/**
* @expectedException \SURFnet\VPN\Server\Exception\TwoFactorException
* @expectedExceptionMessage OTP replayed
*/
public function testTwoFactorReplay()
{
$o = new Otp();
$otpKey = $o->totp(Base32::decode('QPXDFE7G7VNRR4BH'));
$c = new TwoFactor(__DIR__, $this->otpLog);
$c->twoFactor(['INSTANCE_ID' => 'vpn.example', 'POOL_ID' => 'internet', 'common_name' => 'foo_xyz', 'username' => 'totp', 'password' => $otpKey]);
// replay
$c->twoFactor(['INSTANCE_ID' => 'vpn.example', 'POOL_ID' => 'internet', 'common_name' => 'foo_xyz', 'username' => 'totp', 'password' => $otpKey]);
}
use Otp\GoogleAuthenticator;
use Base32\Base32;
// Getting a secret, either by generating or from storage
// DON'T use sessions as storage for this in production!!!
$secret = 0;
if (isset($_SESSION['otpsecret'])) {
$secret = $_SESSION['otpsecret'];
}
if (strlen($secret) != 16) {
$secret = GoogleAuthenticator::generateRandom();
$_SESSION['otpsecret'] = $secret;
}
// The secret is now an easy stored Base32 string.
// To use it in totp though we need to decode it into the original
$otp = new Otp();
$currentTotp = $otp->totp(Base32::decode($secret));
$qrCode = GoogleAuthenticator::getQrCodeUrl('totp', 'otpsample@cr', $secret);
$keyUri = GoogleAuthenticator::getKeyUri('totp', 'otpsample@cr', $secret);
?>
<html>
<head>
<title>One Time Passwords Example</title>
</head>
<body>
<h1>One Time Passwords Example</h1>
Secret is <?php
echo $secret;
?>
. This is saved with the users credentials.
