authserver/authd/authd.php

   1 <?php
   2
   3 // TODO: SO MUCH ERROR CHECKING ITS NOT FUNNY
   4
   5
   6 // get out master library for ga4php
   7 require_once("../lib/lib.php");
   8
   9
  10 //exit(0);
  11 // first we want to fork into the background like all good daemons should
  12 //$pid = pcntl_fork();
  13 $pid = 0;
  14
  15 if($pid == -1) {
  16
  17 } else if($pid) {
  18         // i am the parent, i shall leave
  19         echo "i am a parent, i leave\n";
  20         exit(0);
  21 } else {
  22         global $MSG_QUEUE_KEY_ID_SERVER, $MSG_QUEUE_KEY_ID_CLIENT;
  23
  24         $cl_queue = msg_get_queue($MSG_QUEUE_KEY_ID_CLIENT, 0666 | 'IPC_CREAT');
  25         $sr_queue = msg_get_queue($MSG_QUEUE_KEY_ID_SERVER, 0666 | 'IPC_CREAT');
  26
  27         $myga = new gaasGA();
  28         global $myga;
  29
  30
  31         while(true) {
  32                 msg_receive($sr_queue, 0, $msg_type, 16384, $msg);
  33                 switch($msg_type) {
  34                         case MSG_DELETE_USER_TOKEN:
  35                                 $username = $msg["username"];
  36
  37                                 $sql = "select users_otk from users where users_username='$username'";
  38                                 $dbo = getDatabase();
  39                                 $res = $dbo->query($sql);
  40                                 $otkid = "";
  41                                 foreach($res as $row) {
  42                                         $otkid = $row["users_otk"];
  43                                 }
  44                                 if($otkid!="") {
  45                                         global $BASE_DIR;
  46                                         unlink("$BASE_DIR/authserver/authd/otks/$otkid.png");
  47                                 }
  48
  49                                 $sql = "update users set users_tokendata='',users_otk='' where users_username='$username'";
  50                                 $dbo = getDatabase();
  51                                 $res = $dbo->query($sql);
  52
  53                                 msg_send($cl_queue, MSG_DELETE_USER_TOKEN, true);
  54                                 break;
  55                         case MSG_AUTH_USER_TOKEN:
  56                                 echo "Call to auth user token\n";
  57                                 // minimal checking, we leav it up to authenticateUser to do the real
  58                                 // checking
  59                                 if(!isset($msg["username"])) $msg["username"] = "";
  60                                 if(!isset($msg["passcode"])) $msg["passcode"] = "";
  61                                 $username = $msg["username"];
  62                                 $passcode = $msg["passcode"];
  63                                 global $myga;
  64                                 $authval = $myga->authenticateUser($username, $passcode);
  65                                 msg_send($cl_queue, MSG_AUTH_USER_TOKEN, $authval);
  66                                 break;
  67                         case MSG_GET_OTK_ID:
  68                                 if(!isset($msg["username"])) {
  69                                         msg_send($cl_queue, MSG_GET_OTK_ID, false);
  70                                 } else {
  71                                         $username = $msg["username"];
  72                                         $sql = "select users_otk from users where users_username='$username'";
  73                                         $dbo = getDatabase();
  74                                         $res = $dbo->query($sql);
  75                                         $otkid = "";
  76                                         foreach($res as $row) {
  77                                                 $otkid = $row["users_otk"];
  78                                         }
  79
  80                                         if($otkid == "") {
  81                                                 msg_send($cl_queue, MSG_GET_OTK_ID, false);
  82                                         } else {
  83                                                 msg_send($cl_queue, MSG_GET_OTK_ID, $otkid);
  84                                         }
  85                                 }
  86                                 break;
  87                         case MSG_GET_OTK_PNG:
  88                                 if(!isset($msg["otk"])) {
  89                                         msg_send($cl_queue, MSG_GET_OTK_PNG, false);
  90                                 } else {
  91                                         $otk = $msg["otk"];
  92                                         $sql = "select users_username from users where users_otk='$otk'";
  93                                         $dbo = getDatabase();
  94                                         $res = $dbo->query($sql);
  95                                         $username = "";
  96                                         foreach($res as $row) {
  97                                                 $username = $row["users_username"];
  98                                         }
  99
 100                                         if($username == "") {
 101                                                 msg_send($cl_queue, MSG_GET_OTK_PNG, false);
 102                                         } else if($username != $msg["username"]) {
 103                                                 msg_send($cl_queue, MSG_GET_OTK_PNG, false);
 104                                         } else {
 105                                                 global $BASE_DIR;
 106                                                 $hand = fopen("$BASE_DIR/authserver/authd/otks/$otk.png", "rb");
 107                                                 $data = fread($hand, filesize("$BASE_DIR/authserver/authd/otks/$otk.png"));
 108                                                 fclose($hand);
 109                                                 unlink("$BASE_DIR/authserver/authd/otks/$otk.png");
 110                                                 $sql = "update users set users_otk='' where users_username='$username'";
 111                                                 $dbo->query($sql);
 112                                                 error_log("senting otk, fsize: ".filesize("$BASE_DIR/authserver/authd/otks/$otk.png")." $otk ");
 113                                                 msg_send($cl_queue, MSG_GET_OTK_PNG, $data);
 114                                         }
 115                                 }
 116
 117                                 break;
 118                         case MSG_SYNC_TOKEN:
 119                                 if(!isset($msg["username"])) {
 120                                         msg_send($cl_queue, MSG_SYNC_TOKEN, false);
 121                                 } else {
 122                                         $tokenone = $msg["tokenone"];
 123                                         $tokentwo = $msg["tokentwo"];
 124
 125                                         msg_send($cl_queue, MSG_SYNC_TOKEN, $myga->resyncCode($msg["username"], $tokenone, $tokentwo));
 126                                 }
 127
 128                                 break;
 129                         case MSG_GET_TOKEN_TYPE:
 130                                 if(!isset($msg["username"])) {
 131                                         msg_send($cl_queue, MSG_GET_TOKEN_TYPE, false);
 132                                 } else {
 133                                         msg_send($cl_queue, MSG_GET_TOKEN_TYPE, $myga->getTokenType($msg["username"]));
 134                                 }
 135                                 break;
 136                         case MSG_ADD_USER_TOKEN:
 137                                 echo "Call to add user token\n";
 138                                 if(!isset($msg["username"])) {
 139                                         msg_send($cl_queue, MSG_ADD_USER_TOKEN, false);
 140                                 } else {
 141                                         global $BASE_DIR;
 142                                         $username = $msg["username"];
 143                                         $tokentype="TOTP";
 144                                         if(isset($msg["tokentype"])) {
 145                                                 $tokentype=$msg["tokentype"];
 146                                         }
 147                                         $hexkey = "";
 148                                         if(isset($msg["hexkey"])) {
 149                                                 $hexkey = $msg["hexkey"];
 150                                         }
 151                                         global $myga;
 152                                         $myga->setUser($username, $tokentype, "", $hexkey);
 153
 154                                         $url = $myga->createUrl($username);
 155                                         if(!file_exists("$BASE_DIR/authserver/authd/otks")) mkdir("$BASE_DIR/authserver/authd/otks");
 156                                         $otk = generateRandomString();
 157                                         system("qrencode -o $BASE_DIR/authserver/authd/otks/$otk.png $url");
 158
 159                                         $sql = "update users set users_otk='$otk' where users_username='$username'";
 160                                         $dbo = getDatabase();
 161                                         $res = $dbo->query($sql);
 162
 163                                         msg_send($cl_queue, MSG_ADD_USER_TOKEN, true);
 164                                 }
 165                                 break;
 166                         case MSG_DELETE_USER:
 167                                 echo "Call to del user\n";
 168                                 if(!isset($msg["username"])) {
 169                                         msg_send($cl_queue, MSG_DELETE_USER, false);
 170                                 } else {
 171                                         $username = $msg["username"];
 172                                         global $myga;
 173
 174                                         $sql = "select users_otk from users where users_username='$username'";
 175                                         $dbo = getDatabase();
 176                                         $res = $dbo->query($sql);
 177                                         $otkid = "";
 178                                         foreach($res as $row) {
 179                                                 $otkid = $row["users_otk"];
 180                                         }
 181                                         if($otkid!="") {
 182                                                 unlink("otks/$otkid.png");
 183                                         }
 184
 185
 186                                         $sql = "delete from users where users_username='$username'";
 187                                         $dbo = getDatabase();
 188                                         $dbo->query($sql);
 189
 190                                         msg_send($cl_queue, MSG_DELETE_USER, true);
 191                                 }
 192                                 break;
 193                         case MSG_AUTH_USER_PASSWORD:
 194                                 // TODO
 195                                 echo "Call to auth user pass\n";
 196                                 if(!isset($msg["username"])) {
 197                                         msg_send($cl_queue, MSG_AUTH_USER_PASSWORD, false);
 198                                         break;
 199                                 }
 200                                 if(!isset($msg["password"])) {
 201                                         msg_send($cl_queue, MSG_AUTH_USER_PASSWORD, false);
 202                                         break;
 203                                 }
 204
 205                                 $username = $msg["username"];
 206                                 $password = $msg["password"];
 207                                 $sql = "select users_password from users where users_username='$username'";
 208                                 $dbo = getDatabase();
 209                                 $res = $dbo->query($sql);
 210                                 $pass = "";
 211                                 foreach($res as $row) {
 212                                         $pass = $row["users_password"];
 213                                 }
 214
 215                                 // TODO now do auth
 216                                 $ourpass = hash('sha512', $password);
 217                                 echo "ourpass: $ourpass\nourhash: $pass\n";
 218                                 if($ourpass == $pass) {
 219                                         msg_send($cl_queue, MSG_AUTH_USER_PASSWORD, true);
 220
 221                                 } else {
 222                                         msg_send($cl_queue, MSG_AUTH_USER_PASSWORD, false);
 223
 224                                 }
 225
 226                                 break;
 227                         case MSG_SET_USER_PASSWORD:
 228                                 echo "how on earth is that happening Call to set user pass, wtf?\n";
 229                                 // TODO
 230                                 print_r($msg);
 231                                 if(!isset($msg["username"])) {
 232                                         msg_send($cl_queue, MSG_SET_USER_PASSWORD, false);
 233                                         echo "in break 1\n";
 234                                         break;
 235                                 }
 236                                 if(!isset($msg["password"])) {
 237                                         msg_send($cl_queue, MSG_SET_USER_PASSWORD, false);
 238                                         echo "in break 1\n";
 239                                         break;
 240                                 }
 241
 242                                 $username = $msg["username"];
 243                                 $password = $msg["password"];
 244
 245                                 echo "would set pass for $username, to $password\n";
 246                                 if($password == "") $pass = "";
 247                                 else $pass = hash('sha512', $password);
 248
 249                                 $dbo = getDatabase();
 250                                 echo "in set user pass for $username, $pass\n";
 251                                 $sql = "update users set users_password='$pass' where users_username='$username'";
 252
 253                                 $dbo->query($sql);
 254
 255                                 msg_send($cl_queue, MSG_SET_USER_REALNAME, true);
 256
 257
 258                                 // these are irrelavent yet
 259                                 // TODO now set pass
 260                                 break;
 261                         case MSG_SET_USER_REALNAME:
 262                                 echo "Call to set user realname\n";
 263                                 // TODO
 264                                 if(!isset($msg["username"])) {
 265                                         msg_send($cl_queue, MSG_SET_USER_REALNAME, false);
 266                                         break;
 267                                 }
 268                                 if(!isset($msg["realname"])) {
 269                                         msg_send($cl_queue, MSG_SET_USER_REALNAME, false);
 270                                         break;
 271                                 }
 272
 273                                 $username = $msg["username"];
 274                                 $realname = $msg["realname"];
 275                                 $sql = "update users set users_realname='$realname' where users_username='$username'";
 276                                 $dbo = getDatabase();
 277
 278                                 $dbo->query($sql);
 279
 280                                 msg_send($cl_queue, MSG_SET_USER_REALNAME, true);
 281
 282                                 // TODO now set real name
 283                                 break;
 284                         case MSG_SET_USER_TOKEN:
 285                                 // TODO
 286                                 echo "Call to set user token\n";
 287                                 if(!isset($msg["username"])) {
 288                                         msg_send($cl_queue, MSG_SET_USER_TOKEN, false);
 289                                         break;
 290                                 }
 291                                 if(!isset($msg["tokenstring"])) {
 292                                         msg_send($cl_queue, MSG_SET_USER_TOKEN, false);
 293                                         break;
 294                                 }
 295
 296                                 global $myga;
 297                                 $username = $msg["username"];
 298                                 $token = $msg["tokenstring"];
 299                                 $return = $myga->setUserKey($username, $token);
 300                                 msg_send($cl_queue, MSG_SET_USER_TOKEN, $return);
 301
 302                                 // TODO now set token
 303                                 break;
 304                         case MSG_SET_USER_TOKEN_TYPE:
 305                                 // TODO
 306                                 echo "Call to set user token type\n";
 307                                 if(!isset($msg["username"])) {
 308                                         msg_send($cl_queue, MSG_SET_USER_TOKEN_TYPE, false);
 309                                         break;
 310                                 }
 311                                 if(!isset($msg["tokentype"])) {
 312                                         msg_send($cl_queue, MSG_SET_USER_TOKEN_TYPE, false);
 313                                         break;
 314                                 }
 315
 316                                 $username = $msg["username"];
 317                                 $tokentype = $msg["tokentype"];
 318                                 global $myga;
 319                                 msg_send($cl_queue, MSG_SET_USER_TOKEN_TYPE, $myga->setTokenType($username, $tokentype));
 320
 321                                 // TODO now set token
 322                                 break;
 323                         case MSG_GET_USERS:
 324                                 // TODO this needs to be better
 325                                 $sql = "select * from users";
 326
 327                                 $dbo = getDatabase();
 328                                 $res = $dbo->query($sql);
 329
 330                                 $users = "";
 331                                 $i = 0;
 332                                 foreach($res as $row) {
 333                                         $users[$i]["username"] = $row["users_username"];
 334                                         $users[$i]["realname"] = $row["users_realname"];
 335                                         if($row["users_password"]!="") {
 336                                                 $users[$i]["haspass"] = true;
 337                                         } else {
 338                                                 $users[$i]["haspass"] = false;
 339                                         }
 340                                         echo "user: ".$users[$i]["username"]." has tdata: \"".$row["users_tokendata"]."\"\n";
 341                                         if($row["users_tokendata"]!="") {
 342                                                 $users[$i]["hastoken"] = true;
 343                                         } else {
 344                                                 $users[$i]["hastoken"] = false;
 345                                         }
 346
 347                                         if($row["users_otk"]!="") {
 348                                                 $users[$i]["otk"] = $row["users_otk"];
 349                                         } else {
 350                                                 $users[$i]["otk"] = "";
 351                                         }
 352                                         $i++;
 353                                 }
 354                                 msg_send($cl_queue, MSG_GET_USERS, $users);
 355
 356                                 // TODO now set token
 357                                 break;
 358
 359                 }
 360         }
 361 }
 362
 363 ?>