diff options
| author | Jan-Hendrik Willms <tleilax+studip@gmail.com> | 2023-03-28 11:39:49 +0000 |
|---|---|---|
| committer | David Siegfried <david.siegfried@uni-vechta.de> | 2023-03-28 11:39:49 +0000 |
| commit | 243879c340fa40481379a1680aa4b39bcbe838d1 (patch) | |
| tree | 9cba4e7f0b753c74898ddde2874b54a1432a8e83 /lib | |
| parent | ce0a4ade21dde46295bc55eb6d70f2a4e92af9f2 (diff) | |
update spomky-labs/otphp to v10.0.3, fixes #2476
Closes #2476
Merge request studip/studip!1671
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/models/TFASecret.php | 25 |
1 files changed, 18 insertions, 7 deletions
diff --git a/lib/models/TFASecret.php b/lib/models/TFASecret.php index aa86394..6d14c81 100644 --- a/lib/models/TFASecret.php +++ b/lib/models/TFASecret.php @@ -1,6 +1,5 @@ <?php use OTPHP\TOTP; -use ParagonIE\ConstantTime\Base32; /** * Model for a two factor authentication secret. @@ -8,6 +7,17 @@ use ParagonIE\ConstantTime\Base32; * @author Jan-Hendrik Willms <tleilax+studip@gmail.com> * @license GPL2 or any later version * @since Stud.IP 4.4 + * + * @property string $id + * @property string $user_id + * @property string $secret + * @property string $type + * @property bool $confirmed + * @property int $mkdate + * @property int $chdate + * + * @property User $user + * @property TFAToken[]|SimpleORMapCollection $tokens */ class TFASecret extends SimpleORMap { @@ -86,9 +96,9 @@ class TFASecret extends SimpleORMap { if ($is_new) { if (!$this->isNew()) { - return; + return true; } - $this->secret = (new TOTP())->getSecret(); + $this->secret = TOTP::create()->getSecret(); $this->confirmed = false; } @@ -133,7 +143,7 @@ class TFASecret extends SimpleORMap */ public function getToken($timestamp = null) { - return $this->getTOTP($this->secret)->at($timestamp ?: time()); + return $this->getTOTP()->at($timestamp ?? time()); } /** @@ -189,13 +199,14 @@ class TFASecret extends SimpleORMap * Returns a totp object used for validation/creation of tokens. * @return TOTP */ - private function getTOTP() + private function getTOTP(): TOTP { - return new TOTP( - $this->user->email, + $totp = TOTP::create( $this->secret, self::TYPES[$this->type]['period'] ); + $totp->setLabel($this->user->email); + return $totp; } /** |