179 lines
5.9 KiB
PHP
179 lines
5.9 KiB
PHP
<?php
|
|
|
|
declare(strict_types=1);
|
|
|
|
/*
|
|
* This file is part of the Sonata Project package.
|
|
*
|
|
* (c) Thomas Rabaix <thomas.rabaix@sonata-project.org>
|
|
*
|
|
* For the full copyright and license information, please view the LICENSE
|
|
* file that was distributed with this source code.
|
|
*/
|
|
|
|
namespace Sonata\GoogleAuthenticator;
|
|
|
|
/**
|
|
* @see https://github.com/google/google-authenticator/wiki/Key-Uri-Format
|
|
*/
|
|
final class GoogleAuthenticator implements GoogleAuthenticatorInterface
|
|
{
|
|
/**
|
|
* @var int
|
|
*/
|
|
private $passCodeLength;
|
|
|
|
/**
|
|
* @var int
|
|
*/
|
|
private $secretLength;
|
|
|
|
/**
|
|
* @var int
|
|
*/
|
|
private $pinModulo;
|
|
|
|
/**
|
|
* @var \DateTimeInterface
|
|
*/
|
|
private $instanceTime;
|
|
|
|
/**
|
|
* @var int
|
|
*/
|
|
private $codePeriod;
|
|
|
|
/**
|
|
* @var int
|
|
*/
|
|
private $periodSize = 30;
|
|
|
|
public function __construct(int $passCodeLength = 6, int $secretLength = 10, ?\DateTimeInterface $instanceTime = null, int $codePeriod = 30)
|
|
{
|
|
/*
|
|
* codePeriod is the duration in seconds that the code is valid.
|
|
* periodSize is the length of a period to calculate periods since Unix epoch.
|
|
* periodSize cannot be larger than the codePeriod.
|
|
*/
|
|
|
|
$this->passCodeLength = $passCodeLength;
|
|
$this->secretLength = $secretLength;
|
|
$this->codePeriod = $codePeriod;
|
|
$this->periodSize = $codePeriod < $this->periodSize ? $codePeriod : $this->periodSize;
|
|
$this->pinModulo = 10 ** $passCodeLength;
|
|
$this->instanceTime = $instanceTime ?? new \DateTimeImmutable();
|
|
}
|
|
|
|
/**
|
|
* @param string $secret
|
|
* @param string $code
|
|
* @param int $discrepancy
|
|
*/
|
|
public function checkCode($secret, $code, $discrepancy = 1): bool
|
|
{
|
|
/**
|
|
* Discrepancy is the factor of periodSize ($discrepancy * $periodSize) allowed on either side of the
|
|
* given codePeriod. For example, if a code with codePeriod = 60 is generated at 10:00:00, a discrepancy
|
|
* of 1 will allow a periodSize of 30 seconds on either side of the codePeriod resulting in a valid code
|
|
* from 09:59:30 to 10:00:29.
|
|
*
|
|
* The result of each comparison is stored as a timestamp here instead of using a guard clause
|
|
* (https://refactoring.com/catalog/replaceNestedConditionalWithGuardClauses.html). This is to implement
|
|
* constant time comparison to make side-channel attacks harder. See
|
|
* https://cryptocoding.net/index.php/Coding_rules#Compare_secret_strings_in_constant_time for details.
|
|
* Each comparison uses hash_equals() instead of an operator to implement constant time equality comparison
|
|
* for each code.
|
|
*/
|
|
$periods = floor($this->codePeriod / $this->periodSize);
|
|
|
|
$result = 0;
|
|
for ($i = -$discrepancy; $i < $periods + $discrepancy; ++$i) {
|
|
$dateTime = new \DateTimeImmutable('@'.($this->instanceTime->getTimestamp() - ($i * $this->periodSize)));
|
|
$result = hash_equals($this->getCode($secret, $dateTime), $code) ? $dateTime->getTimestamp() : $result;
|
|
}
|
|
|
|
return $result > 0;
|
|
}
|
|
|
|
/**
|
|
* NEXT_MAJOR: add the interface typehint to $time and remove deprecation.
|
|
*
|
|
* @param string $secret
|
|
* @param float|string|int|\DateTimeInterface|null $time
|
|
*/
|
|
public function getCode($secret, /* \DateTimeInterface */ $time = null): string
|
|
{
|
|
if (null === $time) {
|
|
$time = $this->instanceTime;
|
|
}
|
|
|
|
if ($time instanceof \DateTimeInterface) {
|
|
$timeForCode = floor($time->getTimestamp() / $this->periodSize);
|
|
} else {
|
|
@trigger_error(
|
|
'Passing anything other than null or a DateTimeInterface to $time is deprecated as of 2.0 '.
|
|
'and will not be possible as of 3.0.',
|
|
\E_USER_DEPRECATED
|
|
);
|
|
$timeForCode = $time;
|
|
}
|
|
|
|
$base32 = new FixedBitNotation(5, 'ABCDEFGHIJKLMNOPQRSTUVWXYZ234567', true, true);
|
|
$secret = $base32->decode($secret);
|
|
|
|
$timeForCode = str_pad(pack('N', $timeForCode), 8, \chr(0), \STR_PAD_LEFT);
|
|
|
|
$hash = hash_hmac('sha1', $timeForCode, $secret, true);
|
|
$offset = \ord(substr($hash, -1));
|
|
$offset &= 0xF;
|
|
|
|
$truncatedHash = $this->hashToInt($hash, $offset) & 0x7FFFFFFF;
|
|
|
|
return str_pad((string) ($truncatedHash % $this->pinModulo), $this->passCodeLength, '0', \STR_PAD_LEFT);
|
|
}
|
|
|
|
/**
|
|
* NEXT_MAJOR: Remove this method.
|
|
*
|
|
* @param string $user
|
|
* @param string $hostname
|
|
* @param string $secret
|
|
*
|
|
* @deprecated deprecated as of 2.1 and will be removed in 3.0. Use Sonata\GoogleAuthenticator\GoogleQrUrl::generate() instead.
|
|
*/
|
|
public function getUrl($user, $hostname, $secret): string
|
|
{
|
|
@trigger_error(sprintf(
|
|
'Using %s() is deprecated as of 2.1 and will be removed in 3.0. '.
|
|
'Use Sonata\GoogleAuthenticator\GoogleQrUrl::generate() instead.',
|
|
__METHOD__
|
|
), \E_USER_DEPRECATED);
|
|
|
|
$issuer = \func_get_args()[3] ?? null;
|
|
$accountName = sprintf('%s@%s', $user, $hostname);
|
|
|
|
// manually concat the issuer to avoid a change in URL
|
|
$url = GoogleQrUrl::generate($accountName, $secret);
|
|
|
|
if ($issuer) {
|
|
$url .= '%26issuer%3D'.$issuer;
|
|
}
|
|
|
|
return $url;
|
|
}
|
|
|
|
public function generateSecret(): string
|
|
{
|
|
return (new FixedBitNotation(5, 'ABCDEFGHIJKLMNOPQRSTUVWXYZ234567', true, true))
|
|
->encode(random_bytes($this->secretLength));
|
|
}
|
|
|
|
private function hashToInt(string $bytes, int $start): int
|
|
{
|
|
return unpack('N', substr(substr($bytes, $start), 0, 4))[1];
|
|
}
|
|
}
|
|
|
|
// NEXT_MAJOR: Remove class alias
|
|
class_alias('Sonata\GoogleAuthenticator\GoogleAuthenticator', 'Google\Authenticator\GoogleAuthenticator', false);
|