diff --git a/app/Classes/OTP.php b/app/Classes/OTP.php index 0fce783d..59d1f6cd 100644 --- a/app/Classes/OTP.php +++ b/app/Classes/OTP.php @@ -16,16 +16,14 @@ class OTP * @param Boolean $isPreview Prevent updating storage in case of HOTP preview * @return an array that represent the totp code */ - public static function generate($uri, $isPreview = false) + public static function generate($twofaccount, $isPreview = false) { - - $otp = OTP::get($uri); - if( get_class($otp) === 'OTPHP\TOTP' ) { + if( $twofaccount->otpType === 'totp' ) { $currentPosition = time(); - $PeriodCount = floor($currentPosition / $otp->getPeriod()); //nombre de période de x s depuis T0 (x=30 par défaut) - $currentPeriodStartAt = $PeriodCount * $otp->getPeriod(); + $PeriodCount = floor($currentPosition / $twofaccount->totpPeriod); //nombre de période de x s depuis T0 (x=30 par défaut) + $currentPeriodStartAt = $PeriodCount * $twofaccount->totpPeriod; $positionInCurrentPeriod = $currentPosition - $currentPeriodStartAt; // For memo : @@ -33,24 +31,22 @@ class OTP // $remainingTime = $nextOtpAt - time() return $totp = [ - 'otp' => $otp->now(), + 'otp' => $twofaccount->token(), 'position' => $positionInCurrentPeriod ]; } else { // It's a HOTP $hotp = [ - 'otp' => $otp->at($otp->getCounter()), - 'counter' => $otp->getCounter() + 'otp' => $twofaccount->token(), + 'counter' => $twofaccount->hotpCounter ]; // now we update the counter for the next OTP generation - $otp->setParameter( 'counter', $otp->getcounter() + 1 ); - $hotp['nextUri'] = urldecode($otp->getProvisioningUri()); + $twofaccount->increaseCounter(); + $hotp['nextUri'] = $twofaccount->uri; if( !$isPreview ) { - $twofaccount = \App\TwoFAccount::where('uri', $uri)->first(); - $twofaccount->uri = $hotp['nextUri']; $twofaccount->save(); } @@ -59,27 +55,4 @@ class OTP } - - /** - * check if the provided uri is a valid OTP uri - * - * @param \App\TwoFAccount $twofaccount - * @return \Illuminate\Http\Response - */ - public static function get(String $uri) { - - try { - return Factory::loadFromProvisioningUri($uri); - } - catch (AssertionFailedException $exception) { - $error = \Illuminate\Validation\ValidationException::withMessages([ - 'qrcode' => __('errors.response.no_valid_otp') - ]); - - throw $error; - } - - } - - } diff --git a/app/Http/Controllers/TwoFAccountController.php b/app/Http/Controllers/TwoFAccountController.php index 816b73b3..2914fa18 100644 --- a/app/Http/Controllers/TwoFAccountController.php +++ b/app/Http/Controllers/TwoFAccountController.php @@ -99,16 +99,19 @@ class TwoFAccountController extends Controller { $isPreview = false; - if( is_int($request->data) ) { - $twofaccount = TwoFAccount::FindOrFail($request->data); - $uri = $twofaccount->uri; + if( $request->id ) { + // The request data is the Id of the account + $twofaccount = TwoFAccount::FindOrFail($request->id); } else { - $uri = $request->data; - $isPreview = true; + // The request data is supposed to be a valid uri + $twofaccount = new TwoFAccount; + $twofaccount->populateFromUri($request->uri); + + $isPreview = true; // HOTP generated for preview (in the Create form) will not have its counter updated } - return response()->json(OTP::generate($uri, $isPreview), 200); + return response()->json(OTP::generate($twofaccount, $isPreview ? true : false), 200); } diff --git a/resources/js/components/TwofaccountShow.vue b/resources/js/components/TwofaccountShow.vue index a67d3c97..d5f2eccc 100644 --- a/resources/js/components/TwofaccountShow.vue +++ b/resources/js/components/TwofaccountShow.vue @@ -99,7 +99,7 @@ getTOTP: function() { - this.axios.post('/api/twofaccounts/otp', {data: this.id ? this.id : this.internal_uri }).then(response => { + this.axios.post('/api/twofaccounts/otp', { id: this.id, uri: this.internal_uri }).then(response => { let spacePosition = Math.ceil(response.data.otp.length / 2); this.otp = response.data.otp.substr(0, spacePosition) + " " + response.data.otp.substr(spacePosition); @@ -143,7 +143,7 @@ getHOTP: function() { - this.axios.post('/api/twofaccounts/otp', {data: this.id ? this.id : this.internal_uri }).then(response => { + this.axios.post('/api/twofaccounts/otp', { id: this.id, uri: this.internal_uri }).then(response => { let spacePosition = Math.ceil(response.data.otp.length / 2); this.otp = response.data.otp.substr(0, spacePosition) + " " + response.data.otp.substr(spacePosition)