From 0cc1148a3d3cf7b5990fa80a8aa33990ebace98a Mon Sep 17 00:00:00 2001
From: paulr <me@pjr.cc>
Date: Mon, 22 Nov 2010 02:11:35 +1100
Subject: [PATCH] Some minor error checking code.

---
 lib/ga4php.php       |   15 +++++++++------
 radius/radverify.php |    4 ++--
 radius/www/index.php |   12 ++++++++++++
 3 files changed, 23 insertions(+), 8 deletions(-)

diff --git a/lib/ga4php.php b/lib/ga4php.php
index 8bc5946..d79b99a 100644
--- a/lib/ga4php.php
+++ b/lib/ga4php.php
@@ -16,6 +16,7 @@ abstract class GoogleAuthenticator {
 		$data["tokentimer"] = 30; // the token timer (For totp) and not supported by ga yet		
 		$data["tokencounter"] = 1; // the token counter for hotp
 		$data["tokenalgorithm"] = "SHA1"; // the token algorithm (not supported by ga yet)
+		$data["user1"] = ""; // a place for implementors to store their own data
 		
 		return $data;
 	}
@@ -106,10 +107,10 @@ abstract class GoogleAuthenticator {
 	function authenticateUser($username, $code) {
 
 		if(preg_match("/[0-9][0-9][0-9][0-9][0-9][0-9]/",$code)<1) return false;
-		error_log("begin auth user");
+		//error_log("begin auth user");
 		$tokendata = $this->internalGetData($username);
-		$asdf = print_r($tokendata, true);
-		error_log("dat is $asdf");
+		//$asdf = print_r($tokendata, true);
+		//error_log("dat is $asdf");
 		
 		if($tokendata["tokenkey"] == "") {
 			$errorText = "No Assigned Token";
@@ -121,8 +122,8 @@ abstract class GoogleAuthenticator {
 		$tlid = $tokendata["tokencounter"];
 		$tkey = $tokendata["tokenkey"];
 		
-		$asdf = print_r($tokendata, true);
-		error_log("dat is $asdf");
+		//$asdf = print_r($tokendata, true);
+		//error_log("dat is $asdf");
 		switch($ttype) {
 			case "HOTP":
 				error_log("in hotp");
@@ -206,6 +207,7 @@ abstract class GoogleAuthenticator {
 				return false;
 				break;
 			case "TOTP":
+				// ignore it?
 				break;
 			default:
 				echo "how the frig did i end up here?";
@@ -225,9 +227,10 @@ abstract class GoogleAuthenticator {
 		$data = $this->internalGetData($user);
 		$toktype = $data["tokentype"];
 		$key = $this->helperhex2b32($data["tokenkey"]);
+		$counter = $data["tokencounter"];
 		$toktype = strtolower($toktype);
 		if($toktype == "hotp") {
-			$url = "otpauth://$toktype/$user?secret=$key&counter=1";
+			$url = "otpauth://$toktype/$user?secret=$key&counter=$counter";
 		} else {
 			$url = "otpauth://$toktype/$user?secret=$key";
 		}
diff --git a/radius/radverify.php b/radius/radverify.php
index 1285fea..bf6ca8c 100644
--- a/radius/radverify.php
+++ b/radius/radverify.php
@@ -5,8 +5,8 @@
  * This file is designed as a "script" extension to freeradius (or some such tool) for radius authentication.
  * Also provided is a simple web interface for managing users in freeradius.
  * 
- * I cant figure out how to make it work with freeradius. I dont want to do password auth at all, in fact i want the login
- * password to *BE* the pin code, but i cant find a way of doing that with freeradius, which is a shame.
+ * The simple web interface should also provide a mechanism for configuring freeradius itself
+ * 
  */
 
 ?>
\ No newline at end of file
diff --git a/radius/www/index.php b/radius/www/index.php
index b3d9bbc..9a0896f 100644
--- a/radius/www/index.php
+++ b/radius/www/index.php
@@ -1 +1,13 @@
 <?php
+/*
+ * This is the web component of the GA4PHP radius server. This web app should be able to configure freeradius and itself.
+ * 
+ * This app will try to do the following:
+ * 1) initialise tokens
+ * 2) pull accounts from some backend (such as AD)
+ * 3) allow users to self-enroll.
+ * 
+ * I wonder if we can store data in the backend database itself? that would be interesting
+ * then user admin would be less disconnected. I.e. if a user was deleted from AD, their token
+ * data should disappear with them.
+ */
\ No newline at end of file
-- 
1.7.0.4