Esempi in PHP per Duo::signRequest

Esempio n. 1

File: identify.php Progetto: chansolo/TeamPass

//Can be used in order to debug DUO authentication
require_once 'sessions.php';
session_start();
if (!isset($_SESSION['CPM']) || $_SESSION['CPM'] != 1) {
    die('Hacking attempt...');
}
if (!isset($_SESSION['settings']['cpassman_dir']) || $_SESSION['settings']['cpassman_dir'] == "" || $_SESSION['settings']['cpassman_dir'] == ".") {
    $_SESSION['settings']['cpassman_dir'] = "..";
}
// DUO
if ($_POST['type'] === "identify_duo_user") {
    // This step creates the DUO request encrypted key
    include $_SESSION['settings']['cpassman_dir'] . '/includes/settings.php';
    // load library
    require_once $_SESSION['settings']['cpassman_dir'] . '/includes/libraries/Authentication/DuoSecurity/Duo.php';
    $sig_request = Duo::signRequest(IKEY, SKEY, AKEY, $_POST['login']);
    if ($debugDuo == 1) {
        $dbgDuo = fopen($_SESSION['settings']['path_to_files_folder'] . "/duo.debug.txt", "w");
        fputs($dbgDuo, "\n\n-----\n\n" . "sig request : " . $_POST['login'] . "\n" . 'resp : ' . $sig_request . "\n");
    }
    // return result
    echo '[{"sig_request" : "' . $sig_request . '"}]';
} elseif ($_POST['type'] == "identify_duo_user_check") {
    // this step is verifying the response received from the server
    include $_SESSION['settings']['cpassman_dir'] . '/includes/settings.php';
    // load library
    require_once $_SESSION['settings']['cpassman_dir'] . '/includes/libraries/Authentication/DuoSecurity/Duo.php';
    $resp = Duo::verifyResponse(IKEY, SKEY, AKEY, $_POST['sig_response']);
    if ($debugDuo == 1) {
        $dbgDuo = fopen($_SESSION['settings']['path_to_files_folder'] . "/duo.debug.txt", "a");
        fputs($dbgDuo, "\n\n-----\n\n" . "sig response : " . $_POST['sig_response'] . "\n" . 'resp : ' . $resp . "\n");

Esempio n. 2

File: duo_wordpress.php Progetto: kalwar/duo_wordpress

function duo_sign_request($user, $redirect)
{
    $ikey = duo_get_option('duo_ikey');
    $skey = duo_get_option('duo_skey');
    $host = duo_get_option('duo_host');
    $akey = duo_get_akey();
    $username = $user->user_login;
    $duo_time = duo_get_time();
    $request_sig = Duo::signRequest($ikey, $skey, $akey, $username, $duo_time);
    duo_debug_log("Displaying iFrame. Username: {$username} cookie domain: " . COOKIE_DOMAIN . " redirect_to_url: {$redirect} ikey: {$ikey} host: {$host} duo_time: {$duo_time}");
    duo_debug_log("Duo request signature: {$request_sig}");
    $post_action = esc_url(site_url('wp-login.php', 'login_post'));
    $iframe_attributes = array('id' => 'duo_iframe', 'data-host' => $host, 'data-sig-request' => $request_sig, 'data-post-action' => $post_action, 'frameborder' => '0');
    $iframe_attributes = array_map("parameterize", array_keys($iframe_attributes), array_values($iframe_attributes));
    $iframe_attributes = implode(" ", $iframe_attributes);
    ?>
    <html>
        <head>
            <meta http-equiv="X-UA-Compatible" content="IE=edge">
            <meta name="viewport" content="width=device-width, initial-scale=1">
            <?php 
    global $wp_version;
    if (version_compare($wp_version, "3.3", "<=")) {
        echo '<link rel="stylesheet" type="text/css" href="' . admin_url('css/login.css') . '" />';
    } else {
        if (version_compare($wp_version, "3.7", "<=")) {
            echo '<link rel="stylesheet" type="text/css" href="' . admin_url('css/wp-admin.css') . '" />';
            echo '<link rel="stylesheet" type="text/css" href="' . admin_url('css/colors-fresh.css') . '" />';
        } else {
            if (version_compare($wp_version, "3.8", "<=")) {
                echo '<link rel="stylesheet" type="text/css" href="' . admin_url('css/wp-admin.css') . '" />';
                echo '<link rel="stylesheet" type="text/css" href="' . admin_url('css/colors.css') . '" />';
            } else {
                echo '<link rel="stylesheet" type="text/css" href="' . admin_url('css/login.min.css') . '" />';
            }
        }
    }
    ?>

            <style>
                body {
                    background: #f1f1f1;
                }
                .centerHeader {
                    width: 100%;
                    padding-top: 8%;
                }
                #WPLogo {
                    width: 100%;
                }
                .iframe_div {
                    width: 90%;
                    max-width: 620px;
                    margin: 0 auto;
                }
                #duo_iframe {
                    height: 500px;
                    width: 100%;
                    min-width: 304px;
                    max-width: 620px;
                }
                div {
                    background: transparent;
                }
            </style>
        </head>

        <body class="login" >
            <script src="<?php 
    echo plugins_url('duo_web/Duo-Web-v2.min.js?v=2', __FILE__);
    ?>
"></script>

            <h1 class="centerHeader">
                <a href="http://wordpress.org/" id="WPLogo" title="Powered by WordPress"><?php 
    echo get_bloginfo('name');
    ?>
</a>
            </h1>
            <div class="iframe_div">
                <iframe <?php 
    echo $iframe_attributes;
    ?>
></iframe>
            </div>
            <form method="POST" style="display:none;" id="duo_form">
                <?php 
    if (isset($_POST['rememberme'])) {
        ?>
                <input type="hidden" name="rememberme" value="<?php 
        echo esc_attr($_POST['rememberme']);
        ?>
"/>
                <?php 
    }
    if (isset($_REQUEST['interim-login'])) {
        echo '<input type="hidden" name="interim-login" value="1"/>';
    } else {
        echo '<input type="hidden" name="redirect_to" value="' . esc_attr($redirect) . '"/>';
    }
    ?>
            </form>
        </body>
    </html>
<?php 
}

Esempio n. 3

File: class.DuoSecurityFrontend.php Progetto: floffel03/pydio-core

 function tryToLogUser(&$httpVars, $isLast = false)
 {
     // CATCH THE STANDARD LOGIN OPERATION
     if (!isset($httpVars["get_action"]) || $httpVars["get_action"] != "login") {
         return false;
     }
     if (AJXP_Utils::userAgentIsNativePydioApp()) {
         return false;
     }
     $userId = isset($httpVars["userid"]) ? trim($httpVars["userid"]) : null;
     $duoActive = false;
     if (!empty($userId)) {
         $uObject = ConfService::getConfStorageImpl()->createUserObject($userId);
         if ($uObject != null) {
             $duoActive = $uObject->mergedRole->filterParameterValue("authfront.duosecurity", "DUO_AUTH_ACTIVE", AJXP_REPO_SCOPE_ALL, false);
         }
     }
     if (!$duoActive) {
         return false;
     }
     $rememberLogin = "";
     $rememberPass = "";
     $secureToken = "";
     $loggedUser = null;
     include_once AJXP_BIN_FOLDER . "/class.CaptchaProvider.php";
     if (AuthService::suspectBruteForceLogin() && (!isset($httpVars["captcha_code"]) || !CaptchaProvider::checkCaptchaResult($httpVars["captcha_code"]))) {
         $loggingResult = -4;
     } else {
         $userId = isset($httpVars["userid"]) ? trim($httpVars["userid"]) : null;
         $userPass = isset($httpVars["password"]) ? trim($httpVars["password"]) : null;
         $rememberMe = isset($httpVars["remember_me"]) && $httpVars["remember_me"] == "true" ? true : false;
         $cookieLogin = isset($httpVars["cookie_login"]) ? true : false;
         $loggingResult = AuthService::logUser($userId, $userPass, false, $cookieLogin, $httpVars["login_seed"]);
         if ($rememberMe && $loggingResult == 1) {
             $rememberLogin = "******";
             $rememberPass = "******";
         }
         if ($loggingResult == 1) {
             session_regenerate_id(true);
             $secureToken = AuthService::generateSecureToken();
         }
         if ($loggingResult < 1 && AuthService::suspectBruteForceLogin()) {
             $loggingResult = -4;
             // Force captcha reload
         }
     }
     $loggedUser = AuthService::getLoggedUser();
     if ($loggedUser != null) {
         $force = $loggedUser->mergedRole->filterParameterValue("core.conf", "DEFAULT_START_REPOSITORY", AJXP_REPO_SCOPE_ALL, -1);
         $passId = -1;
         if (isset($httpVars["tmp_repository_id"])) {
             $passId = $httpVars["tmp_repository_id"];
         } else {
             if ($force != "" && $loggedUser->canSwitchTo($force) && !isset($httpVars["tmp_repository_id"]) && !isset($_SESSION["PENDING_REPOSITORY_ID"])) {
                 $passId = $force;
             }
         }
         $res = ConfService::switchUserToActiveRepository($loggedUser, $passId);
         if (!$res) {
             AuthService::disconnect();
             $loggingResult = -3;
         }
     }
     if ($loggedUser != null && (AuthService::hasRememberCookie() || isset($rememberMe) && $rememberMe == true)) {
         AuthService::refreshRememberCookie($loggedUser);
     }
     AJXP_XMLWriter::header();
     AJXP_XMLWriter::loggingResult($loggingResult, $rememberLogin, $rememberPass, $secureToken);
     AJXP_XMLWriter::close();
     if ($loggingResult > 0 && $loggedUser != null) {
         require_once $this->getBaseDir() . "/duo_php/duo_web.php";
         $appUnique = $this->getFilteredOption("DUO_AUTH_AKEY");
         $iKey = $this->getFilteredOption("DUO_AUTH_IKEY");
         $sKey = $this->getFilteredOption("DUO_AUTH_SKEY");
         $res = Duo::signRequest($iKey, $sKey, $appUnique, $loggedUser->getId());
         $loggedUser->personalRole->setParameterValue("authfront.duosecurity", "DUO_AUTH_LAST_SIGNATURE", $res);
         $loggedUser->setLock("duo_show_iframe");
         $loggedUser->save("superuser");
     }
     //        if($loggingResult > 0 || $isLast){
     exit;
     //       }
 }

Esempio n. 4

File: duoform.php Progetto: scottcarlson/simplesamlphp-duosecurity

        throw new SimpleSAML_Error_BadRequest('Missing required username attribute.');
    }
    if ($resp != NULL and $resp === $username) {
        SimpleSAML_Auth_ProcessingChain::resumeProcessing($this->data['state']);
    } else {
        throw new SimpleSAML_Error_BadRequest('Response verification failed.');
    }
}
/*
 * Verify username and password. If the user and pass are good, then generate
 * a sig_request and load up the Duo iframe for secondary authentication.
 */
if (isset($attributes[$username_attribute])) {
    $username = $attributes[$username_attribute][0];
    // Generate sig request and then load up Duo javascript and iframe
    $sig_request = Duo::signRequest(IKEY, SKEY, AKEY, $username);
    ?>
    <script src="Duo-Web-v2.min.js"></script>
    <link rel="stylesheet" type="text/css" href="Duo-Frame.css">
    <?php 
    foreach ($this->data['yesData'] as $name => $value) {
        printf('<input type="hidden" id="%s" name="%s" value="%s" />', xssafe($name), xssafe($name), xssafe($value));
    }
    ?>

    <iframe id="duo_iframe" frameborder="0" data-host="<?php 
    xecho(HOST);
    ?>
" data-sig-request="<?php 
    xecho($sig_request);
    ?>

Esempio n. 5

File: DuoShowAuth.inc.php Progetto: hoangsoft90/cpanel-manager

<?php

// ********************************
//	DO NOT MODIFY
// ********************************
$returnUrl = ulUtils::CurrentURL();
$sig_request = Duo::signRequest(UL_DUOSEC_IKEY, UL_DUOSEC_SKEY, UL_DUOSEC_AKEY, $uid);
// ********************************
//	MAKE MODIFICATION BELOW WHERE NOTED
//  If possible, only insert but do not modify
// ********************************
// ********************************
//	Your HTML here
//  doctype, head, title etc.
// ********************************
?>
<script src="<?php 
echo UL_DUOSEC_JQUERY_URI;
?>
"></script>
<script src="<?php 
echo UL_DUOSEC_JS_URL;
?>
"></script>
<script>
Duo.init({
	'host':'<?php 
echo UL_DUOSEC_HOST;
?>
',
	'post_action':'<?php 

Esempio n. 6

File: login.php Progetto: martinkirov/intersango

                            $name = $attributes['namePerson'];
                        }
                        addlog(LOG_LOGIN, "oid: '{$oidlogin}'; email: '{$email}'; friendly: '{$friendly}'; name: '{$name}'");
                    }
                    // is this OpenID known to us?
                    $query = "\n                SELECT uid, use_duo\n                FROM users\n                WHERE oidlogin='******'\n                LIMIT 1;\n            ";
                    $result = do_query($query);
                    if (has_results($result)) {
                        $row = get_row($result);
                        $use_duo = $row['use_duo'];
                        $uid = (string) $row['uid'];
                    }
                    if ($use_duo) {
                        addlog(LOG_LOGIN, sprintf("  duo login for UID %s (openid %s)", $uid, $oidlogin));
                        show_header('login', 0);
                        $sig_request = Duo::signRequest(IKEY, SKEY, AKEY, $oidlogin);
                        ?>
    <script src="js/Duo-Web-v1.bundled.min.js"></script>
    <script>
        Duo.init({'host': <?php 
                        echo "'" . HOST . "'";
                        ?>
,
                  'post_action': '?page=login',
                  'sig_request': <?php 
                        echo "'" . $sig_request . "'";
                        ?>
 });
    </script>
    <iframe id="duo_iframe" width="500" height="800" frameborder="0" allowtransparency="true" style="background: transparent;"></iframe>
<?php