mirror of
https://github.com/Bubka/2FAuth.git
synced 2024-12-04 22:31:58 +01:00
57 lines
2.3 KiB
PHP
57 lines
2.3 KiB
PHP
<?php
|
|
|
|
namespace App\Services\Migrators;
|
|
|
|
use App\Exceptions\InvalidMigrationDataException;
|
|
use App\Models\TwoFAccount;
|
|
use Illuminate\Support\Arr;
|
|
use Illuminate\Support\Collection;
|
|
use Illuminate\Support\Facades\Log;
|
|
use Illuminate\Support\Str;
|
|
|
|
class PlainTextMigrator extends Migrator
|
|
{
|
|
/**
|
|
* Convert migration data to a TwoFAccounts collection.
|
|
*
|
|
* @param mixed $migrationPayload
|
|
* @return \Illuminate\Support\Collection<int|string, \App\Models\TwoFAccount> The converted accounts
|
|
*/
|
|
public function migrate(mixed $migrationPayload) : Collection
|
|
{
|
|
$otpauthURIs = preg_split('~\R~', $migrationPayload);
|
|
$otpauthURIs = Arr::where($otpauthURIs, function ($value, $key) {
|
|
return Str::startsWith($value, ['otpauth://totp/', 'otpauth://hotp/', 'otpauth://steam/']);
|
|
});
|
|
|
|
if (count($otpauthURIs) < 1) {
|
|
Log::error('No valid OtpAuth URI found in the migration');
|
|
throw new InvalidMigrationDataException('migration');
|
|
}
|
|
|
|
foreach ($otpauthURIs as $key => $uri) {
|
|
try {
|
|
$twofaccounts[$key] = new TwoFAccount;
|
|
$twofaccounts[$key]->fillWithURI($uri, str_starts_with($uri, 'otpauth://steam/'));
|
|
} catch (\Exception $exception) {
|
|
Log::error(sprintf('Cannot instanciate a TwoFAccount object with OTP parameters from imported item #%s', $key));
|
|
Log::debug($exception->getMessage());
|
|
|
|
// The token failed to generate a valid account so we create a fake account to be returned.
|
|
$fakeAccount = new TwoFAccount();
|
|
$fakeAccount->id = TwoFAccount::FAKE_ID;
|
|
$fakeAccount->otp_type = substr($uri, 10, 4);
|
|
// Only basic fields are filled to limit the risk of another exception.
|
|
$fakeAccount->account = __('twofaccounts.import.invalid_account');
|
|
$fakeAccount->service = filter_input(INPUT_GET, 'issuer', FILTER_SANITIZE_ENCODED) ?? __('twofaccounts.import.invalid_service');
|
|
// The secret field is used to pass the error, not very clean but will do the job for now.
|
|
$fakeAccount->secret = $exception->getMessage();
|
|
|
|
$twofaccounts[$key] = $fakeAccount;
|
|
}
|
|
}
|
|
|
|
return collect($twofaccounts);
|
|
}
|
|
}
|