Completed mOTP support.

eloquent · Sep 18, 2013 · 30ce01e · 30ce01e
1 parent 75a3ded
commit 30ce01e
Show file tree

Hide file tree

Showing 53 changed files with 1,111 additions and 330 deletions.
diff --git a/README.md b/README.md
@@ -1,6 +1,6 @@
 # Otis
 
-*One-time password / two-factor authentication library for PHP.*
+*One-time password / multi-factor authentication library for PHP.*
 
 [![Build Status]][Latest build]
 [![Test Coverage]][Test coverage report]
@@ -13,7 +13,7 @@
 
 ## What is *Otis*?
 
-*Otis* is a PHP library for implementing [one-time password] / [two-factor
+*Otis* is a PHP library for implementing [one-time password] / [multi-factor
 authentication] systems. *Otis* provides generators and validators for both
 [TOTP][] (time-based passwords as defined in [RFC 6238]) and [HOTP][]
 (counter-based passwords as covered in [RFC 4226]). *Otis* supports all hashing
@@ -161,7 +161,7 @@ the wiki.
 [RFC 4226]: http://tools.ietf.org/html/rfc4226
 [RFC 6238]: http://tools.ietf.org/html/rfc6238
 [TOTP]: http://en.wikipedia.org/wiki/Time-based_One-time_Password_Algorithm
-[two-factor authentication]: http://en.wikipedia.org/wiki/Multi-factor_authentication
+[multi-factor authentication]: http://en.wikipedia.org/wiki/Multi-factor_authentication
 [URI format]: https://code.google.com/p/google-authenticator/wiki/KeyUriFormat
 
 [Build Status]: https://api.travis-ci.org/eloquent/otis.png?branch=master

diff --git a/composer.json b/composer.json
@@ -1,7 +1,7 @@
 {
     "name": "eloquent/otis",
-    "description": "One-time password / two-factor authentication library for PHP.",
-    "keywords": ["otp", "2fa", "one", "time", "password", "two", "factor", "auth", "authentication", "google", "authenticator", "oath"],
+    "description": "One-time password / multi-factor authentication library for PHP.",
+    "keywords": ["otp", "2fa", "one", "time", "password", "multi", "two", "factor", "auth", "authentication", "google", "authenticator", "oath"],
     "homepage": "https://github.com/eloquent/otis",
     "license": "MIT",
     "authors": [

diff --git a/composer.lock b/composer.lock
diff --git a/src/Eloquent/Otis/Configuration/MfaConfigurationInterface.php b/src/Eloquent/Otis/Configuration/MfaConfigurationInterface.php
@@ -1,4 +1,4 @@
-<?php
+<?php // @codeCoverageIgnoreStart
 
 /*
  * This file is part of the Otis package.

diff --git a/src/Eloquent/Otis/Hotp/Configuration/HotpBasedConfigurationInterface.php b/src/Eloquent/Otis/Hotp/Configuration/HotpBasedConfigurationInterface.php
@@ -1,4 +1,4 @@
-<?php
+<?php // @codeCoverageIgnoreStart
 
 /*
  * This file is part of the Otis package.

diff --git a/src/Eloquent/Otis/Hotp/Configuration/HotpConfigurationInterface.php b/src/Eloquent/Otis/Hotp/Configuration/HotpConfigurationInterface.php
@@ -1,4 +1,4 @@
-<?php
+<?php // @codeCoverageIgnoreStart
 
 /*
  * This file is part of the Otis package.

diff --git a/src/Eloquent/Otis/Hotp/Generator/HotpGenerator.php b/src/Eloquent/Otis/Hotp/Generator/HotpGenerator.php
@@ -29,8 +29,11 @@ class HotpGenerator implements HotpGeneratorInterface
      *
      * @return HotpValueInterface The generated HOTP value.
      */
-    public function generate($secret, $counter, HotpHashAlgorithm $algorithm = null)
-    {
+    public function generate(
+        $secret,
+        $counter,
+        HotpHashAlgorithm $algorithm = null
+    ) {
         if (null === $algorithm) {
             $algorithm = HotpHashAlgorithm::SHA1();
         }

diff --git a/src/Eloquent/Otis/Hotp/HotpHashAlgorithm.php b/src/Eloquent/Otis/Hotp/HotpHashAlgorithm.php
@@ -1,4 +1,4 @@
-<?php
+<?php // @codeCoverageIgnoreStart
 
 /*
  * This file is part of the Otis package.

diff --git a/src/Eloquent/Otis/Hotp/Validator/HotpValidator.php b/src/Eloquent/Otis/Hotp/Validator/HotpValidator.php
@@ -11,15 +11,20 @@
 
 namespace Eloquent\Otis\Hotp\Validator;
 
+use Eloquent\Otis\Configuration\MfaConfigurationInterface;
 use Eloquent\Otis\Hotp\Configuration\HotpConfiguration;
 use Eloquent\Otis\Hotp\Configuration\HotpConfigurationInterface;
 use Eloquent\Otis\Hotp\Generator\HotpGenerator;
 use Eloquent\Otis\Hotp\Generator\HotpGeneratorInterface;
+use Eloquent\Otis\Validator\Exception\UnsupportedMfaCombinationException;
+use Eloquent\Otis\Validator\MfaValidatorInterface;
+use Eloquent\Otis\Validator\Parameters\MfaParametersInterface;
+use Eloquent\Otis\Validator\Result\MfaValidationResultInterface;
 
 /**
  * Validates HOTP passwords.
  */
-class HotpValidator implements HotpValidatorInterface
+class HotpValidator implements MfaValidatorInterface, HotpValidatorInterface
 {
     /**
      * Construct a new HOTP validator.
@@ -45,6 +50,46 @@ public function generator()
         return $this->generator;
     }
 
+    /**
+     * Returns true if this validator supports the supplied combination of
+     * configuration and parameters.
+     *
+     * @param MfaConfigurationInterface $configuration The configuration to use for validation.
+     * @param MfaParametersInterface    $parameters    The parameters to validate.
+     *
+     * @return boolean True if this validator supports the supplied combination.
+     */
+    public function supports(
+        MfaConfigurationInterface $configuration,
+        MfaParametersInterface $parameters
+    ) {
+        return $configuration instanceof HotpConfigurationInterface &&
+            $parameters instanceof Parameters\HotpParametersInterface;
+    }
+
+    /**
+     * Validate a set of multi-factor authentication parameters.
+     *
+     * @param MfaConfigurationInterface         $configuration The configuration to use for validation.
+     * @param Parameters\MfaParametersInterface $parameters    The parameters to validate.
+     *
+     * @return Result\MfaValidationResultInterface          The validation result.
+     * @throws Exception\UnsupportedMfaCombinationException If the combination of configuration and parameters is not supported.
+     */
+    public function validate(
+        MfaConfigurationInterface $configuration,
+        MfaParametersInterface $parameters
+    ) {
+        if (!$this->supports($configuration, $parameters)) {
+            throw new UnsupportedMfaCombinationException(
+                $configuration,
+                $parameters
+            );
+        }
+
+        return $this->validateHotp($configuration, $parameters);
+    }
+
     /**
      * Validate an HOTP password.
      *
@@ -53,7 +98,7 @@ public function generator()
      *
      * @return Result\HotpValidationResultInterface The validation result.
      */
-    public function validate(
+    public function validateHotp(
         HotpConfigurationInterface $configuration,
         Parameters\HotpParametersInterface $parameters
     ) {
@@ -101,7 +146,7 @@ public function validate(
      *
      * @return Result\HotpValidationResultInterface The validation result.
      */
-    public function validateSequence(
+    public function validateHotpSequence(
         HotpConfigurationInterface $configuration,
         $secret,
         array $passwords,
@@ -121,15 +166,15 @@ public function validateSequence(
                 $window = 0;
             }
 
-            $result = $this->validate(
+            $result = $this->validateHotp(
                 new HotpConfiguration(
                     $configuration->digits(),
                     $window,
                     $configuration->initialCounter(),
                     $configuration->secretLength(),
                     $configuration->algorithm()
                 ),
-                new Parameters\HotpParameters($secret, $password, $counter)
+                new Parameters\HotpParameters($secret, $counter, $password)
             );
 
             if (!$result->isSuccessful()) {

diff --git a/src/Eloquent/Otis/Hotp/Validator/HotpValidatorInterface.php b/src/Eloquent/Otis/Hotp/Validator/HotpValidatorInterface.php
@@ -26,7 +26,7 @@ interface HotpValidatorInterface
      *
      * @return Result\HotpValidationResultInterface The validation result.
      */
-    public function validate(
+    public function validateHotp(
         HotpConfigurationInterface $configuration,
         Parameters\HotpParametersInterface $parameters
     );
@@ -41,7 +41,7 @@ public function validate(
      *
      * @return Result\HotpValidationResultInterface The validation result.
      */
-    public function validateSequence(
+    public function validateHotpSequence(
         HotpConfigurationInterface $configuration,
         $secret,
         array $passwords,

diff --git a/src/Eloquent/Otis/Hotp/Validator/Parameters/HotpParameters.php b/src/Eloquent/Otis/Hotp/Validator/Parameters/HotpParameters.php
@@ -1,4 +1,4 @@
-<?php
+<?php // @codeCoverageIgnoreStart
 
 /*
  * This file is part of the Otis package.

diff --git a/src/Eloquent/Otis/Hotp/Validator/Parameters/HotpParametersInterface.php b/src/Eloquent/Otis/Hotp/Validator/Parameters/HotpParametersInterface.php
@@ -1,4 +1,4 @@
-<?php
+<?php // @codeCoverageIgnoreStart
 
 /*
  * This file is part of the Otis package.

diff --git a/src/Eloquent/Otis/Hotp/Validator/Result/HotpValidationResult.php b/src/Eloquent/Otis/Hotp/Validator/Result/HotpValidationResult.php
@@ -11,46 +11,12 @@
 
 namespace Eloquent\Otis\Hotp\Validator\Result;
 
-use Eloquent\Otis\Validator\Result\AbstractMfaValidationResult;
-use Eloquent\Otis\Validator\Result\Exception\InvalidMfaResultException;
+use Eloquent\Otis\Validator\Result\AbstractCounterBasedOtpValidationResult;
 
 /**
  * Represents a HOTP validation result.
  */
-class HotpValidationResult extends AbstractMfaValidationResult implements
-    HotpValidationResultInterface
+class HotpValidationResult extends AbstractCounterBasedOtpValidationResult
+    implements HotpValidationResultInterface
 {
-    /**
-     * Construct a new HOTP validation result.
-     *
-     * @param string       $type    The result type.
-     * @param integer|null $counter The new counter value, or null if the counter should not change.
-     *
-     * @throws InvalidMfaResultException If the supplied arguments constitute an invalid result.
-     */
-    public function __construct($type, $counter = null)
-    {
-        if (
-            (static::VALID === $type && null === $counter) ||
-            (static::VALID !== $type && null !== $counter)
-        ) {
-            throw new InvalidMfaResultException;
-        }
-
-        parent::__construct($type);
-
-        $this->counter = $counter;
-    }
-
-    /**
-     * Get the new counter value.
-     *
-     * @return integer|null The new counter value, or null if the counter should not change.
-     */
-    public function counter()
-    {
-        return $this->counter;
-    }
-
-    private $counter;
 }
diff --git a/src/Eloquent/Otis/Hotp/Validator/Result/HotpValidationResultInterface.php b/src/Eloquent/Otis/Hotp/Validator/Result/HotpValidationResultInterface.php
@@ -11,17 +11,12 @@
 
 namespace Eloquent\Otis\Hotp\Validator\Result;
 
-use Eloquent\Otis\Validator\Result\OtpValidationResultInterface;
+use Eloquent\Otis\Validator\Result\CounterBasedOtpValidationResultInterface;
 
 /**
  * The interface implemented by HOTP validation results.
  */
-interface HotpValidationResultInterface extends OtpValidationResultInterface
+interface HotpValidationResultInterface extends
+    CounterBasedOtpValidationResultInterface
 {
-    /**
-     * Get the new counter value.
-     *
-     * @return integer|null The new counter value, or null if the counter should not change.
-     */
-    public function counter();
 }
diff --git a/src/Eloquent/Otis/Motp/Configuration/MotpConfiguration.php b/src/Eloquent/Otis/Motp/Configuration/MotpConfiguration.php
@@ -0,0 +1,60 @@
+<?php
+
+/*
+ * This file is part of the Otis package.
+ *
+ * Copyright © 2013 Erin Millard
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Eloquent\Otis\Motp\Configuration;
+
+/**
+ * Represents a complete set of mOTP configuration settings.
+ */
+class MotpConfiguration implements MotpConfigurationInterface
+{
+    /**
+     * Construct a new mOTP configuration.
+     *
+     * @param integer|null $futureWindows The number of future windows to check.
+     * @param integer|null $pastWindows   The number of past windows to check.
+     */
+    public function __construct($futureWindows = null, $pastWindows = null)
+    {
+        if (null === $futureWindows) {
+            $futureWindows = 3;
+        }
+        if (null === $pastWindows) {
+            $pastWindows = 3;
+        }
+
+        $this->futureWindows = $futureWindows;
+        $this->pastWindows = $pastWindows;
+    }
+
+    /**
+     * Get the number of future windows to check.
+     *
+     * @return integer The number of future windows to check.
+     */
+    public function futureWindows()
+    {
+        return $this->futureWindows;
+    }
+
+    /**
+     * Get the number of past windows to check.
+     *
+     * @return integer The number of past windows to check.
+     */
+    public function pastWindows()
+    {
+        return $this->pastWindows;
+    }
+
+    private $futureWindows;
+    private $pastWindows;
+}
diff --git a/src/Eloquent/Otis/Motp/Configuration/MotpConfigurationInterface.php b/src/Eloquent/Otis/Motp/Configuration/MotpConfigurationInterface.php
@@ -0,0 +1,34 @@
+<?php // @codeCoverageIgnoreStart
+
+/*
+ * This file is part of the Otis package.
+ *
+ * Copyright © 2013 Erin Millard
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Eloquent\Otis\Motp\Configuration;
+
+use Eloquent\Otis\Configuration\MfaConfigurationInterface;
+
+/**
+ * The interface implemented by mOTP configurations.
+ */
+interface MotpConfigurationInterface extends MfaConfigurationInterface
+{
+    /**
+     * Get the number of future windows to check.
+     *
+     * @return integer The number of future windows to check.
+     */
+    public function futureWindows();
+
+    /**
+     * Get the number of past windows to check.
+     *
+     * @return integer The number of past windows to check.
+     */
+    public function pastWindows();
+}