otpToken, $cKey, $api_Key) {
    $url = MoAuthConstants::$AUTH_VALIDATE_API;
    $ch = curl_init($url);

    /* The customer Key provided to you */
    $customerKey = $cKey;

    /* The customer API Key provided to you */
    $apiKey = $api_Key;

    /* Current time in milliseconds since midnight, January 1, 1970 UTC. */
    $currentTimeInMillis = round(microtime(true) * 1000);

    /* Creating the Hash using SHA-512 algorithm */
    $stringToHash = $customerKey . number_format($currentTimeInMillis, 0, '', '') . $apiKey;
    $hashValue = hash("sha512", $stringToHash);
    $customerKeyHeader = "Customer-Key: " . $customerKey;
    $timestampHeader = "Timestamp: " . number_format($currentTimeInMillis, 0, '', '');
    $authorizationHeader = "Authorization: " . $hashValue;
    $fields = array(
      'txId' => $transactionId,
      'token' => $otpToken,
    );
    $field_string = json_encode($fields);
    curl_setopt($ch, CURLOPT_FOLLOWLOCATION, false);
    curl_setopt($ch, CURLOPT_ENCODING, "");
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
    curl_setopt($ch, CURLOPT_AUTOREFERER, true);

    //curl_setopt( $ch, CURLOPT_SSL_VERIFYHOST, false);
    curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);

    # required for https urls
    curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);

    # required for https urls
    curl_setopt($ch, CURLOPT_MAXREDIRS, 10);
    curl_setopt($ch, CURLOPT_HTTPHEADER, array(
      "Content-Type: application/json",
      $customerKeyHeader,
      $timestampHeader,
      $authorizationHeader,
    ));
    curl_setopt($ch, CURLOPT_POST, true);
    curl_setopt($ch, CURLOPT_POSTFIELDS, $field_string);
    curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5);
    curl_setopt($ch, CURLOPT_TIMEOUT, 20);
    $content = curl_exec($ch);
    if (curl_errno($ch)) {
      return null;
    }
    curl_close($ch);
    return $content;
  }

}

Members