| Server IP : 23.254.227.96 / Your IP : 216.73.216.120 Web Server : Apache/2.4.62 (Unix) OpenSSL/1.1.1k System : Linux hwsrv-1277026.hostwindsdns.com 4.18.0-477.13.1.el8_8.x86_64 #1 SMP Tue May 30 14:53:41 EDT 2023 x86_64 User : viralblo ( 1001) PHP Version : 8.1.31 Disable Function : NONE MySQL : OFF | cURL : ON | WGET : ON | Perl : ON | Python : OFF | Sudo : ON | Pkexec : ON Directory : /usr/local/cwpsrv/var/services/pma/libraries/classes/Plugins/TwoFactor/ |
Upload File : |
<?php
/**
* Second authentication factor handling
*/
declare(strict_types=1);
namespace PhpMyAdmin\Plugins\TwoFactor;
use BaconQrCode\Renderer\Image\SvgImageBackEnd;
use PhpMyAdmin\Plugins\TwoFactorPlugin;
use PhpMyAdmin\TwoFactor;
use PragmaRX\Google2FA\Exceptions\IncompatibleWithGoogleAuthenticatorException;
use PragmaRX\Google2FA\Exceptions\InvalidCharactersException;
use PragmaRX\Google2FA\Exceptions\SecretKeyTooShortException;
use PragmaRX\Google2FAQRCode\Google2FA;
use function extension_loaded;
/**
* HOTP and TOTP based two-factor authentication
*
* Also known as Google, Authy, or OTP
*/
class Application extends TwoFactorPlugin
{
/** @var string */
public static $id = 'application';
/** @var Google2FA */
protected $google2fa;
/**
* Creates object
*
* @param TwoFactor $twofactor TwoFactor instance
*/
public function __construct(TwoFactor $twofactor)
{
parent::__construct($twofactor);
if (extension_loaded('imagick')) {
$this->google2fa = new Google2FA();
} else {
$this->google2fa = new Google2FA(new SvgImageBackEnd());
}
$this->google2fa->setWindow(8);
if (isset($this->twofactor->config['settings']['secret'])) {
return;
}
$this->twofactor->config['settings']['secret'] = '';
}
public function getGoogle2fa(): Google2FA
{
return $this->google2fa;
}
/**
* Checks authentication, returns true on success
*
* @return bool
*
* @throws IncompatibleWithGoogleAuthenticatorException
* @throws InvalidCharactersException
* @throws SecretKeyTooShortException
*/
public function check()
{
$this->provided = false;
if (! isset($_POST['2fa_code'])) {
return false;
}
$this->provided = true;
return $this->google2fa->verifyKey(
$this->twofactor->config['settings']['secret'],
$_POST['2fa_code']
);
}
/**
* Renders user interface to enter two-factor authentication
*
* @return string HTML code
*/
public function render()
{
return $this->template->render('login/twofactor/application');
}
/**
* Renders user interface to configure two-factor authentication
*
* @return string HTML code
*/
public function setup()
{
$secret = $this->twofactor->config['settings']['secret'];
$inlineUrl = $this->google2fa->getQRCodeInline(
'phpMyAdmin (' . $this->getAppId(false) . ')',
$this->twofactor->user,
$secret
);
return $this->template->render('login/twofactor/application_configure', [
'image' => $inlineUrl,
'secret' => $secret,
'has_imagick' => extension_loaded('imagick'),
]);
}
/**
* Performs backend configuration
*
* @return bool
*
* @throws IncompatibleWithGoogleAuthenticatorException
* @throws InvalidCharactersException
* @throws SecretKeyTooShortException
*/
public function configure()
{
if (! isset($_SESSION['2fa_application_key'])) {
$_SESSION['2fa_application_key'] = $this->google2fa->generateSecretKey();
}
$this->twofactor->config['settings']['secret'] = $_SESSION['2fa_application_key'];
$result = $this->check();
if ($result) {
unset($_SESSION['2fa_application_key']);
}
return $result;
}
/**
* Get user visible name
*
* @return string
*/
public static function getName()
{
return __('Authentication Application (2FA)');
}
/**
* Get user visible description
*
* @return string
*/
public static function getDescription()
{
return __(
'Provides authentication using HOTP and TOTP applications such as FreeOTP, Google Authenticator or Authy.'
);
}
}