You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
75 lines
1.9 KiB
75 lines
1.9 KiB
<?php declare(strict_types=1);
|
|
|
|
namespace BradyMcD\TAATP\Workflow;
|
|
use BradyMcD\TAATP\AntiCSRFInterface;
|
|
use BradyMcD\TAATP\Required\PersistenceInterface;
|
|
use BradyMcD\TAATP\SessionInterface;
|
|
use BradyMcD\TAATP\HashInterface;
|
|
use BradyMcD\TAATP\URI\Otpauth;
|
|
use BradyMcD\RFC\_6238;
|
|
|
|
class Authenticate implements WorkflowInterface
|
|
{
|
|
public function __construct(
|
|
private PersistenceInterface $db,
|
|
private RequestInterface $request,
|
|
private AntiCSRFInterface $csrf,
|
|
private SessionInterface $session,
|
|
private mixed $userIndex,
|
|
private HashInterface $hash,
|
|
)
|
|
{
|
|
}
|
|
|
|
function display()
|
|
{
|
|
echo $this->emitStr();
|
|
}
|
|
|
|
function emitStr(): string
|
|
{
|
|
$html = "<div id=\"authenticate\"><form %frm>";
|
|
$html .= $this->csrf->emitStr();
|
|
$html .= "<p>Please enter the code showing on your authenticator</p>";
|
|
$html .= "<intput name=\"totp_challenge\" id=\"totp_challenge\" type\"text\" />";
|
|
$html .= "<input type=\"submit\" value=\"Submit\" />";
|
|
$html .= "</form></div>";
|
|
|
|
$values = [
|
|
"%frm" => $this->ri->formProps("authenticate"),
|
|
];
|
|
|
|
return \str_replace(\array_keys($values), $values, $html);
|
|
}
|
|
|
|
function response(): bool
|
|
{
|
|
if (!this->csrf->match())
|
|
{
|
|
return false;
|
|
}
|
|
|
|
$pUri = $this->db->getSecret($this->userIndex);
|
|
|
|
$totp = _6238(
|
|
$pUri.secret,
|
|
$pUri.period,
|
|
$this->db->getLastTime($this->userIndex),
|
|
2,
|
|
$pUri.digits,
|
|
$this->clock,
|
|
$this->hash
|
|
);
|
|
$flag = $totp.validate($this->ri->getResp("totp_challenge"));
|
|
|
|
if($flag)
|
|
{
|
|
$this->db->storeLastTime($this->userIndex, $flag);
|
|
return true;
|
|
}
|
|
return false;
|
|
}
|
|
}
|
|
|
|
?>
|