From 240f12c9e6c7fc2e0e5632d50ce2fbf7c809eb8f Mon Sep 17 00:00:00 2001 From: Faynt Date: Mon, 8 Aug 2016 11:16:59 +0200 Subject: [PATCH 01/10] updated totp & yubikey templating to use JLayout --- .../plugins/twofactorauth/totp}/form.php | 2 ++ .../plugins/twofactorauth/yubikey}/form.php | 2 ++ plugins/twofactorauth/totp/totp.php | 30 +++++++------------ plugins/twofactorauth/yubikey/yubikey.php | 23 ++------------ 4 files changed, 17 insertions(+), 40 deletions(-) rename {plugins/twofactorauth/totp/tmpl => layouts/plugins/twofactorauth/totp}/form.php (99%) rename {plugins/twofactorauth/yubikey/tmpl => layouts/plugins/twofactorauth/yubikey}/form.php (96%) diff --git a/plugins/twofactorauth/totp/tmpl/form.php b/layouts/plugins/twofactorauth/totp/form.php similarity index 99% rename from plugins/twofactorauth/totp/tmpl/form.php rename to layouts/plugins/twofactorauth/totp/form.php index 6ca685b966e36..74ef06c8452ab 100644 --- a/plugins/twofactorauth/totp/tmpl/form.php +++ b/layouts/plugins/twofactorauth/totp/form.php @@ -8,6 +8,8 @@ */ defined('_JEXEC') or die; + +extract($displayData); ?> diff --git a/plugins/twofactorauth/yubikey/tmpl/form.php b/layouts/plugins/twofactorauth/yubikey/form.php similarity index 96% rename from plugins/twofactorauth/yubikey/tmpl/form.php rename to layouts/plugins/twofactorauth/yubikey/form.php index b678ad0d293aa..584ae03f296d3 100644 --- a/plugins/twofactorauth/yubikey/tmpl/form.php +++ b/layouts/plugins/twofactorauth/yubikey/form.php @@ -8,6 +8,8 @@ */ defined('_JEXEC') or die; + +$new_totp = $displayData["new_totp"]; ?>
diff --git a/plugins/twofactorauth/totp/totp.php b/plugins/twofactorauth/totp/totp.php index 16ff5216f8005..f64aafccc6d7e 100644 --- a/plugins/twofactorauth/totp/totp.php +++ b/plugins/twofactorauth/totp/totp.php @@ -132,26 +132,16 @@ public function onUserTwofactorShowConfiguration($otpConfig, $user_id = null) // Is this a new TOTP setup? If so, we'll have to show the code validation field. $new_totp = $otpConfig->method != 'totp'; - - // Start output buffering - @ob_start(); - - // Include the form.php from a template override. If none is found use the default. - $path = FOFPlatform::getInstance()->getTemplateOverridePath('plg_twofactorauth_totp', true); - - JLoader::import('joomla.filesystem.file'); - - if (JFile::exists($path . '/form.php')) - { - include_once $path . '/form.php'; - } - else - { - include_once __DIR__ . '/tmpl/form.php'; - } - - // Stop output buffering and get the form contents - $html = @ob_get_clean(); + // Start output buffering + $layout = new JLayoutFile('plugins.twofactorauth.totp.form'); + + $data = ['hostname'=>$hostname, + 'username'=>$username, + 'secret'=>$secret, + 'url'=>$url, + 'new_totp' => $new_totp + ]; + $html = $layout->render($data); // Return the form contents return array( diff --git a/plugins/twofactorauth/yubikey/yubikey.php b/plugins/twofactorauth/yubikey/yubikey.php index fc4f218b7da2b..e72f109e09144 100644 --- a/plugins/twofactorauth/yubikey/yubikey.php +++ b/plugins/twofactorauth/yubikey/yubikey.php @@ -121,26 +121,9 @@ public function onUserTwofactorShowConfiguration($otpConfig, $user_id = null) // Is this a new TOTP setup? If so, we'll have to show the code validation field. $new_totp = $otpConfig->method != $this->methodName; - - // Start output buffering - @ob_start(); - - // Include the form.php from a template override. If none is found use the default. - $path = FOFPlatform::getInstance()->getTemplateOverridePath('plg_twofactorauth_yubikey', true); - - JLoader::import('joomla.filesystem.file'); - - if (JFile::exists($path . '/form.php')) - { - include_once $path . '/form.php'; - } - else - { - include_once __DIR__ . '/tmpl/form.php'; - } - - // Stop output buffering and get the form contents - $html = @ob_get_clean(); + $layout = new JLayoutFile('plugins.twofactorauth.yubikey.form'); + $data = ['new_totp' => $new_totp]; + $html = $layout->render($data); // Return the form contents return array( From e1a08768cc228c7999ce1a22933c7ab7778a3fd3 Mon Sep 17 00:00:00 2001 From: Faynt Date: Mon, 8 Aug 2016 14:16:43 +0200 Subject: [PATCH 02/10] removed FOF dependeny from Yubikey --- plugins/twofactorauth/yubikey/yubikey.php | 6 ------ 1 file changed, 6 deletions(-) diff --git a/plugins/twofactorauth/yubikey/yubikey.php b/plugins/twofactorauth/yubikey/yubikey.php index e72f109e09144..de9366e38018e 100644 --- a/plugins/twofactorauth/yubikey/yubikey.php +++ b/plugins/twofactorauth/yubikey/yubikey.php @@ -45,12 +45,6 @@ class PlgTwofactorauthYubikey extends JPlugin public function __construct(&$subject, $config = array()) { parent::__construct($subject, $config); - - // Load the Joomla! RAD layer - if (!defined('FOF_INCLUDED')) - { - include_once JPATH_LIBRARIES . '/fof/include.php'; - } } /** From a60e5a35f1019b695b7e9cbe072993e98aba9711 Mon Sep 17 00:00:00 2001 From: Artjom Buechert Date: Mon, 8 Aug 2016 14:47:52 +0200 Subject: [PATCH 03/10] refactored Totp class from fof package to libraries/encrypt package --- libraries/joomla/encrypt/src/Base32.php | 221 ++++++++++++++++++++++++ libraries/joomla/encrypt/src/Totp.php | 181 +++++++++++++++++++ plugins/twofactorauth/totp/totp.php | 29 +--- 3 files changed, 411 insertions(+), 20 deletions(-) create mode 100644 libraries/joomla/encrypt/src/Base32.php create mode 100644 libraries/joomla/encrypt/src/Totp.php diff --git a/libraries/joomla/encrypt/src/Base32.php b/libraries/joomla/encrypt/src/Base32.php new file mode 100644 index 0000000000000..d2569ad1f6b9a --- /dev/null +++ b/libraries/joomla/encrypt/src/Base32.php @@ -0,0 +1,221 @@ + 0) + { + throw new Exception('Length must be divisible by 8'); + } + + if (!preg_match('/^[01]+$/', $str)) + { + throw new Exception('Only 0\'s and 1\'s are permitted'); + } + + preg_match_all('/.{8}/', $str, $chrs); + $chrs = array_map('bindec', $chrs[0]); + + // I'm just being slack here + array_unshift($chrs, 'C*'); + + return call_user_func_array('pack', $chrs); + } + + /** + * fromBin + * + * Converts a correct binary string to base32 + * + * @param string $str The string of 0's and 1's you want to convert + * + * @return string String encoded as base32 + * + * @throws exception + */ + private function fromBin($str) + { + if (strlen($str) % 8 > 0) + { + throw new Exception('Length must be divisible by 8'); + } + + if (!preg_match('/^[01]+$/', $str)) + { + throw new Exception('Only 0\'s and 1\'s are permitted'); + } + + // Base32 works on the first 5 bits of a byte, so we insert blanks to pad it out + $str = preg_replace('/(.{5})/', '000$1', $str); + + // We need a string divisible by 5 + $length = strlen($str); + $rbits = $length & 7; + + if ($rbits > 0) + { + // Excessive bits need to be padded + $ebits = substr($str, $length - $rbits); + $str = substr($str, 0, $length - $rbits); + $str .= "000$ebits" . str_repeat('0', 5 - strlen($ebits)); + } + + preg_match_all('/.{8}/', $str, $chrs); + $chrs = array_map(array($this, '_mapcharset'), $chrs[0]); + + return join('', $chrs); + } + + /** + * toBin + * + * Accepts a base32 string and returns an ascii binary string + * + * @param string $str The base32 string to convert + * + * @return string Ascii binary string + * + * @throws Exception + */ + private function toBin($str) + { + if (!preg_match('/^[' . self::CSRFC3548 . ']+$/', $str)) + { + throw new Exception('Must match character set'); + } + + // Convert the base32 string back to a binary string + $str = join('', array_map(array($this, '_mapbin'), str_split($str))); + + // Remove the extra 0's we added + $str = preg_replace('/000(.{5})/', '$1', $str); + + // Unpad if nessicary + $length = strlen($str); + $rbits = $length & 7; + + if ($rbits > 0) + { + $str = substr($str, 0, $length - $rbits); + } + + return $str; + } + + /** + * fromString + * + * Convert any string to a base32 string + * This should be binary safe... + * + * @param string $str The string to convert + * + * @return string The converted base32 string + */ + public function encode($str) + { + return $this->fromBin($this->str2bin($str)); + } + + /** + * toString + * + * Convert any base32 string to a normal sctring + * This should be binary safe... + * + * @param string $str The base32 string to convert + * + * @return string The normal string + */ + public function decode($str) + { + $str = strtoupper($str); + + return $this->bin2str($this->tobin($str)); + } + + /** + * _mapcharset + * + * Used with array_map to map the bits from a binary string + * directly into a base32 character set + * + * @param string $str The string of 0's and 1's you want to convert + * + * @return string Resulting base32 character + * + * @access private + */ + private function _mapcharset($str) + { + // Huh! + $x = self::CSRFC3548; + + return $x[bindec($str)]; + } + + /** + * _mapbin + * + * Used with array_map to map the characters from a base32 + * character set directly into a binary string + * + * @param string $chr The caracter to map + * + * @return string String of 0's and 1's + * + * @access private + */ + private function _mapbin($chr) + { + return sprintf('%08b', strpos(self::CSRFC3548, $chr)); + } +} diff --git a/libraries/joomla/encrypt/src/Totp.php b/libraries/joomla/encrypt/src/Totp.php new file mode 100644 index 0000000000000..ebb8e9f8314e6 --- /dev/null +++ b/libraries/joomla/encrypt/src/Totp.php @@ -0,0 +1,181 @@ +timeStep = $timeStep; + $this->passCodeLength = $passCodeLength; + $this->secretLength = $secretLength; + $this->pinModulo = pow(10, $this->passCodeLength); + + if (is_null($base32)) + { + $this->base32 = new Base32; + } + else + { + $this->base32 = $base32; + } + } + + /** + * Get the time period based on the $time timestamp and the Time Step + * defined. If $time is skipped or set to null the current timestamp will + * be used. + * + * @param int|null $time Timestamp + * + * @return int The time period since the UNIX Epoch + */ + public function getPeriod($time = null) + { + if (is_null($time)) + { + $time = time(); + } + + $period = floor($time / $this->timeStep); + + return $period; + } + + /** + * Check is the given passcode $code is a valid TOTP generated using secret + * key $secret + * + * @param string $secret The Base32-encoded secret key + * @param string $code The passcode to check + * + * @return boolean True if the code is valid + */ + public function checkCode($secret, $code) + { + $time = $this->getPeriod(); + + for ($i = -1; $i <= 1; $i++) + { + if ($this->getCode($secret, ($time + $i) * $this->timeStep) == $code) + { + return true; + } + } + + return false; + } + + /** + * Gets the TOTP passcode for a given secret key $secret and a given UNIX + * timestamp $time + * + * @param string $secret The Base32-encoded secret key + * @param int $time UNIX timestamp + * + * @return string + */ + public function getCode($secret, $time = null) + { + $period = $this->getPeriod($time); + $secret = $this->base32->decode($secret); + + $time = pack("N", $period); + $time = str_pad($time, 8, chr(0), STR_PAD_LEFT); + + $hash = hash_hmac('sha1', $time, $secret, true); + $offset = ord(substr($hash, -1)); + $offset = $offset & 0xF; + + $truncatedHash = $this->hashToInt($hash, $offset) & 0x7FFFFFFF; + $pinValue = str_pad($truncatedHash % $this->pinModulo, $this->passCodeLength, "0", STR_PAD_LEFT); + + return $pinValue; + } + + /** + * Extracts a part of a hash as an integer + * + * @param string $bytes The hash + * @param string $start The char to start from (0 = first char) + * + * @return string + */ + protected function hashToInt($bytes, $start) + { + $input = substr($bytes, $start, strlen($bytes) - $start); + $val2 = unpack("N", substr($input, 0, 4)); + + return $val2[1]; + } + + /** + * Returns a QR code URL for easy setup of TOTP apps like Google Authenticator + * + * @param string $user User + * @param string $hostname Hostname + * @param string $secret Secret string + * + * @return string + */ + public function getUrl($user, $hostname, $secret) + { + $url = sprintf("otpauth://totp/%s@%s?secret=%s", $user, $hostname, $secret); + $encoder = "https://chart.googleapis.com/chart?chs=200x200&chld=Q|2&cht=qr&chl="; + $encoderURL = $encoder . urlencode($url); + + return $encoderURL; + } + + /** + * Generates a (semi-)random Secret Key for TOTP generation + * + * @return string + */ + public function generateSecret() + { + $secret = ""; + + for ($i = 1; $i <= $this->secretLength; $i++) + { + $c = rand(0, 255); + $secret .= pack("c", $c); + } + + $this->base32 = new Base32; + + return $this->base32->encode($secret); + } +} diff --git a/plugins/twofactorauth/totp/totp.php b/plugins/twofactorauth/totp/totp.php index 16ff5216f8005..0d99610fac245 100644 --- a/plugins/twofactorauth/totp/totp.php +++ b/plugins/twofactorauth/totp/totp.php @@ -44,13 +44,11 @@ class PlgTwofactorauthTotp extends JPlugin */ public function __construct(&$subject, $config = array()) { - parent::__construct($subject, $config); - // Load the Joomla! RAD layer - if (!defined('FOF_INCLUDED')) - { - include_once JPATH_LIBRARIES . '/fof/include.php'; - } + include_once JPATH_LIBRARIES . '/joomla/encrypt/src/Totp.php'; + include_once JPATH_LIBRARIES . '/joomla/encrypt/src/Base32.php'; + + parent::__construct($subject, $config); } /** @@ -110,7 +108,7 @@ public function onUserTwofactorIdentify() public function onUserTwofactorShowConfiguration($otpConfig, $user_id = null) { // Create a new TOTP class with Google Authenticator compatible settings - $totp = new FOFEncryptTotp(30, 6, 10); + $totp = new Totp(30, 6, 10); if ($otpConfig->method == $this->methodName) { @@ -137,18 +135,9 @@ public function onUserTwofactorShowConfiguration($otpConfig, $user_id = null) @ob_start(); // Include the form.php from a template override. If none is found use the default. - $path = FOFPlatform::getInstance()->getTemplateOverridePath('plg_twofactorauth_totp', true); - - JLoader::import('joomla.filesystem.file'); + $path = '/opt/lampp/htdocs/joomla-cms/plugins/twofactorauth/totp/tmpl/'; - if (JFile::exists($path . '/form.php')) - { - include_once $path . '/form.php'; - } - else - { - include_once __DIR__ . '/tmpl/form.php'; - } + include_once $path . 'form.php'; // Stop output buffering and get the form contents $html = @ob_get_clean(); @@ -209,7 +198,7 @@ public function onUserTwofactorApplyConfiguration($method) } // Create a new TOTP class with Google Authenticator compatible settings - $totp = new FOFEncryptTotp(30, 6, 10); + $totp = new Totp(30, 6, 10); // Check the security code entered by the user (exact time slot match) $code = $totp->getCode($data['key']); @@ -291,7 +280,7 @@ public function onUserTwofactorAuthenticate($credentials, $options) } // Create a new TOTP class with Google Authenticator compatible settings - $totp = new FOFEncryptTotp(30, 6, 10); + $totp = new Totp(30, 6, 10); // Check the code $code = $totp->getCode($otpConfig->config['code']); From 2b0a95f9e86371a233f523aef017a4f3d2095e1b Mon Sep 17 00:00:00 2001 From: Faynt Date: Thu, 11 Aug 2016 10:18:42 +0200 Subject: [PATCH 04/10] removed obsolete constructor cleaned phpcs errors --- plugins/twofactorauth/totp/totp.php | 22 +++++++++++----------- plugins/twofactorauth/yubikey/yubikey.php | 21 +++------------------ 2 files changed, 14 insertions(+), 29 deletions(-) diff --git a/plugins/twofactorauth/totp/totp.php b/plugins/twofactorauth/totp/totp.php index a2a41a29f4061..0697df74ed967 100644 --- a/plugins/twofactorauth/totp/totp.php +++ b/plugins/twofactorauth/totp/totp.php @@ -44,7 +44,6 @@ class PlgTwofactorauthTotp extends JPlugin */ public function __construct(&$subject, $config = array()) { - include_once JPATH_LIBRARIES . '/joomla/encrypt/src/Totp.php'; include_once JPATH_LIBRARIES . '/joomla/encrypt/src/Base32.php'; @@ -130,16 +129,17 @@ public function onUserTwofactorShowConfiguration($otpConfig, $user_id = null) // Is this a new TOTP setup? If so, we'll have to show the code validation field. $new_totp = $otpConfig->method != 'totp'; - // Start output buffering - $layout = new JLayoutFile('plugins.twofactorauth.totp.form'); - - $data = ['hostname'=>$hostname, - 'username'=>$username, - 'secret'=>$secret, - 'url'=>$url, - 'new_totp' => $new_totp - ]; - $html = $layout->render($data); + + // Start output buffering + $layout = new JLayoutFile('plugins.twofactorauth.totp.form'); + + $data = ['hostname' => $hostname, + 'username' => $username, + 'secret' => $secret, + 'url' => $url, + 'new_totp' => $new_totp + ]; + $html = $layout->render($data); // Return the form contents return array( diff --git a/plugins/twofactorauth/yubikey/yubikey.php b/plugins/twofactorauth/yubikey/yubikey.php index de9366e38018e..3b7ddfdbe8ff3 100644 --- a/plugins/twofactorauth/yubikey/yubikey.php +++ b/plugins/twofactorauth/yubikey/yubikey.php @@ -32,21 +32,6 @@ class PlgTwofactorauthYubikey extends JPlugin */ protected $methodName = 'yubikey'; - /** - * Constructor - * - * @param object &$subject The object to observe - * @param array $config An optional associative array of configuration settings. - * Recognized key values include 'name', 'group', 'params', 'language' - * (this list is not meant to be comprehensive). - * - * @since 3.2 - */ - public function __construct(&$subject, $config = array()) - { - parent::__construct($subject, $config); - } - /** * This method returns the identification object for this two factor * authentication plugin. @@ -115,9 +100,9 @@ public function onUserTwofactorShowConfiguration($otpConfig, $user_id = null) // Is this a new TOTP setup? If so, we'll have to show the code validation field. $new_totp = $otpConfig->method != $this->methodName; - $layout = new JLayoutFile('plugins.twofactorauth.yubikey.form'); - $data = ['new_totp' => $new_totp]; - $html = $layout->render($data); + $layout = new JLayoutFile('plugins.twofactorauth.yubikey.form'); + $data = ['new_totp' => $new_totp]; + $html = $layout->render($data); // Return the form contents return array( From 7391252af1d9b7b92c96351843a8fd6277c430aa Mon Sep 17 00:00:00 2001 From: Faynt Date: Thu, 11 Aug 2016 10:52:14 +0200 Subject: [PATCH 05/10] cleaned phpcs errors --- libraries/joomla/encrypt/src/Base32.php | 9 +++++---- libraries/joomla/encrypt/src/Totp.php | 6 ++++-- 2 files changed, 9 insertions(+), 6 deletions(-) diff --git a/libraries/joomla/encrypt/src/Base32.php b/libraries/joomla/encrypt/src/Base32.php index d2569ad1f6b9a..71a79afcdf0e1 100644 --- a/libraries/joomla/encrypt/src/Base32.php +++ b/libraries/joomla/encrypt/src/Base32.php @@ -1,9 +1,10 @@ Date: Thu, 11 Aug 2016 13:05:36 +0200 Subject: [PATCH 06/10] changed array for < PHP 5.4 compatibility moved files up a level because there are no namespaces yet cleaned up xml files simplified array extraction --- layouts/plugins/twofactorauth/yubikey/form.php | 2 +- libraries/joomla/encrypt/{src => }/Base32.php | 0 libraries/joomla/encrypt/{src => }/Totp.php | 0 plugins/twofactorauth/totp/totp.php | 8 ++++---- plugins/twofactorauth/totp/totp.xml | 1 - plugins/twofactorauth/yubikey/yubikey.php | 2 +- plugins/twofactorauth/yubikey/yubikey.xml | 1 - 7 files changed, 6 insertions(+), 8 deletions(-) rename libraries/joomla/encrypt/{src => }/Base32.php (100%) rename libraries/joomla/encrypt/{src => }/Totp.php (100%) diff --git a/layouts/plugins/twofactorauth/yubikey/form.php b/layouts/plugins/twofactorauth/yubikey/form.php index 584ae03f296d3..8c68fe500d1b7 100644 --- a/layouts/plugins/twofactorauth/yubikey/form.php +++ b/layouts/plugins/twofactorauth/yubikey/form.php @@ -9,7 +9,7 @@ defined('_JEXEC') or die; -$new_totp = $displayData["new_totp"]; +extract($displayData); ?>
diff --git a/libraries/joomla/encrypt/src/Base32.php b/libraries/joomla/encrypt/Base32.php similarity index 100% rename from libraries/joomla/encrypt/src/Base32.php rename to libraries/joomla/encrypt/Base32.php diff --git a/libraries/joomla/encrypt/src/Totp.php b/libraries/joomla/encrypt/Totp.php similarity index 100% rename from libraries/joomla/encrypt/src/Totp.php rename to libraries/joomla/encrypt/Totp.php diff --git a/plugins/twofactorauth/totp/totp.php b/plugins/twofactorauth/totp/totp.php index 0697df74ed967..e7a955849dd21 100644 --- a/plugins/twofactorauth/totp/totp.php +++ b/plugins/twofactorauth/totp/totp.php @@ -44,8 +44,8 @@ class PlgTwofactorauthTotp extends JPlugin */ public function __construct(&$subject, $config = array()) { - include_once JPATH_LIBRARIES . '/joomla/encrypt/src/Totp.php'; - include_once JPATH_LIBRARIES . '/joomla/encrypt/src/Base32.php'; + include_once JPATH_LIBRARIES . '/joomla/encrypt/Totp.php'; + include_once JPATH_LIBRARIES . '/joomla/encrypt/Base32.php'; parent::__construct($subject, $config); } @@ -133,12 +133,12 @@ public function onUserTwofactorShowConfiguration($otpConfig, $user_id = null) // Start output buffering $layout = new JLayoutFile('plugins.twofactorauth.totp.form'); - $data = ['hostname' => $hostname, + $data = array('hostname' => $hostname, 'username' => $username, 'secret' => $secret, 'url' => $url, 'new_totp' => $new_totp - ]; + ); $html = $layout->render($data); // Return the form contents diff --git a/plugins/twofactorauth/totp/totp.xml b/plugins/twofactorauth/totp/totp.xml index 1168325d52d08..37cba209707b2 100644 --- a/plugins/twofactorauth/totp/totp.xml +++ b/plugins/twofactorauth/totp/totp.xml @@ -12,7 +12,6 @@ totp.php postinstall - tmpl en-GB.plg_twofactorauth_totp.ini diff --git a/plugins/twofactorauth/yubikey/yubikey.php b/plugins/twofactorauth/yubikey/yubikey.php index 3b7ddfdbe8ff3..1cde057a6929c 100644 --- a/plugins/twofactorauth/yubikey/yubikey.php +++ b/plugins/twofactorauth/yubikey/yubikey.php @@ -101,7 +101,7 @@ public function onUserTwofactorShowConfiguration($otpConfig, $user_id = null) // Is this a new TOTP setup? If so, we'll have to show the code validation field. $new_totp = $otpConfig->method != $this->methodName; $layout = new JLayoutFile('plugins.twofactorauth.yubikey.form'); - $data = ['new_totp' => $new_totp]; + $data = array('new_totp' => $new_totp); $html = $layout->render($data); // Return the form contents diff --git a/plugins/twofactorauth/yubikey/yubikey.xml b/plugins/twofactorauth/yubikey/yubikey.xml index 572977a8bbd6d..d5adde5c9d3f7 100644 --- a/plugins/twofactorauth/yubikey/yubikey.xml +++ b/plugins/twofactorauth/yubikey/yubikey.xml @@ -11,7 +11,6 @@ PLG_TWOFACTORAUTH_YUBIKEY_XML_DESCRIPTION yubikey.php - tmpl en-GB.plg_twofactorauth_yubikey.ini From 0671a46ff76746af9939a509e2dd5fdea0daf542 Mon Sep 17 00:00:00 2001 From: Faynt Date: Fri, 12 Aug 2016 10:15:08 +0200 Subject: [PATCH 07/10] changed file and classname to match the autoload name convention --- .../joomla/encrypt/{Base32.php => base32.php} | 3 ++- .../joomla/encrypt/{Totp.php => totp.php} | 7 +++--- plugins/twofactorauth/totp/totp.php | 24 +++---------------- 3 files changed, 9 insertions(+), 25 deletions(-) rename libraries/joomla/encrypt/{Base32.php => base32.php} (98%) rename libraries/joomla/encrypt/{Totp.php => totp.php} (97%) diff --git a/libraries/joomla/encrypt/Base32.php b/libraries/joomla/encrypt/base32.php similarity index 98% rename from libraries/joomla/encrypt/Base32.php rename to libraries/joomla/encrypt/base32.php index 71a79afcdf0e1..9f6021fbd05d6 100644 --- a/libraries/joomla/encrypt/Base32.php +++ b/libraries/joomla/encrypt/base32.php @@ -7,13 +7,14 @@ * @license GNU General Public License version 2 or later; see LICENSE */ +defined('JPATH_PLATFORM') or die; /** * Base32 * * @since 1.0 */ -class Base32 +class JEncryptBase32 { /** * CSRFC3548 diff --git a/libraries/joomla/encrypt/Totp.php b/libraries/joomla/encrypt/totp.php similarity index 97% rename from libraries/joomla/encrypt/Totp.php rename to libraries/joomla/encrypt/totp.php index a132452f58f04..e38e571680bf8 100644 --- a/libraries/joomla/encrypt/Totp.php +++ b/libraries/joomla/encrypt/totp.php @@ -7,6 +7,7 @@ * @license GNU General Public License version 2 or later; see LICENSE */ +defined('JPATH_PLATFORM') or die; /** * This class provides an RFC6238-compliant Time-based One Time Passwords, @@ -15,7 +16,7 @@ * @package Encrypt * @since 1.0 */ -class Totp +class JEncryptTotp { private $passCodeLength = 6; @@ -47,7 +48,7 @@ public function __construct($timeStep = 30, $passCodeLength = 6, $secretLength = if (is_null($base32)) { - $this->base32 = new Base32; + $this->base32 = new JEncryptBase32; } else { @@ -176,7 +177,7 @@ public function generateSecret() $secret .= pack("c", $c); } - $this->base32 = new Base32; + $this->base32 = new JEncryptBase32; return $this->base32->encode($secret); } diff --git a/plugins/twofactorauth/totp/totp.php b/plugins/twofactorauth/totp/totp.php index e7a955849dd21..17b0d2a34071b 100644 --- a/plugins/twofactorauth/totp/totp.php +++ b/plugins/twofactorauth/totp/totp.php @@ -32,24 +32,6 @@ class PlgTwofactorauthTotp extends JPlugin */ protected $methodName = 'totp'; - /** - * Constructor - * - * @param object &$subject The object to observe - * @param array $config An optional associative array of configuration settings. - * Recognized key values include 'name', 'group', 'params', 'language' - * (this list is not meant to be comprehensive). - * - * @since 3.2 - */ - public function __construct(&$subject, $config = array()) - { - include_once JPATH_LIBRARIES . '/joomla/encrypt/Totp.php'; - include_once JPATH_LIBRARIES . '/joomla/encrypt/Base32.php'; - - parent::__construct($subject, $config); - } - /** * This method returns the identification object for this two factor * authentication plugin. @@ -107,7 +89,7 @@ public function onUserTwofactorIdentify() public function onUserTwofactorShowConfiguration($otpConfig, $user_id = null) { // Create a new TOTP class with Google Authenticator compatible settings - $totp = new Totp(30, 6, 10); + $totp = new JEncryptTotp(30, 6, 10); if ($otpConfig->method == $this->methodName) { @@ -197,7 +179,7 @@ public function onUserTwofactorApplyConfiguration($method) } // Create a new TOTP class with Google Authenticator compatible settings - $totp = new Totp(30, 6, 10); + $totp = new JEncryptTotp(30, 6, 10); // Check the security code entered by the user (exact time slot match) $code = $totp->getCode($data['key']); @@ -279,7 +261,7 @@ public function onUserTwofactorAuthenticate($credentials, $options) } // Create a new TOTP class with Google Authenticator compatible settings - $totp = new Totp(30, 6, 10); + $totp = new JEncryptTotp(30, 6, 10); // Check the code $code = $totp->getCode($otpConfig->config['code']); From 0fdb34af48ca554c5db050af3e428f7f4c9d8fac Mon Sep 17 00:00:00 2001 From: Faynt Date: Fri, 12 Aug 2016 10:47:28 +0200 Subject: [PATCH 08/10] reverted layout changes due to B/C refactored from FOF override path to use core functions --- .../twofactorauth/totp/tmpl}/form.php | 1 - plugins/twofactorauth/totp/totp.php | 22 ++++++++++++------- .../twofactorauth/yubikey/tmpl}/form.php | 1 - plugins/twofactorauth/yubikey/yubikey.php | 20 ++++++++++++++--- 4 files changed, 31 insertions(+), 13 deletions(-) rename {layouts/plugins/twofactorauth/totp => plugins/twofactorauth/totp/tmpl}/form.php (99%) rename {layouts/plugins/twofactorauth/yubikey => plugins/twofactorauth/yubikey/tmpl}/form.php (98%) diff --git a/layouts/plugins/twofactorauth/totp/form.php b/plugins/twofactorauth/totp/tmpl/form.php similarity index 99% rename from layouts/plugins/twofactorauth/totp/form.php rename to plugins/twofactorauth/totp/tmpl/form.php index 74ef06c8452ab..c4ad0d4338f71 100644 --- a/layouts/plugins/twofactorauth/totp/form.php +++ b/plugins/twofactorauth/totp/tmpl/form.php @@ -9,7 +9,6 @@ defined('_JEXEC') or die; -extract($displayData); ?> diff --git a/plugins/twofactorauth/totp/totp.php b/plugins/twofactorauth/totp/totp.php index 17b0d2a34071b..840fdd2308903 100644 --- a/plugins/twofactorauth/totp/totp.php +++ b/plugins/twofactorauth/totp/totp.php @@ -113,15 +113,21 @@ public function onUserTwofactorShowConfiguration($otpConfig, $user_id = null) $new_totp = $otpConfig->method != 'totp'; // Start output buffering - $layout = new JLayoutFile('plugins.twofactorauth.totp.form'); + @ob_start(); + $path = JPATH_THEMES . "/" . JFactory::getApplication()->getTemplate() . "/html/plg_twofactorauth_totp"; - $data = array('hostname' => $hostname, - 'username' => $username, - 'secret' => $secret, - 'url' => $url, - 'new_totp' => $new_totp - ); - $html = $layout->render($data); + JLoader::import('joomla.filesystem.file'); + + if (JFile::exists($path . '/form.php')) + { + include_once $path . '/form.php'; + } + else + { + include_once __DIR__ . '/tmpl/form.php'; + } + // Stop output buffering and get the form contents + $html = @ob_get_clean(); // Return the form contents return array( diff --git a/layouts/plugins/twofactorauth/yubikey/form.php b/plugins/twofactorauth/yubikey/tmpl/form.php similarity index 98% rename from layouts/plugins/twofactorauth/yubikey/form.php rename to plugins/twofactorauth/yubikey/tmpl/form.php index 8c68fe500d1b7..2ef5ef872d0e8 100644 --- a/layouts/plugins/twofactorauth/yubikey/form.php +++ b/plugins/twofactorauth/yubikey/tmpl/form.php @@ -9,7 +9,6 @@ defined('_JEXEC') or die; -extract($displayData); ?>
diff --git a/plugins/twofactorauth/yubikey/yubikey.php b/plugins/twofactorauth/yubikey/yubikey.php index 1cde057a6929c..50d9a2d51c25d 100644 --- a/plugins/twofactorauth/yubikey/yubikey.php +++ b/plugins/twofactorauth/yubikey/yubikey.php @@ -100,9 +100,23 @@ public function onUserTwofactorShowConfiguration($otpConfig, $user_id = null) // Is this a new TOTP setup? If so, we'll have to show the code validation field. $new_totp = $otpConfig->method != $this->methodName; - $layout = new JLayoutFile('plugins.twofactorauth.yubikey.form'); - $data = array('new_totp' => $new_totp); - $html = $layout->render($data); + + // Start output buffering + @ob_start(); + $path = JPATH_THEMES . "/" . JFactory::getApplication()->getTemplate() . "/html/plg_twofactorauth_yubikey"; + + JLoader::import('joomla.filesystem.file'); + + if (JFile::exists($path . '/form.php')) + { + include_once $path . '/form.php'; + } + else + { + include_once __DIR__ . '/tmpl/form.php'; + } + // Stop output buffering and get the form contents + $html = @ob_get_clean(); // Return the form contents return array( From 4bed2e5a5ef16c4d44978fd7d023b488ac2e1977 Mon Sep 17 00:00:00 2001 From: Faynt Date: Fri, 12 Aug 2016 10:54:26 +0200 Subject: [PATCH 09/10] Added proper attribution --- libraries/joomla/encrypt/base32.php | 2 +- libraries/joomla/encrypt/totp.php | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/libraries/joomla/encrypt/base32.php b/libraries/joomla/encrypt/base32.php index 9f6021fbd05d6..5c85475b477e6 100644 --- a/libraries/joomla/encrypt/base32.php +++ b/libraries/joomla/encrypt/base32.php @@ -3,7 +3,7 @@ * @package Joomla.Platform * @subpackage Encrypt * - * @copyright Copyright (C) 2005 - 2016 Open Source Matters, Inc. All rights reserved. + * @copyright Copyright (C) 2010 - 2015 Nicholas K. Dionysopoulos / Akeeba Ltd. All rights reserved. * @license GNU General Public License version 2 or later; see LICENSE */ diff --git a/libraries/joomla/encrypt/totp.php b/libraries/joomla/encrypt/totp.php index e38e571680bf8..b33cc0d0eea4e 100644 --- a/libraries/joomla/encrypt/totp.php +++ b/libraries/joomla/encrypt/totp.php @@ -3,7 +3,7 @@ * @package Joomla.Platform * @subpackage Encrypt * - * @copyright Copyright (C) 2005 - 2016 Open Source Matters, Inc. All rights reserved. + * @copyright Copyright (C) 2010 - 2015 Nicholas K. Dionysopoulos / Akeeba Ltd. All rights reserved. * @license GNU General Public License version 2 or later; see LICENSE */ From dc2655d32c85e75bc2b61e8f9c98ef408720f02f Mon Sep 17 00:00:00 2001 From: Faynt Date: Fri, 12 Aug 2016 13:18:45 +0200 Subject: [PATCH 10/10] Use JPluginHelper to resolve the template path Fixed xml files --- plugins/twofactorauth/totp/tmpl/form.php | 1 - plugins/twofactorauth/totp/totp.php | 11 +---------- plugins/twofactorauth/totp/totp.xml | 1 + plugins/twofactorauth/yubikey/tmpl/form.php | 1 - plugins/twofactorauth/yubikey/yubikey.php | 11 +---------- plugins/twofactorauth/yubikey/yubikey.xml | 1 + 6 files changed, 4 insertions(+), 22 deletions(-) diff --git a/plugins/twofactorauth/totp/tmpl/form.php b/plugins/twofactorauth/totp/tmpl/form.php index c4ad0d4338f71..6ca685b966e36 100644 --- a/plugins/twofactorauth/totp/tmpl/form.php +++ b/plugins/twofactorauth/totp/tmpl/form.php @@ -8,7 +8,6 @@ */ defined('_JEXEC') or die; - ?> diff --git a/plugins/twofactorauth/totp/totp.php b/plugins/twofactorauth/totp/totp.php index 840fdd2308903..4d6c7da125f9f 100644 --- a/plugins/twofactorauth/totp/totp.php +++ b/plugins/twofactorauth/totp/totp.php @@ -114,18 +114,9 @@ public function onUserTwofactorShowConfiguration($otpConfig, $user_id = null) // Start output buffering @ob_start(); - $path = JPATH_THEMES . "/" . JFactory::getApplication()->getTemplate() . "/html/plg_twofactorauth_totp"; - JLoader::import('joomla.filesystem.file'); + include_once JPluginHelper::getLayoutPath('twofactorauth', 'totp', "form"); - if (JFile::exists($path . '/form.php')) - { - include_once $path . '/form.php'; - } - else - { - include_once __DIR__ . '/tmpl/form.php'; - } // Stop output buffering and get the form contents $html = @ob_get_clean(); diff --git a/plugins/twofactorauth/totp/totp.xml b/plugins/twofactorauth/totp/totp.xml index 37cba209707b2..1168325d52d08 100644 --- a/plugins/twofactorauth/totp/totp.xml +++ b/plugins/twofactorauth/totp/totp.xml @@ -12,6 +12,7 @@ totp.php postinstall + tmpl en-GB.plg_twofactorauth_totp.ini diff --git a/plugins/twofactorauth/yubikey/tmpl/form.php b/plugins/twofactorauth/yubikey/tmpl/form.php index 2ef5ef872d0e8..b678ad0d293aa 100644 --- a/plugins/twofactorauth/yubikey/tmpl/form.php +++ b/plugins/twofactorauth/yubikey/tmpl/form.php @@ -8,7 +8,6 @@ */ defined('_JEXEC') or die; - ?>
diff --git a/plugins/twofactorauth/yubikey/yubikey.php b/plugins/twofactorauth/yubikey/yubikey.php index 50d9a2d51c25d..f1b4331047399 100644 --- a/plugins/twofactorauth/yubikey/yubikey.php +++ b/plugins/twofactorauth/yubikey/yubikey.php @@ -103,18 +103,9 @@ public function onUserTwofactorShowConfiguration($otpConfig, $user_id = null) // Start output buffering @ob_start(); - $path = JPATH_THEMES . "/" . JFactory::getApplication()->getTemplate() . "/html/plg_twofactorauth_yubikey"; - JLoader::import('joomla.filesystem.file'); + include_once JPluginHelper::getLayoutPath('twofactorauth', 'yubikey', "form"); - if (JFile::exists($path . '/form.php')) - { - include_once $path . '/form.php'; - } - else - { - include_once __DIR__ . '/tmpl/form.php'; - } // Stop output buffering and get the form contents $html = @ob_get_clean(); diff --git a/plugins/twofactorauth/yubikey/yubikey.xml b/plugins/twofactorauth/yubikey/yubikey.xml index d5adde5c9d3f7..572977a8bbd6d 100644 --- a/plugins/twofactorauth/yubikey/yubikey.xml +++ b/plugins/twofactorauth/yubikey/yubikey.xml @@ -11,6 +11,7 @@ PLG_TWOFACTORAUTH_YUBIKEY_XML_DESCRIPTION yubikey.php + tmpl en-GB.plg_twofactorauth_yubikey.ini