brady
/
TAATP
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

phpmd, the great naming standards refactor

Browse Source
master
Brady McDonough 2 years ago
parent 9bc7d67acc
commit 0a47684a74
19 changed files with 79 additions and 79 deletions
Show Stats Download Patch File Download Diff File

1
.gitignore vendored
Unescape View File

@ -2,3 +2,4 @@
\#*\#
.\#*
.projectile
TAGS

9
src/AntiCSRF/Base.php
Unescape View File

@ -10,7 +10,6 @@ define("CSRF_EXPIRY_IDX", "antiCSRF_TAATP_Expiry");
class Base implements AntiCSRFInterface
{
private int $token;
private int $expiry;
public function __construct(
private SessionInterface $session,
@ -35,7 +34,7 @@ class Base implements AntiCSRFInterface
return $this->clock->now()->getTimestamp() >= $this->session->get(CSRF_EXPIRY_IDX);
}
public function emit_str(): string
public function emitStr(): string
{
return
'<input type="hidden" name="'
@ -47,7 +46,7 @@ class Base implements AntiCSRFInterface
public function display()
{
echo $this->emit_str();
echo $this->emitStr();
}
private function expiry(): int
@ -57,9 +56,9 @@ class Base implements AntiCSRFInterface
public function generate()
{
$this->session->try_store(CSRF_TOKEN_IDX, \bin2hex(\random_bytes(32)));
$this->session->tryStore(CSRF_TOKEN_IDX, \bin2hex(\random_bytes(32)));
$this->token = $this->session->get(CSRF_TOKEN_IDX);
$this->session->try_store(CSRF_EXPIRY_IDX, $this->expiry());
$this->session->tryStore(CSRF_EXPIRY_IDX, $this->expiry());
}
public function regenerate()

4
src/AntiCSRF/None.php
Unescape View File

@ -21,14 +21,14 @@ class None implements AntiCSRFInterface
return false;
}
public function emit_str(): string
public function emitStr(): string
{
return "";
}
public function display()
{
echo $this->emit_str();
echo $this->emitStr();
}
public function generate()

2
src/AntiCSRFInterface.php
Unescape View File

@ -13,7 +13,7 @@ interface AntiCSRFInterface
public function match(): bool;
public function expired(): bool;
public function display();
public function emit_str(): string;
public function emitStr(): string;
public function generate();
public function regenerate();
}

18
src/Factory.php
Unescape View File

@ -17,33 +17,33 @@ class Factory
private PersistenceInterface $db,
private RequestInterface $ri,
private null|SessionInterface $session,
private null|\PSR\Clock\ClockInterface $csrf_clock,
private null|\PSR\Clock\ClockInterface $csrfClock,
private null|AntiCSRFInterface $csrf,
private null|\PSR\Clock\ClockInterface $totp_clock,
private null|\PSR\Clock\ClockInterface $totpClock,
private null|HashInterface $hash,
)
{
$this->session ? : $this->session = new Session\Base();
$this->csrf_clock ? : $this->csrf_clock = new Clock\Request();
$this->csrf_clock ? : $this->csrfClock = new Clock\Request();
$this->csrf ? : $this->csrf = new AntiCSRF\Base(
$this->session,
$this->csrf_clock
);
$this->totp_clock ? : $this->totp_clock = new Clock\Base();
$this->totp_clock ? : $this->totpClock = new Clock\Base();
$this->$hash ? : $this->hash = new Hash\HMAC_SHA1();
}
public function user_management(mixed $user_index): UserManagement
public function userManagement(mixed $userIndex): UserManagement
{
return new UserManagement($this->db, $this->ri, $this->csrf, $this->session, $user_index);
return new UserManagement($this->db, $this->ri, $this->csrf, $this->session, $userIndex);
}
public function authenticate(mixed $user_index): null|Authenticate
public function authenticate(mixed $userIndex): null|Authenticate
{
if(\is_null($db->get_secret($user_index)))
if(\is_null($this->db->getSecret($userIndex)))
return null;
else
return new Authenticate($this->db, $this->ri, $this->csrf, $this->session, $user_index)
return new Authenticate($this->db, $this->ri, $this->csrf, $this->session, $userIndex);
}
}

4
src/Hash/HMAC_SHA1.php
Unescape View File

@ -13,12 +13,12 @@ class HMAC_SHA1 implements HashInterface
return \hash_hmac("sha1", \hex2bin($v), $key, true);
}
public function hash_numeric(string $k, int $v): string
public function hashNumeric(string $k, int $v): string
{
return $this->hash($k, \dechex($v));
}
public function hash_type(): string
public function hashType(): string
{
return "SHA1";
}

4
src/HashInterface.php
Unescape View File

@ -5,8 +5,8 @@ namespace BradyMcD\TAATP;
interface HashInterface
{
public function hash(string $k, string $v): string;
public function hash_numeric(string $k, int $v): string;
public function hash_type(): string;
public function hashNumeric(string $k, int $v): string;
public function hashType(): string;
}
?>

8
src/RFC/_4226.php
Unescape View File

@ -15,20 +15,20 @@ class _4226
public function validate(string $q): int
{
$valid_count = false;
$validCount = false;
foreach (range($this->n, $this->n + ($this->driftModifier * $this->grace), $this->driftModifier) as $c)
{
$expected =
\bindec($this->hash->hash_numeric($this->key, $c)) %
\bindec($this->hash->hashNumeric($this->key, $c)) %
\pow(10, $this->digits);
if (\hash_equals((string)$expected, $q))
{
$valid_count = $c;
$validCount = $c;
break;
}
}
return $valid_count;
return $validCount;
}
}

4
src/RFC/_6238.php
Unescape View File

@ -18,10 +18,10 @@ class _6238
public function validate(string $q): bool|int
{
$window_n = $this->clock->now()->getTimestamp()/$this->window;
$windowNum = $this->clock->now()->getTimestamp()/$this->window;
$hotp = new _4226(
$this->key,
$window_n,
$windowNum,
$this->grace,
$this->digits,
$this->hash,

6
src/Request/base.php
Unescape View File

@ -23,7 +23,7 @@ class Base implements RequestInterface
}
}
public function form_props(string $place): string
public function formProps(string $place): string
{
$method = 'method="post"';
if(\is_array($this->paths))
@ -37,9 +37,9 @@ class Base implements RequestInterface
return $action . ' ' . $method;
}
public function get_resp(string $k): string
public function getResp(string $key): string
{
return $__REQUEST[$k];
return $_REQUEST[$key];
}
}

10
src/Required/PersistenceInterface.php
Unescape View File

@ -16,13 +16,13 @@ interface PersistenceInterface
* @param string $secret The secret datastring used to seed the TOTP rolling hash
* @return void
*/
public function store_secret(mixed $index, string $secret);
public function storeSecret(mixed $index, string $secret);
/**
* Removes the secret key for the user associated with the given indexing data.
* @param mixed $index Whatever data needed to index into your database and identify a particular user
*/
public function strip_secret(mixed $index);
public function stripSecret(mixed $index);
/**
* As the name suggests One-Time-Passwords should only be usable one time!
@ -32,7 +32,7 @@ interface PersistenceInterface
* Only codes generated at a time greater than the indicated time will be deemed valid.
* @return bool
*/
public function store_last_time(mixed $index, int $timestamp): bool;
public function storeLastTime(mixed $index, int $timestamp): bool;
/**
* Gets and returns the otpauth URI for the user associated with the given user_id.
@ -40,14 +40,14 @@ interface PersistenceInterface
* @param mixed $index Whatever data needed to index into your database and identify a particular user
* @return null|string
*/
public function get_secret(mixed $index): null|string;
public function getSecret(mixed $index): null|string;
/**
* Gets and returns the last successful challenge timestamp to enforce the One-Time aspect of a TOTP.
* @param mixed $index Whatever data needed to index into your database and identify a particular user
* @return int
*/
public function get_last_time(mixed $index): int;
public function getLastTime(mixed $index): int;
}
?>

4
src/Required/RequestInterface.php
Unescape View File

@ -16,14 +16,14 @@ interface RequestInterface
* @param string $place One of "enroll", "unenroll" or "authenticate"
* @return string
*/
public function form_props(string $place): string;
public function formProps(string $place): string;
/**
* Returns a referred user response variable.
* @param string $k The key the user is sending
* @return string
*/
public function get_resp(string $k): string;
public function getResp(string $k): string;
}

2
src/Session/Base.php
Unescape View File

@ -15,7 +15,7 @@ class Base implements SessionInterface
return session_status() === PHP_SESSION_ACTIVE;
}
public function try_store(string $k, mixed $val): bool
public function tryStore(string $k, mixed $val): bool
{
$key = $this->ns($k);
if (!isset($_SESSION[$key]))

2
src/SessionInterface.php
Unescape View File

@ -9,7 +9,7 @@ namespace BradyMcD\TAATP;
interface SessionInterface
{
function live(): bool;
function try_store(string $key, mixed $val): bool;
function tryStore(string $key, mixed $val): bool;
function store(string $key, mixed $val);
function get(string $key);
}

2
src/URI/otpauth.php
Unescape View File

@ -111,7 +111,7 @@ class Otpauth
return new self($issuer, $user, $secret, $algo);
}
public function emit_str(): string
public function emitStr(): string
{
$label = $this->provider . ":" . $this->userid;
$provider = "provider=" . $this->provider;

18
src/Workflow/Authenticate.php
Unescape View File

@ -15,7 +15,7 @@ class Authenticate implements WorkflowInterface
private RequestInterface $ri,
private AntiCSRFInterface $csrf,
private SessionInterface $session,
private mixed $user_index,
private mixed $userIndex,
private HashInterface $hash,
)
{
@ -23,20 +23,20 @@ class Authenticate implements WorkflowInterface
function display()
{
echo $this->emit_str();
echo $this->emitStr();
}
function emit_str(): string
function emitStr(): string
{
$html = "<div id=\"authenticate\"><form %frm>";
$html .= $this->csrf->emit_str();
$html .= $this->csrf->emitStr();
$html .= "<p>Please enter the code showing on your authenticator</p>";
$html .= "<intput name=\"totp_challenge\" id=\"totp_challenge\" type\"text\" />";
$html .= "<input type=\"submit\" value=\"Submit\" />";
$html .= "</form></div>";
$values = [
"%frm" => $this->ri->form_props("authenticate"),
"%frm" => $this->ri->formProps("authenticate"),
];
return \str_replace(\array_keys($values), $values, $html);
@ -49,22 +49,22 @@ class Authenticate implements WorkflowInterface
return false;
}
$p_uri = $this->db->get_secret($this->user_index);
$p_uri = $this->db->getSecret($this->userIndex);
$totp = _6238(
$p_uri.secret,
$p_uri.period,
$this->db->get_last_time($this->user_index),
$this->db->getLastTime($this->userIndex),
2,
$p_uri.digits,
$this->clock,
$this->hash
);
$flag = $totp.validate($this->ri->get_resp("totp_challenge"));
$flag = $totp.validate($this->ri->getResp("totp_challenge"));
if($flag)
{
$this->db->store_last_time($this->user_index, $flag);
$this->db->storeLastTime($this->userIndex, $flag);
return true;
}
return false;

48
src/Workflow/UserManagement.php
Unescape View File

@ -17,7 +17,7 @@ class UserManagement implements WorkflowInterface
private RequestInterface $ri,
private AntiCSRFInterface $csrf,
private SessionInterface $session,
private mixed $user_index,
private mixed $userIndex,
private HashInterface $hash,
)
{
@ -25,62 +25,62 @@ class UserManagement implements WorkflowInterface
function display()
{
echo $this->emit_str();
echo $this->emitStr();
}
private function view_enroll_form(): string
private function viewEnrollForm(): string
{
$html = "<div id=\"enroll\"><form %frm>";
$html .= $this->csrf->emit_str();
$html .= $this->csrf->emitStr();
$html .= "<p>To add an authenticator to your account, scan the QR code</p>";
$html .= "<img src=%qr alt=\"qr-code\" />";
$html .= "<label for=\"totp_challenge\">Enter the authentication code:</label>"
$html .= "<label for=\"totp_challenge\">Enter the authentication code:</label>";
$html .= "<input name=\"totp_challenge\" id=\"totp_challenge\" type=\"text\" >";
$html .= "<input type=\"submit\" value=\"Submit\" />";
$html .= "</form></div>";
$provisioning_uri = (new Otpauth(
$provisioningUri = (new Otpauth(
"taatp",
$this->userIndex,
$this->hash->keygen(),
"SHA1",
30,
6
))->emit_str();
$this->session->store("secret", $provisioning_uri);
))->emitStr();
$this->session->store("secret", $provisioningUri);
$values = [
"%frm" => $this->ri->form_props("enroll"),
"%qr" => (new QRCode)->render($provisioning_uri),
]
"%frm" => $this->ri->formProps("enroll"),
"%qr" => (new QRCode)->render($provisioningUri),
];
return \str_replace(\array_keys($values), $values, $html);
}
private function view_unenroll_form(): string
private function viewUnenrollForm(): string
{
$html = "<div id=\"unenroll\"><form %frm>";
$html .= $this->csrf->emit_str();
$html .= $this->csrf->emitStr();
$html .= "<label for=\"totp_challenge\">To de-register your authenticator enter the current authentication code:</label>";
$html .= "<intput name=\"totp_challenge\" id=\"totp_challenge\" type\"text\" />";
$html .= "<input type=\"submit\" value=\"Submit\" />";
$html .= "</form></div>";
$values = [
"%frm" => $this->ri->form_props("unenroll"),
"%frm" => $this->ri->formProps("unenroll"),
];
return \str_replace(\array_keys($values), $values, $html);
}
function emit_str(): string
function emitStr(): string
{
if (\is_null($this->db->get_secret($this->user_index)))
if (\is_null($this->db->getSecret($this->userIndex)))
{
$this->view_enroll_form();
$this->viewEnrollForm();
}
else
{
$this->view_unenroll_form();
$this->viewUnenrollForm();
}
}
@ -91,30 +91,30 @@ class UserManagement implements WorkflowInterface
return false;
}
$p_uri = $this->db->get_secret($this->user_index);
$p_uri = $this->db->getSecret($this->userIndex);
$enroll_flag = \is_null($p_uri);
$enroll_flag && $enroll_flag = $this->session->get('secret');
$totp = _6238(
$p_uri.secret,
$p_uri.period,
$enroll_flag? 0:$this->db->get_last_time($this->user_index),
$enroll_flag? 0:$this->db->getLastTime($this->userIndex),
2,
$p_uri.digits,
$this->clock,
$this->hash
);
$flag = $totp.validate($this->ri->get_resp("totp_challenge"));
$flag = $totp.validate($this->ri->getResp("totp_challenge"));
if($flag && $enroll_flag)
{
$this->db->store_last_time($this->user_index, $flag);
$this->db->store_secret($this->user_index, $p_uri);
$this->db->storeLastTime($this->userIndex, $flag);
$this->db->storeSecret($this->userIndex, $p_uri);
return true;
}
else if($flag)
{
$this->db->strip_secret($this->user_index);
$this->db->stripSecret($this->userIndex);
return true;
}
return false;

2
src/WorkflowInterface.php
Unescape View File

@ -13,7 +13,7 @@ interface WorkflowInterface
* returns the workflow's relevant form.
* @return string
*/
public function emit_str():string;
public function emitStr():string;
/**
* Handles any response given to the workflow's form.
* @return bool

Write Preview
Loading…
Cancel
Save