diff options
author | Christoph Wurst <christoph@winzerhof-wurst.at> | 2016-06-04 20:07:56 +0300 |
---|---|---|
committer | Christoph Wurst <christoph@winzerhof-wurst.at> | 2016-06-04 20:10:25 +0300 |
commit | 42156f9b6e7705f3d8d3c634beffb8ee34886278 (patch) | |
tree | 53dbb64adfd78d22cbd4a4fa89e2c1859e31fdc3 /lib | |
parent | ed7d8759dbc637e121c732bfeb3cfc2042d818ff (diff) |
add GUI and other small enhancements
Diffstat (limited to 'lib')
-rw-r--r-- | lib/Controller/SettingsController.php | 78 | ||||
-rw-r--r-- | lib/Provider/TotpProvider.php | 24 | ||||
-rw-r--r-- | lib/Service/ITotp.php | 10 | ||||
-rw-r--r-- | lib/Service/Totp.php | 20 |
4 files changed, 100 insertions, 32 deletions
diff --git a/lib/Controller/SettingsController.php b/lib/Controller/SettingsController.php new file mode 100644 index 0000000..466a53b --- /dev/null +++ b/lib/Controller/SettingsController.php @@ -0,0 +1,78 @@ +<?php + +/** + * @author Christoph Wurst <christoph@winzerhof-wurst.at> + * + * ownCloud - Two-factor TOTP + * + * This code is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License, version 3, + * as published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License, version 3, + * along with this program. If not, see <http://www.gnu.org/licenses/> + * + */ + +namespace OCA\TwoFactorTotp\Controller; + +use OCA\TwoFactorTotp\Service\ITotp; +use OCA\TwoFactorTotp\Service\Totp; +use OCP\AppFramework\Controller; +use OCP\AppFramework\Http\JSONResponse; +use OCP\IRequest; +use OCP\IUserSession; + +class SettingsController extends Controller { + + /** @var ITotp */ + private $totp; + + /** @var IUserSession */ + private $userSession; + + public function __construct($appName, IRequest $request, IUserSession $userSession, Totp $totp) { + parent::__construct($appName, $request); + $this->userSession = $userSession; + $this->totp = $totp; + } + + /** + * @NoAdminRequired + * @return JSONResponse + */ + public function state() { + $user = $this->userSession->getUser(); + return [ + 'enabled' => $this->totp->hasSecret($user), + ]; + } + + /** + * @NoAdminRequired + * @param bool $state + * @return JSONResponse + */ + public function enable($state) { + $user = $this->userSession->getUser(); + if ($state) { + $qr = $this->totp->createSecret($user); + return [ + 'enabled' => true, + 'qr' => $qr, + ]; + } + + $this->totp->deleteSecret($user); + return [ + 'enabled' => false, + 'qr' => null, + ]; + } + +} diff --git a/lib/Provider/TotpProvider.php b/lib/Provider/TotpProvider.php index 4cb8eec..ae910df 100644 --- a/lib/Provider/TotpProvider.php +++ b/lib/Provider/TotpProvider.php @@ -39,8 +39,6 @@ class TotpProvider implements IProvider { /** * Get unique identifier of this 2FA provider * - * @since 9.1.0 - * * @return string */ public function getId() { @@ -50,10 +48,6 @@ class TotpProvider implements IProvider { /** * Get the display name for selecting the 2FA provider * - * Example: "Email" - * - * @since 9.1.0 - * * @return string */ public function getDisplayName() { @@ -63,10 +57,6 @@ class TotpProvider implements IProvider { /** * Get the description for selecting the 2FA provider * - * Example: "Get a token via e-mail" - * - * @since 9.1.0 - * * @return string */ public function getDescription() { @@ -76,18 +66,10 @@ class TotpProvider implements IProvider { /** * Get the template for rending the 2FA provider view * - * @since 9.1.0 - * * @param IUser $user * @return Template */ public function getTemplate(IUser $user) { - try { - $this->totp->getSecret($user); - } catch (NoTotpSecretFoundException $ex) { - $qr = $this->totp->createSecret($user); - } - $tmpl = new Template('twofactor_totp', 'challenge'); $tmpl->assign('qr', $qr); return $tmpl; @@ -96,8 +78,6 @@ class TotpProvider implements IProvider { /** * Verify the given challenge * - * @since 9.1.0 - * * @param IUser $user * @param string $challenge */ @@ -108,13 +88,11 @@ class TotpProvider implements IProvider { /** * Decides whether 2FA is enabled for the given user * - * @since 9.1.0 - * * @param IUser $user * @return boolean */ public function isTwoFactorAuthEnabledForUser(IUser $user) { - return true; + return $this->totp->hasSecret($user); } } diff --git a/lib/Service/ITotp.php b/lib/Service/ITotp.php index 601a2d4..a389151 100644 --- a/lib/Service/ITotp.php +++ b/lib/Service/ITotp.php @@ -29,18 +29,22 @@ interface ITotp { /** * @param IUser $user */ - public function getSecret(IUser $user); + public function hasSecret(IUser $user); /** * @param IUser $user * @throws TotpSecretAlreadySet */ public function createSecret(IUser $user); - + + /** + * @param IUser $user + */ + public function deleteSecret(IUser $user); + /** * @param IUser $user * @param string $key */ public function validateSecret(IUser $user, $key); - } diff --git a/lib/Service/Totp.php b/lib/Service/Totp.php index 4d94365..d838ad0 100644 --- a/lib/Service/Totp.php +++ b/lib/Service/Totp.php @@ -44,15 +44,13 @@ class Totp implements ITotp { $this->crypto = $crypto; } - public function getSecret(IUser $user) { + public function hasSecret(IUser $user) { try { - $secret = $this->secretMapper->getSecret($user); + $this->secretMapper->getSecret($user); } catch (DoesNotExistException $ex) { - throw new NoTotpSecretFoundException(); + return false; } - - $encryptedSecret = $secret->getSecret(); - return $this->crypto->decrypt($encryptedSecret); + return true; } /** @@ -72,6 +70,16 @@ class Totp implements ITotp { return GoogleAuthenticator::getQrCodeUrl('totp', 'ownCloud TOTP', $secret); } + public function deleteSecret(IUser $user) { + try { + // TODO: execute DELETE sql in mapper instead + $dbSecret = $this->secretMapper->getSecret($user); + $this->secretMapper->delete($dbSecret); + } catch (DoesNotExistException $ex) { + + } + } + public function validateSecret(IUser $user, $key) { try { $dbSecret = $this->secretMapper->getSecret($user); |