/** * Index * * @access public */ public function index() { $user = $this->getUser(); $this->checkCurrentUser($user); $label = $user['email'] ?: $user['username']; $this->response->html($this->layout('twofactor/index', array('user' => $user, 'qrcode_url' => $user['twofactor_activated'] == 1 ? GoogleAuthenticator::getQrCodeUrl('totp', $label, $user['twofactor_secret']) : '', 'key_url' => $user['twofactor_activated'] == 1 ? GoogleAuthenticator::getKeyUri('totp', $label, $user['twofactor_secret']) : ''))); }
/** * Tests getKeyUri */ public function testGetKeyUri() { $secret = 'MEP3EYVA6XNFNVNM'; // testing secret // Standard totp case $this->assertEquals('otpauth://totp/user@host.com?secret=MEP3EYVA6XNFNVNM', GoogleAuthenticator::getKeyUri('totp', '*****@*****.**', $secret)); // hotp (include a counter) $this->assertEquals('otpauth://hotp/user@host.com?secret=MEP3EYVA6XNFNVNM&counter=1234', GoogleAuthenticator::getKeyUri('hotp', '*****@*****.**', $secret, 1234)); }
/** * Tests getKeyUri */ public function testGetKeyUri() { $secret = 'MEP3EYVA6XNFNVNM'; // testing secret // Standard totp case $this->assertEquals('otpauth://totp/user@host.com?secret=MEP3EYVA6XNFNVNM', GoogleAuthenticator::getKeyUri('totp', '*****@*****.**', $secret)); // hotp (include a counter) $this->assertEquals('otpauth://hotp/user@host.com?secret=MEP3EYVA6XNFNVNM&counter=1234', GoogleAuthenticator::getKeyUri('hotp', '*****@*****.**', $secret, 1234)); // totp/hotp with an issuer in the label $this->assertEquals('otpauth://hotp/issuer%3Auser@host.com?secret=MEP3EYVA6XNFNVNM&counter=1234', GoogleAuthenticator::getKeyUri('hotp', 'issuer:user@host.com', $secret, 1234)); // totp/hotp with an issuer and spaces in the label $this->assertEquals('otpauth://hotp/an%20issuer%3A%20user@host.com?secret=MEP3EYVA6XNFNVNM&counter=1234', GoogleAuthenticator::getKeyUri('hotp', 'an issuer: user@host.com', $secret, 1234)); // totp/hotp with an issuer as option $this->assertEquals('otpauth://hotp/an%20issuer%3Auser@host.com?secret=MEP3EYVA6XNFNVNM&counter=1234&issuer=an%20issuer', GoogleAuthenticator::getKeyUri('hotp', 'an issuer:user@host.com', $secret, 1234, array('issuer' => 'an issuer'))); }
/** * Get key url (empty if no url can be provided) * * @access public * @param string $label * @return string */ public function getKeyUrl($label) { if (empty($this->secret)) { return ''; } return GoogleAuthenticator::getKeyUri('totp', $label, $this->secret); }
/** * Get key url (empty if no url can be provided) * * @access public * @param string $label * @return string */ public function getKeyUrl($label) { if (empty($this->secret)) { return ''; } $options = array('issuer' => TOTP_ISSUER); return GoogleAuthenticator::getKeyUri('totp', $label, $this->secret, null, $options); }
// Getting a secret, either by generating or from storage // DON'T use sessions as storage for this in production!!! $secret = 0; if (isset($_SESSION['otpsecret'])) { $secret = $_SESSION['otpsecret']; } if (strlen($secret) != 16) { $secret = GoogleAuthenticator::generateRandom(); $_SESSION['otpsecret'] = $secret; } // The secret is now an easy stored Base32 string. // To use it in totp though we need to decode it into the original $otp = new Otp(); $currentTotp = $otp->totp(Base32::decode($secret)); $qrCode = GoogleAuthenticator::getQrCodeUrl('totp', 'otpsample@cr', $secret); $keyUri = GoogleAuthenticator::getKeyUri('totp', 'otpsample@cr', $secret); ?> <html> <head> <title>One Time Passwords Example</title> </head> <body> <h1>One Time Passwords Example</h1> Secret is <?php echo $secret; ?> . This is saved with the users credentials. <br /> <br />