From: paulr <me@pjr.cc>
Date: Sun, 5 Dec 2010 15:07:18 +0000 (+1100)
Subject: functional authd/authclient
X-Git-Url: http://git.pjr.cc/?p=ga4php.git;a=commitdiff_plain;h=34cbcba6d0f7c0a92c849545712cc5ce7ec03f97

functional authd/authclient
---

diff --git a/authserver/authd/authd.php b/authserver/authd/authd.php
index afe3883..bd10267 100644
--- a/authserver/authd/authd.php
+++ b/authserver/authd/authd.php
@@ -49,6 +49,34 @@ if($pid == -1) {
 				$authval = $myga->authenticateUser($username, $passcode);
 				msg_send($cl_queue, MSG_AUTH_USER_TOKEN, $authval);
 				break;
+				
+			case MSG_GET_OTK_PNG:
+				if(!isset($msg["username"])) {
+					msg_send($cl_queue, MSG_GET_OTK_PNG, false);
+				} else {
+					$username = $msg["username"];
+					$sql = "select users_otk from users where users_username='$username'";
+					$dbo = getDatabase();
+					$res = $dbo->query($sql);
+					$otk = "";
+					foreach($res as $row) {
+						$otk = $row["users_otk"];
+					}
+					
+					if($otk == "") {
+						msg_send($cl_queue, MSG_GET_OTK_PNG, false);
+					} else {
+						$hand = fopen("otks/$otk.png", "rb");
+						$data = fread($hand, filesize("otks/$otk.png"));
+						fclose($hand);
+						msg_send($cl_queue, MSG_GET_OTK_PNG, $data);
+						unlink("otks/$otk.png");
+						$sql = "update users set users_otk='' where users_username='$username'";
+						$dbo->query($sql);
+					}
+				}
+				
+				break;
 			case MSG_ADD_USER_TOKEN:
 				echo "Call to add user token\n";
 				if(!isset($msg["username"])) {
@@ -66,7 +94,16 @@ if($pid == -1) {
 					global $myga;
 					$myga->setUser($username, $tokentype, "", $hexkey);
 					
-					msg_send($cl_queue, MSG_ADD_USER_TOKEN, $myga->createUrl($username));
+					$url = $myga->createUrl($username);
+					mkdir("otks");
+					$otk = generateRandomString();
+					system("qrencode -o otks/$otk.png $url");
+					
+					$sql = "update users set users_otk='$otk' where users_username='$username'";
+					$dbo = getDatabase();
+					$res = $dbo->query($sql);
+					
+					msg_send($cl_queue, MSG_ADD_USER_TOKEN, true);
 				}
 				break;
 			case MSG_DELETE_USER:
diff --git a/authserver/authd/gaasdata.sqlite b/authserver/authd/gaasdata.sqlite
deleted file mode 100644
index d9792ca..0000000
Binary files a/authserver/authd/gaasdata.sqlite and /dev/null differ
diff --git a/authserver/lib/authClient.php b/authserver/lib/authClient.php
index a29af89..58de4ec 100644
--- a/authserver/lib/authClient.php
+++ b/authserver/lib/authClient.php
@@ -55,6 +55,31 @@ class GAAuthClient {
 		return $msg;
 	}
 	
+	function getOtkPng($username) {
+		global $MSG_QUEUE_KEY_ID_SERVER, $MSG_QUEUE_KEY_ID_CLIENT;
+		
+		
+		if(!msg_queue_exists($MSG_QUEUE_KEY_ID_SERVER)) {
+			return false;
+		}
+
+		if(!msg_queue_exists($MSG_QUEUE_KEY_ID_CLIENT)) {
+			return false;
+		}
+		// TODO we need to setup a client queue sem lock here
+		
+		$cl_queue = msg_get_queue($MSG_QUEUE_KEY_ID_CLIENT);
+		$sr_queue = msg_get_queue($MSG_QUEUE_KEY_ID_SERVER);
+
+		$message["username"] = $username;
+		msg_send($sr_queue, MSG_GET_OTK_PNG, $message, true, true, $msg_err);
+		
+		msg_receive($cl_queue, 0, $msg_type, 16384, $msg);
+		
+		return $msg;
+		
+	}
+	
 	function authUserPass($username, $password) {
 		global $MSG_QUEUE_KEY_ID_SERVER, $MSG_QUEUE_KEY_ID_CLIENT;
 		
diff --git a/authserver/lib/lib.php b/authserver/lib/lib.php
index dbdd35f..9737566 100644
--- a/authserver/lib/lib.php
+++ b/authserver/lib/lib.php
@@ -13,10 +13,25 @@ define("MSG_SET_USER_REALNAME", 6);
 define("MSG_SET_USER_TOKEN", 7);
 define("MSG_SET_USER_TOKEN_TYPE", 8);
 define("MSG_GET_USERS", 9);
+define("MSG_GET_OTK_PNG", 10);
 
 if(file_exists("../../lib/ga4php.php")) require_once("../../lib/ga4php.php");
 if(file_exists("../lib/ga4php.php")) require_once("../lib/ga4php.php");
 
+
+function generateRandomString()
+{
+	$str = "";
+	$strpos = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789";
+	
+	for($i=0; $i<128; $i++) {
+		$str .= $strpos[rand(0, strlen($strpos)-1)];
+	}
+	
+	return $str;
+}
+
+
 function getDatabase() {
 	$dbobject = false;
 	if(file_exists("gaasdata.sqlite")) {
@@ -31,7 +46,7 @@ function getDatabase() {
 		} catch(PDOException $exep) {
 			error_log("execpt on db open");
 		}
-		$sql = 'CREATE TABLE "users" ("users_id" INTEGER PRIMARY KEY AUTOINCREMENT,"users_username" TEXT, "users_realname" TEXT, "users_password" TEXT, "users_tokendata" TEXT);';
+		$sql = 'CREATE TABLE "users" ("users_id" INTEGER PRIMARY KEY AUTOINCREMENT,"users_username" TEXT, "users_realname" TEXT, "users_password" TEXT, "users_tokendata" TEXT, "users_otk" TEXT);';
 		$dbobject->query($sql);
 	}
 	
@@ -87,7 +102,7 @@ class gaasGA extends GoogleAuthenticator {
 			$sql = "update users set users_tokendata='$data' where users_username='$username'";
 		} else {
 			// do insert
-			$sql = "insert into users values (NULL, '$username', '', '', '$data')";
+			$sql = "insert into users values (NULL, '$username', '', '', '$data', '')";
 		}
 		
 		if($dbObject->query($sql)) {
diff --git a/authserver/usercmd.php b/authserver/usercmd.php
index e58cd65..aad5e3a 100644
--- a/authserver/usercmd.php
+++ b/authserver/usercmd.php
@@ -35,10 +35,22 @@ if(!isset($argv[1])) {
 	echo "\tsettoken: settoken <username> <tokenkey> - sets the key (hex) for a token\n";
 	echo "\tsettype: settype <username> <tokentype> - sets a token type for a user\n";
 	echo "\tgetusers: getusers - gets a list of users\n";
+	echo "\tgetotk: getotk <username> - gets the OTK png for a key\n";
 	return 0;	
 }
 
 switch($argv[1]) {
+	case "getotk":
+		$val = $myAC->getOtkPng($argv[2]);
+		if($val === false) {
+			echo "Failure\n";
+		} else {
+			$hand = fopen("val.png", "w");
+			fwrite($hand, $val);
+			fclose($hand);
+			echo "In val.png\n";
+		}
+		break;
 	case "auth":
 		if($myAC->authUserToken($argv[2], $argv[3])==1) {
 			echo "Pass!\n";