|
<?php |
|
|
|
namespace Kanboard\Auth; |
|
|
|
use Otp\Otp; |
|
use Otp\GoogleAuthenticator; |
|
use Base32\Base32; |
|
use Kanboard\Core\Base; |
|
use Kanboard\Core\Security\PostAuthenticationProviderInterface; |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
class TotpAuth extends Base implements PostAuthenticationProviderInterface |
|
{ |
|
|
|
|
|
|
|
|
|
|
|
|
|
protected $code = ''; |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
protected $secret = ''; |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
public function getName() |
|
{ |
|
return t('Time-based One-time Password Algorithm'); |
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
public function authenticate() |
|
{ |
|
$otp = new Otp; |
|
return $otp->checkTotp(Base32::decode($this->secret), $this->code); |
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
public function beforeCode() |
|
{ |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
public function setCode($code) |
|
{ |
|
$this->code = $code; |
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
public function generateSecret() |
|
{ |
|
$this->secret = GoogleAuthenticator::generateRandom(); |
|
return $this->secret; |
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
public function setSecret($secret) |
|
{ |
|
$this->secret = $secret; |
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
public function getSecret() |
|
{ |
|
return $this->secret; |
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
public function getQrCodeUrl($label) |
|
{ |
|
if (empty($this->secret)) { |
|
return ''; |
|
} |
|
|
|
$options = array('issuer' => TOTP_ISSUER); |
|
return GoogleAuthenticator::getQrCodeUrl('totp', $label, $this->secret, null, $options); |
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
public function getKeyUrl($label) |
|
{ |
|
if (empty($this->secret)) { |
|
return ''; |
|
} |
|
|
|
$options = array('issuer' => TOTP_ISSUER); |
|
return GoogleAuthenticator::getKeyUri('totp', $label, $this->secret, null, $options); |
|
} |
|
} |
|
|