public function formObjectOptions($parameters, &$object, &$action, HookManager $hookManager)
{
global $db, $user, $langs, $mysoc, $dolibarr_main_cookie_cryptkey;
$langs->load('otp@otp');
$regenerate_button = '<form method="post">
<input type="submit" value="' . $langs->trans('OTPRegenerate') . '" class="button" name="regenerate_otp">
</form>';
if ($action == '') {
print '<tr><td>' . $langs->trans('OTPLogin') . '</td><td colspan="2">';
if (GETPOST('regenerate_otp')) {
if ($user->admin || $user->id == GETPOST('id', 'int')) {
/**
* Examples from http://es.php.net/mcrypt_encrypt
*/
// Generates a 20-byte (160-bit) secret key
$otpSeed = Seed::generate();
$base32Seed = $otpSeed->getValue(Seed::FORMAT_BASE32);
$key = pack('H*', $dolibarr_main_cookie_cryptkey);
# crear una aleatoria IV para utilizarla co condificación CBC
$iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_CBC);
$iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);
$ciphertext = mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $key, $base32Seed, MCRYPT_MODE_CBC, $iv);
# anteponer la IV para que esté disponible para el descifrado
$ciphertext = $iv . $ciphertext;
# codificar el texto cifrado resultante para que pueda ser representado por un string
$ciphertext_base64 = base64_encode($ciphertext);
$sql = "UPDATE " . MAIN_DB_PREFIX . "user SET otp_seed = '" . $db->escape($ciphertext_base64) . "', otp_counter = 0 WHERE rowid = " . $user->id;
$db->query($sql);
$qrCode = new QrCode();
$qrCode->setText("otpauth://hotp/" . $mysoc->name . ":" . $user->login . "?secret=" . $base32Seed . "&issuer=" . $mysoc->name);
$qrCode->setSize(96);
$qrCode->setPadding(5);
$img_path = __DIR__ . '/../tmp/' . $user->id . '.png';
$qrCode->save($img_path);
//Qrcode library doesn't warn on image creation error
if (file_exists($img_path)) {
print '<img src="' . dol_buildpath('/otp/showdoc.php', 1) . '?img=' . $user->id . '"><br>' . $langs->trans('OTPTroubleHash') . '<br />
<span style="font-family:monospace;font-size:20px">' . $base32Seed . '</span><br>' . $langs->trans('OTPKeyType');
} else {
print $regenerate_button;
setEventMessage('ErrorCreatingImage', 'errors');
}
}
} else {
if ($user->admin || $user->id == GETPOST('id', 'int')) {
print $regenerate_button;
}
}
print '</td></tr>';
}
}
public function generateTOTPToken($bytes = 20)
{
$seed = Seed::generate($bytes);
$this->owner->TOTPToken = $seed->getValue(Seed::FORMAT_HEX);
}
protected function generateOtpUri(\User $user, \Rych\OTP\Seed $otp)
{
return sprintf('otpauth://totp/%s?secret=%s&issuer=Passnote', urlencode($user->email), $otp->getValue(Seed::FORMAT_BASE32));
}
