From 2d6b0d3ff36c0e388ea51163cb2ebee072a03dab Mon Sep 17 00:00:00 2001
From: paulr <me@pjr.cc>
Date: Wed, 8 Dec 2010 09:31:14 +1100
Subject: [PATCH] set token types
 and ssync tokens

---
 authserver/authd/authd.php       |    9 ++++++++-
 authserver/lib/authClient.php    |   23 +++++++++++++++++++++++
 authserver/lib/lib.php           |    1 +
 authserver/usercmd.php           |    5 +++++
 authserver/www/admin.php         |   15 +++++++++++++++
 authserver/www/admin_actions.php |   23 +++++++++++++++++++++++
 lib/ga4php.php                   |    2 +-
 7 files changed, 76 insertions(+), 2 deletions(-)

diff --git a/authserver/authd/authd.php b/authserver/authd/authd.php
index c1e1722..576a507 100644
--- a/authserver/authd/authd.php
+++ b/authserver/authd/authd.php
@@ -122,10 +122,17 @@ if($pid == -1) {
 					$tokenone = $msg["tokenone"];
 					$tokentwo = $msg["tokentwo"];
 					
-					msg_send($cl_queue,MSG_SYNC_TOKEN, $myga->resyncCode($username, $tokenone, $tokentwo));
+					msg_send($cl_queue, MSG_SYNC_TOKEN, $myga->resyncCode($msg["username"], $tokenone, $tokentwo));
 				}
 				
 				break;
+			case MSG_GET_TOKEN_TYPE:
+				if(!isset($msg["username"])) {
+					msg_send($cl_queue, MSG_GET_TOKEN_TYPE, false);
+				} else {
+					msg_send($cl_queue, MSG_GET_TOKEN_TYPE, $myga->getTokenType($msg["username"]));
+				}
+				break;
 			case MSG_ADD_USER_TOKEN:
 				echo "Call to add user token\n";
 				if(!isset($msg["username"])) {
diff --git a/authserver/lib/authClient.php b/authserver/lib/authClient.php
index 735c8a1..ba6c2ff 100644
--- a/authserver/lib/authClient.php
+++ b/authserver/lib/authClient.php
@@ -30,6 +30,29 @@ class GAAuthClient {
 		
 	}
 	
+	function getUserTokenType($username) {
+		global $MSG_QUEUE_KEY_ID_SERVER, $MSG_QUEUE_KEY_ID_CLIENT;
+		
+		
+		if(!msg_queue_exists($MSG_QUEUE_KEY_ID_SERVER)) {
+			return false;
+		}
+
+		if(!msg_queue_exists($MSG_QUEUE_KEY_ID_CLIENT)) {
+			return false;
+		}
+		// TODO we need to setup a client queue sem lock here
+		
+		$cl_queue = msg_get_queue($MSG_QUEUE_KEY_ID_CLIENT);
+		$sr_queue = msg_get_queue($MSG_QUEUE_KEY_ID_SERVER);
+		
+		$message["username"] = $username;
+		msg_send($sr_queue, MSG_GET_TOKEN_TYPE, $message, true, true, $msg_err);
+		
+		msg_receive($cl_queue, 0, $msg_type, 16384, $msg);
+		return $msg;		
+	}
+	
 	function setUserToken($username, $token) {
 		global $MSG_QUEUE_KEY_ID_SERVER, $MSG_QUEUE_KEY_ID_CLIENT;
 		
diff --git a/authserver/lib/lib.php b/authserver/lib/lib.php
index c3ac220..83d7ced 100644
--- a/authserver/lib/lib.php
+++ b/authserver/lib/lib.php
@@ -17,6 +17,7 @@ define("MSG_GET_OTK_PNG", 10);
 define("MSG_GET_OTK_ID", 11);
 define("MSG_DELETE_USER_TOKEN", 12);
 define("MSG_SYNC_TOKEN", 13);
+define("MSG_GET_TOKEN_TYPE", 14);
 
 // BASE_DIR = 
 $BASE_DIR = realpath(dirname(__FILE__)."/../../");
diff --git a/authserver/usercmd.php b/authserver/usercmd.php
index 5888c0f..1d4db80 100644
--- a/authserver/usercmd.php
+++ b/authserver/usercmd.php
@@ -38,10 +38,15 @@ if(!isset($argv[1])) {
 	echo "\tgetotk: getotk <username> - gets the OTKID for a key\n";
 	echo "\tradauth: radauth <username> <pin> - for radius, only returns a code\n";
 	echo "\tsynctoken: synctoken <username> <tokenone> <tokentwo> - resync's a hotp token based on two token codes\n";
+	echo "\ttokentype: tokentype <username> - gets the token type for a user\n";
 	return 0;	
 }
 
 switch($argv[1]) {
+	case "tokentype":
+		$msg = $myAC->getUserTokenType($argv[2]);
+		echo "token type: $msg\n";
+		break;
 	case "synctoken":
 		if($myAC->syncUserToken($argv[2], $argv[3], $argv[4])) {
 			echo "Token synced\n";
diff --git a/authserver/www/admin.php b/authserver/www/admin.php
index bc61744..24d02b4 100644
--- a/authserver/www/admin.php
+++ b/authserver/www/admin.php
@@ -56,6 +56,21 @@ if(isset($_REQUEST["edituser"])) {
 </table>
 <input type="submit" value="Update">
 </form>
+<?php
+if($myAC->getUserTokenType($username)=="HOTP") {
+?> 
+<form method="post" action="?action=synctoken&username=<?php echo $username?>">
+<h3>Resync Tokens</h3>
+<table>
+<tr><td>Token One</td><td><input type="text" name="tokenone"></td></tr>
+<tr><td>Token Two</td><td><input type="text" name="tokentwo"></td></tr>
+</table>
+<input type="submit" value="Sync">
+</form>
+<?php
+}
+?> 
+
 <form method="post" action="?action=customtoken&username=<?php echo $username ?>">
 <h3>Custom Tokens - doesnt work yet</h3><br>
 For assiging in a user-created or hardware tokens<br>
diff --git a/authserver/www/admin_actions.php b/authserver/www/admin_actions.php
index e5ddb11..a3511e2 100644
--- a/authserver/www/admin_actions.php
+++ b/authserver/www/admin_actions.php
@@ -10,6 +10,29 @@ else $loggedin = false;
 
 if(isset($_REQUEST["action"])) {
 	switch($_REQUEST["action"]) {
+		case "customtoken":
+			$ttype = $_REQUEST["tokentype"];
+			$tkey = $_REQUEST["tokenkey"];
+			$username = $_REQUEST["username"];
+			$ret1 = $myAC->setUserTokenType($username, $ttype);
+			$ret2 = $myAC->setUserToken($username, $tkey);
+			error_log("got, $ret1, $ret2...");
+			break;
+		case "synctoken":
+			$username = $_REQUEST["username"];
+			$tokenone = $_REQUEST["tokenone"];
+			$tokentwo = $_REQUEST["tokentwo"];
+			$retval = $myAC->syncUserToken($username, $tokenone, $tokentwo);
+			error_log("retval: $retval");
+			if($retval) {
+				header("Location: ?message=".urlencode("token synced"));
+				exit(0);
+			} else {
+				header("Location: ?error=".urlencode("token not synced"));
+				exit(0);
+			}
+			
+			break;
 		case "recreatehotptoken":
 			$username = $_REQUEST["username"];
 			$myAC->addUser($username, "HOTP");
diff --git a/lib/ga4php.php b/lib/ga4php.php
index 3870f9c..125556a 100644
--- a/lib/ga4php.php
+++ b/lib/ga4php.php
@@ -222,7 +222,7 @@ abstract class GoogleAuthenticator {
 						$stest2 = $this->oath_hotp($tkey, $i+1);
 						if($code2 == $stest2) {
 							$tokendata["tokencounter"] = $i+1;
-							internalPutData($username, $tokendata);						
+							$this->internalPutData($username, $tokendata);						
 							return true;
 						}
 					}
-- 
1.7.0.4