Mercurial Mercurial > repos > yubikey / comparison
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
plugins/yubikey/corelib.php
changeset 16 3163b9f58ae8
parent 10 748fa1b80031
child 18 dd8c53454f31
equal deleted inserted replaced
15:c479ca761d29 16:3163b9f58ae8 
    59   }
 
    59   }
 
    60   // make HTTP request
 
    60   // make HTTP request
 
    61   require_once( ENANO_ROOT . '/includes/http.php' );
 
    61   require_once( ENANO_ROOT . '/includes/http.php' );
 
    62   $auth_url = getConfig('yubikey_auth_server', YK_DEFAULT_VERIFY_URL);
 
    62   $auth_url = getConfig('yubikey_auth_server', YK_DEFAULT_VERIFY_URL);
 
    63   $auth_url = preg_replace('#^https?://#i', '', $auth_url);
 
    63   $auth_url = preg_replace('#^https?://#i', '', $auth_url);
 
    64   if ( !preg_match('#^(\[?[a-z0-9-:]+(?:\.[a-z0-9-:]+\]?)*)(/.*)$#', $auth_url, $match) )
 
    64   if ( !preg_match('#^(\[?[a-z0-9-:]+(?:\.[a-z0-9-:]+\]?)*)(?::([0-9]+))?(/.*)$#U', $auth_url, $match) )
 
    65   {
 
    65   {
 
    66     return array(
 
    66     return array(
 
    67         'success' => false,
 
    67         'success' => false,
 
    68         'error' => 'invalid_auth_url'
 
    68         'error' => 'invalid_auth_url'
 
    69       );
 
    69       );
 
    70   }
 
    70   }
 
    71   $auth_server =& $match[1];
 
    71   $auth_server =& $match[1];
 
    72   $auth_uri =& $match[2];
 
    72   $auth_port = ( !empty($match[2]) ) ? intval($match[2]) : 80;
 
    73   $req = new Request_HTTP($auth_server, $auth_uri);
 
    73   $auth_uri =& $match[3];
 
    74   $req->add_get('id', strval($api_id));
 
    74   try
 
    75   $req->add_get('otp', $otp);
 
    75   {
 
    76   $req->add_get('h', yubikey_sign($req->parms_get));
 
    76     $req = new Request_HTTP($auth_server, $auth_uri, 'GET', $auth_port);
 
    77   
    77     $req->add_get('id', strval($api_id));
 
    78   $response = $req->get_response_body();
 
    78     $req->add_get('otp', $otp);
 
       
    79     $req->add_get('h', yubikey_sign($req->parms_get));
 
       
    80   
       
    81     $response = $req->get_response_body();
 
       
    82   }
 
       
    83   catch ( Exception $e )
 
       
    84   {
 
       
    85     return array(
 
       
    86         'success' => false,
 
       
    87         'error' => 'http_failed',
 
       
    88         'http_error' => $e->getMessage()
 
       
    89       );
 
       
    90   }
 
    79   
    91   
    80   if ( $req->response_code != HTTP_OK )
 
    92   if ( $req->response_code != HTTP_OK )
 
    81   {
 
    93   {
 
    82     return array(
 
    94     return array(
 
    83         'success' => false,
 
    95         'success' => false,
 
   187 function yubikey_verify_timestamp($timestamp)
 
   199 function yubikey_verify_timestamp($timestamp)
 
   188 {
 
   200 {
 
   189   $tolerance = intval(getConfig('yubikey_api_ts_tolerance', 150));
 
   201   $tolerance = intval(getConfig('yubikey_api_ts_tolerance', 150));
 
   190   
   202   
   191   $now = time();
 
   203   $now = time();
 
   192   $timestamp_seconds = strtotime(substr($timestamp, 0, -4));
 
   204   $timestamp = preg_replace('/Z[0-9]{3}$/', '', $timestamp);
 
       
   205   $timestamp_seconds = strtotime($timestamp);
 
   193 
   206 
   194   if ( !$timestamp || !$now )
 
   207   if ( !$timestamp || !$now )
 
   195   {
 
   208   {
 
   196     return false;
 
   209     return false;
 
   197   }
 
   210   }
Yubikey support