OneTimePasswordValidator   A
last analyzed

Complexity

Total Complexity 5

Size/Duplication

Total Lines 69
Duplicated Lines 0 %

Coupling/Cohesion

Components 1
Dependencies 1

Importance

Changes 1
Bugs 0 Features 0
Metric Value
wmc 5
lcom 1
cbo 1
dl 0
loc 69
rs 10
c 1
b 0
f 0

2 Methods

Rating   Name   Duplication   Size   Complexity  
A __construct() 0 9 1
A validate() 0 13 4
1
<?php
2
3
/*
4
 * This file is part of the 2amigos/2fa-library project.
5
 *
6
 * (c) 2amigOS! <http://2amigos.us/>
7
 *
8
 * For the full copyright and license information, please view
9
 * the LICENSE file that was distributed with this source code.
10
 */
11
12
namespace Da\TwoFA\Validator;
13
14
use Da\TwoFA\Contracts\ValidatorInterface;
15
use Da\TwoFA\Traits\OathTrait;
16
17
class OneTimePasswordValidator implements ValidatorInterface
18
{
19
    use OathTrait;
20
21
    /**
22
     * @var string
23
     */
24
    protected $seed;
25
    /**
26
     * @var int
27
     */
28
    protected $cycles;
29
    /**
30
     * @var int
31
     */
32
    protected $startTime;
33
    /**
34
     * @var int
35
     */
36
    protected $time;
37
    /**
38
     * @var int|null
39
     */
40
    protected $previousTime;
41
42
    /**
43
     * OneTimePasswordValidator constructor.
44
     *
45
     * @param string   $seed
46
     * @param int      $cycles
47
     * @param int      $tokenLength
48
     * @param int      $startTime
49
     * @param int      $time
50
     * @param int|null $previousTime
51
     */
52
    public function __construct($seed, $cycles, $tokenLength, $startTime, $time, $previousTime = null)
53
    {
54
        $this->seed = $seed;
55
        $this->cycles = $cycles;
56
        $this->tokenLength = $tokenLength;
57
        $this->startTime = $startTime;
58
        $this->time = $time;
59
        $this->previousTime = $previousTime;
60
    }
61
62
    /**
63
     * Validates OTP. If `$previousTime` has been added, it will return the `$startTime`, otherwise it will return a
64
     * bool value. This is done to prevent an attacker to use the same key again.
65
     *
66
     * @param string $value
67
     *
68
     * @param mixed $value
69
     *
70
     * @return bool|int
71
     */
72
    public function validate($value)
73
    {
74
        for (; $this->startTime <= $this->time + $this->cycles; $this->startTime++) {
75
            if (hash_equals($this->oathHotp($this->seed, $this->startTime), $value)) {
76
                return
77
                    null === $this->previousTime
0 ignored issues
show
Bug Compatibility introduced by Antonio Ramirez
The expression null === $this->previous...rue : $this->startTime; of type boolean|integer adds the type integer to the return on line 76 which is incompatible with the return type declared by the interface Da\TwoFA\Contracts\ValidatorInterface::validate of type boolean.
Loading history...
78
                        ? true
79
                        : $this->startTime;
80
            }
81
        }
82
83
        return false;
84
    }
85
}
86