class MoAuthUtilities in Google Authenticator / 2 Factor Authentication - 2FA 8
Same name and namespace in other branches
- 8.2 src/MoAuthUtilities.php \Drupal\miniorange_2fa\MoAuthUtilities
Hierarchy
- class \Drupal\miniorange_2fa\MoAuthUtilities
Expanded class hierarchy of MoAuthUtilities
22 files declare their use of MoAuthUtilities
- authenticate_user.php in src/
Form/ authenticate_user.php - This is used to authenticate user during login.
- configure_google_authenticator.php in src/
Form/ configure_google_authenticator.php - configure_kba.php in src/
Form/ configure_kba.php - configure_otp_over_email.php in src/
Form/ configure_otp_over_email.php - configure_otp_over_phone.php in src/
Form/ configure_otp_over_phone.php
File
- src/
MoAuthUtilities.php, line 23 - This file is part of miniOrange 2FA module.
Namespace
Drupal\miniorange_2faView source
class MoAuthUtilities {
public static function AddsupportTab(array &$form, \Drupal\Core\Form\FormStateInterface $form_state) {
$email = '';
$phone = '';
if (MoAuthUtilities::isCustomerRegistered()) {
$customer = new MiniorangeCustomerProfile();
$email = $customer
->getRegisteredEmail();
$phone = $customer
->getRegisteredPhone();
}
$form['markup_idp_attr_header_top_support'] = array(
'#markup' => '<div class="mo_saml_table_layout_support_1 mo_saml_container" id="ma_saml_support_query">',
);
$form['markup_support_1'] = array(
'#markup' => '<h3><b>Feature Request/Contact Us:</b></h3><div>Need any help? We can help you with configuring miniOrange 2FA module on your site. Just send us a query and we will get back to you soon.<br /></div><br>',
);
$form['markup_support_2'] = array(
'#markup' => '<div><i>If you have any query related to the Licensing Plans, please let us know, we will assist you in choosing the right plan as per your requirement.</i><br /></div>',
);
$form['miniorange_2fa_email_address_support'] = array(
'#type' => 'textfield',
'#attributes' => array(
'placeholder' => 'Enter your Email',
),
'#default_value' => $email,
);
$form['miniorange_2fa_phone_number_support'] = array(
'#type' => 'textfield',
'#id' => 'query_phone',
'#attributes' => array(
'placeholder' => 'Enter your Phone Number',
'class' => array(
'query_phone',
),
),
'#default_value' => $phone,
);
$form['miniorange_2fa_support_query_support'] = array(
'#type' => 'textarea',
'#clos' => '10',
'#rows' => '5',
'#attributes' => array(
'placeholder' => 'Write your query here',
),
);
$form['miniorange_2fa_support_submit_click'] = array(
'#type' => 'submit',
'#value' => t('Submit Query'),
'#submit' => array(
'\\Drupal\\miniorange_2fa\\MoAuthUtilities::get_support_query_data',
),
'#limit_validation_errors' => array(),
'#attributes' => array(
'style' => 'background: #337ab7;color: #ffffff;text-shadow: 0 -1px 1px #337ab7, 1px 0 1px #337ab7, 0 1px 1px #337ab7, -1px 0 1px #337ab7;box-shadow: 0 1px 0 #337ab7;border-color: #337ab7 #337ab7 #337ab7;display:block;margin-left:auto;margin-right:auto;',
),
);
$form['miniorange_2fa_support_note'] = array(
'#markup' => '<div><br/>If you want custom features in the module, just drop an email to <a href="mailto:drupalsupport@xecurify.com">drupalsupport@xecurify.com</a> or <a href="mailto:info@xecurify.com">info@xecurify.com</a></div><hr><br>',
);
self::faq($form, $form_state);
$form['miniorange_sp_guide_link_end'] = array(
'#markup' => '</div>',
);
}
/*Dont remove or marge this function*/
public static function get_support_query_data($form, &$form_state) {
//clear all the messages
\Drupal::messenger()
->deleteAll();
$email = trim($form['miniorange_2fa_email_address_support']['#value']);
$phone = $form['miniorange_2fa_phone_number_support']['#value'];
$query = $form['miniorange_2fa_support_query_support']['#value'];
self::send_support_query($email, $phone, $query);
}
public static function send_support_query($email, $phone, $query) {
if (empty($email) || empty($query)) {
\Drupal::messenger()
->addMessage(t('The <b><u>Email</u></b> and <b><u>Query</u></b> fields are mandatory.'), 'error');
return;
}
elseif (!\Drupal::service('email.validator')
->isValid($email)) {
\Drupal::messenger()
->addMessage(t('The email address <b><i>' . $email . '</i></b> is not valid.'), 'error');
return;
}
$support = new Miniorange2FASupport($email, $phone, $query);
$support_response = $support
->sendSupportQuery();
if ($support_response) {
\Drupal::messenger()
->addMessage(t('Thanks for getting in touch! We will get back to you shortly.'));
}
else {
\Drupal::messenger()
->addMessage(t('Error submitting the support query. Please send us your query at <a href="mailto:info@xecurify.com">info@xecurify.com</a>.'), 'error');
}
}
public static function faq(&$form, &$form_state) {
$form['miniorange_2fa_faq'] = array(
'#markup' => '<div class="mo_saml_text_center"><b></b>
<a class="mo_saml_btn mo_saml_btn-primary-faq mo_saml_btn-large mo_faq_button_left" href="https://faq.miniorange.com/kb/drupal/two-factor-authentication-drupal/" target="_blank">FAQs</a>
<b></b><a class="mo_saml_btn mo_saml_btn-primary-faq mo_saml_btn-large mo_faq_button_right" href="https://forum.miniorange.com/" target="_blank">Ask questions on forum</a></div>',
);
}
public static function show_error_or_success_message($message, $status) {
global $base_url;
$url = $base_url . '/admin/config/people/miniorange_2fa/setup_twofactor';
\Drupal::configFactory()
->getEditable('miniorange_2fa.settings')
->set('mo_auth_2fa_Success/Error message', $message)
->save();
\Drupal::configFactory()
->getEditable('miniorange_2fa.settings')
->set('mo_auth_2fa_Success/Error status', $status)
->save();
$response = new TrustedRedirectResponse($url);
$response
->send();
}
public static function isCurlInstalled() {
if (in_array('curl', get_loaded_extensions())) {
return 1;
}
else {
return 0;
}
}
public static function isCustomerRegistered() {
if (\Drupal::config('miniorange_2fa.settings')
->get('mo_auth_customer_admin_email') == NULL || \Drupal::config('miniorange_2fa.settings')
->get('mo_auth_customer_id') == NULL || \Drupal::config('miniorange_2fa.settings')
->get('mo_auth_customer_token_key') == NULL || \Drupal::config('miniorange_2fa.settings')
->get('mo_auth_customer_api_key') == NULL) {
return FALSE;
}
return TRUE;
}
// Function to get the client IP address
static function get_client_ip() {
$ipaddress = '';
if (getenv('HTTP_CLIENT_IP')) {
$ipaddress = getenv('HTTP_CLIENT_IP');
}
else {
if (getenv('REMOTE_ADDR')) {
$ipaddress = getenv('REMOTE_ADDR');
}
else {
if (getenv('HTTP_X_FORWARDED_FOR')) {
$ipaddress = getenv('HTTP_X_FORWARDED_FOR');
}
else {
if (getenv('HTTP_X_FORWARDED')) {
$ipaddress = getenv('HTTP_X_FORWARDED');
}
else {
if (getenv('HTTP_FORWARDED_FOR')) {
$ipaddress = getenv('HTTP_FORWARDED_FOR');
}
else {
if (getenv('HTTP_FORWARDED')) {
$ipaddress = getenv('HTTP_FORWARDED');
}
else {
$ipaddress = 'UNKNOWN';
}
}
}
}
}
}
return $ipaddress;
}
//Check whether provided IP is valid or not
public static function check_for_valid_IPs($mo_saved_IP_address) {
if (!empty(is_null($mo_saved_IP_address) || !empty($mo_saved_IP_address))) {
$whitelisted_IP_array = explode(";", $mo_saved_IP_address);
foreach ($whitelisted_IP_array as $key => $value) {
if (stristr($value, '-')) {
/* Check if it is a range of IP address */
list($lower, $upper) = explode('-', $value, 2);
if (!filter_var($lower, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4) && !filter_var($upper, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4)) {
\Drupal::messenger()
->addMessage(t("Invalid IP address. Please check lower range and upper range."), 'error');
return;
}
$lower_range = ip2long($lower);
$upper_range = ip2long($upper);
if ($lower_range >= $upper_range) {
\Drupal::messenger()
->addMessage(t("Invalid IP range. Please enter range in <strong>( lower_range - upper_range )</strong> format."), 'error');
return;
}
}
else {
/* Check if it is a single IP address */
if (!filter_var($value, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4)) {
\Drupal::messenger()
->addMessage(t('<strong>' . $value . "</strong> Invalid IP address. Please enter valid IP address."), 'error');
return;
}
}
}
}
}
public static function check_white_IPs() {
$enable_whitelisted_IP = \Drupal::config('miniorange_2fa.settings')
->get('mo_auth_enable_whitelist_IPs');
if ($enable_whitelisted_IP == FALSE) {
return FALSE;
}
$current_IP_address = self::get_client_ip();
$whitelisted_IP = \Drupal::config('miniorange_2fa.settings')
->get('mo_auth_whitelisted_IP_address');
if (is_null($whitelisted_IP) || empty($whitelisted_IP)) {
return FALSE;
}
$whitelisted_IP_array = explode(";", $whitelisted_IP);
$mo_ip_found = FALSE;
foreach ($whitelisted_IP_array as $key => $value) {
if (stristr($value, '-')) {
/* Search in range of IP address */
list($lower, $upper) = explode('-', $value, 2);
$lower_range = ip2long($lower);
$upper_range = ip2long($upper);
$current_IP = ip2long($current_IP_address);
if ($lower_range !== FALSE && $upper_range !== FALSE && $current_IP !== FALSE && ($current_IP >= $lower_range && $current_IP <= $upper_range)) {
$mo_ip_found = TRUE;
break;
}
}
else {
/* Compare with single IP address */
if ($current_IP_address == $value) {
$mo_ip_found = TRUE;
break;
}
}
}
return $mo_ip_found;
}
public static function get_Existing_Drupal_Roles() {
$roles = Role::loadMultiple();
$roles_arr = array();
foreach ($roles as $key => $value) {
$roles_arr[$key] = $value
->label();
}
return $roles_arr;
}
public static function check_roles_to_invoke_2fa($roles) {
$mo_auth_enable_role_based_2fa = \Drupal::config('miniorange_2fa.settings')
->get('mo_auth_enable_role_based_2fa');
$mo_auth_enable_use_only_2nd_factor = \Drupal::config('miniorange_2fa.settings')
->get('mo_auth_use_only_2nd_factor');
if ($mo_auth_enable_role_based_2fa !== TRUE || $mo_auth_enable_use_only_2nd_factor === TRUE) {
return TRUE;
}
$return_value = FALSE;
$selected_roles = (array) json_decode(\Drupal::config('miniorange_2fa.settings')
->get('mo_auth_role_based_2fa_roles'));
foreach ($selected_roles as $sysName => $displayName) {
if (in_array($sysName, $roles, TRUE)) {
$return_value = TRUE;
break;
}
}
return $return_value;
}
public static function getHiddenEmail($email) {
$split = explode("@", $email);
if (count($split) == 2) {
$hidden_email = substr($split[0], 0, 1) . 'xxxxxx' . substr($split[0], -1) . '@' . $split[1];
return $hidden_email;
}
return $email;
}
public static function indentSecret($secret) {
$strlen = strlen($secret);
$indented = '';
for ($i = 0; $i <= $strlen; $i = $i + 4) {
$indented .= substr($secret, $i, 4) . ' ';
}
$indented = trim($indented);
return $indented;
}
public static function callService($customer_id, $apiKey, $url, $json) {
if (!self::isCurlInstalled()) {
return json_encode(array(
"status" => 'CURL_ERROR',
"message" => 'PHP cURL extension is not installed or disabled.',
));
}
$ch = curl_init($url);
$current_time_in_millis = round(microtime(TRUE) * 1000);
$string_to_hash = $customer_id . number_format($current_time_in_millis, 0, '', '') . $apiKey;
$hash_value = hash("sha512", $string_to_hash);
$customer_key_header = "Customer-Key: " . $customer_id;
$timestamp_header = "Timestamp: " . number_format($current_time_in_millis, 0, '', '');
$authorization_header = "Authorization: " . $hash_value;
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, TRUE);
curl_setopt($ch, CURLOPT_ENCODING, "");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
curl_setopt($ch, CURLOPT_AUTOREFERER, TRUE);
// Required for https urls.
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, FALSE);
curl_setopt($ch, CURLOPT_MAXREDIRS, 10);
curl_setopt($ch, CURLOPT_HTTPHEADER, array(
"Content-Type: application/json",
$customer_key_header,
$timestamp_header,
$authorization_header,
));
curl_setopt($ch, CURLOPT_POST, TRUE);
curl_setopt($ch, CURLOPT_POSTFIELDS, $json);
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5);
curl_setopt($ch, CURLOPT_TIMEOUT, 20);
$content = curl_exec($ch);
if (curl_errno($ch)) {
return json_encode(array(
"status" => 'CURL_ERROR',
"message" => curl_errno($ch),
));
}
curl_close($ch);
return json_decode($content);
}
public static function check_for_userID($user_id) {
$connection = \Drupal::database();
$query = $connection
->query("SELECT * FROM {UserAuthenticationType} where uid = {$user_id}");
$query->allowRowCount = TRUE;
if ($query
->rowCount() > 0) {
return TRUE;
}
return FALSE;
}
public static function get_users_custom_attribute($user_id) {
$connection = \Drupal::database();
$query = $connection
->query("SELECT * FROM {UserAuthenticationType} where uid = {$user_id}");
$result = $query
->fetchAll();
return $result;
}
public static function mo_auth_get_configured_methods($user_id) {
$utilities = new MoAuthUtilities();
$custom_attribute = $utilities
->get_users_custom_attribute($user_id);
if (is_null($custom_attribute) or empty($custom_attribute)) {
return array();
}
$myArray = explode(',', $custom_attribute[0]->configured_auth_methods);
$configured_methods = array_map('trim', $myArray);
return $configured_methods;
}
public static function mo_auth_is_kba_configured($user_id) {
$utilities = new MoAuthUtilities();
$custom_attribute = $utilities
->get_users_custom_attribute($user_id);
$myArray = explode(',', $custom_attribute[0]->configured_auth_methods);
$configured_methods = array_map('trim', $myArray);
return array_search('KBA', $configured_methods);
}
}