Update OTP generation to work with new TwoFAccount model

2025-04-17 14:08:35 +02:00 · 2020-11-12 00:15:55 +01:00 · 2020-11-12 00:15:55 +01:00 · 8baa2156a8
commit 8baa2156a8
parent 783fc82fc9
3 changed files with 20 additions and 44 deletions
--- a/app/Classes/OTP.php
+++ b/app/Classes/OTP.php
@ -16,16 +16,14 @@ class OTP
     * @param  Boolean $isPreview   Prevent updating storage in case of HOTP preview
     * @return an array that represent the totp code
     */
-    public static function generate($uri, $isPreview = false)
+    public static function generate($twofaccount, $isPreview = false)
    {
-        
-        $otp = OTP::get($uri);

-        if( get_class($otp) === 'OTPHP\TOTP' ) {
+        if( $twofaccount->otpType === 'totp' ) {

            $currentPosition = time();
-            $PeriodCount = floor($currentPosition / $otp->getPeriod()); //nombre de période de x s depuis T0 (x=30 par défaut)
-            $currentPeriodStartAt = $PeriodCount * $otp->getPeriod();
+            $PeriodCount = floor($currentPosition / $twofaccount->totpPeriod); //nombre de période de x s depuis T0 (x=30 par défaut)
+            $currentPeriodStartAt = $PeriodCount * $twofaccount->totpPeriod;
            $positionInCurrentPeriod = $currentPosition - $currentPeriodStartAt;

            // For memo :
@ -33,24 +31,22 @@ public static function generate($uri, $isPreview = false)
            // $remainingTime = $nextOtpAt - time()

            return $totp = [
-                'otp' => $otp->now(),
+                'otp' => $twofaccount->token(),
                'position' => $positionInCurrentPeriod
            ];
        }
        else {
            // It's a HOTP
            $hotp = [
-                'otp' => $otp->at($otp->getCounter()),
-                'counter' => $otp->getCounter()
+                'otp' => $twofaccount->token(),
+                'counter' => $twofaccount->hotpCounter
            ];

            // now we update the counter for the next OTP generation
-            $otp->setParameter( 'counter', $otp->getcounter() + 1 );
-            $hotp['nextUri'] = urldecode($otp->getProvisioningUri());
+            $twofaccount->increaseCounter();
+            $hotp['nextUri'] = $twofaccount->uri;

            if( !$isPreview ) {
-                $twofaccount = \App\TwoFAccount::where('uri', $uri)->first();
-                $twofaccount->uri = $hotp['nextUri'];
                $twofaccount->save();
            }

@ -59,27 +55,4 @@ public static function generate($uri, $isPreview = false)

    }

-
-    /**
-     * check if the provided uri is a valid OTP uri
-     *
-     * @param  \App\TwoFAccount  $twofaccount
-     * @return \Illuminate\Http\Response
-     */
-    public static function get(String $uri) {
-
-        try {
-            return Factory::loadFromProvisioningUri($uri);
-        }
-        catch (AssertionFailedException $exception) {
-            $error = \Illuminate\Validation\ValidationException::withMessages([
-                'qrcode' => __('errors.response.no_valid_otp')
-            ]);
-
-            throw $error;
-        }
-
-    }
-
-
 }
--- a/app/Http/Controllers/TwoFAccountController.php
+++ b/app/Http/Controllers/TwoFAccountController.php
@ -99,16 +99,19 @@ public function generateOTP(Request $request)
    {
        $isPreview = false;

-        if( is_int($request->data) ) {
-            $twofaccount = TwoFAccount::FindOrFail($request->data);
-            $uri = $twofaccount->uri;
+        if( $request->id ) {
+            // The request data is the Id of the account
+            $twofaccount = TwoFAccount::FindOrFail($request->id);
        }
        else {
-            $uri = $request->data;
-            $isPreview = true;
+            // The request data is supposed to be a valid uri
+            $twofaccount = new TwoFAccount;
+            $twofaccount->populateFromUri($request->uri);
+
+            $isPreview = true;  // HOTP generated for preview (in the Create form) will not have its counter updated
        }

-        return response()->json(OTP::generate($uri, $isPreview), 200);
+        return response()->json(OTP::generate($twofaccount, $isPreview ? true : false), 200);
    }


--- a/resources/js/components/TwofaccountShow.vue
+++ b/resources/js/components/TwofaccountShow.vue
@ -99,7 +99,7 @@

            getTOTP: function() {

-                this.axios.post('/api/twofaccounts/otp', {data: this.id ? this.id : this.internal_uri }).then(response => {
+                this.axios.post('/api/twofaccounts/otp', { id: this.id, uri: this.internal_uri }).then(response => {
                    let spacePosition = Math.ceil(response.data.otp.length / 2);
                    
                    this.otp = response.data.otp.substr(0, spacePosition) + " " + response.data.otp.substr(spacePosition);
@ -143,7 +143,7 @@

            getHOTP: function() {

-                this.axios.post('/api/twofaccounts/otp', {data: this.id ? this.id : this.internal_uri }).then(response => {
+                this.axios.post('/api/twofaccounts/otp', { id: this.id, uri: this.internal_uri }).then(response => {
                    let spacePosition = Math.ceil(response.data.otp.length / 2);
                    
                    this.otp = response.data.otp.substr(0, spacePosition) + " " + response.data.otp.substr(spacePosition)