brady
/
TAATP
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Final linting pass, declare(strict_types=1)

Browse Source
master
Brady McDonough 2 years ago
parent 345b43d950
commit faabdb9aee
20 changed files with 104 additions and 99 deletions
Show Stats Download Patch File Download Diff File

3
src/AntiCSRF/Base.php
Unescape View File

@ -1,4 +1,4 @@
<?php
<?php declare(strict_types=1);
namespace BradyMcD\TAATP\AntiCSRF;
use BradyMcD\TAATP\AntiCSRFInterface;
@ -20,6 +20,7 @@ class Base implements AntiCSRFInterface
$this->generate();
}
/** @SuppressWarnings(PHPMD.Superglobals) */
public function match(): bool
{
if (\hash_equals($this->session->get(CSRF_TOKEN_IDX), $_REQUEST[CSRF_TOKEN_IDX]))

2
src/AntiCSRF/None.php
Unescape View File

@ -1,4 +1,4 @@
<?php
<?php declare(strict_types=1);
namespace BradyMcD\TAATP\AntiCSRF;
use BradyMcD\TAATP\AntiCSRFInterface;

2
src/AntiCSRFInterface.php
Unescape View File

@ -1,4 +1,4 @@
<?php
<?php declare(strict_types=1);
namespace BradyMcD\TAATP;

8
src/Clock/Base.php
Unescape View File

@ -1,12 +1,14 @@
<?php
<?php declare(strict_types=1);
namespace BradyMcD\TAATP\Clock;
use DateTimeImmutable;
class Base implements \Psr\Clock\ClockInterface
{
function now(): \DateTimeImmutable
function now(): DateTimeImmutable
{
return new \DateTimeImmutable("now");
return new DateTimeImmutable("now");
}
}

10
src/Clock/Request.php
Unescape View File

@ -1,7 +1,9 @@
<?php
<?php declare(strict_types=1);
namespace BradyMcD\TAATP\Clock;
use DateTimeImmutable;
class Request implements \Psr\Clock\ClockInterface
{
private $time;
@ -11,10 +13,10 @@ class Request implements \Psr\Clock\ClockInterface
$this->time = $_SERVER["REQUEST_TIME"];
}
public function now(): \DateTimeImmutable
public function now(): DateTimeImmutable
{
return new \DateTimeImmutable($this->time);
return new DateTimeImmutable($this->time);
}
}
?>
?>

3
src/Factory.php
Unescape View File

@ -1,4 +1,4 @@
<?php
<?php declare(strict_types=1);
namespace BradyMcD\TAATP;
use BradyMcD\TAATP\Required\PersistenceInterface;
@ -10,6 +10,7 @@ use BradyMcD\TAATP\Workflow\Authenticate;
/**
* The primary entrypoint of the module.
* @SuppressWarnings(PHPMD.ShortVariable)
*/
class Factory
{

5
src/Hash/HMAC_SHA1.php
Unescape View File

@ -1,12 +1,14 @@
<?php
<?php declare(strict_types=1);
namespace BradyMcD\TAATP\Hash;
use BradyMcD\TAATP\HashInterface;
use ParagonIE\ConstantTime\Base32;
/** @SuppressWarnings(PHPMD.CamelCaseClassName)*/
class HMAC_SHA1 implements HashInterface
{
const DEFAULT_SECRET_SIZE = 32;
/** @SuppressWarnings(PHPMD.StaticAccess) */
public function hash(string $key, string $val): string
{
$key = Base32::decode($key);
@ -23,6 +25,7 @@ class HMAC_SHA1 implements HashInterface
return "SHA1";
}
/** @SuppressWarnings(PHPMD.StaticAccess) */
public static function keygen(): string
{
return Base32::encodeUpper(random_bytes(this.DEFAULT_SECRET_SIZE));

6
src/HashInterface.php
Unescape View File

@ -1,11 +1,11 @@
<?php
<?php declare(strict_types=1);
namespace BradyMcD\TAATP;
interface HashInterface
{
public function hash(string $k, string $v): string;
public function hashNumeric(string $k, int $v): string;
public function hash(string $key, string $val): string;
public function hashNumeric(string $key, int $val): string;
public function hashType(): string;
}

15
src/RFC/_4226.php
Unescape View File

@ -1,11 +1,12 @@
<?php
<?php declare(strict_types=1);
namespace BradyMcD\TAATP\RFC;
/** @SuppressWarnings(CamelCaseClassName)*/
class _4226
{
public function __construct(
private string $key,
private int $n,
private int $count,
private int $grace,
private int $digits,
private \BradyMcD\TAATP\HashInterface $hash,
@ -13,18 +14,18 @@ class _4226
)
{}
public function validate(string $q): int
public function validate(string $query): int
{
$validCount = false;
foreach (range($this->n, $this->n + ($this->driftModifier * $this->grace), $this->driftModifier) as $c)
foreach (range($this->count, $this->count + ($this->driftModifier * $this->grace), $this->driftModifier) as $count)
{
$expected =
\bindec($this->hash->hashNumeric($this->key, $c)) %
\bindec($this->hash->hashNumeric($this->key, $count)) %
\pow(10, $this->digits);
if (\hash_equals((string)$expected, $q))
if (\hash_equals((string)$expected, $query))
{
$validCount = $c;
$validCount = $count;
break;
}
}

9
src/RFC/_6238.php
Unescape View File

@ -1,8 +1,11 @@
<?php
<?php declare(strict_types=1);
namespace BradyMcD\TAATP\RFC;
use Psr\Clock\ClockInterface;
/**
* @SuppressWarnings(PHPMD.CamelCaseClassName)
*/
class _6238
{
public function __construct(
@ -16,7 +19,7 @@ class _6238
)
{}
public function validate(string $q): bool|int
public function validate(string $query): bool|int
{
$windowNum = $this->clock->now()->getTimestamp()/$this->window;
$hotp = new _4226(
@ -28,7 +31,7 @@ class _6238
-1
);
$valid = $hotp->validate($q) * $this->window;
$valid = $hotp->validate($query) * $this->window;
if ($valid != false && $valid <= $this->floor)
{
$valid = false;

27
src/Request/base.php
Unescape View File

@ -1,17 +1,24 @@
<?php
<?php declare(strict_types=1);
namespace BradyMcD\TAATP\Request;
use IllegalArgumentException;
use BradyMcD\TAATP\Required\RequestInterface;
use BradyMcD\TAATP\Required\RequestTargets;
class Base implements RequestInterface
{
public function __construct(private mixed $paths)
/**
* @SuppressWarnings(PHPMD.StaticAccess)
* @SuppressWarnings(PHPMD.CamelCaseVariableName)
* @SuppressWarnings(PHPMD.UnusedLocalVariable)
*/
public function __construct(private readonly mixed $paths)
{
if(\is_array($paths))
{
foreach($paths as $r => $p)
foreach($paths as $r => $_)
{
// ::from will throw a ValueError if invalid
RequestTargets::from($r);
@ -19,24 +26,20 @@ class Base implements RequestInterface
}
else if(!\is_string($paths))
{
throw new \IllegalArgumentException("You must either provide a single path as a string or a list of RequestTargets as keys to paths.");
throw new IllegalArgumentException("You must either provide a single path as a string or a list of RequestTargets as keys to paths.");
}
}
public function formProps(string $place): string
{
$method = 'method="post"';
if(\is_array($this->paths))
{
$action = 'action="' . $this->paths[$place] . '"';
}
else
{
$action = 'action="' . $this->paths . '"';
}
$path = \is_array($this->paths)? $this->paths[$place] : $this->paths;
$action = 'action="' . $path . '"';
return $action . ' ' . $method;
}
/** @SuppressWarnings(PHPMD.Superglobals) */
public function getResp(string $key): string
{
return $_REQUEST[$key];

2
src/Required/PersistenceInterface.php
Unescape View File

@ -1,4 +1,4 @@
<?php
<?php declare(strict_types=1);
/**
*
*/

4
src/Required/RequestInterface.php
Unescape View File

@ -1,4 +1,4 @@
<?php
<?php declare(strict_types=1);
/**
*
*/
@ -23,7 +23,7 @@ interface RequestInterface
* @param string $k The key the user is sending
* @return string
*/
public function getResp(string $k): string;
public function getResp(string $key): string;
}

2
src/Required/RequestTargets.php
Unescape View File

@ -1,4 +1,4 @@
<?php
<?php declare(strict_types=1);
namespace BradyMcD\TAATP\Required;

12
src/Session/Base.php
Unescape View File

@ -1,11 +1,13 @@
<?php
<?php declare(strict_types=1);
namespace BradyMcD\TAATP\Session;
use BradyMcD\TAATP\SessionInterface;
/** @SuppressWarnings(PHPMD.Superglobals) */
class Base implements SessionInterface
{
private function ns($key): string
private function prefix($key): string
{
return "taatp_" . $key;
}
@ -17,7 +19,7 @@ class Base implements SessionInterface
public function tryStore(string $key, mixed $val): bool
{
$key = $this->ns($key);
$key = $this->prefix($key);
if (!isset($_SESSION[$key]))
{
$_SESSION[$key] = $val;
@ -28,12 +30,12 @@ class Base implements SessionInterface
public function store(string $key, mixed $val)
{
$_SESSION[$this->ns($key)] = $val;
$_SESSION[$this->prefix($key)] = $val;
}
public function get(string $key): mixed
{
return $_SESSION[$this->ns($key)];
return $_SESSION[$this->prefix($key)];
}
}

2
src/SessionInterface.php
Unescape View File

@ -1,4 +1,4 @@
<?php
<?php declare(strict_types=1);
namespace BradyMcD\TAATP;

83
src/URI/otpauth.php
Unescape View File

@ -1,7 +1,8 @@
<?php
<?php declare(strict_types=1);
namespace BradyMcD\TAATP\URI;
use InvalidArgumentException;
class Otpauth
{
@ -15,17 +16,17 @@ class Otpauth
)
{}
public static function from_string(string $uri): self
public static function fromString(string $uri): self
{
// This is definitely from writing Scheme.
$run_check = function(array $check_array, $target)
$runCheck = function(array $checkArray, $target)
{
foreach($check_array as $c)
foreach($checkArray as $c)
{
!($c[0]($target))? :throw new \InvalidArgumentException($c[1]);
!($c[0]($target))? :throw new InvalidArgumentException($c[1]);
}
}
$uri_checks = [
};
$uriChecks = [
[ function($arr)
{ return $arr !== false; },
$uri . " is not a valid URI."],
@ -40,32 +41,32 @@ class Otpauth
$uri . " lacks query information."]
];
$parsed_uri = \parse_url($uri);
$run_check($uri_checks, $parsed_uri)
$parsedUri = \parse_url($uri);
$runCheck($uriChecks, $parsedUri);
$query_checks = [
$queryChecks = [
[ function($que)
{ return \array_key_exists('issuer', $que);},
$parsed_uri['query'] . " has no issuer information."],
$parsedUri['query'] . " has no issuer information."],
[ function($que)
{ return \array_key_exists('secret', $que);},
$parsed_uri['query'] . "has no secret key."]
$parsedUri['query'] . "has no secret key."]
];
$parsed_query = [];
\parse_str($parsed['query'], $parsed_query);
$run_check($query_checks, $parsed_query);
$parsedQuery = [];
\parse_str($parsedUri['query'], $parsedQuery);
$runCheck($queryChecks, $parsedQuery);
$label_checks = [
$labelChecks = [
[ function($lab)
{ return \count($lab) === 2;},
$parsed_uri['path'] . " doesn't have the correct number of components."]
$parsedUri['path'] . " doesn't have the correct number of components."]
];
$label = \explode(":", $parsed['path']);
$run_check($label_checks, $label);
$label = \explode(":", $parsedUri['path']);
$runCheck($labelChecks, $label);
$apply_defaults = function(array &$arr, array $defaults) {
$applyDefaults = function(array &$arr, array $defaults) {
foreach($defaults as $k => $v)
{
if(\array_key_exists($k, $arr))
@ -73,44 +74,28 @@ class Otpauth
$arr[$k] = $v;
}
}
}
$query_defaults = [
};
$queryDefaults = [
"algorithm" => "SHA1",
"period" => 30,
"digits" => 6,
];
$apply_defaults($query_defaults, $parsed_query)
$applyDefaults($queryDefaults, $parsedQuery);
// END SCHEMEING
\ltrim($label[0], "/") !== $parsed_query['issuer']
|| throw new \InvalidArgumentException($uri . " has mismatching issuer information.");
\ltrim($label[0], "/") !== $parsedQuery['issuer']
|| throw new InvalidArgumentException($uri . " has mismatching issuer information.");
return self(
$parsed_query['issuer'],
$parsedQuery['issuer'],
$label[1],
$parsed_query['secret'],
$parsed_query['algorithm'],
$parsed_query['period'],
$parsed_query['digits']
$parsedQuery['secret'],
$parsedQuery['algorithm'],
$parsedQuery['period'],
$parsedQuery['digits']
);
}
public static function from_string(string $uri): self
{
$parsed = self._pre($uri);
$parsed_uri = $parsed[0];
$parsed_query = $parsed[1];
$label = \explode(":", $parsed_uri['path']);
$issuer = \ltrim($label[0], "/");
$user = $label[1];
$secret = $query['secret'];
\array_key_exists('algorithm', $query) ? $algo = $query['algorithm'] : $algo = null;
return new self($issuer, $user, $secret, $algo);
}
public function emitStr(): string
{
$label = $this->provider . ":" . $this->userid;
@ -119,9 +104,9 @@ class Otpauth
$digits = "digits=" . $this->digits;
$period = "period=" . $this->period;
$secret = "secret=" . $this->secret;
$query = \implode("&", [$secret, $provider, $period, $digits])
$query = \implode("&", [$secret, $provider, $period, $digits, $algo]);
return "otpauth://totp/" $label . "?" . $query;
return "otpauth://totp/" . $label . "?" . $query;
}
}

2
src/Workflow/Authenticate.php
Unescape View File

@ -1,4 +1,4 @@
<?php
<?php declare(strict_types=1);
namespace BradyMcD\TAATP\Workflow;
use BradyMcD\TAATP\AntiCSRFInterface;

4
src/Workflow/UserManagement.php
Unescape View File

@ -1,12 +1,14 @@
<?php
<?php declare(strict_types=1);
namespace BradyMcD\TAATP;
use BradyMcD\TAATP\AntiCSRFInterface;
use BradyMcD\TAATP\Required\PersistenceInterface;
use BradyMcD\TAATP\SessionInterface;
use BradyMcD\TAATP\HashInterface;
use BradyMcD\TAATP\URI\Otpauth;
use BradyMcD\RFC\_6238;
use Chillerlan\QRCode;

2
src/WorkflowInterface.php
Unescape View File

@ -1,4 +1,4 @@
<?php
<?php declare(strict_types=1);
namespace BradyMcD\TAATP;

Write Preview
Loading…
Cancel
Save