Tiqr / tiqr-server-libphp

library/tiqr/OATH/OCRAParser.php

Doc Comments +3 added lines

@@ -238,6 +238,7 @@ 
 
 	/**
 	 * Borrowed from SimpleSAMLPHP http://simplesamlphp.org/
+	 * @param integer $length
 	 */
 	public static function generateRandomBytes($length, $fallback = TRUE) {
 		static $fp = NULL;
@@ -278,6 +279,8 @@ 
 
 	/**
 	 * Constant time string comparison, see http://codahale.com/a-lesson-in-timing-attacks/
+	 * @param string $s1
+	 * @param string $s2
 	 */
 	public static function constEqual($s1, $s2) {
 		if (strlen($s1) != strlen($s2)) {

Indentation +288 added lines, -288 removed lines

@@ -2,295 +2,295 @@
 
 class OATH_OCRAParser {
 
-	private $key = NULL;
-
-	private $OCRASuite = NULL;
-
-	private $OCRAVersion = NULL;
-
-	private $CryptoFunctionType = NULL;
-	private $CryptoFunctionHash = NULL;
-	private $CryptoFunctionHashLength = NULL;
-	private $CryptoFunctionTruncation = NULL;
-
-	private $C = FALSE;
-	private $Q = FALSE;
-	private $QType = 'N';
-	private $QLength = 8;
-
-	private $P = FALSE;
-	private $PType = 'SHA1';
-	private $PLength = 20;
-
-	private $S = FALSE;
-	private $SLength = 64;
-
-	private $T = FALSE;
-	private $TLength = 60; // 1M
-	private $TPeriods = array('H' => 3600, 'M' => 60, 'S' => 1);
-
-	private $supportedHashFunctions = array('SHA1' => 20, 'SHA256' => 32, 'SHA512' => 64);
-
-
-	public function __construct($ocraSuite) {
-		$this->parseOCRASuite($ocraSuite);
-	}
-
-	/**
-	 * Inspired by https://github.com/bdauvergne/python-oath
-	 */
-	private function parseOCRASuite($ocraSuite) {
-		if (!is_string($ocraSuite)) {
-			throw new Exception('OCRASuite not in string format: ' . var_export($ocraSuite, TRUE));
-		}
-
-		$ocraSuite = strtoupper($ocraSuite);
-		$this->OCRASuite = $ocraSuite;
-
-		$s = explode(':', $ocraSuite);
-		if (count($s) != 3) {
-			throw new Exception('Invalid OCRASuite format: ' . var_export($ocraSuite, TRUE));
-		}
-
-		$algo = explode('-', $s[0]);
-		if (count($algo) != 2) {
-			throw new Exception('Invalid OCRA version: ' . var_export($s[0], TRUE));
-		}
-
-		if ($algo[0] !== 'OCRA') {
-			throw new Exception('Unsupported OCRA algorithm: ' . var_export($algo[0], TRUE));
-		}
-
-		if ($algo[1] !== '1') {
-			throw new Exception('Unsupported OCRA version: ' . var_export($algo[1], TRUE));
-		}
-		$this->OCRAVersion = $algo[1];
-
-		$cf = explode('-', $s[1]);
-		if (count($cf) != 3) {
-			throw new Exception('Invalid OCRA suite crypto function: ' . var_export($s[1], TRUE));
-		}
-
-		if ($cf[0] !== 'HOTP') {
-			throw new Exception('Unsupported OCRA suite crypto function: ' . var_export($cf[0], TRUE));
-		}
-		$this->CryptoFunctionType = $cf[0];
-
-		if (!array_key_exists($cf[1], $this->supportedHashFunctions)) {
-			throw new Exception('Unsupported hash function in OCRA suite crypto function: ' . var_export($cf[1], TRUE));
-		}
-		$this->CryptoFunctionHash = $cf[1];
-		$this->CryptoFunctionHashLength = $this->supportedHashFunctions[$cf[1]];
-
-		if (!preg_match('/^\d+$/', $cf[2]) || (($cf[2] < 4 || $cf[2] > 10) && $cf[2] != 0)) {
-			throw new Exception('Invalid OCRA suite crypto function truncation length: ' . var_export($cf[2], TRUE));
-		}
-		$this->CryptoFunctionTruncation = intval($cf[2]);
-
-		$di = explode('-', $s[2]);
-		if (count($cf) == 0) {
-			throw new Exception('Invalid OCRA suite data input: ' . var_export($s[2], TRUE));
-		}
-
-		$data_input = array();
-		foreach($di as $elem) {
-			$letter = $elem[0];
-			if (array_key_exists($letter, $data_input)) {
-				throw new Exception('Duplicate field in OCRA suite data input: ' . var_export($elem, TRUE));
-			}
-			$data_input[$letter] = 1;
-
-			if ($letter === 'C' && strlen($elem) == 1) {
-				$this->C = TRUE;
-			} elseif ($letter === 'Q') {
-				if (strlen($elem) == 1) {
-					$this->Q = TRUE;
-				} elseif (preg_match('/^Q([AHN])(\d+)$/', $elem, $match)) {
-					$q_len = intval($match[2]);
-					if ($q_len < 4 || $q_len > 64) {
-						throw new Exception('Invalid OCRA suite data input question length: ' . var_export($q_len, TRUE));
-					}
-					$this->Q = TRUE;
-					$this->QType = $match[1];
-					$this->QLength = $q_len;
-				} else {
-					throw new Exception('Invalid OCRA suite data input question: ' . var_export($elem, TRUE));
-				}
-			} elseif ($letter === 'P') {
-				if (strlen($elem) == 1) {
-					$this->P = TRUE;
-				} else {
-					$p_algo = substr($elem, 1);
-					if (!array_key_exists($p_algo, $this->supportedHashFunctions)) {
-						throw new Exception('Unsupported OCRA suite PIN hash function: ' . var_export($elem, TRUE));
-					}
-					$this->P = TRUE;
-					$this->PType = $p_algo;
-					$this->PLength = $this->supportedHashFunctions[$p_algo];
-				}
-			} elseif ($letter === 'S') {
-				if (strlen($elem) == 1) {
-					$this->S = TRUE;
-				} elseif (preg_match('/^S(\d+)$/', $elem, $match)) {
-					$s_len = intval($match[1]);
-					if ($s_len <= 0 || $s_len > 512) {
-						throw new Exception('Invalid OCRA suite data input session information length: ' . var_export($s_len, TRUE));
-					}
-
-					$this->S = TRUE;
-					$this->SLength = $s_len;
-				} else {
-					throw new Exception('Invalid OCRA suite data input session information length: ' . var_export($elem, TRUE));
-				}
-			} elseif ($letter === 'T') {
-				if (strlen($elem) == 1) {
-					$this->T = TRUE;
-				} elseif (preg_match('/^T(\d+[HMS])+$/', $elem)) {
-					preg_match_all('/(\d+)([HMS])/', $elem, $match);
-
-					if (count($match[1]) !== count(array_unique($match[2]))) {
-						throw new Exception('Duplicate definitions in OCRA suite data input timestamp: ' . var_export($elem, TRUE));
-					}
-
-					$length = 0;
-					for ($i = 0; $i < count($match[1]); $i++) {
-						$length += intval($match[1][$i]) * $this->TPeriods[$match[2][$i]];
-					}
-					if ($length <= 0) {
-						throw new Exception('Invalid OCRA suite data input timestamp: ' . var_export($elem, TRUE));
-					}
-
-					$this->T = TRUE;
-					$this->TLength = $length;
-				} else {
-					throw new Exception('Invalid OCRA suite data input timestamp: ' . var_export($elem, TRUE));
-				}
-			} else {
-				throw new Exception('Unsupported OCRA suite data input field: ' . var_export($elem, TRUE));
-			}
-		}
-
-		if (!$this->Q) {
-			throw new Exception('OCRA suite data input question not defined: ' . var_export($s[2], TRUE));
-		}
-	}
-
-	public function generateChallenge() {
-		$q_length = $this->QLength;
-		$q_type = $this->QType;
-
-		$bytes = self::generateRandomBytes($q_length);
-
-		switch($q_type) {
-			case 'A':
-				$challenge = base64_encode($bytes);
-				$tr = implode("", unpack('H*', $bytes));
-				$challenge = rtrim(strtr($challenge, '+/', $tr), '=');
-				break;
-			case 'H':
-				$challenge = implode("", unpack('H*', $bytes));
-				break;
-			case 'N':
-				$challenge = implode("", unpack('N*', $bytes));
-				break;
-			default:
-				throw new Exception('Unsupported OCRASuite challenge type: ' . var_export($q_type, TRUE));
-				break;
-		}
-
-		$challenge = substr($challenge, 0, $q_length);
-
-		return $challenge;
-	}
-
-
-	public function generateSessionInformation() {
-		if (!$this->S) {
-			throw new Exception('Session information not defined in OCRASuite: ' . var_export($this->OCRASuite, TRUE));
-		}
-
-		$s_length = $this->SLength;
-		$bytes = self::generateRandomBytes($s_length);
-
-		// The OCRA spec doesn't specify that the session data should be hexadecimal.
-		// However the reference implementation in the RFC does treat it as hex.
-		$session = bin2hex($bytes);
+    private $key = NULL;
+
+    private $OCRASuite = NULL;
+
+    private $OCRAVersion = NULL;
+
+    private $CryptoFunctionType = NULL;
+    private $CryptoFunctionHash = NULL;
+    private $CryptoFunctionHashLength = NULL;
+    private $CryptoFunctionTruncation = NULL;
+
+    private $C = FALSE;
+    private $Q = FALSE;
+    private $QType = 'N';
+    private $QLength = 8;
+
+    private $P = FALSE;
+    private $PType = 'SHA1';
+    private $PLength = 20;
+
+    private $S = FALSE;
+    private $SLength = 64;
+
+    private $T = FALSE;
+    private $TLength = 60; // 1M
+    private $TPeriods = array('H' => 3600, 'M' => 60, 'S' => 1);
+
+    private $supportedHashFunctions = array('SHA1' => 20, 'SHA256' => 32, 'SHA512' => 64);
+
+
+    public function __construct($ocraSuite) {
+        $this->parseOCRASuite($ocraSuite);
+    }
+
+    /**
+     * Inspired by https://github.com/bdauvergne/python-oath
+     */
+    private function parseOCRASuite($ocraSuite) {
+        if (!is_string($ocraSuite)) {
+            throw new Exception('OCRASuite not in string format: ' . var_export($ocraSuite, TRUE));
+        }
+
+        $ocraSuite = strtoupper($ocraSuite);
+        $this->OCRASuite = $ocraSuite;
+
+        $s = explode(':', $ocraSuite);
+        if (count($s) != 3) {
+            throw new Exception('Invalid OCRASuite format: ' . var_export($ocraSuite, TRUE));
+        }
+
+        $algo = explode('-', $s[0]);
+        if (count($algo) != 2) {
+            throw new Exception('Invalid OCRA version: ' . var_export($s[0], TRUE));
+        }
+
+        if ($algo[0] !== 'OCRA') {
+            throw new Exception('Unsupported OCRA algorithm: ' . var_export($algo[0], TRUE));
+        }
+
+        if ($algo[1] !== '1') {
+            throw new Exception('Unsupported OCRA version: ' . var_export($algo[1], TRUE));
+        }
+        $this->OCRAVersion = $algo[1];
+
+        $cf = explode('-', $s[1]);
+        if (count($cf) != 3) {
+            throw new Exception('Invalid OCRA suite crypto function: ' . var_export($s[1], TRUE));
+        }
+
+        if ($cf[0] !== 'HOTP') {
+            throw new Exception('Unsupported OCRA suite crypto function: ' . var_export($cf[0], TRUE));
+        }
+        $this->CryptoFunctionType = $cf[0];
+
+        if (!array_key_exists($cf[1], $this->supportedHashFunctions)) {
+            throw new Exception('Unsupported hash function in OCRA suite crypto function: ' . var_export($cf[1], TRUE));
+        }
+        $this->CryptoFunctionHash = $cf[1];
+        $this->CryptoFunctionHashLength = $this->supportedHashFunctions[$cf[1]];
+
+        if (!preg_match('/^\d+$/', $cf[2]) || (($cf[2] < 4 || $cf[2] > 10) && $cf[2] != 0)) {
+            throw new Exception('Invalid OCRA suite crypto function truncation length: ' . var_export($cf[2], TRUE));
+        }
+        $this->CryptoFunctionTruncation = intval($cf[2]);
+
+        $di = explode('-', $s[2]);
+        if (count($cf) == 0) {
+            throw new Exception('Invalid OCRA suite data input: ' . var_export($s[2], TRUE));
+        }
+
+        $data_input = array();
+        foreach($di as $elem) {
+            $letter = $elem[0];
+            if (array_key_exists($letter, $data_input)) {
+                throw new Exception('Duplicate field in OCRA suite data input: ' . var_export($elem, TRUE));
+            }
+            $data_input[$letter] = 1;
+
+            if ($letter === 'C' && strlen($elem) == 1) {
+                $this->C = TRUE;
+            } elseif ($letter === 'Q') {
+                if (strlen($elem) == 1) {
+                    $this->Q = TRUE;
+                } elseif (preg_match('/^Q([AHN])(\d+)$/', $elem, $match)) {
+                    $q_len = intval($match[2]);
+                    if ($q_len < 4 || $q_len > 64) {
+                        throw new Exception('Invalid OCRA suite data input question length: ' . var_export($q_len, TRUE));
+                    }
+                    $this->Q = TRUE;
+                    $this->QType = $match[1];
+                    $this->QLength = $q_len;
+                } else {
+                    throw new Exception('Invalid OCRA suite data input question: ' . var_export($elem, TRUE));
+                }
+            } elseif ($letter === 'P') {
+                if (strlen($elem) == 1) {
+                    $this->P = TRUE;
+                } else {
+                    $p_algo = substr($elem, 1);
+                    if (!array_key_exists($p_algo, $this->supportedHashFunctions)) {
+                        throw new Exception('Unsupported OCRA suite PIN hash function: ' . var_export($elem, TRUE));
+                    }
+                    $this->P = TRUE;
+                    $this->PType = $p_algo;
+                    $this->PLength = $this->supportedHashFunctions[$p_algo];
+                }
+            } elseif ($letter === 'S') {
+                if (strlen($elem) == 1) {
+                    $this->S = TRUE;
+                } elseif (preg_match('/^S(\d+)$/', $elem, $match)) {
+                    $s_len = intval($match[1]);
+                    if ($s_len <= 0 || $s_len > 512) {
+                        throw new Exception('Invalid OCRA suite data input session information length: ' . var_export($s_len, TRUE));
+                    }
+
+                    $this->S = TRUE;
+                    $this->SLength = $s_len;
+                } else {
+                    throw new Exception('Invalid OCRA suite data input session information length: ' . var_export($elem, TRUE));
+                }
+            } elseif ($letter === 'T') {
+                if (strlen($elem) == 1) {
+                    $this->T = TRUE;
+                } elseif (preg_match('/^T(\d+[HMS])+$/', $elem)) {
+                    preg_match_all('/(\d+)([HMS])/', $elem, $match);
+
+                    if (count($match[1]) !== count(array_unique($match[2]))) {
+                        throw new Exception('Duplicate definitions in OCRA suite data input timestamp: ' . var_export($elem, TRUE));
+                    }
+
+                    $length = 0;
+                    for ($i = 0; $i < count($match[1]); $i++) {
+                        $length += intval($match[1][$i]) * $this->TPeriods[$match[2][$i]];
+                    }
+                    if ($length <= 0) {
+                        throw new Exception('Invalid OCRA suite data input timestamp: ' . var_export($elem, TRUE));
+                    }
+
+                    $this->T = TRUE;
+                    $this->TLength = $length;
+                } else {
+                    throw new Exception('Invalid OCRA suite data input timestamp: ' . var_export($elem, TRUE));
+                }
+            } else {
+                throw new Exception('Unsupported OCRA suite data input field: ' . var_export($elem, TRUE));
+            }
+        }
+
+        if (!$this->Q) {
+            throw new Exception('OCRA suite data input question not defined: ' . var_export($s[2], TRUE));
+        }
+    }
+
+    public function generateChallenge() {
+        $q_length = $this->QLength;
+        $q_type = $this->QType;
+
+        $bytes = self::generateRandomBytes($q_length);
+
+        switch($q_type) {
+            case 'A':
+                $challenge = base64_encode($bytes);
+                $tr = implode("", unpack('H*', $bytes));
+                $challenge = rtrim(strtr($challenge, '+/', $tr), '=');
+                break;
+            case 'H':
+                $challenge = implode("", unpack('H*', $bytes));
+                break;
+            case 'N':
+                $challenge = implode("", unpack('N*', $bytes));
+                break;
+            default:
+                throw new Exception('Unsupported OCRASuite challenge type: ' . var_export($q_type, TRUE));
+                break;
+        }
+
+        $challenge = substr($challenge, 0, $q_length);
+
+        return $challenge;
+    }
+
+
+    public function generateSessionInformation() {
+        if (!$this->S) {
+            throw new Exception('Session information not defined in OCRASuite: ' . var_export($this->OCRASuite, TRUE));
+        }
+
+        $s_length = $this->SLength;
+        $bytes = self::generateRandomBytes($s_length);
+
+        // The OCRA spec doesn't specify that the session data should be hexadecimal.
+        // However the reference implementation in the RFC does treat it as hex.
+        $session = bin2hex($bytes);
 		
-		$session = substr($session, 0, $s_length);
+        $session = substr($session, 0, $s_length);
 		
-		return $session;
-	}
-
-	/**
-	 * Borrowed from SimpleSAMLPHP http://simplesamlphp.org/
-	 */
-	public static function generateRandomBytesMTrand($length) {
-
-		/* Use mt_rand to generate $length random bytes. */
-		$data = '';
-		for($i = 0; $i < $length; $i++) {
-			$data .= chr(mt_rand(0, 255));
-		}
-
-		return $data;
-	}
-
-
-	/**
-	 * Borrowed from SimpleSAMLPHP http://simplesamlphp.org/
-	 */
-	public static function generateRandomBytes($length, $fallback = TRUE) {
-		static $fp = NULL;
-
-		if (function_exists('openssl_random_pseudo_bytes')) {
-			return openssl_random_pseudo_bytes($length);
-		}
-
-		if($fp === NULL) {
-			if (@file_exists('/dev/urandom')) {
-				$fp = @fopen('/dev/urandom', 'rb');
-			} else {
-				$fp = FALSE;
-			}
-		}
-
-		if($fp !== FALSE) {
-			/* Read random bytes from /dev/urandom. */
-			$data = fread($fp, $length);
-			if($data === FALSE) {
-				throw new Exception('Error reading random data.');
-			}
-			if(strlen($data) != $length) {
-				if ($fallback) {
-					$data = self::generateRandomBytesMTrand($length);
-				} else {
-					throw new Exception('Did not get requested number of bytes from random source. Requested (' . $length . ') got (' . strlen($data) . ')');
-				}
-			}
-		} else {
-			/* Use mt_rand to generate $length random bytes. */
-			$data = self::generateRandomBytesMTrand($length);
-		}
-
-		return $data;
-	}
-
-
-	/**
-	 * Constant time string comparison, see http://codahale.com/a-lesson-in-timing-attacks/
-	 */
-	public static function constEqual($s1, $s2) {
-		if (strlen($s1) != strlen($s2)) {
-			return FALSE;
-		}
-
-		$result = TRUE;
-		$length = strlen($s1);
-		for ($i = 0; $i < $length; $i++) {
-			$result &= ($s1[$i] == $s2[$i]);
-		}
-
-		return (boolean)$result;
-	}
+        return $session;
+    }
+
+    /**
+     * Borrowed from SimpleSAMLPHP http://simplesamlphp.org/
+     */
+    public static function generateRandomBytesMTrand($length) {
+
+        /* Use mt_rand to generate $length random bytes. */
+        $data = '';
+        for($i = 0; $i < $length; $i++) {
+            $data .= chr(mt_rand(0, 255));
+        }
+
+        return $data;
+    }
+
+
+    /**
+     * Borrowed from SimpleSAMLPHP http://simplesamlphp.org/
+     */
+    public static function generateRandomBytes($length, $fallback = TRUE) {
+        static $fp = NULL;
+
+        if (function_exists('openssl_random_pseudo_bytes')) {
+            return openssl_random_pseudo_bytes($length);
+        }
+
+        if($fp === NULL) {
+            if (@file_exists('/dev/urandom')) {
+                $fp = @fopen('/dev/urandom', 'rb');
+            } else {
+                $fp = FALSE;
+            }
+        }
+
+        if($fp !== FALSE) {
+            /* Read random bytes from /dev/urandom. */
+            $data = fread($fp, $length);
+            if($data === FALSE) {
+                throw new Exception('Error reading random data.');
+            }
+            if(strlen($data) != $length) {
+                if ($fallback) {
+                    $data = self::generateRandomBytesMTrand($length);
+                } else {
+                    throw new Exception('Did not get requested number of bytes from random source. Requested (' . $length . ') got (' . strlen($data) . ')');
+                }
+            }
+        } else {
+            /* Use mt_rand to generate $length random bytes. */
+            $data = self::generateRandomBytesMTrand($length);
+        }
+
+        return $data;
+    }
+
+
+    /**
+     * Constant time string comparison, see http://codahale.com/a-lesson-in-timing-attacks/
+     */
+    public static function constEqual($s1, $s2) {
+        if (strlen($s1) != strlen($s2)) {
+            return FALSE;
+        }
+
+        $result = TRUE;
+        $length = strlen($s1);
+        for ($i = 0; $i < $length; $i++) {
+            $result &= ($s1[$i] == $s2[$i]);
+        }
+
+        return (boolean)$result;
+    }
 
 }

Spacing +32 added lines, -32 removed lines

@@ -41,7 +41,7 @@ 
 	 */
 	private function parseOCRASuite($ocraSuite) {
 		if (!is_string($ocraSuite)) {
-			throw new Exception('OCRASuite not in string format: ' . var_export($ocraSuite, TRUE));
+			throw new Exception('OCRASuite not in string format: '.var_export($ocraSuite, TRUE));
 		}
 
 		$ocraSuite = strtoupper($ocraSuite);
@@ -49,54 +49,54 @@ 
 
 		$s = explode(':', $ocraSuite);
 		if (count($s) != 3) {
-			throw new Exception('Invalid OCRASuite format: ' . var_export($ocraSuite, TRUE));
+			throw new Exception('Invalid OCRASuite format: '.var_export($ocraSuite, TRUE));
 		}
 
 		$algo = explode('-', $s[0]);
 		if (count($algo) != 2) {
-			throw new Exception('Invalid OCRA version: ' . var_export($s[0], TRUE));
+			throw new Exception('Invalid OCRA version: '.var_export($s[0], TRUE));
 		}
 
 		if ($algo[0] !== 'OCRA') {
-			throw new Exception('Unsupported OCRA algorithm: ' . var_export($algo[0], TRUE));
+			throw new Exception('Unsupported OCRA algorithm: '.var_export($algo[0], TRUE));
 		}
 
 		if ($algo[1] !== '1') {
-			throw new Exception('Unsupported OCRA version: ' . var_export($algo[1], TRUE));
+			throw new Exception('Unsupported OCRA version: '.var_export($algo[1], TRUE));
 		}
 		$this->OCRAVersion = $algo[1];
 
 		$cf = explode('-', $s[1]);
 		if (count($cf) != 3) {
-			throw new Exception('Invalid OCRA suite crypto function: ' . var_export($s[1], TRUE));
+			throw new Exception('Invalid OCRA suite crypto function: '.var_export($s[1], TRUE));
 		}
 
 		if ($cf[0] !== 'HOTP') {
-			throw new Exception('Unsupported OCRA suite crypto function: ' . var_export($cf[0], TRUE));
+			throw new Exception('Unsupported OCRA suite crypto function: '.var_export($cf[0], TRUE));
 		}
 		$this->CryptoFunctionType = $cf[0];
 
 		if (!array_key_exists($cf[1], $this->supportedHashFunctions)) {
-			throw new Exception('Unsupported hash function in OCRA suite crypto function: ' . var_export($cf[1], TRUE));
+			throw new Exception('Unsupported hash function in OCRA suite crypto function: '.var_export($cf[1], TRUE));
 		}
 		$this->CryptoFunctionHash = $cf[1];
 		$this->CryptoFunctionHashLength = $this->supportedHashFunctions[$cf[1]];
 
 		if (!preg_match('/^\d+$/', $cf[2]) || (($cf[2] < 4 || $cf[2] > 10) && $cf[2] != 0)) {
-			throw new Exception('Invalid OCRA suite crypto function truncation length: ' . var_export($cf[2], TRUE));
+			throw new Exception('Invalid OCRA suite crypto function truncation length: '.var_export($cf[2], TRUE));
 		}
 		$this->CryptoFunctionTruncation = intval($cf[2]);
 
 		$di = explode('-', $s[2]);
 		if (count($cf) == 0) {
-			throw new Exception('Invalid OCRA suite data input: ' . var_export($s[2], TRUE));
+			throw new Exception('Invalid OCRA suite data input: '.var_export($s[2], TRUE));
 		}
 
 		$data_input = array();
-		foreach($di as $elem) {
+		foreach ($di as $elem) {
 			$letter = $elem[0];
 			if (array_key_exists($letter, $data_input)) {
-				throw new Exception('Duplicate field in OCRA suite data input: ' . var_export($elem, TRUE));
+				throw new Exception('Duplicate field in OCRA suite data input: '.var_export($elem, TRUE));
 			}
 			$data_input[$letter] = 1;
 
@@ -108,13 +108,13 @@ 
 				} elseif (preg_match('/^Q([AHN])(\d+)$/', $elem, $match)) {
 					$q_len = intval($match[2]);
 					if ($q_len < 4 || $q_len > 64) {
-						throw new Exception('Invalid OCRA suite data input question length: ' . var_export($q_len, TRUE));
+						throw new Exception('Invalid OCRA suite data input question length: '.var_export($q_len, TRUE));
 					}
 					$this->Q = TRUE;
 					$this->QType = $match[1];
 					$this->QLength = $q_len;
 				} else {
-					throw new Exception('Invalid OCRA suite data input question: ' . var_export($elem, TRUE));
+					throw new Exception('Invalid OCRA suite data input question: '.var_export($elem, TRUE));
 				}
 			} elseif ($letter === 'P') {
 				if (strlen($elem) == 1) {
@@ -122,7 +122,7 @@ 
 				} else {
 					$p_algo = substr($elem, 1);
 					if (!array_key_exists($p_algo, $this->supportedHashFunctions)) {
-						throw new Exception('Unsupported OCRA suite PIN hash function: ' . var_export($elem, TRUE));
+						throw new Exception('Unsupported OCRA suite PIN hash function: '.var_export($elem, TRUE));
 					}
 					$this->P = TRUE;
 					$this->PType = $p_algo;
@@ -134,13 +134,13 @@ 
 				} elseif (preg_match('/^S(\d+)$/', $elem, $match)) {
 					$s_len = intval($match[1]);
 					if ($s_len <= 0 || $s_len > 512) {
-						throw new Exception('Invalid OCRA suite data input session information length: ' . var_export($s_len, TRUE));
+						throw new Exception('Invalid OCRA suite data input session information length: '.var_export($s_len, TRUE));
 					}
 
 					$this->S = TRUE;
 					$this->SLength = $s_len;
 				} else {
-					throw new Exception('Invalid OCRA suite data input session information length: ' . var_export($elem, TRUE));
+					throw new Exception('Invalid OCRA suite data input session information length: '.var_export($elem, TRUE));
 				}
 			} elseif ($letter === 'T') {
 				if (strlen($elem) == 1) {
@@ -149,7 +149,7 @@ 
 					preg_match_all('/(\d+)([HMS])/', $elem, $match);
 
 					if (count($match[1]) !== count(array_unique($match[2]))) {
-						throw new Exception('Duplicate definitions in OCRA suite data input timestamp: ' . var_export($elem, TRUE));
+						throw new Exception('Duplicate definitions in OCRA suite data input timestamp: '.var_export($elem, TRUE));
 					}
 
 					$length = 0;
@@ -157,21 +157,21 @@ 
 						$length += intval($match[1][$i]) * $this->TPeriods[$match[2][$i]];
 					}
 					if ($length <= 0) {
-						throw new Exception('Invalid OCRA suite data input timestamp: ' . var_export($elem, TRUE));
+						throw new Exception('Invalid OCRA suite data input timestamp: '.var_export($elem, TRUE));
 					}
 
 					$this->T = TRUE;
 					$this->TLength = $length;
 				} else {
-					throw new Exception('Invalid OCRA suite data input timestamp: ' . var_export($elem, TRUE));
+					throw new Exception('Invalid OCRA suite data input timestamp: '.var_export($elem, TRUE));
 				}
 			} else {
-				throw new Exception('Unsupported OCRA suite data input field: ' . var_export($elem, TRUE));
+				throw new Exception('Unsupported OCRA suite data input field: '.var_export($elem, TRUE));
 			}
 		}
 
 		if (!$this->Q) {
-			throw new Exception('OCRA suite data input question not defined: ' . var_export($s[2], TRUE));
+			throw new Exception('OCRA suite data input question not defined: '.var_export($s[2], TRUE));
 		}
 	}
 
@@ -181,7 +181,7 @@ 
 
 		$bytes = self::generateRandomBytes($q_length);
 
-		switch($q_type) {
+		switch ($q_type) {
 			case 'A':
 				$challenge = base64_encode($bytes);
 				$tr = implode("", unpack('H*', $bytes));
@@ -194,7 +194,7 @@ 
 				$challenge = implode("", unpack('N*', $bytes));
 				break;
 			default:
-				throw new Exception('Unsupported OCRASuite challenge type: ' . var_export($q_type, TRUE));
+				throw new Exception('Unsupported OCRASuite challenge type: '.var_export($q_type, TRUE));
 				break;
 		}
 
@@ -206,7 +206,7 @@ 
 
 	public function generateSessionInformation() {
 		if (!$this->S) {
-			throw new Exception('Session information not defined in OCRASuite: ' . var_export($this->OCRASuite, TRUE));
+			throw new Exception('Session information not defined in OCRASuite: '.var_export($this->OCRASuite, TRUE));
 		}
 
 		$s_length = $this->SLength;
@@ -228,7 +228,7 @@ 
 
 		/* Use mt_rand to generate $length random bytes. */
 		$data = '';
-		for($i = 0; $i < $length; $i++) {
+		for ($i = 0; $i < $length; $i++) {
 			$data .= chr(mt_rand(0, 255));
 		}
 
@@ -246,7 +246,7 @@ 
 			return openssl_random_pseudo_bytes($length);
 		}
 
-		if($fp === NULL) {
+		if ($fp === NULL) {
 			if (@file_exists('/dev/urandom')) {
 				$fp = @fopen('/dev/urandom', 'rb');
 			} else {
@@ -254,17 +254,17 @@ 
 			}
 		}
 
-		if($fp !== FALSE) {
+		if ($fp !== FALSE) {
 			/* Read random bytes from /dev/urandom. */
 			$data = fread($fp, $length);
-			if($data === FALSE) {
+			if ($data === FALSE) {
 				throw new Exception('Error reading random data.');
 			}
-			if(strlen($data) != $length) {
+			if (strlen($data) != $length) {
 				if ($fallback) {
 					$data = self::generateRandomBytesMTrand($length);
 				} else {
-					throw new Exception('Did not get requested number of bytes from random source. Requested (' . $length . ') got (' . strlen($data) . ')');
+					throw new Exception('Did not get requested number of bytes from random source. Requested ('.$length.') got ('.strlen($data).')');
 				}
 			}
 		} else {
@@ -290,7 +290,7 @@ 
 			$result &= ($s1[$i] == $s2[$i]);
 		}
 
-		return (boolean)$result;
+		return (boolean) $result;
 	}
 
 }

library/tiqr/Tiqr/API/Client.php

Doc Comments +1 added lines, -1 removed lines

@@ -45,7 +45,7 @@
      * @param string $method	The HTTP Method (GET, POST, PUT, DELETE)
      * @param array  $data		Data send with request as key => value pairs
      *
-     * @return Object
+     * @return Tiqr_API_Entity_APIResult
      *
      * @throws Exception
      */

Spacing +3 added lines, -3 removed lines

@@ -25,7 +25,7 @@ 
      */
     public function setBaseURL($apiBaseURL)
     {
-        $this->_apiBaseURL = rtrim($apiBaseURL, '/') . '/';
+        $this->_apiBaseURL = rtrim($apiBaseURL, '/').'/';
     }
 
     /**
@@ -78,7 +78,7 @@ 
     protected function callAPI($resource, $method = "GET", $data = array(), $headers = array())
     {
         $ch = curl_init();
-        curl_setopt($ch, CURLOPT_URL, $this->_apiBaseURL . ltrim($resource, '/'));
+        curl_setopt($ch, CURLOPT_URL, $this->_apiBaseURL.ltrim($resource, '/'));
         curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
 
         // Explicitly empty null values, because http_build_query will throw away
@@ -107,7 +107,7 @@ 
 
         $headerArray = array();
         foreach ($headers as $key => $value) {
-            $headerArray[] = $key . ': ' . $value;
+            $headerArray[] = $key.': '.$value;
         }
 
         curl_setopt($ch, CURLOPT_HTTPHEADER, $headerArray);

library/tiqr/Tiqr/Message/FCM.php

Doc Comments +2 added lines, -3 removed lines

@@ -48,11 +48,10 @@
     /**
      * Send a message to a device using the firebase API key.
      *
-     * @param $deviceToken string device ID
-     * @param $alert string alert message
+     * @param string $deviceToken string device ID
+     * @param string $alert string alert message
      * @param $challenge string tiqr challenge url
      * @param $apiKey string api key for firebase
-     * @param Tiqr_Message_Exception $gcmException
      *
      * @throws Tiqr_Message_Exception_SendFailure
      */

Spacing +3 added lines, -3 removed lines

@@ -69,7 +69,7 @@ 
         );
 
         $headers = array(
-            'Authorization: key=' . $apiKey,
+            'Authorization: key='.$apiKey,
             'Content-Type: application/json',
         );
 
@@ -89,7 +89,7 @@ 
         }
 
         if (!empty($errors)) {
-            throw new Tiqr_Message_Exception_SendFailure("Http error occurred: ". $errors, true);
+            throw new Tiqr_Message_Exception_SendFailure("Http error occurred: ".$errors, true);
         }
 
         if ($statusCode !== 200) {
@@ -100,7 +100,7 @@ 
         $response = json_decode($result, true);
         foreach ($response['results'] as $k => $v) {
             if (isset($v['error'])) {
-                throw new Tiqr_Message_Exception_SendFailure("Error in GCM response: " . $v['error'], true);
+                throw new Tiqr_Message_Exception_SendFailure("Error in GCM response: ".$v['error'], true);
             }
         }
     }

library/tiqr/Tiqr/OATH/HOTP.php

Doc Comments +2 added lines, -2 removed lines

@@ -31,7 +31,7 @@ 
      * Calculate a HOTP response 
      * @param String $secret
      * @param String $counter
-     * @return String The response
+     * @return integer The response
      */
     public function calculateResponse($secret, $counter)
     {
@@ -72,7 +72,7 @@ 
      * Truncate a response to a certain length.
      * @param String $hash
      * @param int $length
-     * @return String a truncated response
+     * @return integer a truncated response
      */
     protected function _truncate($hash, $length = 6)
     {

Indentation +32 added lines, -32 removed lines

@@ -48,24 +48,24 @@ 
      */
     protected function _getHash ($secret, $counter)
     {
-         // Counter
-         //the counter value can be more than one byte long, so we need to go multiple times
-         $cur_counter = array(0,0,0,0,0,0,0,0);
-         for($i=7;$i>=0;$i--)
-         {
-             $cur_counter[$i] = pack ('C*', $counter);
-             $counter = $counter >> 8;
-         }
-         $bin_counter = implode($cur_counter);
-         // Pad to 8 chars
-         if (strlen ($bin_counter) < 8)
-         {
-             $bin_counter = str_repeat (chr(0), 8 - strlen ($bin_counter)) . $bin_counter;
-         }
+            // Counter
+            //the counter value can be more than one byte long, so we need to go multiple times
+            $cur_counter = array(0,0,0,0,0,0,0,0);
+            for($i=7;$i>=0;$i--)
+            {
+                $cur_counter[$i] = pack ('C*', $counter);
+                $counter = $counter >> 8;
+            }
+            $bin_counter = implode($cur_counter);
+            // Pad to 8 chars
+            if (strlen ($bin_counter) < 8)
+            {
+                $bin_counter = str_repeat (chr(0), 8 - strlen ($bin_counter)) . $bin_counter;
+            }
      
-         // HMAC
-         $hash = hash_hmac ('sha1', $bin_counter, $secret);
-         return $hash;
+            // HMAC
+            $hash = hash_hmac ('sha1', $bin_counter, $secret);
+            return $hash;
     }
  
     /**
@@ -76,22 +76,22 @@ 
      */
     protected function _truncate($hash, $length = 6)
     {
-         // Convert to dec
-         foreach(str_split($hash,2) as $hex)
-         {
-             $hmac_result[]=hexdec($hex);
-         }
+            // Convert to dec
+            foreach(str_split($hash,2) as $hex)
+            {
+                $hmac_result[]=hexdec($hex);
+            }
      
-         // Find offset
-         $offset = $hmac_result[19] & 0xf;  
+            // Find offset
+            $offset = $hmac_result[19] & 0xf;  
      
-         // Algorithm from RFC
-         return
-         (
-             (($hmac_result[$offset+0] & 0x7f) << 24 ) |
-             (($hmac_result[$offset+1] & 0xff) << 16 ) |
-             (($hmac_result[$offset+2] & 0xff) << 8 ) |
-             ($hmac_result[$offset+3] & 0xff)
-         ) % pow(10,$length);
+            // Algorithm from RFC
+            return
+            (
+                (($hmac_result[$offset+0] & 0x7f) << 24 ) |
+                (($hmac_result[$offset+1] & 0xff) << 16 ) |
+                (($hmac_result[$offset+2] & 0xff) << 8 ) |
+                ($hmac_result[$offset+3] & 0xff)
+            ) % pow(10,$length);
     }
 }

Spacing +14 added lines, -14 removed lines

@@ -46,25 +46,25 @@ 
      * @param String $counter
      * @return String hash
      */
-    protected function _getHash ($secret, $counter)
+    protected function _getHash($secret, $counter)
     {
          // Counter
          //the counter value can be more than one byte long, so we need to go multiple times
-         $cur_counter = array(0,0,0,0,0,0,0,0);
-         for($i=7;$i>=0;$i--)
+         $cur_counter = array(0, 0, 0, 0, 0, 0, 0, 0);
+         for ($i = 7; $i >= 0; $i--)
          {
-             $cur_counter[$i] = pack ('C*', $counter);
+             $cur_counter[$i] = pack('C*', $counter);
              $counter = $counter >> 8;
          }
          $bin_counter = implode($cur_counter);
          // Pad to 8 chars
-         if (strlen ($bin_counter) < 8)
+         if (strlen($bin_counter) < 8)
          {
-             $bin_counter = str_repeat (chr(0), 8 - strlen ($bin_counter)) . $bin_counter;
+             $bin_counter = str_repeat(chr(0), 8 - strlen($bin_counter)).$bin_counter;
          }
      
          // HMAC
-         $hash = hash_hmac ('sha1', $bin_counter, $secret);
+         $hash = hash_hmac('sha1', $bin_counter, $secret);
          return $hash;
     }
  
@@ -77,9 +77,9 @@ 
     protected function _truncate($hash, $length = 6)
     {
          // Convert to dec
-         foreach(str_split($hash,2) as $hex)
+         foreach (str_split($hash, 2) as $hex)
          {
-             $hmac_result[]=hexdec($hex);
+             $hmac_result[] = hexdec($hex);
          }
      
          // Find offset
@@ -88,10 +88,10 @@ 
          // Algorithm from RFC
          return
          (
-             (($hmac_result[$offset+0] & 0x7f) << 24 ) |
-             (($hmac_result[$offset+1] & 0xff) << 16 ) |
-             (($hmac_result[$offset+2] & 0xff) << 8 ) |
-             ($hmac_result[$offset+3] & 0xff)
-         ) % pow(10,$length);
+             (($hmac_result[$offset + 0] & 0x7f) << 24) |
+             (($hmac_result[$offset + 1] & 0xff) << 16) |
+             (($hmac_result[$offset + 2] & 0xff) << 8) |
+             ($hmac_result[$offset + 3] & 0xff)
+         ) % pow(10, $length);
     }
 }

library/tiqr/Tiqr/OATH/OCRA.php

Doc Comments +11 added lines, -4 removed lines

@@ -32,6 +32,9 @@ 
      * @param String crypto     the crypto algorithm (sha1, sha256 or sha512)
      * @param String keyBytes   the bytes to use for the HMAC key
      * @param String text       the message or text to be authenticated.
+     * @param string $crypto
+     * @param string $keyBytes
+     * @param string $text
      */
     private static function _hmac_sha1($crypto,
             $keyBytes,
@@ -58,19 +61,22 @@ 
      * set of parameters.
      *
      * @param ocraSuite    the OCRA Suite
-     * @param key          the shared secret, HEX encoded
-     * @param counter      the counter that changes
+     * @param key          string shared secret, HEX encoded
+     * @param counter      string counter that changes
      *                     on a per use basis,
      *                     HEX encoded
-     * @param question     the challenge question, HEX encoded
+     * @param question     string challenge question, HEX encoded
      * @param password     a password that can be used,
      *                     HEX encoded
      * @param sessionInformation
      *                     Static information that identifies the
      *                     current session, Hex encoded
      * @param timeStamp    a value that reflects a time
+     * @param string $password
+     * @param string $sessionInformation
+     * @param string $timeStamp
      *
-     * @return A numeric String in base 10 that includes
+     * @return string numeric String in base 10 that includes
      * {@link truncationDigits} digits
      */
     static function generateOCRA($ocraSuite,
@@ -251,6 +257,7 @@ 
 
     /**
      * Truncate a result to a certain length
+     * @param string $hash
      */    
     static function _oath_truncate($hash, $length = 6)
     {

Indentation +8 added lines, -8 removed lines

@@ -37,8 +37,8 @@ 
             $keyBytes,
             $text)
     {
-         $hash = hash_hmac ($crypto, $text, $keyBytes);
-         return $hash;
+            $hash = hash_hmac ($crypto, $text, $keyBytes);
+            return $hash;
     }
 
     /**
@@ -74,12 +74,12 @@ 
      * {@link truncationDigits} digits
      */
     static function generateOCRA($ocraSuite,
-                                 $key,
-                                 $counter,
-                                 $question,
-                                 $password,
-                                 $sessionInformation,
-                                 $timeStamp)
+                                    $key,
+                                    $counter,
+                                    $question,
+                                    $password,
+                                    $sessionInformation,
+                                    $timeStamp)
     {
         $codeDigits = 0;
         $crypto = "";

Spacing +69 added lines, -69 removed lines

@@ -37,7 +37,7 @@ 
             $keyBytes,
             $text)
     {
-         $hash = hash_hmac ($crypto, $text, $keyBytes);
+         $hash = hash_hmac($crypto, $text, $keyBytes);
          return $hash;
     }
 
@@ -48,7 +48,7 @@ 
      *
      * @return String a string with raw bytes
      */
-    private static function _hexStr2Bytes($hex){
+    private static function _hexStr2Bytes($hex) {
         return pack("H*", $hex);
     }
 
@@ -97,95 +97,95 @@ 
         $cryptoFunction = $components[1];
         $dataInput = strtolower($components[2]); // lower here so we can do case insensitive comparisons
         
-        if(stripos($cryptoFunction, "sha1")!==false)
+        if (stripos($cryptoFunction, "sha1") !== false)
             $crypto = "sha1";
-        if(stripos($cryptoFunction, "sha256")!==false)
+        if (stripos($cryptoFunction, "sha256") !== false)
             $crypto = "sha256";
-        if(stripos($cryptoFunction, "sha512")!==false)
+        if (stripos($cryptoFunction, "sha512") !== false)
             $crypto = "sha512";
         
-        $codeDigits = substr($cryptoFunction, strrpos($cryptoFunction, "-")+1);
+        $codeDigits = substr($cryptoFunction, strrpos($cryptoFunction, "-") + 1);
                 
         // The size of the byte array message to be encrypted
         // Counter
-        if($dataInput[0] == "c" ) {
+        if ($dataInput[0] == "c") {
             // Fix the length of the HEX string
-            while(strlen($counter) < 16)
-                $counter = "0" . $counter;
-            $counterLength=8;
+            while (strlen($counter) < 16)
+                $counter = "0".$counter;
+            $counterLength = 8;
         }
         // Question
-        if($dataInput[0] == "q" ||
-                stripos($dataInput, "-q")!==false) {
-            while(strlen($question) < 256)
-                $question = $question . "0";
-            $questionLength=128;
+        if ($dataInput[0] == "q" ||
+                stripos($dataInput, "-q") !== false) {
+            while (strlen($question) < 256)
+                $question = $question."0";
+            $questionLength = 128;
         }
 
         // Password
-        if(stripos($dataInput, "psha1")!==false) {
-            while(strlen($password) < 40)
-                $password = "0" . $password;
-            $passwordLength=20;
+        if (stripos($dataInput, "psha1") !== false) {
+            while (strlen($password) < 40)
+                $password = "0".$password;
+            $passwordLength = 20;
         }
     
-        if(stripos($dataInput, "psha256")!==false) {
-            while(strlen($password) < 64)
-                $password = "0" . $password;
-            $passwordLength=32;
+        if (stripos($dataInput, "psha256") !== false) {
+            while (strlen($password) < 64)
+                $password = "0".$password;
+            $passwordLength = 32;
         }
         
-        if(stripos($dataInput, "psha512")!==false) {
-            while(strlen($password) < 128)
-                $password = "0" . $password;
-            $passwordLength=64;
+        if (stripos($dataInput, "psha512") !== false) {
+            while (strlen($password) < 128)
+                $password = "0".$password;
+            $passwordLength = 64;
         }
         
         // sessionInformation
-        if(stripos($dataInput, "s064") !==false) {
-            while(strlen($sessionInformation) < 128)
-                $sessionInformation = "0" . $sessionInformation;
+        if (stripos($dataInput, "s064") !== false) {
+            while (strlen($sessionInformation) < 128)
+                $sessionInformation = "0".$sessionInformation;
 
-            $sessionInformationLength=64;
-        } else if(stripos($dataInput, "s128") !==false) {
-            while(strlen($sessionInformation) < 256)
-                $sessionInformation = "0" . $sessionInformation;
+            $sessionInformationLength = 64;
+        } else if (stripos($dataInput, "s128") !== false) {
+            while (strlen($sessionInformation) < 256)
+                $sessionInformation = "0".$sessionInformation;
         
-            $sessionInformationLength=128;
-        } else if(stripos($dataInput, "s256") !==false) {
-            while(strlen($sessionInformation) < 512)
-                $sessionInformation = "0" . $sessionInformation;
+            $sessionInformationLength = 128;
+        } else if (stripos($dataInput, "s256") !== false) {
+            while (strlen($sessionInformation) < 512)
+                $sessionInformation = "0".$sessionInformation;
         
-            $sessionInformationLength=256;
-        } else if(stripos($dataInput, "s512") !==false) {
-            while(strlen($sessionInformation) < 128)
-                $sessionInformation = "0" . $sessionInformation;
+            $sessionInformationLength = 256;
+        } else if (stripos($dataInput, "s512") !== false) {
+            while (strlen($sessionInformation) < 128)
+                $sessionInformation = "0".$sessionInformation;
         
-            $sessionInformationLength=64;
-        } else if (stripos($dataInput, "s") !== false ) {
+            $sessionInformationLength = 64;
+        } else if (stripos($dataInput, "s") !== false) {
             // deviation from spec. Officially 's' without a length indicator is not in the reference implementation.
             // RFC is ambigious. However we have supported this in Tiqr since day 1, so we continue to support it.
-            while(strlen($sessionInformation) < 128)
-                $sessionInformation = "0" . $sessionInformation;
+            while (strlen($sessionInformation) < 128)
+                $sessionInformation = "0".$sessionInformation;
             
-            $sessionInformationLength=64;
+            $sessionInformationLength = 64;
         }
         
         
              
         // TimeStamp
-        if($dataInput[0] == "t" ||
+        if ($dataInput[0] == "t" ||
                 stripos($dataInput, "-t") !== false) {
-            while(strlen($timeStamp) < 16)
-                $timeStamp = "0" . $timeStamp;
-            $timeStampLength=8;
+            while (strlen($timeStamp) < 16)
+                $timeStamp = "0".$timeStamp;
+            $timeStampLength = 8;
         }
 
         // Put the bytes of "ocraSuite" parameters into the message
         
-        $msg = array_fill(0,$ocraSuiteLength+$counterLength+$questionLength+$passwordLength+$sessionInformationLength+$timeStampLength+1, 0);
+        $msg = array_fill(0, $ocraSuiteLength + $counterLength + $questionLength + $passwordLength + $sessionInformationLength + $timeStampLength + 1, 0);
                 
-        for($i=0;$i<strlen($ocraSuite);$i++) {
+        for ($i = 0; $i < strlen($ocraSuite); $i++) {
             $msg[$i] = $ocraSuite[$i];
         }
         
@@ -194,9 +194,9 @@ 
 
         // Put the bytes of "Counter" to the message
         // Input is HEX encoded
-        if($counterLength > 0 ) {
+        if ($counterLength > 0) {
             $bArray = self::_hexStr2Bytes($counter);
-            for ($i=0;$i<strlen($bArray);$i++) {
+            for ($i = 0; $i < strlen($bArray); $i++) {
                 $msg [$i + $ocraSuiteLength + 1] = $bArray[$i];
             }
         }
@@ -204,36 +204,36 @@ 
 
         // Put the bytes of "question" to the message
         // Input is text encoded
-        if($questionLength > 0 ) {
+        if ($questionLength > 0) {
             $bArray = self::_hexStr2Bytes($question);
-            for ($i=0;$i<strlen($bArray);$i++) {
+            for ($i = 0; $i < strlen($bArray); $i++) {
                 $msg [$i + $ocraSuiteLength + 1 + $counterLength] = $bArray[$i];
             }
         }
 
         // Put the bytes of "password" to the message
         // Input is HEX encoded
-        if($passwordLength > 0){
+        if ($passwordLength > 0) {
             $bArray = self::_hexStr2Bytes($password);
-            for ($i=0;$i<strlen($bArray);$i++) {
+            for ($i = 0; $i < strlen($bArray); $i++) {
                 $msg [$i + $ocraSuiteLength + 1 + $counterLength + $questionLength] = $bArray[$i];
             }
         }
 
         // Put the bytes of "sessionInformation" to the message
         // Input is text encoded
-        if($sessionInformationLength > 0 ){
+        if ($sessionInformationLength > 0) {
             $bArray = self::_hexStr2Bytes($sessionInformation);
-            for ($i=0;$i<strlen($bArray);$i++) {
+            for ($i = 0; $i < strlen($bArray); $i++) {
                 $msg [$i + $ocraSuiteLength + 1 + $counterLength + $questionLength + $passwordLength] = $bArray[$i];
             }
         }
 
         // Put the bytes of "time" to the message
         // Input is text value of minutes
-        if($timeStampLength > 0){
+        if ($timeStampLength > 0) {
             $bArray = self::_hexStr2Bytes($timeStamp);
-            for ($i=0;$i<strlen($bArray);$i++) {
+            for ($i = 0; $i < strlen($bArray); $i++) {
                 $msg [$i + $ocraSuiteLength + 1 + $counterLength + $questionLength + $passwordLength + $sessionInformationLength] = $bArray[$i];
             }
         }
@@ -255,19 +255,19 @@ 
     static function _oath_truncate($hash, $length = 6)
     {
         // Convert to dec
-        foreach(str_split($hash,2) as $hex)
+        foreach (str_split($hash, 2) as $hex)
         {
-            $hmac_result[]=hexdec($hex);
+            $hmac_result[] = hexdec($hex);
         }
     
         // Find offset
         $offset = $hmac_result[count($hmac_result) - 1] & 0xf;
     
         $v = strval(
-            (($hmac_result[$offset+0] & 0x7f) << 24 ) |
-            (($hmac_result[$offset+1] & 0xff) << 16 ) |
-            (($hmac_result[$offset+2] & 0xff) << 8 ) |
-            ($hmac_result[$offset+3] & 0xff)
+            (($hmac_result[$offset + 0] & 0x7f) << 24) |
+            (($hmac_result[$offset + 1] & 0xff) << 16) |
+            (($hmac_result[$offset + 2] & 0xff) << 8) |
+            ($hmac_result[$offset + 3] & 0xff)
         );	
         
         $v = substr($v, strlen($v) - $length);

Braces +42 added lines, -28 removed lines

@@ -97,12 +97,15 @@ 
         $cryptoFunction = $components[1];
         $dataInput = strtolower($components[2]); // lower here so we can do case insensitive comparisons
         
-        if(stripos($cryptoFunction, "sha1")!==false)
-            $crypto = "sha1";
-        if(stripos($cryptoFunction, "sha256")!==false)
-            $crypto = "sha256";
-        if(stripos($cryptoFunction, "sha512")!==false)
-            $crypto = "sha512";
+        if(stripos($cryptoFunction, "sha1")!==false) {
+                    $crypto = "sha1";
+        }
+        if(stripos($cryptoFunction, "sha256")!==false) {
+                    $crypto = "sha256";
+        }
+        if(stripos($cryptoFunction, "sha512")!==false) {
+                    $crypto = "sha512";
+        }
         
         $codeDigits = substr($cryptoFunction, strrpos($cryptoFunction, "-")+1);
                 
@@ -110,63 +113,73 @@ 
         // Counter
         if($dataInput[0] == "c" ) {
             // Fix the length of the HEX string
-            while(strlen($counter) < 16)
-                $counter = "0" . $counter;
+            while(strlen($counter) < 16) {
+                            $counter = "0" . $counter;
+            }
             $counterLength=8;
         }
         // Question
         if($dataInput[0] == "q" ||
                 stripos($dataInput, "-q")!==false) {
-            while(strlen($question) < 256)
-                $question = $question . "0";
+            while(strlen($question) < 256) {
+                            $question = $question . "0";
+            }
             $questionLength=128;
         }
 
         // Password
         if(stripos($dataInput, "psha1")!==false) {
-            while(strlen($password) < 40)
-                $password = "0" . $password;
+            while(strlen($password) < 40) {
+                            $password = "0" . $password;
+            }
             $passwordLength=20;
         }
     
         if(stripos($dataInput, "psha256")!==false) {
-            while(strlen($password) < 64)
-                $password = "0" . $password;
+            while(strlen($password) < 64) {
+                            $password = "0" . $password;
+            }
             $passwordLength=32;
         }
         
         if(stripos($dataInput, "psha512")!==false) {
-            while(strlen($password) < 128)
-                $password = "0" . $password;
+            while(strlen($password) < 128) {
+                            $password = "0" . $password;
+            }
             $passwordLength=64;
         }
         
         // sessionInformation
         if(stripos($dataInput, "s064") !==false) {
-            while(strlen($sessionInformation) < 128)
-                $sessionInformation = "0" . $sessionInformation;
+            while(strlen($sessionInformation) < 128) {
+                            $sessionInformation = "0" . $sessionInformation;
+            }
 
             $sessionInformationLength=64;
         } else if(stripos($dataInput, "s128") !==false) {
-            while(strlen($sessionInformation) < 256)
-                $sessionInformation = "0" . $sessionInformation;
+            while(strlen($sessionInformation) < 256) {
+                            $sessionInformation = "0" . $sessionInformation;
+            }
         
             $sessionInformationLength=128;
         } else if(stripos($dataInput, "s256") !==false) {
-            while(strlen($sessionInformation) < 512)
-                $sessionInformation = "0" . $sessionInformation;
+            while(strlen($sessionInformation) < 512) {
+                            $sessionInformation = "0" . $sessionInformation;
+            }
         
             $sessionInformationLength=256;
         } else if(stripos($dataInput, "s512") !==false) {
-            while(strlen($sessionInformation) < 128)
-                $sessionInformation = "0" . $sessionInformation;
+            while(strlen($sessionInformation) < 128) {
+                            $sessionInformation = "0" . $sessionInformation;
+            }
         
             $sessionInformationLength=64;
         } else if (stripos($dataInput, "s") !== false ) {
             // deviation from spec. Officially 's' without a length indicator is not in the reference implementation.
             // RFC is ambigious. However we have supported this in Tiqr since day 1, so we continue to support it.
-            while(strlen($sessionInformation) < 128)
-                $sessionInformation = "0" . $sessionInformation;
+            while(strlen($sessionInformation) < 128) {
+                            $sessionInformation = "0" . $sessionInformation;
+            }
             
             $sessionInformationLength=64;
         }
@@ -176,8 +189,9 @@ 
         // TimeStamp
         if($dataInput[0] == "t" ||
                 stripos($dataInput, "-t") !== false) {
-            while(strlen($timeStamp) < 16)
-                $timeStamp = "0" . $timeStamp;
+            while(strlen($timeStamp) < 16) {
+                            $timeStamp = "0" . $timeStamp;
+            }
             $timeStampLength=8;
         }
 

library/tiqr/Tiqr/OATH/OCRA_v1.php

Doc Comments +12 added lines, -5 removed lines

@@ -41,6 +41,9 @@ 
      * @param String crypto     the crypto algorithm (sha1, sha256 or sha512)
      * @param String keyBytes   the bytes to use for the HMAC key
      * @param String text       the message or text to be authenticated.
+     * @param string $crypto
+     * @param string $keyBytes
+     * @param string $text
      */
     private static function _hmac_sha1($crypto,
             $keyBytes,
@@ -66,20 +69,23 @@ 
      * This method generates an OCRA HOTP value for the given
      * set of parameters.
      *
-     * @param ocraSuite    the OCRA Suite
-     * @param key          the shared secret, HEX encoded
-     * @param counter      the counter that changes
+     * @param ocraSuite    string OCRA Suite
+     * @param key          string shared secret, HEX encoded
+     * @param counter      string counter that changes
      *                     on a per use basis,
      *                     HEX encoded
-     * @param question     the challenge question, HEX encoded
+     * @param question     string challenge question, HEX encoded
      * @param password     a password that can be used,
      *                     HEX encoded
      * @param sessionInformation
      *                     Static information that identifies the
      *                     current session, Hex encoded
      * @param timeStamp    a value that reflects a time
+     * @param string $password
+     * @param string $sessionInformation
+     * @param string $timeStamp
      *
-     * @return A numeric String in base 10 that includes
+     * @return integer numeric String in base 10 that includes
      * {@link truncationDigits} digits
      */
     static function generateOCRA($ocraSuite,
@@ -223,6 +229,7 @@ 
 
     /**
      * Truncate a result to a certain length
+     * @param string $hash
      */    
     function _oath_truncate($hash, $length = 6)
     {

Indentation +8 added lines, -8 removed lines

@@ -46,8 +46,8 @@ 
             $keyBytes,
             $text)
     {
-         $hash = hash_hmac ($crypto, $text, $keyBytes);
-         return $hash;
+            $hash = hash_hmac ($crypto, $text, $keyBytes);
+            return $hash;
     }
 
     /**
@@ -83,12 +83,12 @@ 
      * {@link truncationDigits} digits
      */
     static function generateOCRA($ocraSuite,
-                                 $key,
-                                 $counter,
-                                 $question,
-                                 $password,
-                                 $sessionInformation,
-                                 $timeStamp)
+                                    $key,
+                                    $counter,
+                                    $question,
+                                    $password,
+                                    $sessionInformation,
+                                    $timeStamp)
     {
         $codeDigits = 0;
         $crypto = "";

Spacing +49 added lines, -49 removed lines

@@ -46,7 +46,7 @@ 
             $keyBytes,
             $text)
     {
-         $hash = hash_hmac ($crypto, $text, $keyBytes);
+         $hash = hash_hmac($crypto, $text, $keyBytes);
          return $hash;
     }
 
@@ -57,7 +57,7 @@ 
      *
      * @return String a string with raw bytes
      */
-    private static function _hexStr2Bytes($hex){
+    private static function _hexStr2Bytes($hex) {
         return pack("H*", $hex);
     }
 
@@ -101,63 +101,63 @@ 
         $sessionInformationLength = 0;
         $timeStampLength = 0;
 
-        if(stripos($ocraSuite, "sha1")!==false)
+        if (stripos($ocraSuite, "sha1") !== false)
             $crypto = "sha1";
-        if(stripos($ocraSuite, "sha256")!==false)
+        if (stripos($ocraSuite, "sha256") !== false)
             $crypto = "sha256";
-        if(stripos($ocraSuite, "sha512")!==false)
+        if (stripos($ocraSuite, "sha512") !== false)
             $crypto = "sha512";
 
         // How many digits should we return
-        $oS = substr($ocraSuite, strpos($ocraSuite, ":")+1, strpos($ocraSuite, ":", strpos($ocraSuite, ":")+1) -strpos($ocraSuite, ":")-1);
-        $codeDigits = substr($oS, strrpos($oS, "-")+1);
+        $oS = substr($ocraSuite, strpos($ocraSuite, ":") + 1, strpos($ocraSuite, ":", strpos($ocraSuite, ":") + 1) - strpos($ocraSuite, ":") - 1);
+        $codeDigits = substr($oS, strrpos($oS, "-") + 1);
         
         // The size of the byte array message to be encrypted
         // Counter
-        if(stripos($ocraSuite, ":c") !==false) {
+        if (stripos($ocraSuite, ":c") !== false) {
             // Fix the length of the HEX string
-            while(strlen($counter) < 16)
-                $counter = "0" . $counter;
-            $counterLength=8;
+            while (strlen($counter) < 16)
+                $counter = "0".$counter;
+            $counterLength = 8;
         }
         // Question
-        if(stripos($ocraSuite, ":q")!==false ||
-                stripos($ocraSuite, "-q")!==false) {
-            while(strlen($question) < 256)
-                $question = $question . "0";
-            $questionLength=128;
+        if (stripos($ocraSuite, ":q") !== false ||
+                stripos($ocraSuite, "-q") !== false) {
+            while (strlen($question) < 256)
+                $question = $question."0";
+            $questionLength = 128;
         }
 
         // Password
-        if(stripos($ocraSuite, ":p")!==false ||
-                stripos($ocraSuite, "-p") !==false) {
-            while(strlen($password) < 40)
-                $password = "0" . $password;
-            $passwordLength=20;
+        if (stripos($ocraSuite, ":p") !== false ||
+                stripos($ocraSuite, "-p") !== false) {
+            while (strlen($password) < 40)
+                $password = "0".$password;
+            $passwordLength = 20;
         }
 
         // sessionInformation
-        if(stripos($ocraSuite, ":s") !==false ||
-                stripos($ocraSuite, "-s", strpos($ocraSuite, ":", strpos($ocraSuite, ":")+1)) !== false) {
-            while(strlen($sessionInformation) < 128)
-                $sessionInformation = "0" . $sessionInformation;
+        if (stripos($ocraSuite, ":s") !== false ||
+                stripos($ocraSuite, "-s", strpos($ocraSuite, ":", strpos($ocraSuite, ":") + 1)) !== false) {
+            while (strlen($sessionInformation) < 128)
+                $sessionInformation = "0".$sessionInformation;
 
-            $sessionInformationLength=64;
+            $sessionInformationLength = 64;
         }
              
         // TimeStamp
-        if(stripos($ocraSuite, ":t") !==false ||
+        if (stripos($ocraSuite, ":t") !== false ||
                 stripos($ocraSuite, "-t") !== false) {
-            while(strlen($timeStamp) < 16)
-                $timeStamp = "0" . $timeStamp;
-            $timeStampLength=8;
+            while (strlen($timeStamp) < 16)
+                $timeStamp = "0".$timeStamp;
+            $timeStampLength = 8;
         }
 
         // Put the bytes of "ocraSuite" parameters into the message
         
-        $msg = array_fill(0,$ocraSuiteLength+$counterLength+$questionLength+$passwordLength+$sessionInformationLength+$timeStampLength+1, 0);
+        $msg = array_fill(0, $ocraSuiteLength + $counterLength + $questionLength + $passwordLength + $sessionInformationLength + $timeStampLength + 1, 0);
                 
-        for($i=0;$i<strlen($ocraSuite);$i++) {
+        for ($i = 0; $i < strlen($ocraSuite); $i++) {
             $msg[$i] = $ocraSuite[$i];
         }
         
@@ -166,9 +166,9 @@ 
 
         // Put the bytes of "Counter" to the message
         // Input is HEX encoded
-        if($counterLength > 0 ) {
+        if ($counterLength > 0) {
             $bArray = self::_hexStr2Bytes($counter);
-            for ($i=0;$i<strlen($bArray);$i++) {
+            for ($i = 0; $i < strlen($bArray); $i++) {
                 $msg [$i + $ocraSuiteLength + 1] = $bArray[$i];
             }
         }
@@ -176,36 +176,36 @@ 
 
         // Put the bytes of "question" to the message
         // Input is text encoded
-        if($questionLength > 0 ) {
+        if ($questionLength > 0) {
             $bArray = self::_hexStr2Bytes($question);
-            for ($i=0;$i<strlen($bArray);$i++) {
+            for ($i = 0; $i < strlen($bArray); $i++) {
                 $msg [$i + $ocraSuiteLength + 1 + $counterLength] = $bArray[$i];
             }
         }
 
         // Put the bytes of "password" to the message
         // Input is HEX encoded
-        if($passwordLength > 0){
+        if ($passwordLength > 0) {
             $bArray = self::_hexStr2Bytes($password);
-            for ($i=0;$i<strlen($bArray);$i++) {
+            for ($i = 0; $i < strlen($bArray); $i++) {
                 $msg [$i + $ocraSuiteLength + 1 + $counterLength + $questionLength] = $bArray[$i];
             }
         }
 
         // Put the bytes of "sessionInformation" to the message
         // Input is text encoded
-        if($sessionInformationLength > 0 ){
+        if ($sessionInformationLength > 0) {
             $bArray = self::_hexStr2Bytes($sessionInformation);
-            for ($i=0;$i<strlen($bArray);$i++) {
+            for ($i = 0; $i < strlen($bArray); $i++) {
                 $msg [$i + $ocraSuiteLength + 1 + $counterLength + $questionLength + $passwordLength] = $bArray[$i];
             }
         }
 
         // Put the bytes of "time" to the message
         // Input is text value of minutes
-        if($timeStampLength > 0){
+        if ($timeStampLength > 0) {
             $bArray = self::_hexStr2Bytes($timestamp);
-            for ($i=0;$i<strlen($bArray);$i++) {
+            for ($i = 0; $i < strlen($bArray); $i++) {
                 $msg [$i + $ocraSuiteLength + 1 + $counterLength + $questionLength + $passwordLength + $sessionInformationLength] = $bArray[$i];
             }
         }
@@ -227,9 +227,9 @@ 
     function _oath_truncate($hash, $length = 6)
     {
         // Convert to dec
-        foreach(str_split($hash,2) as $hex)
+        foreach (str_split($hash, 2) as $hex)
         {
-            $hmac_result[]=hexdec($hex);
+            $hmac_result[] = hexdec($hex);
         }
     
         // Find offset
@@ -238,11 +238,11 @@ 
         // Algorithm from RFC
         return
         (
-            (($hmac_result[$offset+0] & 0x7f) << 24 ) |
-            (($hmac_result[$offset+1] & 0xff) << 16 ) |
-            (($hmac_result[$offset+2] & 0xff) << 8 ) |
-            ($hmac_result[$offset+3] & 0xff)
-        ) % pow(10,$length);
+            (($hmac_result[$offset + 0] & 0x7f) << 24) |
+            (($hmac_result[$offset + 1] & 0xff) << 16) |
+            (($hmac_result[$offset + 2] & 0xff) << 8) |
+            ($hmac_result[$offset + 3] & 0xff)
+        ) % pow(10, $length);
     }
     
 }

Braces +24 added lines, -16 removed lines

@@ -101,12 +101,15 @@ 
         $sessionInformationLength = 0;
         $timeStampLength = 0;
 
-        if(stripos($ocraSuite, "sha1")!==false)
-            $crypto = "sha1";
-        if(stripos($ocraSuite, "sha256")!==false)
-            $crypto = "sha256";
-        if(stripos($ocraSuite, "sha512")!==false)
-            $crypto = "sha512";
+        if(stripos($ocraSuite, "sha1")!==false) {
+                    $crypto = "sha1";
+        }
+        if(stripos($ocraSuite, "sha256")!==false) {
+                    $crypto = "sha256";
+        }
+        if(stripos($ocraSuite, "sha512")!==false) {
+                    $crypto = "sha512";
+        }
 
         // How many digits should we return
         $oS = substr($ocraSuite, strpos($ocraSuite, ":")+1, strpos($ocraSuite, ":", strpos($ocraSuite, ":")+1) -strpos($ocraSuite, ":")-1);
@@ -116,31 +119,35 @@ 
         // Counter
         if(stripos($ocraSuite, ":c") !==false) {
             // Fix the length of the HEX string
-            while(strlen($counter) < 16)
-                $counter = "0" . $counter;
+            while(strlen($counter) < 16) {
+                            $counter = "0" . $counter;
+            }
             $counterLength=8;
         }
         // Question
         if(stripos($ocraSuite, ":q")!==false ||
                 stripos($ocraSuite, "-q")!==false) {
-            while(strlen($question) < 256)
-                $question = $question . "0";
+            while(strlen($question) < 256) {
+                            $question = $question . "0";
+            }
             $questionLength=128;
         }
 
         // Password
         if(stripos($ocraSuite, ":p")!==false ||
                 stripos($ocraSuite, "-p") !==false) {
-            while(strlen($password) < 40)
-                $password = "0" . $password;
+            while(strlen($password) < 40) {
+                            $password = "0" . $password;
+            }
             $passwordLength=20;
         }
 
         // sessionInformation
         if(stripos($ocraSuite, ":s") !==false ||
                 stripos($ocraSuite, "-s", strpos($ocraSuite, ":", strpos($ocraSuite, ":")+1)) !== false) {
-            while(strlen($sessionInformation) < 128)
-                $sessionInformation = "0" . $sessionInformation;
+            while(strlen($sessionInformation) < 128) {
+                            $sessionInformation = "0" . $sessionInformation;
+            }
 
             $sessionInformationLength=64;
         }
@@ -148,8 +155,9 @@ 
         // TimeStamp
         if(stripos($ocraSuite, ":t") !==false ||
                 stripos($ocraSuite, "-t") !== false) {
-            while(strlen($timeStamp) < 16)
-                $timeStamp = "0" . $timeStamp;
+            while(strlen($timeStamp) < 16) {
+                            $timeStamp = "0" . $timeStamp;
+            }
             $timeStampLength=8;
         }
 

library/tiqr/Tiqr/OATH/OCRAWrapper_v1.php

Doc Comments +1 added lines, -1 removed lines

@@ -72,7 +72,7 @@
      * @param String $secret a hex representation of the user's secret
      * @param String $challenge a hex or (alfa)numeric challenge question
      * @param String $sessionKey a hex sessionKey identifying the current session
-     * @return String An OCRA response, the length of which is determined by the
+     * @return integer An OCRA response, the length of which is determined by the
      *             OCRA suite.
      */
     public function calculateResponse($secret, $challenge, $sessionKey) 

Indentation +2 added lines, -2 removed lines

@@ -90,9 +90,9 @@
      */
     public function verifyResponse($response, $secret, $challenge, $sessionKey)
     {
-         $expected = $this->calculateResponse($secret, $challenge, $sessionKey);
+            $expected = $this->calculateResponse($secret, $challenge, $sessionKey);
 
-         return ($expected == $response);
+            return ($expected == $response);
     }
 
     /**

Spacing +6 added lines, -6 removed lines

@@ -107,19 +107,19 @@ 
     {
         // find the :QN10, -QN10, QH10 etc. bit
         $pos = stripos($ocraSuite, ":q");
-        if ($pos===false) $pos = stripos($ocraSuite, "-q");
-        if ($pos===false) {
+        if ($pos === false) $pos = stripos($ocraSuite, "-q");
+        if ($pos === false) {
             // No challenge config specified. Since we only support challenge based OCRA, we fallback to default 10 digit hexadecimal.
             return array("format"=>"H", "length"=>10);
         }
-        $format = substr($ocraSuite, $pos+2, 1);
+        $format = substr($ocraSuite, $pos + 2, 1);
         if (!in_array($format, array("N", "A", "H"))) {
             $format = "H";
         }
         
-        $length = (int)substr($ocraSuite, $pos+3, 2);
+        $length = (int) substr($ocraSuite, $pos + 3, 2);
                 
-        if ($length<=0) {
+        if ($length <= 0) {
             $length = 10;
         }
         
@@ -190,7 +190,7 @@ 
      */
     protected function _calculateResponse($ocraSuite, $secret, $challenge, $sessionKey)
     {       
-        if (strpos(strtolower($ocraSuite), "qn")!==false) {
+        if (strpos(strtolower($ocraSuite), "qn") !== false) {
             
             // challenge is decimal, but generateOcra always wants it in hex.
             $challenge = dechex($challenge);

Braces +3 added lines, -1 removed lines

@@ -107,7 +107,9 @@
     {
         // find the :QN10, -QN10, QH10 etc. bit
         $pos = stripos($ocraSuite, ":q");
-        if ($pos===false) $pos = stripos($ocraSuite, "-q");
+        if ($pos===false) {
+            $pos = stripos($ocraSuite, "-q");
+        }
         if ($pos===false) {
             // No challenge config specified. Since we only support challenge based OCRA, we fallback to default 10 digit hexadecimal.
             return array("format"=>"H", "length"=>10);

library/tiqr/Tiqr/Service.php

Doc Comments +1 added lines, -8 removed lines

@@ -334,10 +334,6 @@ 
      * application, for example to create a link in a mobile website on the
      * same device as where the application is installed
      * @param String $sessionKey The session key identifying this authentication session
-     * @param String $userId The userId of a pre-authenticated user, if in  
-     *                       step-up mode. NULL in other scenario's.
-     * @param String $sessionId The application's session identifier. 
-     *                          (defaults to php session)
      */
     public function generateAuthURL($sessionKey)
     {
@@ -613,7 +609,7 @@ 
      *                           session.
      * @param String $response   The response to the challenge that the phone
      *                           has posted.
-     * @return String The result of the authentication. This is one of the
+     * @return integer The result of the authentication. This is one of the
      *                AUTH_RESULT_* constants of the Tiqr_Server class.
      *                (do not make assumptions on the values of these 
      *                constants.)
@@ -710,9 +706,6 @@ 
     /**
      * Generate a challenge URL
      * @param String $sessionKey The key that identifies the session.
-     * @param String $challenge The authentication challenge
-     * @param String $userId The userid to embed in the challenge url (only
-     *                       if a user was pre-authenticated)
      *                       
      */
     protected function _getChallengeUrl($sessionKey)

Indentation +31 added lines, -31 removed lines

@@ -514,17 +514,17 @@ 
         }
 
         $metadata = array("service"=>
-                               array("displayName"       => $this->_name,
-                                     "identifier"        => $this->_identifier,
-                                     "logoUrl"           => $this->_logoUrl,
-                                     "infoUrl"           => $this->_infoUrl,
-                                     "authenticationUrl" => $authenticationUrl,
-                                     "ocraSuite"         => $this->_ocraSuite,
-                                     "enrollmentUrl"     => $enrollmentUrl
-                               ),
-                          "identity"=>
-                               array("identifier" =>$data["userId"],
-                                     "displayName"=>$data["displayName"]));
+                                array("displayName"       => $this->_name,
+                                        "identifier"        => $this->_identifier,
+                                        "logoUrl"           => $this->_logoUrl,
+                                        "infoUrl"           => $this->_infoUrl,
+                                        "authenticationUrl" => $authenticationUrl,
+                                        "ocraSuite"         => $this->_ocraSuite,
+                                        "enrollmentUrl"     => $enrollmentUrl
+                                ),
+                            "identity"=>
+                                array("identifier" =>$data["userId"],
+                                        "displayName"=>$data["displayName"]));
 
         $this->_stateStorage->unsetValue("enroll".$enrollmentKey);
 
@@ -547,10 +547,10 @@ 
      */
     public function getEnrollmentSecret($enrollmentKey)
     {
-         $data = $this->_stateStorage->getValue("enroll".$enrollmentKey);
-         $secret = $this->_uniqueSessionKey("enrollmentsecret");
-         $this->_stateStorage->setValue("enrollsecret".$secret, array("userId"=>$data["userId"], "sessionId"=>$data["sessionId"]), self::ENROLLMENT_EXPIRE); 
-         return $secret;
+            $data = $this->_stateStorage->getValue("enroll".$enrollmentKey);
+            $secret = $this->_uniqueSessionKey("enrollmentsecret");
+            $this->_stateStorage->setValue("enrollsecret".$secret, array("userId"=>$data["userId"], "sessionId"=>$data["sessionId"]), self::ENROLLMENT_EXPIRE); 
+            return $secret;
     } 
 
     /**
@@ -565,13 +565,13 @@ 
      */
     public function validateEnrollmentSecret($enrollmentSecret)
     {
-         $data = $this->_stateStorage->getValue("enrollsecret".$enrollmentSecret);
-         if (is_array($data)) { 
-             // Secret is valid, application may accept the user secret. 
-             $this->_setEnrollmentStatus($data["sessionId"], self::ENROLLMENT_STATUS_PROCESSED);
-             return $data["userId"];
-         }
-         return false;
+            $data = $this->_stateStorage->getValue("enrollsecret".$enrollmentSecret);
+            if (is_array($data)) { 
+                // Secret is valid, application may accept the user secret. 
+                $this->_setEnrollmentStatus($data["sessionId"], self::ENROLLMENT_STATUS_PROCESSED);
+                return $data["userId"];
+            }
+            return false;
     }
     
     /**
@@ -588,13 +588,13 @@ 
      */
     public function finalizeEnrollment($enrollmentSecret) 
     {
-         $data = $this->_stateStorage->getValue("enrollsecret".$enrollmentSecret);
-         if (is_array($data)) {
-             // Enrollment is finalized, destroy our session data.
-             $this->_setEnrollmentStatus($data["sessionId"], self::ENROLLMENT_STATUS_FINALIZED);
-             $this->_stateStorage->unsetValue("enrollsecret".$enrollmentSecret);
-         }
-         return true;
+            $data = $this->_stateStorage->getValue("enrollsecret".$enrollmentSecret);
+            if (is_array($data)) {
+                // Enrollment is finalized, destroy our session data.
+                $this->_setEnrollmentStatus($data["sessionId"], self::ENROLLMENT_STATUS_FINALIZED);
+                $this->_stateStorage->unsetValue("enrollsecret".$enrollmentSecret);
+            }
+            return true;
     }
 
     /**
@@ -630,7 +630,7 @@ 
 
         $challengeUserId = NULL;
         if (isset($state["userId"])) {
-          $challengeUserId = $state["userId"];
+            $challengeUserId = $state["userId"];
         }
         // Check if we're dealing with a second factor
         if ($challengeUserId!=NULL && ($userId != $challengeUserId)) {
@@ -769,6 +769,6 @@ 
      */
     protected function _setEnrollmentStatus($sessionId, $status)
     {
-       $this->_stateStorage->setValue("enrollstatus".$sessionId, $status, self::ENROLLMENT_EXPIRE);
+        $this->_stateStorage->setValue("enrollstatus".$sessionId, $status, self::ENROLLMENT_EXPIRE);
     }
 }

Spacing +25 added lines, -25 removed lines

@@ -68,12 +68,12 @@ 
     /**
      * Enrollment status codes
      */
-    const ENROLLMENT_STATUS_IDLE = 1;        // Nothing happens
+    const ENROLLMENT_STATUS_IDLE = 1; // Nothing happens
     const ENROLLMENT_STATUS_INITIALIZED = 2; // An enrollment session has begun
-    const ENROLLMENT_STATUS_RETRIEVED = 3;   // The device has retrieved the metadata
-    const ENROLLMENT_STATUS_PROCESSED = 4;   // The device has snet back a secret
-    const ENROLLMENT_STATUS_FINALIZED = 5;   // The application has stored the secret
-    const ENROLLMENT_STATUS_VALIDATED = 6;   // A first succesful authentication was performed
+    const ENROLLMENT_STATUS_RETRIEVED = 3; // The device has retrieved the metadata
+    const ENROLLMENT_STATUS_PROCESSED = 4; // The device has snet back a secret
+    const ENROLLMENT_STATUS_FINALIZED = 5; // The application has stored the secret
+    const ENROLLMENT_STATUS_VALIDATED = 6; // A first succesful authentication was performed
 
     /**
      * Default timeout values
@@ -152,7 +152,7 @@ 
      * @param array $options
      * @param int $version The protocol version to use (defaults to the latest)
      */
-    public function __construct($options=array(), $version = 2)
+    public function __construct($options = array(), $version = 2)
     {
         $this->_options = $options;
         
@@ -290,7 +290,7 @@ 
 
             $message = new $class($this->_options);
             $message->setId(time());
-            $message->setText("Please authenticate for " . $this->_name);
+            $message->setText("Please authenticate for ".$this->_name);
             $message->setAddress($notificationAddress);
             $message->setCustomProperty('challenge', $this->_getChallengeUrl($sessionKey));
             $message->send();
@@ -358,13 +358,13 @@ 
      * @param String $spIdentifier If SP and IDP are 2 different things, pass the url/identifier of the SP the user is logging into.
      *                             For setups where IDP==SP, just leave this blank.
      */
-    public function startAuthenticationSession($userId="", $sessionId="", $spIdentifier="")
+    public function startAuthenticationSession($userId = "", $sessionId = "", $spIdentifier = "")
     {
-        if ($sessionId=="") {
+        if ($sessionId == "") {
             $sessionId = session_id();
         }
 
-        if ($spIdentifier=="") {
+        if ($spIdentifier == "") {
             $spIdentifier = $this->_identifier;
         }
 
@@ -374,7 +374,7 @@ 
         
         $data = array("sessionId"=>$sessionId, "challenge"=>$challenge, "spIdentifier" => $spIdentifier);
         
-        if ($userId!="") {
+        if ($userId != "") {
             $data["userId"] = $userId;
         }
         
@@ -398,9 +398,9 @@ 
      *                           to php session)
      * @return String The enrollment key
      */
-    public function startEnrollmentSession($userId, $displayName, $sessionId="")
+    public function startEnrollmentSession($userId, $displayName, $sessionId = "")
     {
-        if ($sessionId=="") {
+        if ($sessionId == "") {
             $sessionId = session_id();
         }
     
@@ -417,9 +417,9 @@ 
      * @param $sessionId The application's session identifier (defaults
      *                   to php session)
      */
-    public function resetEnrollmentSession($sessionId="")
+    public function resetEnrollmentSession($sessionId = "")
     {
-        if ($sessionId=="") {
+        if ($sessionId == "") {
             $sessionId = session_id();
         }
 
@@ -447,9 +447,9 @@ 
      *               A first successful authentication was performed 
      *               (todo: currently not used)
      */
-    public function getEnrollmentStatus($sessionId="")
+    public function getEnrollmentStatus($sessionId = "")
     { 
-        if ($sessionId=="") {
+        if ($sessionId == "") {
             $sessionId = session_id(); 
         }
         $status = $this->_stateStorage->getValue("enrollstatus".$sessionId);
@@ -633,7 +633,7 @@ 
           $challengeUserId = $state["userId"];
         }
         // Check if we're dealing with a second factor
-        if ($challengeUserId!=NULL && ($userId != $challengeUserId)) {
+        if ($challengeUserId != NULL && ($userId != $challengeUserId)) {
             return self::AUTH_RESULT_INVALID_USERID; // only allowed to authenticate against the user that's authenticated in the first factor
         }
 
@@ -660,9 +660,9 @@ 
      * @param String $sessionId The application's session identifier (defaults
      *                          to the php session).
      */
-    public function logout($sessionId="")
+    public function logout($sessionId = "")
     {
-        if ($sessionId=="") {
+        if ($sessionId == "") {
             $sessionId = session_id(); 
         }
         
@@ -697,9 +697,9 @@ 
      * @return mixed An array with user data if a user was logged in or NULL if
      *               no user is logged in.
      */
-    public function getAuthenticatedUser($sessionId="")
+    public function getAuthenticatedUser($sessionId = "")
     {
-        if ($sessionId=="") {
+        if ($sessionId == "") {
             $sessionId = session_id(); 
         }
         
@@ -722,7 +722,7 @@ 
             return false;
         }
         
-        $userId   = NULL;
+        $userId = NULL;
         $challenge = $state["challenge"];
         if (isset($state["userId"])) {
             $userId = $state["userId"];
@@ -730,7 +730,7 @@ 
         $spIdentifier = $state["spIdentifier"];
         
         // Last bit is the spIdentifier
-        return $this->_protocolAuth."://".(!is_null($userId)?urlencode($userId).'@':'').$this->getIdentifier()."/".$sessionKey."/".$challenge."/".urlencode($spIdentifier)."/".$this->_protocolVersion;
+        return $this->_protocolAuth."://".(!is_null($userId) ?urlencode($userId).'@' : '').$this->getIdentifier()."/".$sessionKey."/".$challenge."/".urlencode($spIdentifier)."/".$this->_protocolVersion;
     }
 
     /**
@@ -754,7 +754,7 @@ 
     protected function _uniqueSessionKey($prefix)
     {      
         $value = 1;
-        while ($value!=NULL) {
+        while ($value != NULL) {
             $sessionKey = $this->_ocraWrapper->generateSessionKey();
             $value = $this->_stateStorage->getValue($prefix.$sessionKey);
         }

Braces +3 added lines, -1 removed lines

@@ -453,7 +453,9 @@
             $sessionId = session_id(); 
         }
         $status = $this->_stateStorage->getValue("enrollstatus".$sessionId);
-        if (is_null($status)) return self::ENROLLMENT_STATUS_IDLE;
+        if (is_null($status)) {
+            return self::ENROLLMENT_STATUS_IDLE;
+        }
         return $status;
     }
         

library/tiqr/Tiqr/UserStorage/Encryption/Dummy.php

Doc Comments +2 added lines, -2 removed lines

@@ -40,7 +40,7 @@ 
      *
      * @param String $data Data to encrypt.
      *
-     * @return encrypted data
+     * @return string data
      */
     public function encrypt($data)
     {
@@ -52,7 +52,7 @@ 
      *
      * @param String $data Data to decrypt.
      *
-     * @return decrypted data
+     * @return string data
      */
     public function decrypt($data)
     {

Indentation +1 added lines, -1 removed lines

@@ -48,7 +48,7 @@
     }
     
     /**
-      * Decrypts the given data.
+     * Decrypts the given data.
      *
      * @param String $data Data to decrypt.
      *