charlesportwoodii /
yii2-api-rest-components
@@ -4,7 +4,6 @@ |
||
| 4 | 4 | |
| 5 | 5 | use app\models\User; |
| 6 | 6 | use yrc\rest\Action as RestAction; |
| 7 | - |
|
| 8 | 7 | use yii\web\HttpException; |
| 9 | 8 | use Yii; |
| 10 | 9 | |
@@ -2,7 +2,6 @@ |
||
| 2 | 2 | |
| 3 | 3 | namespace yrc\api\forms; |
| 4 | 4 | |
| 5 | -use Base32\Base32; |
|
| 6 | 5 | use Yii; |
| 7 | 6 | |
| 8 | 7 | /** |
@@ -224,7 +224,7 @@ |
||
| 224 | 224 | |
| 225 | 225 | /** |
| 226 | 226 | * Provisions TOTP for the account |
| 227 | - * @return boolean|string |
|
| 227 | + * @return false|string |
|
| 228 | 228 | */ |
| 229 | 229 | public function provisionOTP() |
| 230 | 230 | { |
@@ -3,10 +3,8 @@ |
||
| 3 | 3 | namespace yrc\api\models; |
| 4 | 4 | |
| 5 | 5 | use app\models\User\Token; |
| 6 | - |
|
| 7 | 6 | use Base32\Base32; |
| 8 | 7 | use OTPHP\TOTP; |
| 9 | - |
|
| 10 | 8 | use yii\behaviors\TimestampBehavior; |
| 11 | 9 | use yii\db\ActiveRecord; |
| 12 | 10 | use yii\filters\RateLimitInterface; |
@@ -237,8 +237,8 @@ discard block |
||
| 237 | 237 | $totp = new TOTP( |
| 238 | 238 | $this->email, |
| 239 | 239 | $encodedSecret, |
| 240 | - 30, // 30 second window |
|
| 241 | - 'sha256', // SHA256 for the hashing algorithm |
|
| 240 | + 30, // 30 second window |
|
| 241 | + 'sha256', // SHA256 for the hashing algorithm |
|
| 242 | 242 | 6 // 6 digits |
| 243 | 243 | ); |
| 244 | 244 | |
@@ -292,8 +292,8 @@ discard block |
||
| 292 | 292 | $totp = new TOTP( |
| 293 | 293 | $this->email, |
| 294 | 294 | $this->otp_secret, |
| 295 | - 30, // 30 second window |
|
| 296 | - 'sha256', // SHA256 for the hashing algorithm |
|
| 295 | + 30, // 30 second window |
|
| 296 | + 'sha256', // SHA256 for the hashing algorithm |
|
| 297 | 297 | 6 // 6 digits |
| 298 | 298 | ); |
| 299 | 299 | |
@@ -2,11 +2,7 @@ |
||
| 2 | 2 | |
| 3 | 3 | namespace yrc\filters\auth; |
| 4 | 4 | |
| 5 | -use app\models\Token; |
|
| 6 | - |
|
| 7 | -use yii\helpers\Json; |
|
| 8 | 5 | use yii\filters\auth\AuthMethod; |
| 9 | - |
|
| 10 | 6 | use Yii; |
| 11 | 7 | |
| 12 | 8 | /** |
@@ -129,9 +129,9 @@ |
||
| 129 | 129 | |
| 130 | 130 | // Calculate the signature string |
| 131 | 131 | $signatureString = hash('sha256', $body) . "\n" . |
| 132 | - $request->method . "+" . $request->getUrl() . "\n" . |
|
| 133 | - $request->getHeaders()->get(self::DATE_HEADER) . "\n" . |
|
| 134 | - \base64_encode($salt); |
|
| 132 | + $request->method . "+" . $request->getUrl() . "\n" . |
|
| 133 | + $request->getHeaders()->get(self::DATE_HEADER) . "\n" . |
|
| 134 | + \base64_encode($salt); |
|
| 135 | 135 | |
| 136 | 136 | // Calculate the HMAC |
| 137 | 137 | $selfHMAC = \base64_encode(\hash_hmac('sha256', $signatureString, $hkdf, true)); |
@@ -92,7 +92,7 @@ |
||
| 92 | 92 | private function isHMACSignatureValid($accessToken, $ikm, $salt, $request, $hmac = null) |
| 93 | 93 | { |
| 94 | 94 | static $selfHMAC = null; |
| 95 | - static $hkdf = null; |
|
| 95 | + static $hkdf = null; |
|
| 96 | 96 | |
| 97 | 97 | // Null check the HMAC string |
| 98 | 98 | if (empty($hmac) || $hmac === null) { |
@@ -87,6 +87,7 @@ discard block |
||
| 87 | 87 | * @param string $accessToken |
| 88 | 88 | * @param string $salt |
| 89 | 89 | * @param \yii\web\request $request |
| 90 | + * @param string $ikm |
|
| 90 | 91 | * @return bool |
| 91 | 92 | */ |
| 92 | 93 | private function isHMACSignatureValid($accessToken, $ikm, $salt, $request, $hmac = null) |
@@ -152,7 +153,7 @@ discard block |
||
| 152 | 153 | |
| 153 | 154 | /** |
| 154 | 155 | * Gets the datetime drift that has occured since the request was sent |
| 155 | - * @param yii\web\Request $request |
|
| 156 | + * @param \yii\web\Request $request |
|
| 156 | 157 | * @return int |
| 157 | 158 | */ |
| 158 | 159 | private function getTimeDrift($request) |
@@ -59,7 +59,7 @@ |
||
| 59 | 59 | $response->data['status'] = $status; |
| 60 | 60 | |
| 61 | 61 | if ($response->data['data'] === [] || $response->data['data'] === null) { |
| 62 | - $response->data['data'] = null; |
|
| 62 | + $response->data['data'] = null; |
|
| 63 | 63 | } |
| 64 | 64 | } |
| 65 | 65 | |
@@ -4,7 +4,6 @@ |
||
| 4 | 4 | |
| 5 | 5 | use app\models\User; |
| 6 | 6 | use yrc\rest\Action as RestAction; |
| 7 | - |
|
| 8 | 7 | use yii\web\HttpException; |
| 9 | 8 | use Yii; |
| 10 | 9 | |
@@ -17,7 +17,7 @@ |
||
| 17 | 17 | /** |
| 18 | 18 | * [POST] /api/[...]/register |
| 19 | 19 | * Handles registration of users |
| 20 | - * @return mixed |
|
| 20 | + * @return boolean |
|
| 21 | 21 | */ |
| 22 | 22 | public static function post($params) |
| 23 | 23 | { |
@@ -4,7 +4,6 @@ |
||
| 4 | 4 | |
| 5 | 5 | use app\models\User; |
| 6 | 6 | use yrc\rest\Action as RestAction; |
| 7 | - |
|
| 8 | 7 | use yii\web\HttpException; |
| 9 | 8 | use Yii; |
| 10 | 9 | |
@@ -17,7 +17,7 @@ |
||
| 17 | 17 | /** |
| 18 | 18 | * [POST] /api/[...]/register |
| 19 | 19 | * Handles registration of users |
| 20 | - * @return mixed |
|
| 20 | + * @return boolean |
|
| 21 | 21 | */ |
| 22 | 22 | public static function post($params) |
| 23 | 23 | { |
@@ -4,7 +4,6 @@ |
||
| 4 | 4 | |
| 5 | 5 | use app\models\User; |
| 6 | 6 | use yrc\rest\Action as RestAction; |
| 7 | - |
|
| 8 | 7 | use yii\web\HttpException; |
| 9 | 8 | use Yii; |
| 10 | 9 | |
@@ -4,7 +4,6 @@ |
||
| 4 | 4 | |
| 5 | 5 | use app\models\User; |
| 6 | 6 | use yrc\rest\Action as RestAction; |
| 7 | - |
|
| 8 | 7 | use yii\web\HttpException; |
| 9 | 8 | use Yii; |
| 10 | 9 | |
