brady
/
TAATP
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Added phpunit, URI tests revealed errors

Browse Source
master
Brady McDonough 2 years ago
parent faabdb9aee
commit 35221b979e
3 changed files with 126 additions and 30 deletions
Show Stats Download Patch File Download Diff File

10
composer.json
Unescape View File

@ -5,6 +5,14 @@
"psr/clock": "1.0.0", "psr/clock": "1.0.0",
"chillerlan/php-qrcode": "5.0.1", "chillerlan/php-qrcode": "5.0.1",
"paragonie/constant_time_encoding": "2.6.3" "paragonie/constant_time_encoding": "2.6.3"
} },
"require-dev": {
"phpunit/phpunit": "^11"
},
"autoload": {
"psr-4": {
"BradyMcD\\TAATP\\": "src/"
}
}
} }

75
src/URI/otpauth.php → src/URI/Otpauth.php
Unescape View File

@ -7,12 +7,12 @@ use InvalidArgumentException;
class Otpauth class Otpauth
{ {
public function __construct( public function __construct(
public readonly string $issuer,
public readonly string $userid, public readonly string $userid,
public readonly string $issuer,
public readonly string $secret, public readonly string $secret,
public readonly string $algo, public readonly string $algorithm,
public readonly int $period,
public readonly int $digits, public readonly int $digits,
public readonly int $period,
) )
{} {}
@ -23,7 +23,7 @@ class Otpauth
{ {
foreach($checkArray as $c) foreach($checkArray as $c)
{ {
!($c[0]($target))? :throw new InvalidArgumentException($c[1]); ($c[0]($target))? :throw new InvalidArgumentException($c[1]);
} }
}; };
$uriChecks = [ $uriChecks = [
@ -31,8 +31,11 @@ class Otpauth
{ return $arr !== false; }, { return $arr !== false; },
$uri . " is not a valid URI."], $uri . " is not a valid URI."],
[ function($arr) [ function($arr)
{ return \array_key_exists('scheme', $arr) && $arr['scheme'] === 'otpauth';}, { return \array_key_exists('scheme', $arr);},
$uri . " has no scheme or the wrong scheme for an otpauth uri."], $uri . " has no scheme."],
[ function($arr)
{ return $arr['scheme'] === 'otpauth';},
$uri . " is not an otpauth:// uri."],
[ function($arr) [ function($arr)
{ return \array_key_exists('path', $arr);}, { return \array_key_exists('path', $arr);},
$uri . " isn't tagged for a user or issuer."], $uri . " isn't tagged for a user or issuer."],
@ -50,7 +53,7 @@ class Otpauth
$parsedUri['query'] . " has no issuer information."], $parsedUri['query'] . " has no issuer information."],
[ function($que) [ function($que)
{ return \array_key_exists('secret', $que);}, { return \array_key_exists('secret', $que);},
$parsedUri['query'] . "has no secret key."] $parsedUri['query'] . "has no secret key."],
]; ];
$parsedQuery = []; $parsedQuery = [];
@ -66,45 +69,59 @@ class Otpauth
$label = \explode(":", $parsedUri['path']); $label = \explode(":", $parsedUri['path']);
$runCheck($labelChecks, $label); $runCheck($labelChecks, $label);
$applyDefaults = function(array &$arr, array $defaults) { $queryDefaults = [
foreach($defaults as $k => $v) "algorithm" => "SHA1",
"period" => "30",
"digits" => "6",
"issuer" => \rawurldecode(\ltrim($label[0], "/")),
];
$parsedQuery = \array_merge($queryDefaults, $parsedQuery);
$convertFields = function(array $conversion, array &$target) {
foreach ($conversion as $k => $v)
{ {
if(\array_key_exists($k, $arr)) $target[$k] = $v($target[$k]);
{
$arr[$k] = $v;
}
} }
}; };
$queryDefaults = [ $queryConversions = [
"algorithm" => "SHA1", "period" => '\intval',
"period" => 30, "digits" => '\intval',
"digits" => 6, "secret" => '\rawurldecode'
];
$labelConversions = [
0 => '\rawurldecode',
]; ];
$applyDefaults($queryDefaults, $parsedQuery);
$convertFields($queryConversions, $parsedQuery);
$convertFields($labelConversions, $label);
// END SCHEMEING // END SCHEMEING
\ltrim($label[0], "/") !== $parsedQuery['issuer'] \ltrim($label[0], "/") === $parsedQuery['issuer']
|| throw new InvalidArgumentException($uri . " has mismatching issuer information."); || throw new InvalidArgumentException($uri . " has mismatching issuer information.\n" .
\ltrim($label[0], "/") . "\n" .
$parsedQuery['issuer']);
return self( return new self(
$parsedQuery['issuer'],
$label[1], $label[1],
$parsedQuery['issuer'],
$parsedQuery['secret'], $parsedQuery['secret'],
$parsedQuery['algorithm'], $parsedQuery['algorithm'],
$parsedQuery['period'], $parsedQuery['digits'],
$parsedQuery['digits'] $parsedQuery['period']
); );
} }
public function emitStr(): string public function emitStr(): string
{ {
$label = $this->provider . ":" . $this->userid; $encodeIssuer = \rawurlencode($this->issuer);
$provider = "provider=" . $this->provider; $label = $encodeIssuer . ":" . $this->userid;
$algo = "algorithm=" . $this->algo; $issuer = "issuer=" . $encodeIssuer;
$algo = "algorithm=" . $this->algorithm;
$digits = "digits=" . $this->digits; $digits = "digits=" . $this->digits;
$period = "period=" . $this->period; $period = "period=" . $this->period;
$secret = "secret=" . $this->secret; $secret = "secret=" . \rawurlencode($this->secret);
$query = \implode("&", [$secret, $provider, $period, $digits, $algo]); $query = \implode("&", [$secret, $issuer, $algo, $period, $digits]);
return "otpauth://totp/" . $label . "?" . $query; return "otpauth://totp/" . $label . "?" . $query;
} }

71
tests/URITest.php
Unescape View File

@ -0,0 +1,71 @@
<?php declare(strict_types=1);
use PHPUnit\Framework\TestCase;
use BradyMcD\TAATP\URI\Otpauth;
/** @SuppressWarnings(PHPMD.StaticAccess)*/
final class URITest extends TestCase
{
public function testExampleURI(): void
{
// Sourced from Google's otpauth URI specification
// https://github.com/google/google-authenticator/wiki/Key-Uri-Format
$string = 'otpauth://totp/ACME%20Co:john.doe@email.com?secret=HXDMVJECJJWSRB3HWIZR4IFUGFTMXBOZ&issuer=ACME%20Co&algorithm=MD5&digits=8&period=60';
$urlComponents = [ "scheme" => "otpauth",
"host" => "totp",
"path" => "ACME%20Co:john.doe@email.com/",
"query" => "secret=HXDMVJECJJWSRB3HWIZR4IFUGFTMXBOZ&issuer=ACME%20Co&algorithm=SHA1&digits=6&period=30",];
$queryComponents = [ "secret" => "HXDMVJECJJWSRB3HWIZR4IFUGFTMXBOZ",
"issuer" => "ACME Co",
"algorithm" => "MD5",
"digits" => 8,
"period" => 60,];
$provisioningUri = Otpauth::fromString($string);
$this->assertSame($provisioningUri->secret, $queryComponents['secret']);
$this->assertSame($provisioningUri->issuer, $queryComponents['issuer']);
$this->assertSame($provisioningUri->digits, $queryComponents['digits']);
$this->assertSame($provisioningUri->period, $queryComponents['period']);
$this->assertSame($provisioningUri->algorithm, $queryComponents['algorithm']);
$calculatedUrl = $provisioningUri->emitStr();
$parsedOtp = \parse_url($calculatedUrl);
$parsedTest = \parse_url($string);
$parsedOtpQuery = [];
$parsedTestQuery = [];
\parse_str($parsedOtp['query'], $parsedOtpQuery);
unset($parsedOtp['query']);
\parse_str($parsedTest['query'], $parsedTestQuery);
unset($parsedTest['query']);
$this->assertEqualsCanonicalizing($parsedOtp, $parsedTest);
$this->assertEqualsCanonicalizing($parsedOtpQuery, $parsedTestQuery);
}
public function testIncompleteURI(): void
{
$string = 'otpauth://totp/Example:john.doe@email.com?secret=HXDMVJECJJWSRB3HWIZR4IFUGFTMXBOZ&issuer=Example';
$queryComponents = [ "secret" => "HXDMVJECJJWSRB3HWIZR4IFUGFTMXBOZ",
"issuer" => "Example",
"algorithm" => "SHA1",
"digits" => 6,
"period" => 30,];
$provisioningUri = Otpauth::fromString($string);
$this->assertSame($provisioningUri->secret, $queryComponents['secret']);
$this->assertSame($provisioningUri->algorithm, $queryComponents['algorithm']);
$this->assertSame($provisioningUri->digits, $queryComponents['digits']);
$this->assertSame($provisioningUri->period, $queryComponents['period']);
}
}
?>
Write Preview
Loading…
Cancel
Save