Tiqr /
tiqr-server-libphp
@@ -79,7 +79,7 @@ |
||
| 79 | 79 | */ |
| 80 | 80 | private function setUserSecret(string $userId, string $secret): void |
| 81 | 81 | { |
| 82 | - $data=array(); |
|
| 82 | + $data = array(); |
|
| 83 | 83 | if ($this->_userExists($userId)) { |
| 84 | 84 | $data = $this->_loadUser($userId); |
| 85 | 85 | } |
@@ -83,7 +83,7 @@ discard block |
||
| 83 | 83 | public function userExists(string $userId): bool |
| 84 | 84 | { |
| 85 | 85 | try { |
| 86 | - $sth = $this->handle->prepare('SELECT userid FROM ' . $this->tableName . ' WHERE userid = ?'); |
|
| 86 | + $sth = $this->handle->prepare('SELECT userid FROM '.$this->tableName.' WHERE userid = ?'); |
|
| 87 | 87 | $sth->execute(array($userId)); |
| 88 | 88 | return (false !== $sth->fetchColumn()); |
| 89 | 89 | } |
@@ -103,9 +103,9 @@ discard block |
||
| 103 | 103 | private function getUserSecret(string $userId): string |
| 104 | 104 | { |
| 105 | 105 | try { |
| 106 | - $sth = $this->handle->prepare('SELECT secret FROM ' . $this->tableName . ' WHERE userid = ?'); |
|
| 106 | + $sth = $this->handle->prepare('SELECT secret FROM '.$this->tableName.' WHERE userid = ?'); |
|
| 107 | 107 | $sth->execute(array($userId)); |
| 108 | - $res=$sth->fetchColumn(); |
|
| 108 | + $res = $sth->fetchColumn(); |
|
| 109 | 109 | if ($res === false) { |
| 110 | 110 | // No result |
| 111 | 111 | $this->logger->error(sprintf('No result getting secret for user "%s"', $userId)); |
@@ -141,9 +141,9 @@ discard block |
||
| 141 | 141 | // - The INSERT will fail when displayname has a NOT NULL constraint |
| 142 | 142 | try { |
| 143 | 143 | if ($this->userExists($userId)) { |
| 144 | - $sth = $this->handle->prepare('UPDATE ' . $this->tableName . ' SET secret = ? WHERE userid = ?'); |
|
| 144 | + $sth = $this->handle->prepare('UPDATE '.$this->tableName.' SET secret = ? WHERE userid = ?'); |
|
| 145 | 145 | } else { |
| 146 | - $sth = $this->handle->prepare('INSERT INTO ' . $this->tableName . ' (secret,userid) VALUES (?,?)'); |
|
| 146 | + $sth = $this->handle->prepare('INSERT INTO '.$this->tableName.' (secret,userid) VALUES (?,?)'); |
|
| 147 | 147 | } |
| 148 | 148 | $sth->execute(array($secret, $userId)); |
| 149 | 149 | } |
@@ -1,6 +1,6 @@ discard block |
||
| 1 | 1 | <?php |
| 2 | 2 | |
| 3 | -require_once(__DIR__ . "/../Random.php"); |
|
| 3 | +require_once(__DIR__."/../Random.php"); |
|
| 4 | 4 | |
| 5 | 5 | class OATH_OCRAParser { |
| 6 | 6 | |
@@ -47,7 +47,7 @@ discard block |
||
| 47 | 47 | */ |
| 48 | 48 | private function parseOCRASuite($ocraSuite) { |
| 49 | 49 | if (!is_string($ocraSuite)) { |
| 50 | - throw new Exception('OCRASuite not in string format: ' . var_export($ocraSuite, TRUE)); |
|
| 50 | + throw new Exception('OCRASuite not in string format: '.var_export($ocraSuite, TRUE)); |
|
| 51 | 51 | } |
| 52 | 52 | |
| 53 | 53 | $ocraSuite = strtoupper($ocraSuite); |
@@ -55,54 +55,54 @@ discard block |
||
| 55 | 55 | |
| 56 | 56 | $s = explode(':', $ocraSuite); |
| 57 | 57 | if (count($s) != 3) { |
| 58 | - throw new Exception('Invalid OCRASuite format: ' . var_export($ocraSuite, TRUE)); |
|
| 58 | + throw new Exception('Invalid OCRASuite format: '.var_export($ocraSuite, TRUE)); |
|
| 59 | 59 | } |
| 60 | 60 | |
| 61 | 61 | $algo = explode('-', $s[0]); |
| 62 | 62 | if (count($algo) != 2) { |
| 63 | - throw new Exception('Invalid OCRA version: ' . var_export($s[0], TRUE)); |
|
| 63 | + throw new Exception('Invalid OCRA version: '.var_export($s[0], TRUE)); |
|
| 64 | 64 | } |
| 65 | 65 | |
| 66 | 66 | if ($algo[0] !== 'OCRA') { |
| 67 | - throw new Exception('Unsupported OCRA algorithm: ' . var_export($algo[0], TRUE)); |
|
| 67 | + throw new Exception('Unsupported OCRA algorithm: '.var_export($algo[0], TRUE)); |
|
| 68 | 68 | } |
| 69 | 69 | |
| 70 | 70 | if ($algo[1] !== '1') { |
| 71 | - throw new Exception('Unsupported OCRA version: ' . var_export($algo[1], TRUE)); |
|
| 71 | + throw new Exception('Unsupported OCRA version: '.var_export($algo[1], TRUE)); |
|
| 72 | 72 | } |
| 73 | 73 | $this->OCRAVersion = $algo[1]; |
| 74 | 74 | |
| 75 | 75 | $cf = explode('-', $s[1]); |
| 76 | 76 | if (count($cf) != 3) { |
| 77 | - throw new Exception('Invalid OCRA suite crypto function: ' . var_export($s[1], TRUE)); |
|
| 77 | + throw new Exception('Invalid OCRA suite crypto function: '.var_export($s[1], TRUE)); |
|
| 78 | 78 | } |
| 79 | 79 | |
| 80 | 80 | if ($cf[0] !== 'HOTP') { |
| 81 | - throw new Exception('Unsupported OCRA suite crypto function: ' . var_export($cf[0], TRUE)); |
|
| 81 | + throw new Exception('Unsupported OCRA suite crypto function: '.var_export($cf[0], TRUE)); |
|
| 82 | 82 | } |
| 83 | 83 | $this->CryptoFunctionType = $cf[0]; |
| 84 | 84 | |
| 85 | 85 | if (!array_key_exists($cf[1], $this->supportedHashFunctions)) { |
| 86 | - throw new Exception('Unsupported hash function in OCRA suite crypto function: ' . var_export($cf[1], TRUE)); |
|
| 86 | + throw new Exception('Unsupported hash function in OCRA suite crypto function: '.var_export($cf[1], TRUE)); |
|
| 87 | 87 | } |
| 88 | 88 | $this->CryptoFunctionHash = $cf[1]; |
| 89 | 89 | $this->CryptoFunctionHashLength = $this->supportedHashFunctions[$cf[1]]; |
| 90 | 90 | |
| 91 | 91 | if (!preg_match('/^\d+$/', $cf[2]) || (($cf[2] < 4 || $cf[2] > 10) && $cf[2] != 0)) { |
| 92 | - throw new Exception('Invalid OCRA suite crypto function truncation length: ' . var_export($cf[2], TRUE)); |
|
| 92 | + throw new Exception('Invalid OCRA suite crypto function truncation length: '.var_export($cf[2], TRUE)); |
|
| 93 | 93 | } |
| 94 | 94 | $this->CryptoFunctionTruncation = intval($cf[2]); |
| 95 | 95 | |
| 96 | 96 | $di = explode('-', $s[2]); |
| 97 | 97 | if (count($cf) == 0) { |
| 98 | - throw new Exception('Invalid OCRA suite data input: ' . var_export($s[2], TRUE)); |
|
| 98 | + throw new Exception('Invalid OCRA suite data input: '.var_export($s[2], TRUE)); |
|
| 99 | 99 | } |
| 100 | 100 | |
| 101 | 101 | $data_input = array(); |
| 102 | - foreach($di as $elem) { |
|
| 102 | + foreach ($di as $elem) { |
|
| 103 | 103 | $letter = $elem[0]; |
| 104 | 104 | if (array_key_exists($letter, $data_input)) { |
| 105 | - throw new Exception('Duplicate field in OCRA suite data input: ' . var_export($elem, TRUE)); |
|
| 105 | + throw new Exception('Duplicate field in OCRA suite data input: '.var_export($elem, TRUE)); |
|
| 106 | 106 | } |
| 107 | 107 | $data_input[$letter] = 1; |
| 108 | 108 | |
@@ -114,13 +114,13 @@ discard block |
||
| 114 | 114 | } elseif (preg_match('/^Q([AHN])(\d+)$/', $elem, $match)) { |
| 115 | 115 | $q_len = intval($match[2]); |
| 116 | 116 | if ($q_len < 4 || $q_len > 64) { |
| 117 | - throw new Exception('Invalid OCRA suite data input question length: ' . var_export($q_len, TRUE)); |
|
| 117 | + throw new Exception('Invalid OCRA suite data input question length: '.var_export($q_len, TRUE)); |
|
| 118 | 118 | } |
| 119 | 119 | $this->Q = TRUE; |
| 120 | 120 | $this->QType = $match[1]; |
| 121 | 121 | $this->QLength = $q_len; |
| 122 | 122 | } else { |
| 123 | - throw new Exception('Invalid OCRA suite data input question: ' . var_export($elem, TRUE)); |
|
| 123 | + throw new Exception('Invalid OCRA suite data input question: '.var_export($elem, TRUE)); |
|
| 124 | 124 | } |
| 125 | 125 | } elseif ($letter === 'P') { |
| 126 | 126 | if (strlen($elem) == 1) { |
@@ -128,7 +128,7 @@ discard block |
||
| 128 | 128 | } else { |
| 129 | 129 | $p_algo = substr($elem, 1); |
| 130 | 130 | if (!array_key_exists($p_algo, $this->supportedHashFunctions)) { |
| 131 | - throw new Exception('Unsupported OCRA suite PIN hash function: ' . var_export($elem, TRUE)); |
|
| 131 | + throw new Exception('Unsupported OCRA suite PIN hash function: '.var_export($elem, TRUE)); |
|
| 132 | 132 | } |
| 133 | 133 | $this->P = TRUE; |
| 134 | 134 | $this->PType = $p_algo; |
@@ -140,13 +140,13 @@ discard block |
||
| 140 | 140 | } elseif (preg_match('/^S(\d+)$/', $elem, $match)) { |
| 141 | 141 | $s_len = intval($match[1]); |
| 142 | 142 | if ($s_len <= 0 || $s_len > 512) { |
| 143 | - throw new Exception('Invalid OCRA suite data input session information length: ' . var_export($s_len, TRUE)); |
|
| 143 | + throw new Exception('Invalid OCRA suite data input session information length: '.var_export($s_len, TRUE)); |
|
| 144 | 144 | } |
| 145 | 145 | |
| 146 | 146 | $this->S = TRUE; |
| 147 | 147 | $this->SLength = $s_len; |
| 148 | 148 | } else { |
| 149 | - throw new Exception('Invalid OCRA suite data input session information length: ' . var_export($elem, TRUE)); |
|
| 149 | + throw new Exception('Invalid OCRA suite data input session information length: '.var_export($elem, TRUE)); |
|
| 150 | 150 | } |
| 151 | 151 | } elseif ($letter === 'T') { |
| 152 | 152 | if (strlen($elem) == 1) { |
@@ -155,7 +155,7 @@ discard block |
||
| 155 | 155 | preg_match_all('/(\d+)([HMS])/', $elem, $match); |
| 156 | 156 | |
| 157 | 157 | if (count($match[1]) !== count(array_unique($match[2]))) { |
| 158 | - throw new Exception('Duplicate definitions in OCRA suite data input timestamp: ' . var_export($elem, TRUE)); |
|
| 158 | + throw new Exception('Duplicate definitions in OCRA suite data input timestamp: '.var_export($elem, TRUE)); |
|
| 159 | 159 | } |
| 160 | 160 | |
| 161 | 161 | $length = 0; |
@@ -163,21 +163,21 @@ discard block |
||
| 163 | 163 | $length += intval($match[1][$i]) * $this->TPeriods[$match[2][$i]]; |
| 164 | 164 | } |
| 165 | 165 | if ($length <= 0) { |
| 166 | - throw new Exception('Invalid OCRA suite data input timestamp: ' . var_export($elem, TRUE)); |
|
| 166 | + throw new Exception('Invalid OCRA suite data input timestamp: '.var_export($elem, TRUE)); |
|
| 167 | 167 | } |
| 168 | 168 | |
| 169 | 169 | $this->T = TRUE; |
| 170 | 170 | $this->TLength = $length; |
| 171 | 171 | } else { |
| 172 | - throw new Exception('Invalid OCRA suite data input timestamp: ' . var_export($elem, TRUE)); |
|
| 172 | + throw new Exception('Invalid OCRA suite data input timestamp: '.var_export($elem, TRUE)); |
|
| 173 | 173 | } |
| 174 | 174 | } else { |
| 175 | - throw new Exception('Unsupported OCRA suite data input field: ' . var_export($elem, TRUE)); |
|
| 175 | + throw new Exception('Unsupported OCRA suite data input field: '.var_export($elem, TRUE)); |
|
| 176 | 176 | } |
| 177 | 177 | } |
| 178 | 178 | |
| 179 | 179 | if (!$this->Q) { |
| 180 | - throw new Exception('OCRA suite data input question not defined: ' . var_export($s[2], TRUE)); |
|
| 180 | + throw new Exception('OCRA suite data input question not defined: '.var_export($s[2], TRUE)); |
|
| 181 | 181 | } |
| 182 | 182 | } |
| 183 | 183 | |
@@ -198,7 +198,7 @@ discard block |
||
| 198 | 198 | |
| 199 | 199 | $bytes = Tiqr_Random::randomBytes($q_length); |
| 200 | 200 | |
| 201 | - switch($q_type) { |
|
| 201 | + switch ($q_type) { |
|
| 202 | 202 | case 'A': |
| 203 | 203 | $challenge = base64_encode($bytes); |
| 204 | 204 | $tr = implode("", unpack('H*', $bytes)); |
@@ -211,7 +211,7 @@ discard block |
||
| 211 | 211 | $challenge = implode("", unpack('N*', $bytes)); |
| 212 | 212 | break; |
| 213 | 213 | default: |
| 214 | - throw new Exception('Unsupported OCRASuite challenge type: ' . var_export($q_type, TRUE)); |
|
| 214 | + throw new Exception('Unsupported OCRASuite challenge type: '.var_export($q_type, TRUE)); |
|
| 215 | 215 | break; |
| 216 | 216 | } |
| 217 | 217 | |
@@ -235,7 +235,7 @@ discard block |
||
| 235 | 235 | $result &= ($s1[$i] == $s2[$i]); |
| 236 | 236 | } |
| 237 | 237 | |
| 238 | - return (boolean)$result; |
|
| 238 | + return (boolean) $result; |
|
| 239 | 239 | } |
| 240 | 240 | |
| 241 | 241 | } |
@@ -59,7 +59,7 @@ |
||
| 59 | 59 | * @param array $options The options |
| 60 | 60 | * @param LoggerInterface $logger |
| 61 | 61 | */ |
| 62 | - public function __construct(array $options=array(), LoggerInterface $logger) |
|
| 62 | + public function __construct(array $options = array(), LoggerInterface $logger) |
|
| 63 | 63 | { |
| 64 | 64 | $this->_options = $options; |
| 65 | 65 | $this->logger = $logger; |
@@ -74,7 +74,7 @@ |
||
| 74 | 74 | */ |
| 75 | 75 | public function getPath(): string |
| 76 | 76 | { |
| 77 | - if (substr($this->path, -1)!="/") return $this->path."/"; |
|
| 77 | + if (substr($this->path, -1) != "/") return $this->path."/"; |
|
| 78 | 78 | return $this->path; |
| 79 | 79 | } |
| 80 | 80 | } |
@@ -40,7 +40,7 @@ |
||
| 40 | 40 | * |
| 41 | 41 | * @return Tiqr_UserSecretStorage_Encryption_Interface |
| 42 | 42 | */ |
| 43 | - public static function getEncryption(LoggerInterface $logger, string $type="dummy", array $options=array()): Tiqr_UserSecretStorage_Encryption_Interface |
|
| 43 | + public static function getEncryption(LoggerInterface $logger, string $type = "dummy", array $options = array()): Tiqr_UserSecretStorage_Encryption_Interface |
|
| 44 | 44 | { |
| 45 | 45 | $logger->info(sprintf('Using %s as UserStorage encryption type', $type)); |
| 46 | 46 | switch ($type) { |
@@ -170,10 +170,10 @@ |
||
| 170 | 170 | } |
| 171 | 171 | |
| 172 | 172 | if ($timestamp + $tempBlockDuration * 60 < time()) { |
| 173 | - return false; // Temp block expired |
|
| 173 | + return false; // Temp block expired |
|
| 174 | 174 | } |
| 175 | 175 | } |
| 176 | - return true; // Blocked by temp block |
|
| 176 | + return true; // Blocked by temp block |
|
| 177 | 177 | } |
| 178 | 178 | |
| 179 | 179 | /** |
@@ -128,7 +128,7 @@ |
||
| 128 | 128 | * |
| 129 | 129 | * Note that the $tempBlockDuration is specified in MINUTES |
| 130 | 130 | */ |
| 131 | - public function isBlocked(string $userId, int $tempBlockDuration=0): bool; |
|
| 131 | + public function isBlocked(string $userId, int $tempBlockDuration = 0): bool; |
|
| 132 | 132 | |
| 133 | 133 | /** |
| 134 | 134 | * Block or unblock the user account. |
@@ -82,21 +82,21 @@ discard block |
||
| 82 | 82 | */ |
| 83 | 83 | private function _getStringValue(string $columnName, string $userId): string |
| 84 | 84 | { |
| 85 | - if ( !in_array($columnName, $this->_allowedStringColumns) ) { |
|
| 85 | + if (!in_array($columnName, $this->_allowedStringColumns)) { |
|
| 86 | 86 | throw new InvalidArgumentException('Unsupported column name'); |
| 87 | 87 | } |
| 88 | 88 | |
| 89 | 89 | try { |
| 90 | - $sth = $this->handle->prepare('SELECT ' . $columnName . ' FROM ' . $this->tablename . ' WHERE userid = ?'); |
|
| 90 | + $sth = $this->handle->prepare('SELECT '.$columnName.' FROM '.$this->tablename.' WHERE userid = ?'); |
|
| 91 | 91 | $sth->execute(array($userId)); |
| 92 | - $res=$sth->fetchColumn(); |
|
| 92 | + $res = $sth->fetchColumn(); |
|
| 93 | 93 | if ($res === false) { |
| 94 | 94 | // No result |
| 95 | 95 | $this->logger->error(sprintf('No result getting "%s" for user "%s"', $columnName, $userId)); |
| 96 | 96 | throw new RuntimeException('User not found'); |
| 97 | 97 | } |
| 98 | 98 | if ($res === NULL) { |
| 99 | - return ''; // Value unset |
|
| 99 | + return ''; // Value unset |
|
| 100 | 100 | } |
| 101 | 101 | if (!is_string($res)) { |
| 102 | 102 | $this->logger->error(sprintf('Expected string type while getting "%s" for user "%s"', $columnName, $userId)); |
@@ -120,28 +120,28 @@ discard block |
||
| 120 | 120 | */ |
| 121 | 121 | private function _getIntValue(string $columnName, string $userId): int |
| 122 | 122 | { |
| 123 | - if ( !in_array($columnName, $this->_allowedIntColumns) ) { |
|
| 123 | + if (!in_array($columnName, $this->_allowedIntColumns)) { |
|
| 124 | 124 | throw new InvalidArgumentException('Unsupported column name'); |
| 125 | 125 | } |
| 126 | 126 | |
| 127 | 127 | try { |
| 128 | - $sth = $this->handle->prepare('SELECT ' . $columnName . ' FROM ' . $this->tablename . ' WHERE userid = ?'); |
|
| 128 | + $sth = $this->handle->prepare('SELECT '.$columnName.' FROM '.$this->tablename.' WHERE userid = ?'); |
|
| 129 | 129 | $sth->execute(array($userId)); |
| 130 | - $res=$sth->fetchColumn(); |
|
| 130 | + $res = $sth->fetchColumn(); |
|
| 131 | 131 | if ($res === false) { |
| 132 | 132 | // No result |
| 133 | 133 | $this->logger->error(sprintf('No result getting "%s" for user "%s"', $columnName, $userId)); |
| 134 | 134 | throw new RuntimeException('User not found'); |
| 135 | 135 | } |
| 136 | 136 | if ($res === NULL) { |
| 137 | - return 0; // Value unset |
|
| 137 | + return 0; // Value unset |
|
| 138 | 138 | } |
| 139 | 139 | // Return type for integers depends on the PDO driver, can be string |
| 140 | 140 | if (!is_numeric($res)) { |
| 141 | 141 | $this->logger->error(sprintf('Expected int type while getting "%s" for user "%s"', $columnName, $userId)); |
| 142 | 142 | throw new RuntimeException('Unexpected return type'); |
| 143 | 143 | } |
| 144 | - return (int)$res; |
|
| 144 | + return (int) $res; |
|
| 145 | 145 | } |
| 146 | 146 | catch (Exception $e) { |
| 147 | 147 | $this->logger->error('PDO error getting user', array('exception' => $e, 'userId' => $userId, 'columnName'=>$columnName)); |
@@ -158,11 +158,11 @@ discard block |
||
| 158 | 158 | */ |
| 159 | 159 | private function _setStringValue(string $columnName, string $userId, string $value): void |
| 160 | 160 | { |
| 161 | - if ( !in_array($columnName, $this->_allowedStringColumns) ) { |
|
| 161 | + if (!in_array($columnName, $this->_allowedStringColumns)) { |
|
| 162 | 162 | throw new InvalidArgumentException('Unsupported column name'); |
| 163 | 163 | } |
| 164 | 164 | try { |
| 165 | - $sth = $this->handle->prepare('UPDATE ' . $this->tablename . ' SET ' . $columnName . ' = ? WHERE userid = ?'); |
|
| 165 | + $sth = $this->handle->prepare('UPDATE '.$this->tablename.' SET '.$columnName.' = ? WHERE userid = ?'); |
|
| 166 | 166 | $sth->execute(array($value, $userId)); |
| 167 | 167 | if ($sth->rowCount() == 0) { |
| 168 | 168 | throw new RuntimeException('User not found'); |
@@ -183,11 +183,11 @@ discard block |
||
| 183 | 183 | */ |
| 184 | 184 | private function _setIntValue(string $columnName, string $userId, int $value): void |
| 185 | 185 | { |
| 186 | - if ( !in_array($columnName, $this->_allowedIntColumns) ) { |
|
| 186 | + if (!in_array($columnName, $this->_allowedIntColumns)) { |
|
| 187 | 187 | throw new InvalidArgumentException('Unsupported column name'); |
| 188 | 188 | } |
| 189 | 189 | try { |
| 190 | - $sth = $this->handle->prepare('UPDATE ' . $this->tablename . ' SET ' . $columnName . ' = ? WHERE userid = ?'); |
|
| 190 | + $sth = $this->handle->prepare('UPDATE '.$this->tablename.' SET '.$columnName.' = ? WHERE userid = ?'); |
|
| 191 | 191 | $sth->execute(array($value, $userId)); |
| 192 | 192 | if ($sth->rowCount() == 0) { |
| 193 | 193 | throw new RuntimeException('User not found'); |
@@ -296,17 +296,17 @@ discard block |
||
| 296 | 296 | { |
| 297 | 297 | // Check for blocked |
| 298 | 298 | if ($this->_getIntValue('blocked', $userId) != 0) { |
| 299 | - return true; // Blocked |
|
| 299 | + return true; // Blocked |
|
| 300 | 300 | } |
| 301 | 301 | |
| 302 | 302 | if (0 == $tempBlockDuration) { |
| 303 | - return false; // No check for temporary block |
|
| 303 | + return false; // No check for temporary block |
|
| 304 | 304 | } |
| 305 | 305 | |
| 306 | 306 | // Check for temporary block |
| 307 | 307 | $timestamp = $this->getTemporaryBlockTimestamp($userId); |
| 308 | 308 | // if no temporary block timestamp is set or if the temporary block is expired, return false |
| 309 | - if ( 0 == $timestamp || ($timestamp + $tempBlockDuration * 60) < time()) { |
|
| 309 | + if (0 == $timestamp || ($timestamp + $tempBlockDuration * 60) < time()) { |
|
| 310 | 310 | return false; |
| 311 | 311 | } |
| 312 | 312 | return true; |
