示例#1
0
    public function formObjectOptions($parameters, &$object, &$action, HookManager $hookManager)
    {
        global $db, $user, $langs, $mysoc, $dolibarr_main_cookie_cryptkey;
        $langs->load('otp@otp');
        $regenerate_button = '<form method="post">
			<input type="submit" value="' . $langs->trans('OTPRegenerate') . '" class="button" name="regenerate_otp">
		</form>';
        if ($action == '') {
            print '<tr><td>' . $langs->trans('OTPLogin') . '</td><td colspan="2">';
            if (GETPOST('regenerate_otp')) {
                if ($user->admin || $user->id == GETPOST('id', 'int')) {
                    /**
                     * Examples from http://es.php.net/mcrypt_encrypt
                     */
                    // Generates a 20-byte (160-bit) secret key
                    $otpSeed = Seed::generate();
                    $base32Seed = $otpSeed->getValue(Seed::FORMAT_BASE32);
                    $key = pack('H*', $dolibarr_main_cookie_cryptkey);
                    # crear una aleatoria IV para utilizarla co condificación CBC
                    $iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_CBC);
                    $iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);
                    $ciphertext = mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $key, $base32Seed, MCRYPT_MODE_CBC, $iv);
                    # anteponer la IV para que esté disponible para el descifrado
                    $ciphertext = $iv . $ciphertext;
                    # codificar el texto cifrado resultante para que pueda ser representado por un string
                    $ciphertext_base64 = base64_encode($ciphertext);
                    $sql = "UPDATE " . MAIN_DB_PREFIX . "user SET otp_seed = '" . $db->escape($ciphertext_base64) . "', otp_counter = 0 WHERE rowid = " . $user->id;
                    $db->query($sql);
                    $qrCode = new QrCode();
                    $qrCode->setText("otpauth://hotp/" . $mysoc->name . ":" . $user->login . "?secret=" . $base32Seed . "&issuer=" . $mysoc->name);
                    $qrCode->setSize(96);
                    $qrCode->setPadding(5);
                    $img_path = __DIR__ . '/../tmp/' . $user->id . '.png';
                    $qrCode->save($img_path);
                    //Qrcode library doesn't warn on image creation error
                    if (file_exists($img_path)) {
                        print '<img src="' . dol_buildpath('/otp/showdoc.php', 1) . '?img=' . $user->id . '"><br>' . $langs->trans('OTPTroubleHash') . '<br />
				<span style="font-family:monospace;font-size:20px">' . $base32Seed . '</span><br>' . $langs->trans('OTPKeyType');
                    } else {
                        print $regenerate_button;
                        setEventMessage('ErrorCreatingImage', 'errors');
                    }
                }
            } else {
                if ($user->admin || $user->id == GETPOST('id', 'int')) {
                    print $regenerate_button;
                }
            }
            print '</td></tr>';
        }
    }
示例#2
0
 public function generateTOTPToken($bytes = 20)
 {
     $seed = Seed::generate($bytes);
     $this->owner->TOTPToken = $seed->getValue(Seed::FORMAT_HEX);
 }
示例#3
0
 protected function generateOtpUri(\User $user, \Rych\OTP\Seed $otp)
 {
     return sprintf('otpauth://totp/%s?secret=%s&issuer=Passnote', urlencode($user->email), $otp->getValue(Seed::FORMAT_BASE32));
 }