fixed a minor thing with the hotp skew

diff --git a/authserver/authd/authd.php b/authserver/authd/authd.php
index f4b366d..2474b3a 100644 (file)
--- a/authserver/authd/authd.php
+++ b/authserver/authd/authd.php
@@ -41,21 +41,32 @@ if($pid == -1) {
                                echo "Call to auth user token\n";
                                // minimal checking, we leav it up to authenticateUser to do the real
                                // checking
-                               if(!isset($msg["user"])) $msg["user"] = "";
+                               if(!isset($msg["username"])) $msg["username"] = "";
                                if(!isset($msg["passcode"])) $msg["passcode"] = "";
-                               $username = $msg["user"];
+                               $username = $msg["username"];
                                $passcode = $msg["passcode"];
                                global $myga;
-                               msg_send($cl_queue, MSG_AUTH_USER_TOKEN, $myga->authenticateUser($username, $passcode));
+                               $authval = $myga->authenticateUser($username, $passcode);
+                               msg_send($cl_queue, MSG_AUTH_USER_TOKEN, $authval);
                                break;
                        case MSG_ADD_USER_TOKEN:
                                echo "Call to add user token\n";
                                if(!isset($msg["username"])) {
                                        msg_send($cl_queue, MSG_ADD_USER_TOKEN, false); 
                                } else {
-                                       $username = $msg["username"];                           
+                                       $username = $msg["username"];
+                                       $tokentype="HOTP";
+                                       if(isset($msg["tokentype"])) {
+                                               $tokentype="HOTP";
+                                       }
+                                       $hexkey = "";
+                                       if(isset($msg["hexkey"])) {
+                                               $hexkey = $msg["hexkey"];
+                                       }
                                        global $myga;
-                                       msg_send($cl_queue, MSG_ADD_USER_TOKEN, $myga->setUser($username));
+                                       $myga->setUser($username, $tokentype, "", $hexkey);
+                                       
+                                       msg_send($cl_queue, MSG_ADD_USER_TOKEN, $myga->createUrl($username));
                                }
                                break;
                        case MSG_DELETE_USER:
@@ -145,7 +156,6 @@ if($pid == -1) {
                                $username = $msg["username"];
                                $realname = $msg["realname"];
                                $sql = "update users set users_realname='$realname' where users_username='$username'";
-                               echo "sql: $sql\n";
                                $dbo = getDatabase();
                                
                                $dbo->query($sql);
@@ -167,7 +177,8 @@ if($pid == -1) {
                                }
                                
                                global $myga;
-                               msg_send($cl_queue, MSG_SET_USER_TOKEN, $myga->setUserKey($username, $passcode));
+                               $myga->setUserKey($username, $passcode);
+                               msg_send($cl_queue, MSG_SET_USER_TOKEN, $myga->createUrl($username));
                                
                                // TODO now set token 
                                break;                  

diff --git a/authserver/lib/authClient.php b/authserver/lib/authClient.php
index 22a08b3..677be24 100644 (file)
--- a/authserver/lib/authClient.php
+++ b/authserver/lib/authClient.php
@@ -190,17 +190,15 @@ class GAAuthClient {
                $message["username"] = $username;
                $message["passcode"] = $passcode;
                
-               msg_send($sr_queue, MSG_AUTH_USER, $message, true, true, $msg_err);
+               msg_send($sr_queue, MSG_AUTH_USER_TOKEN, $message, true, true, $msg_err);
                echo "message sent\n";
                
                msg_receive($cl_queue, 0, $msg_type, 16384, $msg);
-               echo "message received?\n";
-               print_r($msg);
                
                return $msg;
        }
        
-       function addUser($username) {
+       function addUser($username, $tokentype="", $hexkey="") {
                global $MSG_QUEUE_KEY_ID_SERVER, $MSG_QUEUE_KEY_ID_CLIENT;
                
                
@@ -219,16 +217,14 @@ class GAAuthClient {
                
                
                $message["username"] = $username;
+               if($tokentype!="") $message["tokentype"] = $tokentype;
+               if($hexkey!="") $message["hexkey"] = $hexkey;
                
                msg_send($sr_queue, MSG_ADD_USER_TOKEN, $message, true, true, $msg_err);
-               echo "message sent\n";
                
                msg_receive($cl_queue, 0, $msg_type, 16384, $msg);
-               echo "message received?\n";
-               print_r($msg);
                
                return $msg;
-               
        }
 
        function setTokenType($username, $tokentype) {

diff --git a/authserver/lib/lib.php b/authserver/lib/lib.php
index ef63d76..dbdd35f 100644 (file)
--- a/authserver/lib/lib.php
+++ b/authserver/lib/lib.php
@@ -44,6 +44,7 @@ function closeDatabase($db) {
 
 class gaasGA extends GoogleAuthenticator {
        function getData($username) {
+               echo "called into getdata\n";
                
                // get our database connection
                $dbObject = getDatabase();
@@ -55,14 +56,17 @@ class gaasGA extends GoogleAuthenticator {
                $result = $dbObject->query($sql);
                
                // check the result
+               echo "next1\n";
                if(!$result) return false;
                
                // now just retreieve all the data (there should only be one, but whatever)
+               echo "next2\n";
                $tokendata = false;
                foreach($result as $row) {
                        $tokendata = $row["users_tokendata"];
                }
-               
+
+               echo "next3, $username, $tokendata\n";
                // now we have our data, we just return it. If we got no data
                // we'll just return false by default
                return $tokendata;

diff --git a/authserver/usercmd.php b/authserver/usercmd.php
index 910372e..289922a 100644 (file)
--- a/authserver/usercmd.php
+++ b/authserver/usercmd.php
@@ -40,14 +40,15 @@ if(!isset($argv[1])) {
 
 switch($argv[1]) {
        case "auth":
-               if($myAC->authUser($argv[2], $argv[3])==1) {
+               if($myAC->authUserToken($argv[2], $argv[3])==1) {
                        echo "Pass!";
                } else {
                        echo "Fail!";
                }
                break;
        case "add":
-               $myAC->addUser($argv[2]);
+               $return = $myAC->addUser($argv[2]);
+               echo "Created user, ".$argv[2]." returned $return\n";
                break;
        case "delete":
                $myAC->deleteUser($argv[2]);

diff --git a/lib/ga4php.php b/lib/ga4php.php
index a052575..3435d03 100644 (file)
--- a/lib/ga4php.php
+++ b/lib/ga4php.php
@@ -147,7 +147,7 @@ abstract class GoogleAuthenticator {
                switch($ttype) {
                        case "HOTP":
                                error_log("in hotp");
-                               $st = $tlid;
+                               $st = $tlid+1;
                                $en = $tlid+$this->hotpSkew;
                                for($i=$st; $i<$en; $i++) {
                                        $stest = $this->oath_hotp($tkey, $i);