added a command for syncing tokens to the auth server

diff --git a/authserver/authd/authd.php b/authserver/authd/authd.php
index 15416c0..c1e1722 100644 (file)
--- a/authserver/authd/authd.php
+++ b/authserver/authd/authd.php
@@ -115,6 +115,17 @@ if($pid == -1) {
                                }
                                
                                break;
+                       case MSG_SYNC_TOKEN:
+                               if(!isset($msg["username"])) {
+                                       msg_send($cl_queue, MSG_SYNC_TOKEN, false);
+                               } else {
+                                       $tokenone = $msg["tokenone"];
+                                       $tokentwo = $msg["tokentwo"];
+                                       
+                                       msg_send($cl_queue,MSG_SYNC_TOKEN, $myga->resyncCode($username, $tokenone, $tokentwo));
+                               }
+                               
+                               break;
                        case MSG_ADD_USER_TOKEN:
                                echo "Call to add user token\n";
                                if(!isset($msg["username"])) {

diff --git a/authserver/authd/gaasdata.sqlite b/authserver/authd/gaasdata.sqlite
new file mode 100644 (file)
index 0000000..4219f4c
Binary files /dev/null and b/authserver/authd/gaasdata.sqlite differ

diff --git a/authserver/lib/authClient.php b/authserver/lib/authClient.php
index c5ef6dd..735c8a1 100644 (file)
--- a/authserver/lib/authClient.php
+++ b/authserver/lib/authClient.php
@@ -3,6 +3,32 @@
 require_once("lib.php");
 
 class GAAuthClient {
+       function syncUserToken($username, $tokenone, $tokentwo) {
+               global $MSG_QUEUE_KEY_ID_SERVER, $MSG_QUEUE_KEY_ID_CLIENT;
+               
+               
+               if(!msg_queue_exists($MSG_QUEUE_KEY_ID_SERVER)) {
+                       return false;
+               }
+
+               if(!msg_queue_exists($MSG_QUEUE_KEY_ID_CLIENT)) {
+                       return false;
+               }
+               // TODO we need to setup a client queue sem lock here
+               
+               $cl_queue = msg_get_queue($MSG_QUEUE_KEY_ID_CLIENT);
+               $sr_queue = msg_get_queue($MSG_QUEUE_KEY_ID_SERVER);
+               
+               $message["username"] = $username;
+               $message["tokenone"] = $tokenone;
+               $message["tokentwo"] = $tokentwo;
+
+               msg_send($sr_queue, MSG_SYNC_TOKEN, $message, true, true, $msg_err);
+               
+               msg_receive($cl_queue, 0, $msg_type, 16384, $msg);
+               return $msg;            
+               
+       }
        
        function setUserToken($username, $token) {
                global $MSG_QUEUE_KEY_ID_SERVER, $MSG_QUEUE_KEY_ID_CLIENT;

diff --git a/authserver/lib/lib.php b/authserver/lib/lib.php
index 52f09ca..c3ac220 100644 (file)
--- a/authserver/lib/lib.php
+++ b/authserver/lib/lib.php
@@ -16,6 +16,7 @@ define("MSG_GET_USERS", 9);
 define("MSG_GET_OTK_PNG", 10);
 define("MSG_GET_OTK_ID", 11);
 define("MSG_DELETE_USER_TOKEN", 12);
+define("MSG_SYNC_TOKEN", 13);
 
 // BASE_DIR = 
 $BASE_DIR = realpath(dirname(__FILE__)."/../../");

diff --git a/authserver/usercmd.php b/authserver/usercmd.php
index 3c094db..5888c0f 100644 (file)
--- a/authserver/usercmd.php
+++ b/authserver/usercmd.php
@@ -37,10 +37,18 @@ if(!isset($argv[1])) {
        echo "\tgetusers: getusers - gets a list of users\n";
        echo "\tgetotk: getotk <username> - gets the OTKID for a key\n";
        echo "\tradauth: radauth <username> <pin> - for radius, only returns a code\n";
+       echo "\tsynctoken: synctoken <username> <tokenone> <tokentwo> - resync's a hotp token based on two token codes\n";
        return 0;       
 }
 
 switch($argv[1]) {
+       case "synctoken":
+               if($myAC->syncUserToken($argv[2], $argv[3], $argv[4])) {
+                       echo "Token synced\n";
+               } else {
+                       echo "Token not synced\n";
+               }
+               break;
        case "radauth":
                if($myAC->authUserToken($argv[2], $argv[3])==1) {
                        syslog(LOG_WARNING, "Got good request for user, ".$argv[2]);

diff --git a/lib/ga4php.php b/lib/ga4php.php
index 784a918..3870f9c 100644 (file)
--- a/lib/ga4php.php
+++ b/lib/ga4php.php
@@ -154,7 +154,7 @@ abstract class GoogleAuthenticator {
                                $en = $tlid+$this->hotpSkew;
                                for($i=$st; $i<$en; $i++) {
                                        $stest = $this->oath_hotp($tkey, $i);
-                                       error_log("testing code: $code, $stest, $tkey, $tid");
+                                       //error_log("testing code: $code, $stest, $tkey, $tid");
                                        if($code == $stest) {
                                                $tokendata["tokencounter"] = $i;
                                                $this->internalPutData($username, $tokendata);
@@ -199,7 +199,7 @@ abstract class GoogleAuthenticator {
                // for keys
                
                //              $this->dbConnector->query('CREATE TABLE "tokens" ("token_id" INTEGER PRIMARY KEY AUTOINCREMENT,"token_key" TEXT NOT NULL, "token_type" TEXT NOT NULL, "token_lastid" INTEGER NOT NULL)');
-               $tokendata = internalGetData($username);
+               $tokendata = $this->internalGetData($username);
                
                // TODO: check return value
                $ttype = $tokendata["tokentype"];