Fixed code handling and persistence into a string.

DarkGhostHunter · Mar 17, 2021 · bc0cdf5 · bc0cdf5
1 parent 35da9e3
commit bc0cdf5
Show file tree

Hide file tree

Showing 3 changed files with 9 additions and 8 deletions.
diff --git a/config/laraguard.php b/config/laraguard.php
@@ -79,9 +79,9 @@
     | Safe Devices
     |--------------------------------------------------------------------------
     |
-    | Authenticating with Two Factor Codes can become very obnoxious if you do
-    | it every time, so for this reasons the Safe Devices can be enabled. It
-    | remembers the device with an long-lived cookie to bypass Two Factor.
+    | Authenticating with Two Factor Codes can become very obnoxious when the
+    | user does it every time. To "remember" a device where a 2FA code was
+    | validated to not ask again you can enable Safe Device to save it.
     |
     */
 

diff --git a/src/Eloquent/HandlesCodes.php b/src/Eloquent/HandlesCodes.php
@@ -4,6 +4,7 @@
 
 use DateTime;
 use Illuminate\Support\Carbon;
+use ParagonIE\ConstantTime\Base32;
 
 trait HandlesCodes
 {
@@ -141,7 +142,7 @@ protected function timestampToBinary(int $timestamp)
      */
     protected function getBinarySecret()
     {
-        return $this->attributes['shared_secret'];
+        return Base32::decodeUpper($this->attributes['shared_secret']);
     }
 
     /**

diff --git a/tests/Eloquent/TwoFactorAuthenticationTest.php b/tests/Eloquent/TwoFactorAuthenticationTest.php
@@ -112,7 +112,7 @@ public function test_generates_random_secret()
     public function test_makes_code()
     {
         $tfa = TwoFactorAuthentication::factory()->withRecovery()->withSafeDevices()->make([
-            'shared_secret' => $secret = Base32::decodeUpper('KS72XBTN5PEBGX2IWBMVW44LXHPAQ7L3'),
+            'shared_secret' => $secret = 'KS72XBTN5PEBGX2IWBMVW44LXHPAQ7L3',
         ]);
 
         Carbon::setTestNow(Carbon::create(2020, 1, 1, 20, 29, 59));
@@ -141,7 +141,7 @@ public function test_makes_code()
     public function test_makes_code_for_timestamp()
     {
         $tfa = TwoFactorAuthentication::factory()->withRecovery()->withSafeDevices()->make([
-            'shared_secret' => $secret = Base32::decodeUpper('KS72XBTN5PEBGX2IWBMVW44LXHPAQ7L3'),
+            'shared_secret' => $secret = 'KS72XBTN5PEBGX2IWBMVW44LXHPAQ7L3',
         ]);
 
         $this->assertEquals('566278', $tfa->makeCode(1581300000));
@@ -151,7 +151,7 @@ public function test_makes_code_for_timestamp()
     public function test_validate_code()
     {
         $tfa = TwoFactorAuthentication::factory()->withRecovery()->withSafeDevices()->make([
-            'shared_secret' => $secret = Base32::decodeUpper('KS72XBTN5PEBGX2IWBMVW44LXHPAQ7L3'),
+            'shared_secret' => $secret = 'KS72XBTN5PEBGX2IWBMVW44LXHPAQ7L3',
             'window'        => 0,
         ]);
 
@@ -170,7 +170,7 @@ public function test_validate_code()
     public function test_validate_code_with_window()
     {
         $tfa = TwoFactorAuthentication::factory()->withRecovery()->withSafeDevices()->make([
-            'shared_secret' => $secret = Base32::decodeUpper('KS72XBTN5PEBGX2IWBMVW44LXHPAQ7L3'),
+            'shared_secret' => $secret = 'KS72XBTN5PEBGX2IWBMVW44LXHPAQ7L3',
             'window'        => 1,
         ]);