/**
* Prints the form that prompts the user to authenticate.
*
* @since 0.1-dev
*
* @param WP_User $user WP_User object of the logged-in user.
*/
public function authentication_page($user)
{
require_once ABSPATH . '/wp-admin/includes/template.php';
try {
$keys = self::get_security_keys($user->ID);
$data = self::$u2f->getAuthenticateData($keys);
update_user_meta($user->ID, self::AUTH_DATA_USER_META_KEY, $data);
} catch (Exception $e) {
?>
<p><?php
esc_html_e('An error occurred while creating authentication data.');
?>
</p>
<?php
return null;
}
?>
<p><?php
esc_html_e('Now insert (and tap) your Security Key.');
?>
</p>
<input type="hidden" name="u2f_response" id="u2f_response" />
<script>
var u2fL10n = <?php
echo wp_json_encode(array('request' => $data));
?>
;
</script>
<?php
}
} else {
if ($_POST['doRegister']) {
try {
$data = $u2f->doRegister(json_decode($_POST['request']), json_decode($_POST['doRegister']));
echo "var registration = '" . json_encode($data) . "';\n";
?>
addRegistration(registration);
alert("registration successful!");
<?php
} catch (u2flib_server\Error $e) {
echo "alert('error:" . $e->getMessage() . "');\n";
}
} else {
if (isset($_POST['startAuthenticate'])) {
$regs = json_decode($_POST['registrations']);
$data = $u2f->getAuthenticateData($regs);
echo "var registrations = " . $_POST['registrations'] . ";\n";
echo "var request = " . json_encode($data) . ";\n";
?>
setTimeout(function() {
console.log("sign: ", request);
u2f.sign(request, function(data) {
var form = document.getElementById('form');
var reg = document.getElementById('doAuthenticate');
var req = document.getElementById('request');
var regs = document.getElementById('registrations');
console.log("Authenticate callback", data);
reg.value=JSON.stringify(data);
req.value=JSON.stringify(request);
regs.value=JSON.stringify(registrations);
form.submit();
/**
* @expectedException \InvalidArgumentException
* @expectedExceptionMessage Registrations must implement RegistrationInterface
*/
public function testGetAuthenticateDataInvalidRegistrations2()
{
$regs = array('YubiKey NEO', 'YubiKey Standard');
$data = $this->u2f->getAuthenticateData($regs);
}
alert("registration failed with errror: " + data.errorCode);
return;
}
reg.value = JSON.stringify(data);
user.value = username;
form.submit();
});
}, 1000);
<?php
} catch (Exception $e) {
echo "alert('error: " . $e->getMessage() . "');";
}
break;
case 'authenticate':
try {
$reqs = json_encode($u2f->getAuthenticateData(getRegs($user->id)));
$_SESSION['authReq'] = $reqs;
echo "var req = {$reqs};";
echo "var username = '******';";
?>
setTimeout(function() {
console.log("sign: ", req);
u2f.sign(req, function(data) {
var form = document.getElementById('form');
var auth = document.getElementById('authenticate2');
var user = document.getElementById('username');
console.log("Authenticate callback", data);
auth.value=JSON.stringify(data);
user.value = username;
form.submit();
});
if (array_key_exists('r', $options)) {
$mode = "register";
} elseif (array_key_exists('a', $options)) {
if (!array_key_exists('R', $options)) {
print "a registration must be supplied with -R";
exit(1);
}
$regs = json_decode('[' . $options['R'] . ']');
$mode = "authenticate";
} else {
print "-r or -a must be used\n";
exit(1);
}
if (!array_key_exists('o', $options)) {
print "origin must be supplied with -o\n";
exit(1);
}
$u2f = new u2flib_server\U2F($options['o']);
if ($mode === "register") {
$challenge = $u2f->getRegisterData();
} elseif ($mode === "authenticate") {
$challenge = $u2f->getAuthenticateData($regs);
}
print json_encode($challenge[0]) . "\n";
$response = fgets(STDIN);
if ($mode === "register") {
$result = $u2f->doRegister($challenge[0], json_decode($response));
} elseif ($mode === "authenticate") {
$result = $u2f->doAuthenticate($challenge, $regs, json_decode($response));
}
print json_encode($result) . "\n";
