Mercurial Mercurial > repos > yubikey / changeset
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Added error for HTTP connection failure.
authorDan
Thu, 30 Apr 2009 16:11:13 -0400
changeset 16 3163b9f58ae8
parent 15 c479ca761d29
child 17 e04c0f64e972
Added error for HTTP connection failure.
plugins/Yubikey.php file | annotate | diff | comparison | revisions
plugins/yubikey/corelib.php file | annotate | diff | comparison | revisions 
--- a/plugins/Yubikey.php	Thu Mar 19 09:27:52 2009 -0400
+++ b/plugins/Yubikey.php	Thu Apr 30 16:11:13 2009 -0400
@@ -115,6 +115,7 @@
         err_must_have_password: 'Please enter your password in addition to your username and Yubikey.',
         err_key_not_authorized: 'This Yubikey is not authorized on this site.',
         err_otp_invalid_chars: '%this.yubiauth_err_invalid_otp%',
+        err_http_failed: 'Your OTP could not be validated because the authentication server could not be contacted. Technical error message: %http_error%',
         err_missing_api_key: 'Your OTP could not be validated because no Yubico API key is registered on this site.',
         err_http_response_error: 'Your OTP could not be validated because the Yubico authentication server reported an error.',
         err_malformed_response: 'Your OTP could not be validated because the Yubico authentication server returned an unexpected response.',
--- a/plugins/yubikey/corelib.php	Thu Mar 19 09:27:52 2009 -0400
+++ b/plugins/yubikey/corelib.php	Thu Apr 30 16:11:13 2009 -0400
@@ -61,7 +61,7 @@
   require_once( ENANO_ROOT . '/includes/http.php' );
   $auth_url = getConfig('yubikey_auth_server', YK_DEFAULT_VERIFY_URL);
   $auth_url = preg_replace('#^https?://#i', '', $auth_url);
-  if ( !preg_match('#^(\[?[a-z0-9-:]+(?:\.[a-z0-9-:]+\]?)*)(/.*)$#', $auth_url, $match) )
+  if ( !preg_match('#^(\[?[a-z0-9-:]+(?:\.[a-z0-9-:]+\]?)*)(?::([0-9]+))?(/.*)$#U', $auth_url, $match) )
   {
     return array(
         'success' => false,
@@ -69,13 +69,25 @@
       );
   }
   $auth_server =& $match[1];
-  $auth_uri =& $match[2];
-  $req = new Request_HTTP($auth_server, $auth_uri);
-  $req->add_get('id', strval($api_id));
-  $req->add_get('otp', $otp);
-  $req->add_get('h', yubikey_sign($req->parms_get));
+  $auth_port = ( !empty($match[2]) ) ? intval($match[2]) : 80;
+  $auth_uri =& $match[3];
+  try
+  {
+    $req = new Request_HTTP($auth_server, $auth_uri, 'GET', $auth_port);
+    $req->add_get('id', strval($api_id));
+    $req->add_get('otp', $otp);
+    $req->add_get('h', yubikey_sign($req->parms_get));
   
-  $response = $req->get_response_body();
+    $response = $req->get_response_body();
+  }
+  catch ( Exception $e )
+  {
+    return array(
+        'success' => false,
+        'error' => 'http_failed',
+        'http_error' => $e->getMessage()
+      );
+  }
   
   if ( $req->response_code != HTTP_OK )
   {
@@ -189,7 +201,8 @@
   $tolerance = intval(getConfig('yubikey_api_ts_tolerance', 150));
   
   $now = time();
-  $timestamp_seconds = strtotime(substr($timestamp, 0, -4));
+  $timestamp = preg_replace('/Z[0-9]{3}$/', '', $timestamp);
+  $timestamp_seconds = strtotime($timestamp);
 
   if ( !$timestamp || !$now )
   {
Yubikey support