X-Git-Url: http://git.pjr.cc/?p=ga4php.git;a=blobdiff_plain;f=lib%2Fga4php.php;h=22a7b2c56a856ce7e91ee3a798c413e1c77dbd00;hp=0645657ff6b594bc8698b0788353ed98673adc0d;hb=HEAD;hpb=33f663b5e670ff27f17bff7a7cfb0f6dc2baa3d8

diff --git a/lib/ga4php.php b/lib/ga4php.php
index 0645657..22a7b2c 100644
--- a/lib/ga4php.php
+++ b/lib/ga4php.php
@@ -19,6 +19,8 @@ abstract class GoogleAuthenticator {
 		$this->hotpHuntValue = $hotphuntvalue;
 	}
 	
+	// pure abstract functions that need to be overloaded when
+	// creating a sub class
 	abstract function getData($username);
 	abstract function putData($username, $data);
 	abstract function getUsers();
@@ -30,12 +32,27 @@ abstract class GoogleAuthenticator {
 		$data["tokentimer"] = 30; // the token timer (For totp) and not supported by ga yet		
 		$data["tokencounter"] = 1; // the token counter for hotp
 		$data["tokenalgorithm"] = "SHA1"; // the token algorithm (not supported by ga yet)
-		$data["user1"] = ""; // a place for implementors to store their own data
+		$data["user"] = ""; // a place for implementors to store their own data
 		
 		return $data;
 	}
 	
-	// an internal funciton to get 
+	// custom data field manipulation bits
+	function setCustomData($username, $data) {
+		$data = $this->internalGetData($username);
+		$data["user"] = $key;
+		$this->internalPutData($username, $data);
+	}
+	
+	function getCustomData($username) {
+		$data = $this->internalGetData($username);
+		$custom = $data["user"];
+		return $custom;
+		
+	}
+	
+	// an internal funciton to get data from the overloaded functions
+	// and turn them into php arrays.
 	function internalGetData($username) {
 		$data = $this->getData($username);
 		$deco = unserialize(base64_decode($data));
@@ -47,9 +64,11 @@ abstract class GoogleAuthenticator {
 		return $deco;
 	}
 	
-
+	// the function used inside the class to put the data into the
+	// datastore using the overloaded data saving class
 	function internalPutData($username, $data) {
-		$enco = base64_encode(serialize($data));
+		if($data == "") $enco = "";
+		else $enco = base64_encode(serialize($data));
 		
 		return $this->putData($username, $enco);
 	}
@@ -60,7 +79,7 @@ abstract class GoogleAuthenticator {
 	// so lets not be able to set that yet
 	function setTokenType($username, $tokentype) {
 		$tokentype = strtoupper($tokentype);
-		if($tokentype!="HOTP" and $tokentype!="TOTP") {
+		if($tokentype!="HOTP" && $tokentype!="TOTP") {
 			$errorText = "Invalid Token Type";
 			return false;
 		}
@@ -74,6 +93,8 @@ abstract class GoogleAuthenticator {
 	
 	// create "user" with insert
 	function setUser($username, $ttype="HOTP", $key = "", $hexkey="") {
+		$ttype  = strtoupper($ttype);
+		if($ttype != "HOTP" && $ttype !="TOTP") return false;
 		if($key == "") $key = $this->createBase32Key();
 		$hkey = $this->helperb322hex($key);
 		if($hexkey != "") $hkey = $hexkey;
@@ -88,7 +109,7 @@ abstract class GoogleAuthenticator {
 		return $key;
 	}
 	
-	
+	// a function to determine if the user has an actual token
 	function hasToken($username) {
 		$token = $this->internalGetData($username);
 		// TODO: change this to a pattern match for an actual key
@@ -105,18 +126,21 @@ abstract class GoogleAuthenticator {
 		// consider scrapping this
 		$token = $this->internalGetData($username);
 		$token["tokenkey"] = $key;
-		$this->internalPutData($username, $token);		
+		$this->internalPutData($username, $token);
+		
+		// TODO error checking
+		return true;
 	}
 	
 	
 	// self explanitory?
 	function deleteUser($username) {
 		// oh, we need to figure out how to do thi?
-		$data = $this->internalGetData($username);
-		$data["tokenkey"] = "";
-		$this->internalPutData($username);		
+		$this->internalPutData($username, "");		
 	}
 	
+
+	
 	// user has input their user name and some code, authenticate
 	// it
 	function authenticateUser($username, $code) {
@@ -142,11 +166,11 @@ abstract class GoogleAuthenticator {
 		switch($ttype) {
 			case "HOTP":
 				error_log("in hotp");
-				$st = $tlid;
+				$st = $tlid+1;
 				$en = $tlid+$this->hotpSkew;
 				for($i=$st; $i<$en; $i++) {
 					$stest = $this->oath_hotp($tkey, $i);
-					error_log("testing code: $code, $stest, $tkey, $tid");
+					//error_log("testing code: $code, $stest, $tkey, $tid");
 					if($code == $stest) {
 						$tokendata["tokencounter"] = $i;
 						$this->internalPutData($username, $tokendata);
@@ -191,7 +215,7 @@ abstract class GoogleAuthenticator {
 		// for keys
 		
 		//		$this->dbConnector->query('CREATE TABLE "tokens" ("token_id" INTEGER PRIMARY KEY AUTOINCREMENT,"token_key" TEXT NOT NULL, "token_type" TEXT NOT NULL, "token_lastid" INTEGER NOT NULL)');
-		$tokendata = internalGetData($username);
+		$tokendata = $this->internalGetData($username);
 		
 		// TODO: check return value
 		$ttype = $tokendata["tokentype"];
@@ -214,7 +238,7 @@ abstract class GoogleAuthenticator {
 						$stest2 = $this->oath_hotp($tkey, $i+1);
 						if($code2 == $stest2) {
 							$tokendata["tokencounter"] = $i+1;
-							internalPutData($username, $tokendata);						
+							$this->internalPutData($username, $tokendata);						
 							return true;
 						}
 					}
@@ -242,7 +266,10 @@ abstract class GoogleAuthenticator {
 		$data = $this->internalGetData($user);
 		$toktype = $data["tokentype"];
 		$key = $this->helperhex2b32($data["tokenkey"]);
-		$counter = $data["tokencounter"];
+
+		// token counter should be one more then current token value, otherwise
+		// it gets confused
+		$counter = $data["tokencounter"]+1;
 		$toktype = strtolower($toktype);
 		if($toktype == "hotp") {
 			$url = "otpauth://$toktype/$user?secret=$key&counter=$counter";