/** * @expectedException u2flib_server\Error * @expectedExceptionCode u2flib_server\ERR_BAD_UA_RETURNING */ public function testDoAuthenticateUAError() { $reqs = array(json_decode('{"version":"U2F_V2","challenge":"fEnc9oV79EaBgK5BoNERU5gPKM2XGYWrz4fUjgc0Q7g","keyHandle":"CTUayZo8hCBeC-sGQJChC0wW-bBg99bmOlGCgw8XGq4dLsxO3yWh9mRYArZxocP5hBB1pEGB3bbJYiM-5acc5w","appId":"http://demo.example.com"}')); $regs = array(json_decode('{"keyHandle":"CTUayZo8hCBeC-sGQJChC0wW-bBg99bmOlGCgw8XGq4dLsxO3yWh9mRYArZxocP5hBB1pEGB3bbJYiM-5acc5w","publicKey":"BC0SaFZWC9uH7wamOwduP93kUH2I2hEvyY0Srfj4A258pZSlV0iPoFIH+bd4yhncaqdoPLdEDl5Y\\/yaFORPUe3c=","certificate":"MIIC4jCBywIBATANBgkqhkiG9w0BAQsFADAdMRswGQYDVQQDExJZdWJpY28gVTJGIFRlc3QgQ0EwHhcNMTQwNTE1MTI1ODU0WhcNMTQwNjE0MTI1ODU0WjAdMRswGQYDVQQDExJZdWJpY28gVTJGIFRlc3QgRUUwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATbCtv1IcdczmPcpuHoJQYNlOYnVBlPnSSvJhq+rZlEH5WjcZEKOiDnPpFeE+i+OAV61XqjfnaQj6\\/iipS2MOudMA0GCSqGSIb3DQEBCwUAA4ICAQCVQGtQYX2thKO064gP4zAPLaIKANklBO5y+mffWFEPC0cCnD5BKUqTrCmFiS2keoEyKFdxAe+oQogWljeR1d\\/gj8k8jbDNiXCC7HnTxnhzKTLlq2y9Vp\\/VRZHOwd2NZNzpnB9ePNKvUaWCGK\\/gN+cynnYFdwJ75iSgMVYb\\/RnFcdPwnsBzBU68hbhTnu\\/FvJxWo7rZJ2q7qXpA10eLVXJr4\\/4oSXEk9I\\/0IIHqOP98Ck\\/fAoI5gYI7ygndyqoPJ\\/Wkg1VsmjmbFToWY9xb+axbvPefvg+KojwxE6MySMpYh\\/h7oKEKamCWk19dJp5jHQmumkHlvQhH\\/uUJmyD9EuLmQH+6SmEzZg0Oc9uw1aKamhcNNDCFakJGnv80j1+HbDXnqE0168FBqorS2hmqeaJfNSyg\\/SXT950lGC36tLy7BzQ8jYG99Ok32znp0UVbIEEvLSci3JJ0ipLVg\\/0J+xOb4zl6a1z65nae4OTj7628\\/UJFmtSU0X6Np9gF1dNizxXPlH0fW1ggRCCQcb5m6ZqrdDJwUx1p7Ydm9AlPyiUwwmN5ADyxmzk\\/AOCoiO96UVvnvUlk2kF7JMNxIv3R0SCzP5fTl7KqGByeA3d7W375o6DWIIEsOI+dJd7pyPXdakecZQRaVubC6\\/ICl+G52OEkdp8jYjkDS8j3NAdJ1udNmg==", "counter":3}')); $resp = json_decode('{"errorCode": "5"}'); $this->u2f->doAuthenticate($reqs, $regs, $resp); }
/** * Validates the users input token. * * @since 0.1-dev * * @param WP_User $user WP_User object of the logged-in user. * @return boolean */ public function validate_authentication($user) { $requests = get_user_meta($user->ID, self::AUTH_DATA_USER_META_KEY, true); $response = json_decode(stripslashes($_REQUEST['u2f_response'])); $keys = self::get_security_keys($user->ID); try { $reg = self::$u2f->doAuthenticate($requests, $keys, $response); $reg->last_used = current_time('timestamp'); self::update_security_key($user->ID, $reg); return true; } catch (Exception $e) { return false; } }
var req = document.getElementById('request'); var regs = document.getElementById('registrations'); console.log("Authenticate callback", data); reg.value=JSON.stringify(data); req.value=JSON.stringify(request); regs.value=JSON.stringify(registrations); form.submit(); }); }, 1000); <?php } else { if ($_POST['doAuthenticate']) { $reqs = json_decode($_POST['request']); $regs = json_decode($_POST['registrations']); try { $data = $u2f->doAuthenticate($reqs, $regs, json_decode($_POST['doAuthenticate'])); echo "var registration = '" . json_encode($data) . "';\n"; echo "addRegistration(registration);\n"; echo "alert('Authentication successful, counter:" . $data->counter . "');\n"; } catch (u2flib_server\Error $e) { echo "alert('error:" . $e->getMessage() . "');\n"; } } } } } } ?> </script> </head>
break; } } else { if ($_POST['register2']) { try { $reg = $u2f->doRegister(json_decode($_SESSION['regReq']), json_decode($_POST['register2'])); addReg($user->id, $reg); } catch (Exception $e) { echo "alert('error: " . $e->getMessage() . "');"; } finally { $_SESSION['regReq'] = null; } } else { if ($_POST['authenticate2']) { try { $reg = $u2f->doAuthenticate(json_decode($_SESSION['authReq']), getRegs($user->id), json_decode($_POST['authenticate2'])); updateReg($reg); echo "alert('success: " . $reg->counter . "');"; } catch (Exception $e) { echo "alert('error: " . $e->getMessage() . "');"; } finally { $_SESSION['authReq'] = null; } } } } } } } ?> </script>
if (array_key_exists('r', $options)) { $mode = "register"; } elseif (array_key_exists('a', $options)) { if (!array_key_exists('R', $options)) { print "a registration must be supplied with -R"; exit(1); } $regs = json_decode('[' . $options['R'] . ']'); $mode = "authenticate"; } else { print "-r or -a must be used\n"; exit(1); } if (!array_key_exists('o', $options)) { print "origin must be supplied with -o\n"; exit(1); } $u2f = new u2flib_server\U2F($options['o']); if ($mode === "register") { $challenge = $u2f->getRegisterData(); } elseif ($mode === "authenticate") { $challenge = $u2f->getAuthenticateData($regs); } print json_encode($challenge[0]) . "\n"; $response = fgets(STDIN); if ($mode === "register") { $result = $u2f->doRegister($challenge[0], json_decode($response)); } elseif ($mode === "authenticate") { $result = $u2f->doAuthenticate($challenge, $regs, json_decode($response)); } print json_encode($result) . "\n";