166 $sig = base64_encode($sig); |
176 $sig = base64_encode($sig); |
167 |
177 |
168 return $sig; |
178 return $sig; |
169 } |
179 } |
170 |
180 |
|
181 /** |
|
182 * Validate the timestamp returned in a Yubico API response. Borrowed from Drupal and backported for friendliness with earlier versions of PHP. |
|
183 * @param string Yubico timestamp |
|
184 * @return bool True if valid, false otherwise |
|
185 */ |
|
186 |
|
187 function yubikey_verify_timestamp($timestamp) |
|
188 { |
|
189 $tolerance = intval(getConfig('yubikey_api_ts_tolerance', 150)); |
|
190 |
|
191 $now = time(); |
|
192 $timestamp_seconds = strtotime(substr($timestamp, 0, -4)); |
|
193 |
|
194 if ( !$timestamp || !$now ) |
|
195 { |
|
196 return false; |
|
197 } |
|
198 |
|
199 if ( ( $timestamp_seconds + $tolerance ) > $now && ( $timestamp_seconds - $tolerance ) < $now ) |
|
200 { |
|
201 return true; |
|
202 } |
|
203 |
|
204 return false; |
|
205 } |
|
206 |
|
207 |
171 $plugins->attachHook('compile_template', 'yubikey_attach_headers($this);'); |
208 $plugins->attachHook('compile_template', 'yubikey_attach_headers($this);'); |
172 |
209 |
173 function yubikey_attach_headers(&$template) |
210 function yubikey_attach_headers(&$template) |
174 { |
211 { |
|
212 global $db, $session, $paths, $template, $plugins; // Common objects |
|
213 |
175 if ( getConfig('yubikey_enable', '1') != '1' ) |
214 if ( getConfig('yubikey_enable', '1') != '1' ) |
176 return true; |
215 return true; |
177 |
216 |
178 $template->add_header('<script type="text/javascript" src="' . scriptPath . '/plugins/yubikey/yubikey.js"></script>'); |
217 $template->add_header('<script type="text/javascript" src="' . scriptPath . '/plugins/yubikey/yubikey.js"></script>'); |
179 $template->add_header('<link rel="stylesheet" type="text/css" href="' . scriptPath . '/plugins/yubikey/yubikey.css" />'); |
218 $template->add_header('<link rel="stylesheet" type="text/css" href="' . scriptPath . '/plugins/yubikey/yubikey.css" />'); |
180 // config option for all users have yubikey |
219 // config option for all users have yubikey |
181 $template->add_header('<script type="text/javascript">var yk_reg_require_otp = ' . getConfig('yubikey_reg_require_otp', '0') . '</script>'); |
220 $user_flags = 0; |
182 } |
221 if ( $session->user_logged_in ) |
183 |
222 { |
|
223 $q = $db->sql_query('SELECT COUNT(yubi_uid) > 0 FROM ' . table_prefix . "yubikey WHERE user_id = {$session->user_id};"); |
|
224 if ( !$q ) |
|
225 $db->_die(); |
|
226 |
|
227 list($user_flags) = $db->fetchrow_num(); |
|
228 $db->free_result(); |
|
229 } |
|
230 |
|
231 $template->add_header('<script type="text/javascript">var yk_reg_require_otp = ' . getConfig('yubikey_reg_require_otp', '0') . '; var yk_user_enabled = ' . $user_flags . ';</script>'); |
|
232 } |
|
233 |