Manager::verify() - Code Metrics - 2amigos/2fa-library - Measure and Improve Code Quality continuously with Scrutinizer

Manager::verify() A
last analyzed 2020-01-31 22:43 UTC

↳ Parent: Manager

Complexity

Conditions	4
Paths	8

Size

Total Lines

Duplication

Lines	0
Ratio	0 %

Importance

Changes

Metric	Value
dl	0
loc	16
rs	9.7333
c	0
b	0
f	0
cc	4
nc	8
nop	4

<?php

/*
 * This file is part of the 2amigos/2fa-library project.
 *
 * (c) 2amigOS! <http://2amigos.us/>
 *
 * For the full copyright and license information, please view
 * the LICENSE file that was distributed with this source code.
 */

namespace Da\TwoFA;

use Da\TwoFA\Contracts\TotpEncoderInterface;
use Da\TwoFA\Exception\InvalidSecretKeyException;
use Da\TwoFA\Support\Encoder;
use Da\TwoFA\Traits\OathTrait;
use Da\TwoFA\Traits\SecretValidationTrait;
use Da\TwoFA\Validator\OneTimePasswordValidator;
use Da\TwoFA\Validator\SecretKeyValidator;

class Manager
{
    use SecretValidationTrait;
    use OathTrait;

    /**
     * @var int the period parameter that defines the time (in seconds) the OTP token will be valid. Default is 30 for
     *          Google Authenticator.
     */
    protected $counter = 30;
    /**
     * @var int the times in 30 second cycles to avoid slight out of sync code verification. Setting this to 1 cycle
     *          will be valid for 60 seconds.
     */
    protected $cycles = 1;
    /**
     * @var TotpEncoderInterface
     */
    protected $encoder;

    /**
     * Auth constructor.
     *
     * @param SecretKeyValidator|null   $secretKeyValidator
     * @param TotpEncoderInterface|null $encoder
     */
    public function __construct(SecretKeyValidator $secretKeyValidator = null, TotpEncoderInterface $encoder = null)
    {
        $this->secretKeyValidator = $secretKeyValidator ?: new SecretKeyValidator();
        $this->encoder = $encoder ?: new Encoder();
    }

    /**
     * @return bool
     */
    public function isGoogleAuthenticatorCompatibilityEnabled(): bool
    {
        return $this->secretKeyValidator->isGoogleAuthenticatorCompatibilityEnforced();
    }

    /**
     * @return Manager
     */
    public function disableGoogleAuthenticatorCompatibility(): Manager
    {
        $cloned = clone $this;
        $cloned->secretKeyValidator = new SecretKeyValidator(false);
        $cloned->encoder = new Encoder($cloned->secretKeyValidator);

        return $cloned;
    }

    /**
     * @return $this|Manager
     */
    public function enableGoogleAuthenticatorCompatibility(): self
    {
        if (!$this->secretKeyValidator->isGoogleAuthenticatorCompatibilityEnforced()) {
            $cloned = clone $this;
            $cloned->secretKeyValidator = new SecretKeyValidator();
            $cloned->encoder = new Encoder($cloned->secretKeyValidator);

            return $cloned;
        }

        return $this;
    }

    /**
     * @return int
     */
    public function getTokenLength(): int
    {
        return $this->tokenLength;
    }

    /**
     * @param int $tokenLength
     *
     * @return Manager
     */
    public function setTokenLength($tokenLength): Manager
    {
        $this->tokenLength = $tokenLength;

        return $this;
    }

    /**
     * Wrapper function to Encoder::generateBase32RandomKey method.
     *
     * @param int    $length
     * @param string $prefix
     *
     * @throws InvalidSecretKeyException
     * @return mixed|string
     */
    public function generateSecretKey(int $length = 16, string $prefix = '')
    {
        return $this->encoder->generateBase32RandomKey($length, $prefix);
    }

    /**
     * @param int $value
     *
     * @return Manager
     */
    public function setCycles(int $value): Manager
    {
        $this->cycles = $value;

        return $this;
    }

    /**
     * @return int
     */
    public function getCycles(): int
    {
        return $this->cycles;
    }

    /**
     * @param $value
     *
     * @return Manager
     */
    public function setCounter(int $value): Manager
    {
        $this->counter = $value;

        return $this;
    }

    /**
     * @return int
     */
    public function getCounter(): int
    {
        return $this->counter;
    }

    /**
     * Returns the current Unix Timestamp divided by the $counter period.
     *
     * @return int
     **/
    public function getTimestamp(): int
    {
        return (int)floor(microtime(true) / $this->getCounter());
    }

    /**
     * Get the current one time password for a base32 encoded secret.
     *
     * @param string $secret
     *
     * @throws Exception\InvalidCharactersException
     * @throws InvalidSecretKeyException
     * @return string
     */
    public function getCurrentOneTimePassword(string $secret): string
    {
        $timestamp = $this->getTimestamp();
        $secret = $this->encoder->fromBase32($secret);

        return $this->oathHotp($secret, $timestamp);
    }

    /**
     * Verifies user's key vs current timestamp.
     *
     * @param string   $key          the user's input key
     * @param string   $secret       the secret used to
     * @param int|null $previousTime
     * @param int|null $time
     *
     * @throws InvalidSecretKeyException
     * @throws Exception\InvalidCharactersException
     * @return bool|int
     */
    public function verify(string $key, string $secret, int $previousTime = null, int $time = null)
    {
        $time = $time ? (int)$time : $this->getTimestamp();
        $cycles = $this->getCycles();
        $startTime = null === $previousTime
            ? $time - $cycles
            : max($time - $cycles, $previousTime + 1);

        $seed = $this->encoder->fromBase32($secret);

        if (strlen($seed) < 8) {
            throw new InvalidSecretKeyException('Secret key is too short');
        }

        return $this->validateOneTimePassword($key, $seed, $startTime, $time, $previousTime);
    }

    /**
     * Validates the key (OTP) and returns true if valid, false otherwise.
     *
     * @param string   $key
     * @param string   $seed
     * @param int      $startTime
     * @param int      $time
     * @param int|null $previousTime
     *
     * @return bool
     */
    protected function validateOneTimePassword(
        string $key,
        string $seed,
        int $startTime,
        int $time,
        $previousTime = null
    ): bool {
        return (new OneTimePasswordValidator(
            $seed,
            $this->getCycles(),
            $this->getTokenLength(),
            $startTime,
            $time,
            $previousTime
        ))
            ->validate($key);
    }
}


1			<?php
2
3			/*
4			* This file is part of the 2amigos/2fa-library project.
5			*
6			* (c) 2amigOS! <http://2amigos.us/>
7			*
8			* For the full copyright and license information, please view
9			* the LICENSE file that was distributed with this source code.
10			*/
11
12			namespace Da\TwoFA;
13
14			use Da\TwoFA\Contracts\TotpEncoderInterface;
15			use Da\TwoFA\Exception\InvalidSecretKeyException;
16			use Da\TwoFA\Support\Encoder;
17			use Da\TwoFA\Traits\OathTrait;
18			use Da\TwoFA\Traits\SecretValidationTrait;
19			use Da\TwoFA\Validator\OneTimePasswordValidator;
20			use Da\TwoFA\Validator\SecretKeyValidator;
21
22			class Manager
23			{
24			use SecretValidationTrait;
25			use OathTrait;
26
27			/**
28			* @var int the period parameter that defines the time (in seconds) the OTP token will be valid. Default is 30 for
29			* Google Authenticator.
30			*/
31			protected $counter = 30;
32			/**
33			* @var int the times in 30 second cycles to avoid slight out of sync code verification. Setting this to 1 cycle
34			* will be valid for 60 seconds.
35			*/
36			protected $cycles = 1;
37			/**
38			* @var TotpEncoderInterface
39			*/
40			protected $encoder;
41
42			/**
43			* Auth constructor.
44			*
45			* @param SecretKeyValidator\|null $secretKeyValidator
46			* @param TotpEncoderInterface\|null $encoder
47			*/
48			public function __construct(SecretKeyValidator $secretKeyValidator = null, TotpEncoderInterface $encoder = null)
49			{
50			$this->secretKeyValidator = $secretKeyValidator ?: new SecretKeyValidator();
51			$this->encoder = $encoder ?: new Encoder();
52			}
53
54			/**
55			* @return bool
56			*/
57			public function isGoogleAuthenticatorCompatibilityEnabled(): bool
58			{
59			return $this->secretKeyValidator->isGoogleAuthenticatorCompatibilityEnforced();
60			}
61
62			/**
63			* @return Manager
64			*/
65			public function disableGoogleAuthenticatorCompatibility(): Manager
66			{
67			$cloned = clone $this;
68			$cloned->secretKeyValidator = new SecretKeyValidator(false);
69			$cloned->encoder = new Encoder($cloned->secretKeyValidator);
70
71			return $cloned;
72			}
73
74			/**
75			* @return $this\|Manager
76			*/
77			public function enableGoogleAuthenticatorCompatibility(): self
78			{
79			if (!$this->secretKeyValidator->isGoogleAuthenticatorCompatibilityEnforced()) {
80			$cloned = clone $this;
81			$cloned->secretKeyValidator = new SecretKeyValidator();
82			$cloned->encoder = new Encoder($cloned->secretKeyValidator);
83
84			return $cloned;
85			}
86
87			return $this;
88			}
89
90			/**
91			* @return int
92			*/
93			public function getTokenLength(): int
94			{
95			return $this->tokenLength;
96			}
97
98			/**
99			* @param int $tokenLength
100			*
101			* @return Manager
102			*/
103			public function setTokenLength($tokenLength): Manager
104			{
105			$this->tokenLength = $tokenLength;
106
107			return $this;
108			}
109
110			/**
111			* Wrapper function to Encoder::generateBase32RandomKey method.
112			*
113			* @param int $length
114			* @param string $prefix
115			*
116			* @throws InvalidSecretKeyException
117			* @return mixed\|string
118			*/
119			public function generateSecretKey(int $length = 16, string $prefix = '')
120			{
121			return $this->encoder->generateBase32RandomKey($length, $prefix);
122			}
123
124			/**
125			* @param int $value
126			*
127			* @return Manager
128			*/
129			public function setCycles(int $value): Manager
130			{
131			$this->cycles = $value;
132
133			return $this;
134			}
135
136			/**
137			* @return int
138			*/
139			public function getCycles(): int
140			{
141			return $this->cycles;
142			}
143
144			/**
145			* @param $value
146			*
147			* @return Manager
148			*/
149			public function setCounter(int $value): Manager
150			{
151			$this->counter = $value;
152
153			return $this;
154			}
155
156			/**
157			* @return int
158			*/
159			public function getCounter(): int
160			{
161			return $this->counter;
162			}
163
164			/**
165			* Returns the current Unix Timestamp divided by the $counter period.
166			*
167			* @return int
168			**/
169			public function getTimestamp(): int
170			{
171			return (int)floor(microtime(true) / $this->getCounter());
172			}
173
174			/**
175			* Get the current one time password for a base32 encoded secret.
176			*
177			* @param string $secret
178			*
179			* @throws Exception\InvalidCharactersException
180			* @throws InvalidSecretKeyException
181			* @return string
182			*/
183			public function getCurrentOneTimePassword(string $secret): string
184			{
185			$timestamp = $this->getTimestamp();
186			$secret = $this->encoder->fromBase32($secret);
187
188			return $this->oathHotp($secret, $timestamp);
189			}
190
191			/**
192			* Verifies user's key vs current timestamp.
193			*
194			* @param string $key the user's input key
195			* @param string $secret the secret used to
196			* @param int\|null $previousTime
197			* @param int\|null $time
198			*
199			* @throws InvalidSecretKeyException
200			* @throws Exception\InvalidCharactersException
201			* @return bool\|int
202			*/
203			public function verify(string $key, string $secret, int $previousTime = null, int $time = null)
204			{
205			$time = $time ? (int)$time : $this->getTimestamp();
206			$cycles = $this->getCycles();
207			$startTime = null === $previousTime
208			? $time - $cycles
209			: max($time - $cycles, $previousTime + 1);
210
211			$seed = $this->encoder->fromBase32($secret);
212
213			if (strlen($seed) < 8) {
214			throw new InvalidSecretKeyException('Secret key is too short');
215			}
216
217			return $this->validateOneTimePassword($key, $seed, $startTime, $time, $previousTime);
218			}
219
220			/**
221			* Validates the key (OTP) and returns true if valid, false otherwise.
222			*
223			* @param string $key
224			* @param string $seed
225			* @param int $startTime
226			* @param int $time
227			* @param int\|null $previousTime
228			*
229			* @return bool
230			*/
231			protected function validateOneTimePassword(
232			string $key,
233			string $seed,
234			int $startTime,
235			int $time,
236			$previousTime = null
237			): bool {
238			return (new OneTimePasswordValidator(
239			$seed,
240			$this->getCycles(),
241			$this->getTokenLength(),
242			$startTime,
243			$time,
244			$previousTime
245			))
246			->validate($key);
247			}
248			}
249

2amigos / 2fa-library

Manager::verify() A last analyzed 2020-01-31 22:43 UTC

Complexity

Size

Duplication

Importance

Duplication Side-by-Side

Filter issues like

Manager::verify() A
last analyzed 2020-01-31 22:43 UTC