159 lines
4.0 KiB
PHP
Executable File
159 lines
4.0 KiB
PHP
Executable File
<?php
|
|
/* vim: set expandtab sw=4 ts=4 sts=4: */
|
|
/**
|
|
* Second authentication factor handling
|
|
*
|
|
* @package PhpMyAdmin
|
|
*/
|
|
namespace PhpMyAdmin\Plugins\TwoFactor;
|
|
|
|
use PhpMyAdmin\TwoFactor;
|
|
use PhpMyAdmin\Template;
|
|
use PhpMyAdmin\Plugins\TwoFactorPlugin;
|
|
use PragmaRX\Google2FA\Google2FA;
|
|
|
|
/**
|
|
* HOTP and TOTP based two-factor authentication
|
|
*
|
|
* Also known as Google, Authy, or OTP
|
|
*/
|
|
class Application extends TwoFactorPlugin
|
|
{
|
|
/**
|
|
* @var string
|
|
*/
|
|
public static $id = 'application';
|
|
|
|
protected $_google2fa;
|
|
|
|
/**
|
|
* Creates object
|
|
*
|
|
* @param TwoFactor $twofactor TwoFactor instance
|
|
*/
|
|
public function __construct(TwoFactor $twofactor)
|
|
{
|
|
parent::__construct($twofactor);
|
|
$this->_google2fa = new Google2FA();
|
|
$this->_google2fa->setWindow(8);
|
|
if (!isset($this->_twofactor->config['settings']['secret'])) {
|
|
$this->_twofactor->config['settings']['secret'] = '';
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Get any property of this class
|
|
*
|
|
* @param string $property name of the property
|
|
*
|
|
* @return mixed|void if property exist, value of the relevant property
|
|
*/
|
|
public function __get($property)
|
|
{
|
|
switch ($property) {
|
|
case 'google2fa':
|
|
return $this->_google2fa;
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Checks authentication, returns true on success
|
|
*
|
|
* @return boolean
|
|
*/
|
|
public function check()
|
|
{
|
|
$this->_provided = false;
|
|
if (!isset($_POST['2fa_code'])) {
|
|
return false;
|
|
}
|
|
$this->_provided = true;
|
|
return $this->_google2fa->verifyKey(
|
|
$this->_twofactor->config['settings']['secret'], $_POST['2fa_code']
|
|
);
|
|
}
|
|
|
|
/**
|
|
* Renders user interface to enter two-factor authentication
|
|
*
|
|
* @return string HTML code
|
|
*/
|
|
public function render()
|
|
{
|
|
return Template::get('login/twofactor/application')->render();
|
|
}
|
|
|
|
/**
|
|
* Renders user interface to configure two-factor authentication
|
|
*
|
|
* @return string HTML code
|
|
*/
|
|
public function setup()
|
|
{
|
|
$secret = $this->_twofactor->config['settings']['secret'];
|
|
$renderArray = ['secret' => $secret];
|
|
if (extension_loaded('gd')) {
|
|
$inlineUrl = $this->_google2fa->getQRCodeInline(
|
|
'phpMyAdmin (' . $this->getAppId(false) . ')',
|
|
$this->_twofactor->user,
|
|
$secret
|
|
);
|
|
$renderArray['image'] = $inlineUrl;
|
|
} else {
|
|
$inlineUrl = $this->_google2fa->getQRCodeUrl(
|
|
'phpMyAdmin (' . $this->getAppId(false) . ')',
|
|
$this->_twofactor->user,
|
|
$secret
|
|
);
|
|
trigger_error(
|
|
__(
|
|
'The gd PHP extension was not found.'
|
|
. ' The QRcode can not be displayed without the gd PHP extension.'
|
|
),
|
|
E_USER_WARNING
|
|
);
|
|
$renderArray['url'] = $inlineUrl;
|
|
}
|
|
return Template::get('login/twofactor/application_configure')->render($renderArray);
|
|
}
|
|
|
|
/**
|
|
* Performs backend configuration
|
|
*
|
|
* @return boolean
|
|
*/
|
|
public function configure()
|
|
{
|
|
if (! isset($_SESSION['2fa_application_key'])) {
|
|
$_SESSION['2fa_application_key'] = $this->_google2fa->generateSecretKey();
|
|
}
|
|
$this->_twofactor->config['settings']['secret'] = $_SESSION['2fa_application_key'];
|
|
|
|
$result = $this->check();
|
|
if ($result) {
|
|
unset($_SESSION['2fa_application_key']);
|
|
}
|
|
return $result;
|
|
}
|
|
|
|
/**
|
|
* Get user visible name
|
|
*
|
|
* @return string
|
|
*/
|
|
public static function getName()
|
|
{
|
|
return __('Authentication Application (2FA)');
|
|
}
|
|
|
|
/**
|
|
* Get user visible description
|
|
*
|
|
* @return string
|
|
*/
|
|
public static function getDescription()
|
|
{
|
|
return __('Provides authentication using HOTP and TOTP applications such as FreeOTP, Google Authenticator or Authy.');
|
|
}
|
|
}
|