Spade
Mini Shell
| Directory:~$ /home/lmsyaran/public_html/joomla4/ |
| [Home] [System Details] [Kill Me] |
home/lmsyaran/public_html/j3/htaccess.back/fof/encrypt/totp.php000064400000011101151157127130020566
0ustar00<?php
/**
* @package FrameworkOnFramework
* @subpackage encrypt
* @copyright Copyright (C) 2010-2016 Nicholas K. Dionysopoulos / Akeeba
Ltd. All rights reserved.
* @license GNU General Public License version 2 or later; see
LICENSE.txt
*/
defined('FOF_INCLUDED') or die;
/**
* This class provides an RFC6238-compliant Time-based One Time Passwords,
* compatible with Google Authenticator (with PassCodeLength = 6 and
TimePeriod = 30).
*
* @package FrameworkOnFramework
* @since 1.0
*/
class FOFEncryptTotp
{
private $_passCodeLength = 6;
private $_pinModulo;
private $_secretLength = 10;
private $_timeStep = 30;
private $_base32 = null;
/**
* Initialises an RFC6238-compatible TOTP generator. Please note that this
* class does not implement the constraint in the last paragraph of §5.2
* of RFC6238. It's up to you to ensure that the same user/device
does not
* retry validation within the same Time Step.
*
* @param int $timeStep The Time Step (in seconds). Use 30 to
be compatible with Google Authenticator.
* @param int $passCodeLength The generated passcode length.
Default: 6 digits.
* @param int $secretLength The length of the secret key.
Default: 10 bytes (80 bits).
* @param Object $base32 The base32 en/decrypter
*/
public function __construct($timeStep = 30, $passCodeLength = 6,
$secretLength = 10, $base32=null)
{
$this->_timeStep = $timeStep;
$this->_passCodeLength = $passCodeLength;
$this->_secretLength = $secretLength;
$this->_pinModulo = pow(10, $this->_passCodeLength);
if (is_null($base32))
{
$this->_base32 = new FOFEncryptBase32;
}
else
{
$this->_base32 = $base32;
}
}
/**
* Get the time period based on the $time timestamp and the Time Step
* defined. If $time is skipped or set to null the current timestamp will
* be used.
*
* @param int|null $time Timestamp
*
* @return int The time period since the UNIX Epoch
*/
public function getPeriod($time = null)
{
if (is_null($time))
{
$time = time();
}
$period = floor($time / $this->_timeStep);
return $period;
}
/**
* Check is the given passcode $code is a valid TOTP generated using
secret
* key $secret
*
* @param string $secret The Base32-encoded secret key
* @param string $code The passcode to check
*
* @return boolean True if the code is valid
*/
public function checkCode($secret, $code)
{
$time = $this->getPeriod();
for ($i = -1; $i <= 1; $i++)
{
if ($this->getCode($secret, ($time + $i) * $this->_timeStep) ==
$code)
{
return true;
}
}
return false;
}
/**
* Gets the TOTP passcode for a given secret key $secret and a given UNIX
* timestamp $time
*
* @param string $secret The Base32-encoded secret key
* @param int $time UNIX timestamp
*
* @return string
*/
public function getCode($secret, $time = null)
{
$period = $this->getPeriod($time);
$secret = $this->_base32->decode($secret);
$time = pack("N", $period);
$time = str_pad($time, 8, chr(0), STR_PAD_LEFT);
$hash = hash_hmac('sha1', $time, $secret, true);
$offset = ord(substr($hash, -1));
$offset = $offset & 0xF;
$truncatedHash = $this->hashToInt($hash, $offset) & 0x7FFFFFFF;
$pinValue = str_pad($truncatedHash % $this->_pinModulo,
$this->_passCodeLength, "0", STR_PAD_LEFT);
return $pinValue;
}
/**
* Extracts a part of a hash as an integer
*
* @param string $bytes The hash
* @param string $start The char to start from (0 = first char)
*
* @return string
*/
protected function hashToInt($bytes, $start)
{
$input = substr($bytes, $start, strlen($bytes) - $start);
$val2 = unpack("N", substr($input, 0, 4));
return $val2[1];
}
/**
* Returns a QR code URL for easy setup of TOTP apps like Google
Authenticator
*
* @param string $user User
* @param string $hostname Hostname
* @param string $secret Secret string
*
* @return string
*/
public function getUrl($user, $hostname, $secret)
{
$url = sprintf("otpauth://totp/%s@%s?secret=%s", $user,
$hostname, $secret);
$encoder =
"https://chart.googleapis.com/chart?chs=200x200&chld=Q|2&cht=qr&chl=";
$encoderURL = $encoder . urlencode($url);
return $encoderURL;
}
/**
* Generates a (semi-)random Secret Key for TOTP generation
*
* @return string
*/
public function generateSecret()
{
$secret = "";
for ($i = 1; $i <= $this->_secretLength; $i++)
{
$c = rand(0, 255);
$secret .= pack("c", $c);
}
$base32 = new FOFEncryptBase32;
return $this->_base32->encode($secret);
}
}
home/lmsyaran/public_html/libraries/fof/encrypt/totp.php000064400000011101151157631100017527
0ustar00<?php
/**
* @package FrameworkOnFramework
* @subpackage encrypt
* @copyright Copyright (C) 2010-2016 Nicholas K. Dionysopoulos / Akeeba
Ltd. All rights reserved.
* @license GNU General Public License version 2 or later; see
LICENSE.txt
*/
defined('FOF_INCLUDED') or die;
/**
* This class provides an RFC6238-compliant Time-based One Time Passwords,
* compatible with Google Authenticator (with PassCodeLength = 6 and
TimePeriod = 30).
*
* @package FrameworkOnFramework
* @since 1.0
*/
class FOFEncryptTotp
{
private $_passCodeLength = 6;
private $_pinModulo;
private $_secretLength = 10;
private $_timeStep = 30;
private $_base32 = null;
/**
* Initialises an RFC6238-compatible TOTP generator. Please note that this
* class does not implement the constraint in the last paragraph of §5.2
* of RFC6238. It's up to you to ensure that the same user/device
does not
* retry validation within the same Time Step.
*
* @param int $timeStep The Time Step (in seconds). Use 30 to
be compatible with Google Authenticator.
* @param int $passCodeLength The generated passcode length.
Default: 6 digits.
* @param int $secretLength The length of the secret key.
Default: 10 bytes (80 bits).
* @param Object $base32 The base32 en/decrypter
*/
public function __construct($timeStep = 30, $passCodeLength = 6,
$secretLength = 10, $base32=null)
{
$this->_timeStep = $timeStep;
$this->_passCodeLength = $passCodeLength;
$this->_secretLength = $secretLength;
$this->_pinModulo = pow(10, $this->_passCodeLength);
if (is_null($base32))
{
$this->_base32 = new FOFEncryptBase32;
}
else
{
$this->_base32 = $base32;
}
}
/**
* Get the time period based on the $time timestamp and the Time Step
* defined. If $time is skipped or set to null the current timestamp will
* be used.
*
* @param int|null $time Timestamp
*
* @return int The time period since the UNIX Epoch
*/
public function getPeriod($time = null)
{
if (is_null($time))
{
$time = time();
}
$period = floor($time / $this->_timeStep);
return $period;
}
/**
* Check is the given passcode $code is a valid TOTP generated using
secret
* key $secret
*
* @param string $secret The Base32-encoded secret key
* @param string $code The passcode to check
*
* @return boolean True if the code is valid
*/
public function checkCode($secret, $code)
{
$time = $this->getPeriod();
for ($i = -1; $i <= 1; $i++)
{
if ($this->getCode($secret, ($time + $i) * $this->_timeStep) ==
$code)
{
return true;
}
}
return false;
}
/**
* Gets the TOTP passcode for a given secret key $secret and a given UNIX
* timestamp $time
*
* @param string $secret The Base32-encoded secret key
* @param int $time UNIX timestamp
*
* @return string
*/
public function getCode($secret, $time = null)
{
$period = $this->getPeriod($time);
$secret = $this->_base32->decode($secret);
$time = pack("N", $period);
$time = str_pad($time, 8, chr(0), STR_PAD_LEFT);
$hash = hash_hmac('sha1', $time, $secret, true);
$offset = ord(substr($hash, -1));
$offset = $offset & 0xF;
$truncatedHash = $this->hashToInt($hash, $offset) & 0x7FFFFFFF;
$pinValue = str_pad($truncatedHash % $this->_pinModulo,
$this->_passCodeLength, "0", STR_PAD_LEFT);
return $pinValue;
}
/**
* Extracts a part of a hash as an integer
*
* @param string $bytes The hash
* @param string $start The char to start from (0 = first char)
*
* @return string
*/
protected function hashToInt($bytes, $start)
{
$input = substr($bytes, $start, strlen($bytes) - $start);
$val2 = unpack("N", substr($input, 0, 4));
return $val2[1];
}
/**
* Returns a QR code URL for easy setup of TOTP apps like Google
Authenticator
*
* @param string $user User
* @param string $hostname Hostname
* @param string $secret Secret string
*
* @return string
*/
public function getUrl($user, $hostname, $secret)
{
$url = sprintf("otpauth://totp/%s@%s?secret=%s", $user,
$hostname, $secret);
$encoder =
"https://chart.googleapis.com/chart?chs=200x200&chld=Q|2&cht=qr&chl=";
$encoderURL = $encoder . urlencode($url);
return $encoderURL;
}
/**
* Generates a (semi-)random Secret Key for TOTP generation
*
* @return string
*/
public function generateSecret()
{
$secret = "";
for ($i = 1; $i <= $this->_secretLength; $i++)
{
$c = rand(0, 255);
$secret .= pack("c", $c);
}
$base32 = new FOFEncryptBase32;
return $this->_base32->encode($secret);
}
}
home/lmsyaran/public_html/j3/plugins/twofactorauth/totp/totp.php000064400000017056151164154530021216
0ustar00<?php
/**
* @package Joomla.Plugin
* @subpackage Twofactorauth.totp
*
* @copyright Copyright (C) 2005 - 2020 Open Source Matters, Inc. All
rights reserved.
* @license GNU General Public License version 2 or later; see
LICENSE.txt
*/
defined('_JEXEC') or die;
/**
* Joomla! Two Factor Authentication using Google Authenticator TOTP Plugin
*
* @since 3.2
*/
class PlgTwofactorauthTotp extends JPlugin
{
/**
* Affects constructor behavior. If true, language files will be loaded
automatically.
*
* @var boolean
* @since 3.2
*/
protected $autoloadLanguage = true;
/**
* Method name
*
* @var string
* @since 3.2
*/
protected $methodName = 'totp';
/**
* This method returns the identification object for this two factor
* authentication plugin.
*
* @return stdClass An object with public properties method and title
*
* @since 3.2
*/
public function onUserTwofactorIdentify()
{
$section = (int) $this->params->get('section', 3);
$current_section = 0;
try
{
$app = JFactory::getApplication();
if ($app->isClient('administrator'))
{
$current_section = 2;
}
elseif ($app->isClient('site'))
{
$current_section = 1;
}
}
catch (Exception $exc)
{
$current_section = 0;
}
if (!($current_section & $section))
{
return false;
}
return (object) array(
'method' => $this->methodName,
'title' =>
JText::_('PLG_TWOFACTORAUTH_TOTP_METHOD_TITLE')
);
}
/**
* Shows the configuration page for this two factor authentication method.
*
* @param object $otpConfig The two factor auth configuration object
* @param integer $userId The numeric user ID of the user whose
form we'll display
*
* @return boolean|string False if the method is not ours, the HTML of
the configuration page otherwise
*
* @see UsersModelUser::getOtpConfig
* @since 3.2
*/
public function onUserTwofactorShowConfiguration($otpConfig, $userId =
null)
{
// Create a new TOTP class with Google Authenticator compatible settings
$totp = new FOFEncryptTotp(30, 6, 10);
if ($otpConfig->method === $this->methodName)
{
// This method is already activated. Reuse the same secret key.
$secret = $otpConfig->config['code'];
}
else
{
// This methods is not activated yet. Create a new secret key.
$secret = $totp->generateSecret();
}
// These are used by Google Authenticator to tell accounts apart
$username = JFactory::getUser($userId)->username;
$hostname = JUri::getInstance()->getHost();
// This is the URL to the QR code for Google Authenticator
$url = sprintf("otpauth://totp/%s@%s?secret=%s", $username,
$hostname, $secret);
// Is this a new TOTP setup? If so, we'll have to show the code
validation field.
$new_totp = $otpConfig->method !== 'totp';
// Start output buffering
@ob_start();
// Include the form.php from a template override. If none is found use
the default.
$path =
FOFPlatform::getInstance()->getTemplateOverridePath('plg_twofactorauth_totp',
true);
JLoader::import('joomla.filesystem.file');
if (JFile::exists($path . '/form.php'))
{
include_once $path . '/form.php';
}
else
{
include_once __DIR__ . '/tmpl/form.php';
}
// Stop output buffering and get the form contents
$html = @ob_get_clean();
// Return the form contents
return array(
'method' => $this->methodName,
'form' => $html
);
}
/**
* The save handler of the two factor configuration method's
configuration
* page.
*
* @param string $method The two factor auth method for which
we'll show the config page
*
* @return boolean|stdClass False if the method doesn't match or we
have an error, OTP config object if it succeeds
*
* @see UsersModelUser::setOtpConfig
* @since 3.2
*/
public function onUserTwofactorApplyConfiguration($method)
{
if ($method !== $this->methodName)
{
return false;
}
// Get a reference to the input data object
$input = JFactory::getApplication()->input;
// Load raw data
$rawData = $input->get('jform', array(), 'array');
if (!isset($rawData['twofactor']['totp']))
{
return false;
}
$data = $rawData['twofactor']['totp'];
// Warn if the securitycode is empty
if (array_key_exists('securitycode', $data) &&
empty($data['securitycode']))
{
try
{
$app = JFactory::getApplication();
$app->enqueueMessage(JText::_('PLG_TWOFACTORAUTH_TOTP_ERR_VALIDATIONFAILED'),
'error');
}
catch (Exception $exc)
{
// This only happens when we are in a CLI application. We cannot
// enqueue a message, so just do nothing.
}
return false;
}
// Create a new TOTP class with Google Authenticator compatible settings
$totp = new FOFEncryptTotp(30, 6, 10);
// Check the security code entered by the user (exact time slot match)
$code = $totp->getCode($data['key']);
$check = $code === $data['securitycode'];
/*
* If the check fails, test the previous 30 second slot. This allow the
* user to enter the security code when it's becoming red in Google
* Authenticator app (reaching the end of its 30 second lifetime)
*/
if (!$check)
{
$time = time() - 30;
$code = $totp->getCode($data['key'], $time);
$check = $code === $data['securitycode'];
}
/*
* If the check fails, test the next 30 second slot. This allows some
* time drift between the authentication device and the server
*/
if (!$check)
{
$time = time() + 30;
$code = $totp->getCode($data['key'], $time);
$check = $code === $data['securitycode'];
}
if (!$check)
{
// Check failed. Do not change two factor authentication settings.
return false;
}
// Check succeeded; return an OTP configuration object
$otpConfig = (object) array(
'method' => 'totp',
'config' => array(
'code' => $data['key']
),
'otep' => array()
);
return $otpConfig;
}
/**
* This method should handle any two factor authentication and report back
* to the subject.
*
* @param array $credentials Array holding the user credentials
* @param array $options Array of extra options
*
* @return boolean True if the user is authorised with this two-factor
authentication method
*
* @since 3.2
*/
public function onUserTwofactorAuthenticate($credentials, $options)
{
// Get the OTP configuration object
$otpConfig = $options['otp_config'];
// Make sure it's an object
if (empty($otpConfig) || !is_object($otpConfig))
{
return false;
}
// Check if we have the correct method
if ($otpConfig->method !== $this->methodName)
{
return false;
}
// Check if there is a security code
if (empty($credentials['secretkey']))
{
return false;
}
// Create a new TOTP class with Google Authenticator compatible settings
$totp = new FOFEncryptTotp(30, 6, 10);
// Check the code
$code = $totp->getCode($otpConfig->config['code']);
$check = $code === $credentials['secretkey'];
/*
* If the check fails, test the previous 30 second slot. This allow the
* user to enter the security code when it's becoming red in Google
* Authenticator app (reaching the end of its 30 second lifetime)
*/
if (!$check)
{
$time = time() - 30;
$code = $totp->getCode($otpConfig->config['code'],
$time);
$check = $code === $credentials['secretkey'];
}
/*
* If the check fails, test the next 30 second slot. This allows some
* time drift between the authentication device and the server
*/
if (!$check)
{
$time = time() + 30;
$code = $totp->getCode($otpConfig->config['code'],
$time);
$check = $code === $credentials['secretkey'];
}
return $check;
}
}