From 1065be060c1b237c4fcdfdef6e3e2ee663d1ca33 Mon Sep 17 00:00:00 2001 From: paulr Date: Mon, 6 Dec 2010 00:39:10 +1100 Subject: [PATCH] fixed a minor thing with the hotp skew --- authserver/authd/authd.php | 25 ++++++++++++++++++------- authserver/lib/authClient.php | 12 ++++-------- authserver/lib/lib.php | 6 +++++- authserver/usercmd.php | 5 +++-- lib/ga4php.php | 2 +- 5 files changed, 31 insertions(+), 19 deletions(-) diff --git a/authserver/authd/authd.php b/authserver/authd/authd.php index f4b366d..2474b3a 100644 --- a/authserver/authd/authd.php +++ b/authserver/authd/authd.php @@ -41,21 +41,32 @@ if($pid == -1) { echo "Call to auth user token\n"; // minimal checking, we leav it up to authenticateUser to do the real // checking - if(!isset($msg["user"])) $msg["user"] = ""; + if(!isset($msg["username"])) $msg["username"] = ""; if(!isset($msg["passcode"])) $msg["passcode"] = ""; - $username = $msg["user"]; + $username = $msg["username"]; $passcode = $msg["passcode"]; global $myga; - msg_send($cl_queue, MSG_AUTH_USER_TOKEN, $myga->authenticateUser($username, $passcode)); + $authval = $myga->authenticateUser($username, $passcode); + msg_send($cl_queue, MSG_AUTH_USER_TOKEN, $authval); break; case MSG_ADD_USER_TOKEN: echo "Call to add user token\n"; if(!isset($msg["username"])) { msg_send($cl_queue, MSG_ADD_USER_TOKEN, false); } else { - $username = $msg["username"]; + $username = $msg["username"]; + $tokentype="HOTP"; + if(isset($msg["tokentype"])) { + $tokentype="HOTP"; + } + $hexkey = ""; + if(isset($msg["hexkey"])) { + $hexkey = $msg["hexkey"]; + } global $myga; - msg_send($cl_queue, MSG_ADD_USER_TOKEN, $myga->setUser($username)); + $myga->setUser($username, $tokentype, "", $hexkey); + + msg_send($cl_queue, MSG_ADD_USER_TOKEN, $myga->createUrl($username)); } break; case MSG_DELETE_USER: @@ -145,7 +156,6 @@ if($pid == -1) { $username = $msg["username"]; $realname = $msg["realname"]; $sql = "update users set users_realname='$realname' where users_username='$username'"; - echo "sql: $sql\n"; $dbo = getDatabase(); $dbo->query($sql); @@ -167,7 +177,8 @@ if($pid == -1) { } global $myga; - msg_send($cl_queue, MSG_SET_USER_TOKEN, $myga->setUserKey($username, $passcode)); + $myga->setUserKey($username, $passcode); + msg_send($cl_queue, MSG_SET_USER_TOKEN, $myga->createUrl($username)); // TODO now set token break; diff --git a/authserver/lib/authClient.php b/authserver/lib/authClient.php index 22a08b3..677be24 100644 --- a/authserver/lib/authClient.php +++ b/authserver/lib/authClient.php @@ -190,17 +190,15 @@ class GAAuthClient { $message["username"] = $username; $message["passcode"] = $passcode; - msg_send($sr_queue, MSG_AUTH_USER, $message, true, true, $msg_err); + msg_send($sr_queue, MSG_AUTH_USER_TOKEN, $message, true, true, $msg_err); echo "message sent\n"; msg_receive($cl_queue, 0, $msg_type, 16384, $msg); - echo "message received?\n"; - print_r($msg); return $msg; } - function addUser($username) { + function addUser($username, $tokentype="", $hexkey="") { global $MSG_QUEUE_KEY_ID_SERVER, $MSG_QUEUE_KEY_ID_CLIENT; @@ -219,16 +217,14 @@ class GAAuthClient { $message["username"] = $username; + if($tokentype!="") $message["tokentype"] = $tokentype; + if($hexkey!="") $message["hexkey"] = $hexkey; msg_send($sr_queue, MSG_ADD_USER_TOKEN, $message, true, true, $msg_err); - echo "message sent\n"; msg_receive($cl_queue, 0, $msg_type, 16384, $msg); - echo "message received?\n"; - print_r($msg); return $msg; - } function setTokenType($username, $tokentype) { diff --git a/authserver/lib/lib.php b/authserver/lib/lib.php index ef63d76..dbdd35f 100644 --- a/authserver/lib/lib.php +++ b/authserver/lib/lib.php @@ -44,6 +44,7 @@ function closeDatabase($db) { class gaasGA extends GoogleAuthenticator { function getData($username) { + echo "called into getdata\n"; // get our database connection $dbObject = getDatabase(); @@ -55,14 +56,17 @@ class gaasGA extends GoogleAuthenticator { $result = $dbObject->query($sql); // check the result + echo "next1\n"; if(!$result) return false; // now just retreieve all the data (there should only be one, but whatever) + echo "next2\n"; $tokendata = false; foreach($result as $row) { $tokendata = $row["users_tokendata"]; } - + + echo "next3, $username, $tokendata\n"; // now we have our data, we just return it. If we got no data // we'll just return false by default return $tokendata; diff --git a/authserver/usercmd.php b/authserver/usercmd.php index 910372e..289922a 100644 --- a/authserver/usercmd.php +++ b/authserver/usercmd.php @@ -40,14 +40,15 @@ if(!isset($argv[1])) { switch($argv[1]) { case "auth": - if($myAC->authUser($argv[2], $argv[3])==1) { + if($myAC->authUserToken($argv[2], $argv[3])==1) { echo "Pass!"; } else { echo "Fail!"; } break; case "add": - $myAC->addUser($argv[2]); + $return = $myAC->addUser($argv[2]); + echo "Created user, ".$argv[2]." returned $return\n"; break; case "delete": $myAC->deleteUser($argv[2]); diff --git a/lib/ga4php.php b/lib/ga4php.php index a052575..3435d03 100644 --- a/lib/ga4php.php +++ b/lib/ga4php.php @@ -147,7 +147,7 @@ abstract class GoogleAuthenticator { switch($ttype) { case "HOTP": error_log("in hotp"); - $st = $tlid; + $st = $tlid+1; $en = $tlid+$this->hotpSkew; for($i=$st; $i<$en; $i++) { $stest = $this->oath_hotp($tkey, $i); -- 1.7.0.4