From b78b2ae3786f9e0188985fdbe3fb657916272b7f Mon Sep 17 00:00:00 2001 From: Italo Date: Mon, 17 Feb 2020 00:29:50 -0300 Subject: [PATCH 1/3] Fixed publishing command --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 3c3a950..5b2cde3 100644 --- a/README.md +++ b/README.md @@ -237,7 +237,7 @@ To show the form, the Listener uses `HttpResponseException` to forcefully exit t To further configure the package, publish the configuration files and assets: - php artisan vendor:publish --provider=DarkGhostHunter\Laraguard\LaraguardServiceProvider + php artisan vendor:publish --provider="DarkGhostHunter\Laraguard\LaraguardServiceProvider" You will receive the authentication view in `resources/views/vendor/laraguard/auth.blade.php`, and the `config/laraguard.php` config file with the following contents: From 25f302ba1a22864f42034d93d7c96930ebca7e7b Mon Sep 17 00:00:00 2001 From: DarkGhostHunter Date: Wed, 19 Feb 2020 16:56:55 -0300 Subject: [PATCH 2/3] Fixed the timestamp for code generation. Should work flawlessly now. --- src/Eloquent/HandlesCodes.php | 13 +++++++++- .../Eloquent/TwoFactorAuthenticationTest.php | 24 +++++++++---------- 2 files changed, 24 insertions(+), 13 deletions(-) diff --git a/src/Eloquent/HandlesCodes.php b/src/Eloquent/HandlesCodes.php index 4e83dc3..752f5cc 100644 --- a/src/Eloquent/HandlesCodes.php +++ b/src/Eloquent/HandlesCodes.php @@ -95,7 +95,7 @@ protected function generateCode(int $timestamp) { $hmac = hash_hmac( $this->algorithm, - $this->timestampToBinary($timestamp), + $this->timestampToBinary($this->getPeriodsFromTimestamp($timestamp)), $this->getBinarySecret(), true ); @@ -112,6 +112,17 @@ protected function generateCode(int $timestamp) return str_pad((string)$number, $this->digits, '0', STR_PAD_LEFT); } + /** + * Return the periods elapsed from the given Timestamp and seconds. + * + * @param int $timestamp + * @return int + */ + protected function getPeriodsFromTimestamp(int $timestamp) + { + return (int)(floor($timestamp / $this->seconds)); + } + /** * Creates a 64-bit raw binary string from a timestamp. * diff --git a/tests/Eloquent/TwoFactorAuthenticationTest.php b/tests/Eloquent/TwoFactorAuthenticationTest.php index b691ab3..5a756ed 100644 --- a/tests/Eloquent/TwoFactorAuthenticationTest.php +++ b/tests/Eloquent/TwoFactorAuthenticationTest.php @@ -123,26 +123,26 @@ public function test_makes_code() ]); Carbon::setTestNow(Carbon::create(2020, 1, 1, 20, 29, 59)); - $this->assertEquals('493537', $tfa->makeCode()); - $this->assertEquals('389766', $tfa->makeCode('now', 1)); + $this->assertEquals('779186', $tfa->makeCode()); + $this->assertEquals('716347', $tfa->makeCode('now', 1)); Carbon::setTestNow(Carbon::create(2020, 1, 1, 20, 30, 0)); - $this->assertEquals('389766', $tfa->makeCode()); - $this->assertEquals('493537', $tfa->makeCode('now', -1)); + $this->assertEquals('716347', $tfa->makeCode()); + $this->assertEquals('779186', $tfa->makeCode('now', -1)); for ($i = 0 ; $i < 30 ; ++$i) { Carbon::setTestNow(Carbon::create(2020, 1, 1, 20, 30, $i)); - $this->assertEquals('389766', $tfa->makeCode()); + $this->assertEquals('716347', $tfa->makeCode()); } Carbon::setTestNow(Carbon::create(2020, 1, 1, 20, 30, 31)); - $this->assertEquals('629101', $tfa->makeCode()); + $this->assertEquals('133346', $tfa->makeCode()); - $this->assertEquals('495085', $tfa->makeCode( + $this->assertEquals('818740', $tfa->makeCode( Carbon::create(2020, 1, 1, 1, 1, 1)) ); - $this->assertEquals('461236', $tfa->makeCode('4th february 2020')); + $this->assertEquals('976814', $tfa->makeCode('4th february 2020')); } public function test_makes_code_for_timestamp() @@ -151,8 +151,8 @@ public function test_makes_code_for_timestamp() 'shared_secret' => $secret = 'KS72XBTN5PEBGX2IWBMVW44LXHPAQ7L3', ]); - $this->assertEquals('356058', $tfa->makeCode(1581300000)); - $this->assertTrue($tfa->validateCode('356058', 1581300000)); + $this->assertEquals('566278', $tfa->makeCode(1581300000)); + $this->assertTrue($tfa->validateCode('566278', 1581300000)); } public function test_validate_code() @@ -164,7 +164,7 @@ public function test_validate_code() Carbon::setTestNow($time = Carbon::create(2020, 1, 1, 20, 30, 0)); - $this->assertEquals('389766', $code = $tfa->makeCode()); + $this->assertEquals('716347', $code = $tfa->makeCode()); $this->assertTrue($tfa->validateCode($tfa->makeCode())); Carbon::setTestNow($time = Carbon::create(2020, 1, 1, 20, 29, 59)); @@ -183,7 +183,7 @@ public function test_validate_code_with_window() Carbon::setTestNow($time = Carbon::create(2020, 1, 1, 20, 30, 0)); - $this->assertEquals('389766', $code = $tfa->makeCode()); + $this->assertEquals('716347', $code = $tfa->makeCode()); $this->assertTrue($tfa->validateCode($tfa->makeCode())); Cache::getStore()->flush(); From 413adaf426aad41395fe87c56a6fb0151ee9a53e Mon Sep 17 00:00:00 2001 From: DarkGhostHunter Date: Wed, 19 Feb 2020 16:57:33 -0300 Subject: [PATCH 3/3] Added closure to create the Listener. --- src/LaraguardServiceProvider.php | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/src/LaraguardServiceProvider.php b/src/LaraguardServiceProvider.php index 2840cc8..7fae1b1 100644 --- a/src/LaraguardServiceProvider.php +++ b/src/LaraguardServiceProvider.php @@ -70,7 +70,9 @@ protected function registerListener(Repository $config, Dispatcher $dispatcher) return; } - $this->app->singleton(Listeners\EnforceTwoFactorAuth::class); + $this->app->singleton(Listeners\EnforceTwoFactorAuth::class, function ($app) { + return new Listeners\EnforceTwoFactorAuth($app['config'], $app['request']); + }); $dispatcher->listen(Attempting::class, 'DarkGhostHunter\Laraguard\Listeners\EnforceTwoFactorAuth@saveCredentials' );