From 34cbcba6d0f7c0a92c849545712cc5ce7ec03f97 Mon Sep 17 00:00:00 2001 From: paulr Date: Mon, 6 Dec 2010 02:07:18 +1100 Subject: [PATCH] functional authd/authclient --- authserver/authd/authd.php | 39 +++++++++++++++++++++++++++++++++++++- authserver/authd/gaasdata.sqlite | Bin 3072 -> 0 bytes authserver/lib/authClient.php | 25 ++++++++++++++++++++++++ authserver/lib/lib.php | 19 ++++++++++++++++- authserver/usercmd.php | 12 +++++++++++ 5 files changed, 92 insertions(+), 3 deletions(-) delete mode 100644 authserver/authd/gaasdata.sqlite diff --git a/authserver/authd/authd.php b/authserver/authd/authd.php index afe3883..bd10267 100644 --- a/authserver/authd/authd.php +++ b/authserver/authd/authd.php @@ -49,6 +49,34 @@ if($pid == -1) { $authval = $myga->authenticateUser($username, $passcode); msg_send($cl_queue, MSG_AUTH_USER_TOKEN, $authval); break; + + case MSG_GET_OTK_PNG: + if(!isset($msg["username"])) { + msg_send($cl_queue, MSG_GET_OTK_PNG, false); + } else { + $username = $msg["username"]; + $sql = "select users_otk from users where users_username='$username'"; + $dbo = getDatabase(); + $res = $dbo->query($sql); + $otk = ""; + foreach($res as $row) { + $otk = $row["users_otk"]; + } + + if($otk == "") { + msg_send($cl_queue, MSG_GET_OTK_PNG, false); + } else { + $hand = fopen("otks/$otk.png", "rb"); + $data = fread($hand, filesize("otks/$otk.png")); + fclose($hand); + msg_send($cl_queue, MSG_GET_OTK_PNG, $data); + unlink("otks/$otk.png"); + $sql = "update users set users_otk='' where users_username='$username'"; + $dbo->query($sql); + } + } + + break; case MSG_ADD_USER_TOKEN: echo "Call to add user token\n"; if(!isset($msg["username"])) { @@ -66,7 +94,16 @@ if($pid == -1) { global $myga; $myga->setUser($username, $tokentype, "", $hexkey); - msg_send($cl_queue, MSG_ADD_USER_TOKEN, $myga->createUrl($username)); + $url = $myga->createUrl($username); + mkdir("otks"); + $otk = generateRandomString(); + system("qrencode -o otks/$otk.png $url"); + + $sql = "update users set users_otk='$otk' where users_username='$username'"; + $dbo = getDatabase(); + $res = $dbo->query($sql); + + msg_send($cl_queue, MSG_ADD_USER_TOKEN, true); } break; case MSG_DELETE_USER: diff --git a/authserver/authd/gaasdata.sqlite b/authserver/authd/gaasdata.sqlite deleted file mode 100644 index d9792cad1598e90affc0204ee6b3df75d1822a07..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 3072 zcmeHJ&rjPh6tW41v3ra-)(=jD4 zxI2lAgC<1o-gfbpVHo)Cs9JNG2U%VX+OzmZg*C{|dU77l8-#H|E$WgJm)U*SCr8vL zeNQ-yL#R!;Xg-ittV-A*f{sO#Jiu8XqgUXcGS9Em3=%wJ7wIBM=CY7$d{^}*)_x;+ zYN;!*SrxcLcncZtx9`8I-fHudxX?_5LzDR;HJzj=or~{Xmbh2aJX?Zx*oDH_wG)0> z*cOlZh_?Na_rZ?&4`;wue(AR-Lv}DL(++T2Q?rPsiQAc3Ug+%GT|P*|A?aY%=P!CJl2r*Mw5vWka&sJwvps{YsEZmw_U&HDE1({64B-eKLq)vpNt1AqU#*#H0l diff --git a/authserver/lib/authClient.php b/authserver/lib/authClient.php index a29af89..58de4ec 100644 --- a/authserver/lib/authClient.php +++ b/authserver/lib/authClient.php @@ -55,6 +55,31 @@ class GAAuthClient { return $msg; } + function getOtkPng($username) { + global $MSG_QUEUE_KEY_ID_SERVER, $MSG_QUEUE_KEY_ID_CLIENT; + + + if(!msg_queue_exists($MSG_QUEUE_KEY_ID_SERVER)) { + return false; + } + + if(!msg_queue_exists($MSG_QUEUE_KEY_ID_CLIENT)) { + return false; + } + // TODO we need to setup a client queue sem lock here + + $cl_queue = msg_get_queue($MSG_QUEUE_KEY_ID_CLIENT); + $sr_queue = msg_get_queue($MSG_QUEUE_KEY_ID_SERVER); + + $message["username"] = $username; + msg_send($sr_queue, MSG_GET_OTK_PNG, $message, true, true, $msg_err); + + msg_receive($cl_queue, 0, $msg_type, 16384, $msg); + + return $msg; + + } + function authUserPass($username, $password) { global $MSG_QUEUE_KEY_ID_SERVER, $MSG_QUEUE_KEY_ID_CLIENT; diff --git a/authserver/lib/lib.php b/authserver/lib/lib.php index dbdd35f..9737566 100644 --- a/authserver/lib/lib.php +++ b/authserver/lib/lib.php @@ -13,10 +13,25 @@ define("MSG_SET_USER_REALNAME", 6); define("MSG_SET_USER_TOKEN", 7); define("MSG_SET_USER_TOKEN_TYPE", 8); define("MSG_GET_USERS", 9); +define("MSG_GET_OTK_PNG", 10); if(file_exists("../../lib/ga4php.php")) require_once("../../lib/ga4php.php"); if(file_exists("../lib/ga4php.php")) require_once("../lib/ga4php.php"); + +function generateRandomString() +{ + $str = ""; + $strpos = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"; + + for($i=0; $i<128; $i++) { + $str .= $strpos[rand(0, strlen($strpos)-1)]; + } + + return $str; +} + + function getDatabase() { $dbobject = false; if(file_exists("gaasdata.sqlite")) { @@ -31,7 +46,7 @@ function getDatabase() { } catch(PDOException $exep) { error_log("execpt on db open"); } - $sql = 'CREATE TABLE "users" ("users_id" INTEGER PRIMARY KEY AUTOINCREMENT,"users_username" TEXT, "users_realname" TEXT, "users_password" TEXT, "users_tokendata" TEXT);'; + $sql = 'CREATE TABLE "users" ("users_id" INTEGER PRIMARY KEY AUTOINCREMENT,"users_username" TEXT, "users_realname" TEXT, "users_password" TEXT, "users_tokendata" TEXT, "users_otk" TEXT);'; $dbobject->query($sql); } @@ -87,7 +102,7 @@ class gaasGA extends GoogleAuthenticator { $sql = "update users set users_tokendata='$data' where users_username='$username'"; } else { // do insert - $sql = "insert into users values (NULL, '$username', '', '', '$data')"; + $sql = "insert into users values (NULL, '$username', '', '', '$data', '')"; } if($dbObject->query($sql)) { diff --git a/authserver/usercmd.php b/authserver/usercmd.php index e58cd65..aad5e3a 100644 --- a/authserver/usercmd.php +++ b/authserver/usercmd.php @@ -35,10 +35,22 @@ if(!isset($argv[1])) { echo "\tsettoken: settoken - sets the key (hex) for a token\n"; echo "\tsettype: settype - sets a token type for a user\n"; echo "\tgetusers: getusers - gets a list of users\n"; + echo "\tgetotk: getotk - gets the OTK png for a key\n"; return 0; } switch($argv[1]) { + case "getotk": + $val = $myAC->getOtkPng($argv[2]); + if($val === false) { + echo "Failure\n"; + } else { + $hand = fopen("val.png", "w"); + fwrite($hand, $val); + fclose($hand); + echo "In val.png\n"; + } + break; case "auth": if($myAC->authUserToken($argv[2], $argv[3])==1) { echo "Pass!\n"; -- 1.7.0.4