Skip to content

Commit

Permalink
3.1.0
Browse files Browse the repository at this point in the history
Added feature OTP generation (see #3944)
  • Loading branch information
nilsteampassnet committed Nov 18, 2023
1 parent eaecf65 commit 75f46e6
Show file tree
Hide file tree
Showing 87 changed files with 964 additions and 1,086 deletions.
2 changes: 1 addition & 1 deletion composer.json
Original file line number Diff line number Diff line change
Expand Up @@ -89,7 +89,7 @@
"firebase/php-jwt": "^6.9",
"neitanod/forceutf8": "^2.0",
"goodby/csv": "^1.3",
"robthree/twofactorauth": "~1",
"robthree/twofactorauth": "~2.1",
"passwordlib/passwordlib": "^1.0.0-alpha2",
"hackzilla/password-generator": "^1.6",
"peppeocchi/php-cron-scheduler": "^4.0",
Expand Down
29 changes: 20 additions & 9 deletions composer.lock

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion includes/config/include.php
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@
*/
define('TP_VERSION', '3.1.0');
define("UPGRADE_MIN_DATE", "1697990713");
define('TP_VERSION_MINOR', '4');
define('TP_VERSION_MINOR', '5');
define('TP_TOOL_NAME', 'Teampass');
define('TP_ONE_DAY_SECONDS', 86400);
define('TP_ONE_WEEK_SECONDS', 604800);
Expand Down
82 changes: 82 additions & 0 deletions includes/core/load.js.php
Original file line number Diff line number Diff line change
Expand Up @@ -698,6 +698,88 @@ function(teampassUser) {
}
}
});

// ----
} else if ($(this).data('name') === 'generate-an-otp') {
// User wants to generate an OTP
$('#warningModalButtonAction').attr('data-button-confirm', 'false');

// SHow modal
showModalDialogBox(
'#warningModal',
'<i class="fa-solid fa-qrcode fa-lg warning mr-2"></i><?php echo $lang->get('generate_an_otp'); ?> <b>',
'<div class="form-group">'+
'<div class="row">' +
'<div class="input-group mb-2">' +
'<div class="input-group-prepend">' +
'<span class="input-group-text"><?php echo $lang->get('generated-otp'); ?></span>' +
'</div>' +
'<input id="new-otp" type="text" class="form-control form-item-control" value="">' +
'</div>' +
'</div>' +
'<div class="row">' +
'<div class="input-group mb-2">' +
'<div class="input-group-prepend">' +
'<span class="input-group-text"><?php echo $lang->get('qrcode_label'); ?></span>' +
'</div>' +
'<input type="text" rows="1" id="otp-label" class="form-control form-item-control" value="">' +
'</div>' +
'</div>' +
'<div class="row" style="height:200px;">' +
'<div class="text-center" id="new-otp-qrcode">' +
'</div>' +
'</div>' +
'</div>',
'<?php echo $lang->get('generate_qrcode'); ?>',
'<?php echo $lang->get('close'); ?>'
);

launchOtpGeneration(false);

// Manage click on button PERFORM
$(document).on('click', '#warningModalButtonAction', function() {
event.preventDefault();
launchOtpGeneration(true);
});

function launchOtpGeneration(withQrCode)
{
// Load OTP
var parameters = {
'label': $('#otp-label').val(),
'with_qrcode': withQrCode,
}
$.post(
"sources/main.queries.php", {
type: "generate_an_otp",
type_category: 'action_utils',
data: prepareExchangedData(JSON.stringify(parameters), "encode", "<?php echo $superGlobal->get('key', 'SESSION'); ?>"),
key: "<?php echo $superGlobal->get('key', 'SESSION'); ?>"
},
function(data) {
data = prepareExchangedData(data, 'decode', '<?php echo $superGlobal->get('key', 'SESSION'); ?>');
if (debugJavascript === true) console.log(data)

if (data.error !== false) {
// Show error
toastr.remove();
toastr.error(
data.message,
'<?php echo $lang->get('caution'); ?>', {
timeOut: 5000,
progressBar: true
}
);
} else {
$('#new-otp').val(data.secret);
if (withQrCode === true) {
$('#new-otp-qrcode').html('<img class="text-center" src="' + data.qrcode + '" />');
}
}
}
);
}

}
}
});
Expand Down
2 changes: 0 additions & 2 deletions includes/core/login.js.php
Original file line number Diff line number Diff line change
Expand Up @@ -650,8 +650,6 @@ function(data) {
function identifyUser(redirect, psk, data, randomstring) {
var old_data = data;
// Check if session is still existing
console.info('Session existance check:')
console.log(data);
//send query
$.post(
"sources/identify.php", {
Expand Down
4 changes: 4 additions & 0 deletions includes/language/english.php
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,10 @@
* @see https://www.teampass.net
*/
return array(
'generate_an_otp' => 'Generate an OTP',
'generated-otp' => 'Generated OTP',
'qrcode_label' => 'QRCode label',
'generate_qrcode' => 'Generate QRCode',
'mfa_code_send_by_email' => 'MFA code sent by email',
'user_keys_downloaded' => 'User keys downloaded',
'regenerate_only_personal_items_keys' => 'Only regenerate my personal items keys (it requires your public and private keys). This will not impact shared items.',
Expand Down
6 changes: 6 additions & 0 deletions index.php
Original file line number Diff line number Diff line change
Expand Up @@ -331,6 +331,12 @@
<a class="dropdown-item user-menu<?php echo (int) $session_user_admin === 1 ? ' hidden' : '';?>" href="#" data-name="generate-new_keys">
<i class="fa-solid fa-spray-can-sparkles fa-fw mr-2"></i><?php echo $lang->get('generate_new_keys'); ?>
</a>

<div class="dropdown-divider"></div>
<a class="dropdown-item user-menu" href="#" data-name="generate-an-otp">
<i class="fa-solid fa-qrcode fa-fw mr-2"></i><?php echo $lang->get('generate_an_otp'); ?>
</a>

<div class="dropdown-divider"></div>
<a class="dropdown-item user-menu" href="#" data-name="logout">
<i class="fa-solid fa-sign-out-alt fa-fw mr-2"></i><?php echo $lang->get('disconnect'); ?>
Expand Down
2 changes: 1 addition & 1 deletion scripts/task_maintenance_purge_old_files.php
Original file line number Diff line number Diff line change
Expand Up @@ -75,7 +75,7 @@ function purgeTemporaryFiles(): void
{
// Load expected files
require_once __DIR__. '/../sources/main.functions.php';
require __DIR__. '/../includes/config/tp.config.php';
include __DIR__. '/../includes/config/tp.config.php';

if (isset($SETTINGS) === true) {
//read folder
Expand Down
2 changes: 1 addition & 1 deletion scripts/task_maintenance_rebuild_config_file.php
Original file line number Diff line number Diff line change
Expand Up @@ -76,7 +76,7 @@ function rebuildConfigFile(): void
{
// Load expected files
require_once __DIR__. '/../sources/main.functions.php';
require_once __DIR__. '/../includes/config/tp.config.php';
include __DIR__. '/../includes/config/tp.config.php';

if (isset($SETTINGS) === true) {
handleConfigFile('rebuild', $SETTINGS);
Expand Down
23 changes: 4 additions & 19 deletions sources/main.functions.php
Original file line number Diff line number Diff line change
Expand Up @@ -39,8 +39,6 @@
use Defuse\Crypto\File as CryptoFile;
use Defuse\Crypto\Exception as CryptoException;
use PHPMailer\PHPMailer\PHPMailer;
use phpseclib\Crypt\RSA;
use phpseclib\Crypt\AES;
use PasswordLib\PasswordLib;
use Symfony\Component\Process\Exception\ProcessFailedException;
use Symfony\Component\Process\Process;
Expand All @@ -49,6 +47,8 @@
//use phpseclib3\Crypt\PublicKeyLoader;
//use phpseclib3\Crypt\RSA;
//use phpseclib3\Exception\NoKeyLoadedException;
//use phpseclib\Crypt\RSA;
//use phpseclib\Crypt\AES;

// Load config if $SETTINGS not defined
if (isset($SETTINGS['cpassman_dir']) === false || empty($SETTINGS['cpassman_dir']) === true) {
Expand Down Expand Up @@ -134,17 +134,9 @@ function bCrypt(
*/
function isHex(string $str): bool
{
if ((int) phpversion() >= 8) {
// Code for PHP 8
if (str_starts_with(strtolower($str), '0x')) {
$str = substr($str, 2);
}
} else {
if (substr($str, 0, 2 ) === "0x") {
$str = substr($str, 2);
}
if (str_starts_with(strtolower($str), '0x')) {
$str = substr($str, 2);
}


return ctype_xdigit($str);
}
Expand Down Expand Up @@ -3678,13 +3670,6 @@ function getUsersWithRoles(
return $arrUsers;
}

// #3476 - check if function str_contains exists (using PHP 8.0.0 or h)
// else define it
if (!function_exists('str_contains')) {
function str_contains($haystack, $needle) {
return $needle !== '' && mb_strpos($haystack, $needle) !== false;
}
}

/**
* Get all users informations
Expand Down
60 changes: 58 additions & 2 deletions sources/main.queries.php
Original file line number Diff line number Diff line change
Expand Up @@ -179,6 +179,10 @@ function mainQuery(array $SETTINGS)
case 'action_system':
echo systemHandler($post_type, $dataReceived, $SETTINGS);
break;

case 'action_utils':
echo utilsHandler($post_type, $dataReceived, $SETTINGS);
break;
}

// Manage type of action asked
Expand Down Expand Up @@ -584,7 +588,7 @@ function keyHandler(string $post_type, /*php8 array|null|string */$dataReceived,
* @param array $SETTINGS
* @return string
*/
function systemHandler(string $post_type, /*php8 array|null|string */$dataReceived, array $SETTINGS): string
function systemHandler(string $post_type, array|null|string $dataReceived, array $SETTINGS): string
{
switch ($post_type) {
/*
Expand Down Expand Up @@ -702,6 +706,32 @@ function systemHandler(string $post_type, /*php8 array|null|string */$dataReceiv
}


function utilsHandler(string $post_type, array|null|string $dataReceived, array $SETTINGS): string
{
switch ($post_type) {
/*
* generate_an_otp
*/
case 'generate_an_otp'://action_utils
return generateAnOTP(
(string) filter_var($dataReceived['label'], FILTER_SANITIZE_FULL_SPECIAL_CHARS),
(bool) filter_var($dataReceived['with_qrcode'], FILTER_VALIDATE_BOOLEAN),
);


/*
* Default case
*/
default :
return prepareExchangedData(
array(
'error' => true,
),
'encode'
);
}
}

/**
* Permits to set the user ready
*
Expand Down Expand Up @@ -3068,7 +3098,7 @@ function changeUserLDAPAuthenticationPassword(

// Load superGlobals
$superGlobal = new SuperGlobal();
$lang = new Language();
$lang = new Language();
$superGlobal->put('private_key', $privateKey, 'SESSION', 'user');

return prepareExchangedData(
Expand Down Expand Up @@ -3125,4 +3155,30 @@ function increaseSessionDuration(
}

return '[{"new_value":"expired"}]';
}

function generateAnOTP(string $label, bool $with_qrcode = false): string
{
// generate new secret
$tfa = new TwoFactorAuth();
$secretKey = $tfa->createSecret();

// generate new QR
if ($with_qrcode === true) {
$qrcode = $tfa->getQRCodeImageAsDataUri(
$label,
$secretKey
);
}

// ERROR
return prepareExchangedData(
array(
'error' => false,
'message' => '',
'secret' => $secretKey,
'qrcode' => $qrcode,
),
'encode'
);
}
2 changes: 1 addition & 1 deletion vendor/composer/autoload_classmap.php
Original file line number Diff line number Diff line change
Expand Up @@ -937,6 +937,7 @@
'Psr\\SimpleCache\\CacheInterface' => $vendorDir . '/psr/simple-cache/src/CacheInterface.php',
'Psr\\SimpleCache\\InvalidArgumentException' => $vendorDir . '/psr/simple-cache/src/InvalidArgumentException.php',
'QRcode' => $vendorDir . '/tecnickcom/tcpdf/include/barcodes/qrcode.php',
'RobThree\\Auth\\Algorithm' => $vendorDir . '/robthree/twofactorauth/lib/Algorithm.php',
'RobThree\\Auth\\Providers\\Qr\\BaconQrCodeProvider' => $vendorDir . '/robthree/twofactorauth/lib/Providers/Qr/BaconQrCodeProvider.php',
'RobThree\\Auth\\Providers\\Qr\\BaseHTTPQRCodeProvider' => $vendorDir . '/robthree/twofactorauth/lib/Providers/Qr/BaseHTTPQRCodeProvider.php',
'RobThree\\Auth\\Providers\\Qr\\EndroidQrCodeProvider' => $vendorDir . '/robthree/twofactorauth/lib/Providers/Qr/EndroidQrCodeProvider.php',
Expand All @@ -951,7 +952,6 @@
'RobThree\\Auth\\Providers\\Rng\\CSRNGProvider' => $vendorDir . '/robthree/twofactorauth/lib/Providers/Rng/CSRNGProvider.php',
'RobThree\\Auth\\Providers\\Rng\\HashRNGProvider' => $vendorDir . '/robthree/twofactorauth/lib/Providers/Rng/HashRNGProvider.php',
'RobThree\\Auth\\Providers\\Rng\\IRNGProvider' => $vendorDir . '/robthree/twofactorauth/lib/Providers/Rng/IRNGProvider.php',
'RobThree\\Auth\\Providers\\Rng\\MCryptRNGProvider' => $vendorDir . '/robthree/twofactorauth/lib/Providers/Rng/MCryptRNGProvider.php',
'RobThree\\Auth\\Providers\\Rng\\OpenSSLRNGProvider' => $vendorDir . '/robthree/twofactorauth/lib/Providers/Rng/OpenSSLRNGProvider.php',
'RobThree\\Auth\\Providers\\Rng\\RNGException' => $vendorDir . '/robthree/twofactorauth/lib/Providers/Rng/RNGException.php',
'RobThree\\Auth\\Providers\\Time\\HttpTimeProvider' => $vendorDir . '/robthree/twofactorauth/lib/Providers/Time/HttpTimeProvider.php',
Expand Down
2 changes: 1 addition & 1 deletion vendor/composer/autoload_psr4.php
Original file line number Diff line number Diff line change
Expand Up @@ -42,7 +42,7 @@
'LdapRecord\\' => array($vendorDir . '/directorytree/ldaprecord/src'),
'Illuminate\\Validation\\' => array($vendorDir . '/illuminate/validation'),
'Illuminate\\Translation\\' => array($vendorDir . '/illuminate/translation'),
'Illuminate\\Support\\' => array($vendorDir . '/illuminate/conditionable', $vendorDir . '/illuminate/macroable', $vendorDir . '/illuminate/collections', $vendorDir . '/illuminate/support'),
'Illuminate\\Support\\' => array($vendorDir . '/illuminate/collections', $vendorDir . '/illuminate/conditionable', $vendorDir . '/illuminate/macroable', $vendorDir . '/illuminate/support'),
'Illuminate\\Filesystem\\' => array($vendorDir . '/illuminate/filesystem'),
'Illuminate\\Contracts\\' => array($vendorDir . '/illuminate/contracts'),
'Illuminate\\Container\\' => array($vendorDir . '/illuminate/container'),
Expand Down
Loading

0 comments on commit 75f46e6

Please sign in to comment.