<?php
-require_once("../lib/lib.php");
-require_once("tokenstore.php");
-
-$ga = new GoogleAuthenticator("myGetData", "mySetData");
+// create/connect a db
if(isset($_REQUEST["action"])) {
switch($_REQUEST["action"]) {
case "destroy":
}
}
-// create/connect a db
global $dbobject;
$dbobject = false;
if(file_exists("/tmp/gadata.sqlite")) {
} catch(PDOException $exep) {
error_log("execpt on db open");
}
- $sql = 'CREATE TABLE "users" ("users_id" INTEGER PRIMARY KEY AUTOINCREMENT,"users_username" TEXT,"users_tokentype" TEXT,"users_tokenkey" TEXT,"users_tokencounter" integer);';
+ $sql = 'CREATE TABLE "users" ("users_id" INTEGER PRIMARY KEY AUTOINCREMENT,"users_username" TEXT,"users_fullname" TEXT,"users_tokendata" TEXT);';
$dbobject->query($sql);
}
+require_once("tokenstore.php");
+
+$ga = new myGoogleAuth();
+
+
+
+
?>
<html>
<h1>Example Page for GA4PHP</h1>
<a href="index.php">home</a><br>
<?php
+error_log("start switch");
if(isset($_REQUEST["action"])) {
switch($_REQUEST["action"]) {
case "createuser":
$username = $_REQUEST["username"];
+ $fullname = $_REQUEST["fullname"];
$pr = preg_match('/^[a-zA-Z0-9@\.]+$/',"$username");
echo "<hr>";
if(strlen($username)<3) {
//$keyinhex = $ga->helperb322hex($key);
//$url = urlencode($ga->createURL($username, $key, $ttype));
//echo "QRCode for user \"$username\" is <img src=\"http://chart.apis.google.com/chart?cht=qr&chl=$url&chs=120x120\"> or type in $key (google authenticator) or $keyinhex (for most other otp's)";
- $sql = "insert into users values (NULL, '$username', 'TOTP', 'ASDF', '0')";
+ $sql = "insert into users values (NULL, '$username', '$fullname', '0')";
$dbobject->query($sql);
}
echo "<hr>";
break;
case "provisiontoken":
+ error_log("in provision");
$username = $_REQUEST["username"];
$ttype = $_REQUEST["ttype"];
$key = $ga->setUser($username, "", $ttype);
}
?>
+<h2>Our Users</h2>
+<table border="1">
+<tr><th>Username</th><th>FullName</th></tr>
+<?php
+$res = $dbobject->query("select * from users");
+foreach($res as $row) {
+ $username = $row["users_username"];
+ $fullname = $row["users_fullname"];
+ echo "<tr><th>$username</th><th>$fullname</th></tr>";
+}
+
+?>
+</table>
<h2>Destroy the DB</h2>
-<a href="index.php?action=destroy">This is UNDOABLE - but this is a test system, so you dont care</a>
+<a href="index.php?action=destroy">This is not UNDOABLE - but this is a test system, so you dont care</a>
+
<h2>Create a User:</h2>
<form method="post" action="index.php?action=createuser">
Username: <input type="text" name="username"><br>
+Full Name: <input type="text" name="fullname"><br>
<input type="submit" name="go" value="go"><br>
</form>
+
+
<hr>
+
+
<h2>Provision Token</h2>
<form method="post" action="index.php?action=provisiontoken">
Username: <select name="username">
<?php
-$res = $ga->getUserList();
+$res = $ga->getUsers();
foreach($res as $row) {
echo "<option value=\"".$row."\">".$row."</option>";
}
Type: <select name="ttype"><option value="HOTP">HOTP</option><option value="TOTP">TOTP</option></select><br>
<input type="submit" name="go" value="go"><br>
</form>
+
+
<hr>
+
+
<h2>Test Token</h2>
<form method="post" action="index.php?action=authuser">
Username: <select name="username">
<?php
-$res = $ga->getUserList();
+$res = $ga->getUsers();
foreach($res as $row) {
echo "<option value=\"".$row."\">".$row."</option>";
}
Code: <input type="text" name="code"><br>
<input type="submit" name="go" value="go"><br>
</form>
+
+
<hr>
+
+
<h2>Resync Code (only valid for HOTP codes)</h2>
<form method="post" action="index.php?action=resync">
Username: <select name="username">
<?php
-$res = $ga->getUserList();
+$res = $ga->getUsers();
foreach($res as $row) {
echo "<option value=\"".$row."\">".$row."</option>";
}
<?php
-// define our data-set functions
-function mySetData($query, $data) {
- global $dbobject;
-
-// echo "called set data: $query<pre>";
-// print_r($query);
-// print_r($data);
-// echo "</pre>";
+
+// ok, so this will be our overloading class
+require_once("../lib/lib.php");
+
+class myGoogleAuth extends GoogleAuthenticator {
- switch($query) {
- case "settokentype":
- $ttype = $data["tokentype"];
- $tuser = $data["username"];
- $res = $dbobject->query("update users set users_tokentype='$ttype' where users_username='$tuser'");
- break;
- case "setusertoken":
- $ttype = $data["tokentype"];
- $tkey = $data["tokenkey"];
- $tuser = $data["username"];
-
- // dont really care if it does or not
- $res = $dbobject->query("delete from users where users_username = '$tuser'");
-
- $sql = "insert into users values (NULL, '$tuser', '$ttype', '$tkey', '0')";
- error_log("would call: $sql");
- $res = $dbobject->query($sql);
- break;
- case "deleteusertoken":
- $res = $dbobject->query("delete from users where users_username = '$data'");
- break;
- case "settokencounter":
- $tcount = $data["tokencounter"];
- $tuser = $data["username"];
- $res = $dbobject->query("update users set users_tokencounter='$tcount' where users_username='$tuser'");
- break;
- default:
- // do nothing
+ function getData($username) {
+ global $dbobject;
+
+ $res = $dbobject->query("select users_tokendata from users where users_username='$username'");
+ foreach($res as $row) {
+ $data = $row["users_tokendata"];
+ }
+
+ error_log("data was: $data");
+
+ return $data;
}
-}
+
+ function putData($username, $data) {
+ global $dbobject;
+
+ $res = $dbobject->query("update users set users_tokendata='$data' where users_username='$username'");
-function myGetData($query, $data) {
- //echo "called get data:<pre>";
- //print_r($query);
- //print_r($data);
- //echo "</pre>";
- global $dbobject;
+ return $res;
+ }
- switch($query) {
- case "userlist":
- $sql = "select users_username from users";
- $res = $dbobject->query($sql);
- $i = 0;
- $names[0] = "";
- foreach($res as $row) {
- //error_log("got username, ".$row["users_username"]);
- $names[$i] = $row["users_username"];
- $i++;
- }
- return $names;
- break;
- case "gettoken":
- $sql = "select * from users where users_username='$data'";
- $res = $dbobject->query($sql);
- $i = 0;
- $token = "";
- foreach($res as $row) {
- $token["tokentype"] = $row["users_tokentype"];
- $token["tokenkey"] = $row["users_tokenkey"];
- $token["tokencounter"] = $row["users_tokencounter"];
- }
- return $token;
- default:
- // nothing
+ function getUsers() {
+ global $dbobject;
+
+ $res = $dbobject->query("select users_username from users");
+ $i=0;
+ $ar = array();
+
+ foreach($res as $row) {
+ $ar[$i] = $row["users_username"];
+ $i++;
+ }
+
+ return $ar;
}
}
-?>
\ No newline at end of file
+?>
* and then just manipulate it, then use a checkin function to push the data base into the db...
*/
-class GoogleAuthenticator {
+abstract class GoogleAuthenticator {
function __construct() {
}
// an internal funciton to get
function internalGetData($username) {
- $data = getData($username);
+ $data = $this->getData($username);
$deco = unserialize(base64_decode($data));
if(!$deco) {
- $deco = createEmptyData();
+ $deco = $this->createEmptyData();
}
return $deco;
function internalPutData($username, $data) {
$enco = base64_encode(serialize($data));
- return putData($username, $enco);
+ return $this->putData($username, $enco);
}
return false;
}
- $data = internalGetData($username);
+ $data = $this->internalGetData($username);
$data["tokentype"] = $tokentype;
- internalPutData($username, $data);
+ $this->internalPutData($username, $data);
return true;
}
if($key == "") $key = $this->createBase32Key();
$hkey = $this->helperb322hex($key);
- $token = internalGetData($username);
+ $token = $this->internalGetData($username);
$token["tokenkey"] = $hkey;
$token["tokentype"] = $ttype;
- internalPutData($username, $token);
+ $this->internalPutData($username, $token);
return $key;
}
// if the key is invalid or the user doesn't exist.
function setUserKey($username, $key) {
// consider scrapping this
- $token = internalGetData($username);
+ $token = $this->internalGetData($username);
$token["tokenkey"] = $key;
- internalPutData($username, $token);
+ $this->internalPutData($username, $token);
}
// self explanitory?
function deleteUser($username) {
// oh, we need to figure out how to do thi?
- $data = internalGetData($username);
+ $data = $this->internalGetData($username);
$data["tokenkey"] = "";
- internalPutData($username);
+ $this->internalPutData($username);
}
// user has input their user name and some code, authenticate
// it
function authenticateUser($username, $code) {
- $tokendata = internalGetData($username);
+ error_log("begin auth user");
+ $tokendata = $this->internalGetData($username);
+ $asdf = print_r($tokendata, true);
+ error_log("dat is $asdf");
if($tokendata["tokenkey"] == "") {
$errorText = "No Assigned Token";
$ttype = $tokendata["tokentype"];
$tlid = $tokendata["tokencounter"];
$tkey = $tokendata["tokenkey"];
+
+ $asdf = print_r($tokendata, true);
+ error_log("dat is $asdf");
switch($ttype) {
case "HOTP":
$st = $tlid;
//error_log("code: $code, $stest, $tkey, $tid");
if($code == $stest) {
$tokendata["tokencounter"] = $i;
- internalPutData($username, $tokendata);
+ $this->internalPutData($username, $tokendata);
return true;
}
}
projects / ga4php.git / commitdiff