--- /dev/null
+<?php
+
+function getDatabase() {
+ $dbobject = false;
+ if(file_exists("/tmp/gadata.sqlite")) {
+ try {
+ $dbobject = new PDO("sqlite:/tmp/gadata.sqlite");
+ } catch(PDOException $exep) {
+ error_log("execpt on db open");
+ }
+ } else {
+ try {
+ $dbobject = new PDO("sqlite:/tmp/gadata.sqlite");
+ } catch(PDOException $exep) {
+ error_log("execpt on db open");
+ }
+ $sql = 'CREATE TABLE "users" ("users_id" INTEGER PRIMARY KEY AUTOINCREMENT,"users_username" TEXT,"users_fullname" TEXT,"users_tokendata" TEXT);';
+ $dbobject->query($sql);
+ }
+
+ return $dbobject;
+}
+
+function closeDatabase($db) {
+ // doesnt do anything yet
+}
+?>
\ No newline at end of file
--- /dev/null
+<?php
+/*
+ * This example is simply an example of how a provisioning page may look
+ * which includes such funcationality as createing users, initialising their
+ * data, create a token for them, testing the token and resyncing it as needed
+ *
+ */
+
+// Require our php libraries
+require_once("token.php");
+require_once("dbfunctions.php");
+require_once("input.php");
+
+// now lets get an instance of our class
+$myga = new myGA();
+global $myga;
+
+// this part of the page resonds to user input
+processInput();
+?>
+
+<html>
+<h1>Welcome to GA Provisioning!</h1>
+
+<?php
+// in this part of the code we look for "success" or "fail" things
+if(isset($_REQUEST["success"])) {
+ echo "<br><font color=\"green\">".$_REQUEST["success"]."</font><br>";
+}
+if(isset($_REQUEST["failure"])) {
+ echo "<br><font color=\"red\">".$_REQUEST["failure"]."</font><br>";
+}
+?>
+
+<hr>
+
+
+
+<h2>Users</h2>
+<table border="1">
+<tr><th>Username/Login</th><th>Fullname</th><th>Has Token?</th><th>Key</th><th>Base 32 Key</th><th>Hex Key</th></tr>
+<?php
+// now we get our list of users - this part of the page just has a list of users
+// and the ability to create new ones. This isnt really in the scope of the
+// GA4PHP, but for this example, we need to be able to create users, so heres where
+// you do it.
+$db = getDatabase();
+$result = $db->query("select * from users");
+foreach($result as $row) {
+ if($myga->hasToken($row["users_username"])) {
+ $hastoken = "Yes";
+ $type = $myga->getTokenType($row["users_username"]);
+ if($type == "HOTP") {
+ $type = "- Counter Based";
+ } else {
+ $type = "- Time Based";
+ }
+ $hexkey = $myga->getKey($row["users_username"]);
+ $b32key = $myga->helperhex2b32($hexkey);
+
+ $url = urlencode($myga->createURL($row["users_username"]));
+ $keyurl = "<img src=\"http://chart.apis.google.com/chart?cht=qr&chl=$url&chs=100x100\">";
+
+ }
+ else {
+ $b32key = "";
+ $hexkey = "";
+ $type = "";
+ $hastoken = "no";
+ $keyurl = "";
+ }
+
+
+ // now we generate the qrcode for the user
+
+ echo "<tr><td>".$row["users_username"]."</td><td>".$row["users_fullname"]."</td><td>$hastoken $type</td><td>$keyurl</td><td>$b32key</td><td>$hexkey</td></tr>";
+}
+closeDatabase($db);
+?>
+</table>
+Create a User:
+<form method="post" action="?action=createuser">
+Username/login: <input type="text" name="username">
+Full Name: <input type="text" name="fullname">
+<input type="submit" name="Add" value="Add">
+</form>
+
+
+<hr>
+
+
+
+<h2>Create Token</h2>
+This form allows you to provision a token for the user<br>
+<form method="post" action="?action=provision">
+User:<select name="user">
+<?php
+// here we list the users again for a select clause
+$db = getDatabase();
+$result = $db->query("select * from users");
+foreach($result as $row) {
+ if($myga->hasToken($row["users_username"])) $hastoken = "- Has a token";
+ else $hastoken = "- No token";
+
+ $username = $row["users_username"];
+
+ echo "<option value=\"$username\">$username $hastoken</option>";
+}
+closedatabase($db);
+?>
+</select>
+<br>
+Token Type
+<select name="tokentype">
+<option value="HOTP">Counter Based</option>
+<option value="TOTP">Time Based</option>
+</select>
+<input type="submit" name="Add" value="Add">
+</form>
+
+<hr>
+<h2>Test Authentication</h2>
+<form method="post" action="?action=auth">
+User:<select name="user">
+<?php
+// here we list the users again for a select clause
+$db = getDatabase();
+$result = $db->query("select * from users");
+foreach($result as $row) {
+ if($myga->hasToken($row["users_username"])) $hastoken = "- Has a token";
+ else $hastoken = "- No token";
+
+ $username = $row["users_username"];
+
+ echo "<option value=\"$username\">$username $hastoken</option>";
+}
+closedatabase($db);
+?>
+<input type="text" name="tokencode">
+<input type="submit" name="Auth" value="Auth">
+</select>
+
+
+<pre>
+<?php
+
+print_r($myga->internalGetData("asdf"));
+?>
+</pre>
+
+</html>
\ No newline at end of file
--- /dev/null
+<?php
+
+// this part of the example is the part that processes user inputs from forms
+function processInput() {
+ global $myga;
+
+ if(isset($_REQUEST["action"])) {
+ switch($_REQUEST["action"]) {
+ case "createuser":
+ // "users_id" INTEGER PRIMARY KEY AUTOINCREMENT,"users_username" TEXT,"users_fullname" TEXT,"users_tokendata" TEXT
+ $username = $_REQUEST["username"];
+ $fullname = $_REQUEST["fullname"];
+ $sql = "insert into users values (NULL, '$username', '$fullname', '0')";
+ $db = getDatabase();
+ $db->query($sql);
+ closeDatabase($db);
+
+ header("Location: index.php?success=created");
+ break;
+ case "provision":
+ $username = $_REQUEST["user"];
+ $tokentype = $_REQUEST["tokentype"];
+ $myga->setUser($username, $tokentype);
+
+ header("Location: index.php?success=Provisioned");
+ break;
+ case "auth":
+ $username = $_REQUEST["user"];
+ $tokencode = $_REQUEST["tokencode"];
+
+ if($myga->authenticateUser($username, $tokencode)) {
+ header("Location: index.php?success=Passed");
+ } else {
+ header("Location: index.php?failure=wrongcode");
+ }
+ break;
+ }
+ }
+}
+?>
\ No newline at end of file
--- /dev/null
+<?php
+
+require_once("../../lib/lib.php");
+
+// define our token class
+class myGA extends GoogleAuthenticator {
+ function getData($username) {
+
+ // get our database connection
+ $dbObject = getDatabase();
+
+ // set the sql for retreiving the data
+ $sql = "select users_tokendata from users where users_username='$username'";
+
+ // run the query
+ $result = $dbObject->query($sql);
+
+ // check the result
+ if(!$result) return false;
+
+ // now just retreieve all the data (there should only be one, but whatever)
+ $tokendata = false;
+ foreach($result as $row) {
+ $tokendata = $row["users_tokendata"];
+ }
+
+ // now we have our data, we just return it. If we got no data
+ // we'll just return false by default
+ return $tokendata;
+
+ // and there you have it, simple eh?
+ }
+
+
+ // now we need a function for putting the data back into our user table.
+ // in this example, we wont check anything, we'll just overwrite it.
+ function putData($username, $data) {
+ // get our database connection
+ $dbObject = getDatabase();
+
+ // set the sql for updating the data
+ // token data is stored as a base64 encoded string, it should
+ // not need to be escaped in any way prior to storing in a database
+ // but feel free to call your databases "addslashes" (or whatever)
+ // function on $data prior to doing the SQL.
+ $sql = "update users set users_tokendata='$data' where users_username='$username'";
+
+ // now execute the sql and return straight away - you should probably
+ // clean up after yourselves, but im going to assume pdo does this
+ // for us anyway in this exmaple
+ if($dbObject->query($sql)) {
+ return true;
+ } else {
+ return false;
+ }
+
+ // even simpler!
+ }
+
+ function getUsers() {
+ // get our database connection
+ $dbObject = getDatabase();
+
+ // now the sql again
+ $sql = "select users_username from users";
+
+ // run the query
+ $result = $dbObject->query($sql);
+
+ // iterate over the results - we expect a simple array containing
+ // a list of usernames
+ $i = 0;
+ $users = array();
+ foreach($result as $row) {
+ $users[$i] = $row["username"];
+ $i++;
+ }
+
+ // now return the list
+ return $users;
+ }
+}
+
+?>
\ No newline at end of file
// create "user" with insert
- function setUser($username, $key = "", $ttype="HOTP") {
+ function setUser($username, $ttype="HOTP", $key = "") {
if($key == "") $key = $this->createBase32Key();
$hkey = $this->helperb322hex($key);
// TODO: change this to a pattern match for an actual key
if(!isset($token["tokenkey"])) return false;
if($token["tokenkey"] == "") return false;
+ return true;
}
// oddity in the google authenticator... hotp needs to be lowercase.
$data = $this->internalGetData($user);
$toktype = $data["tokentype"];
- $key = $data["tokenkey"];
+ $key = $this->helperhex2b32($data["tokenkey"]);
$toktype = strtolower($toktype);
if($toktype == "hotp") {
$url = "otpauth://$toktype/$user?secret=$key&counter=1";
return $key;
}
+
+ // returns a hex key
+ function getKey($username) {
+ $data = $this->internalGetData($username);
+ $key = $data["tokenkey"];
+
+ return $key;
+ }
+
+ // get key type
+ function getTokenType($username) {
+ $data = $this->internalGetData($username);
+ $toktype = $data["tokentype"];
+ return $toktype;
+ }
+
function helperb322hex($b32) {
$alphabet = "ABCDEFGHIJKLMNOPQRSTUVWXYZ234567";
projects / ga4php.git / commitdiff