commit be50d49a1de3579494650ceb3cad0f04719b087f
author Copybara bot <copybara-bot@avm99963.com> Thu Nov 30 00:16:42 2023 +0100
committer Copybara bot <copybara-bot@avm99963.com> Thu Nov 30 00:28:27 2023 +0100
tree ae339ad03f9d5f6ea245ddf4b41550503c0a56be

Project import generated by Copybara.

GitOrigin-RevId: 63746295f1a5ab5a619056791995793d65529e62

src/lib/GoogleAuthenticator/GoogleAuthenticator.php

diff --git a/src/lib/GoogleAuthenticator/GoogleAuthenticator.php b/src/lib/GoogleAuthenticator/GoogleAuthenticator.php
new file mode 100644
index 0000000..62bc0cb
--- /dev/null
+++ b/src/lib/GoogleAuthenticator/GoogleAuthenticator.php
@@ -0,0 +1,87 @@
+<?php
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+
+include_once("FixedByteNotation.php");
+
+
+class GoogleAuthenticator {
+    static $PASS_CODE_LENGTH = 6;
+    static $PIN_MODULO;
+    static $SECRET_LENGTH = 20;
+
+    public function __construct() {
+        self::$PIN_MODULO = pow(10, self::$PASS_CODE_LENGTH);
+    }
+
+    public function checkCode($secret,$code) {
+        $time = floor(time() / 30);
+        for ( $i = -1; $i <= 1; $i++) {
+
+            if ($this->getCode($secret,$time + $i) == $code) {
+                return true;
+            }
+        }
+
+        return false;
+
+    }
+
+    public function getCode($secret,$time = null) {
+
+        if (!$time) {
+            $time = floor(time() / 30);
+        }
+        $base32 = new FixedBitNotation(5, 'ABCDEFGHIJKLMNOPQRSTUVWXYZ234567', TRUE, TRUE);
+        $secret = $base32->decode($secret);
+
+        $time = pack("N", $time);
+        $time = str_pad($time,8, chr(0), STR_PAD_LEFT);
+
+        $hash = hash_hmac('sha1',$time,$secret,true);
+        $offset = ord(substr($hash,-1));
+        $offset = $offset & 0xF;
+
+        $truncatedHash = self::hashToInt($hash, $offset) & 0x7FFFFFFF;
+        $pinValue = str_pad($truncatedHash % self::$PIN_MODULO,6,"0",STR_PAD_LEFT);;
+        return $pinValue;
+    }
+
+    protected  function hashToInt($bytes, $start) {
+        $input = substr($bytes, $start, strlen($bytes) - $start);
+        $val2 = unpack("N",substr($input,0,4));
+        return $val2[1];
+    }
+
+    public function getUrl($user, $hostname, $secret) {
+        $url =  sprintf("otpauth://totp/%s@%s?secret=%s", $user, $hostname, $secret);
+        $encoder = "https://www.google.com/chart?chs=200x200&chld=M|0&cht=qr&chl=";
+        $encoderURL = sprintf( "%sotpauth://totp/%s@%s&secret=%s",$encoder, $user, $hostname, $secret);
+
+        return $encoderURL;
+
+    }
+
+    public function generateSecret() {
+        $secret = "";
+        for($i = 1;  $i<= self::$SECRET_LENGTH;$i++) {
+            $c = random_int(0,255);
+            $secret .= pack("c",$c);
+        }
+        $base32 = new FixedBitNotation(5, 'ABCDEFGHIJKLMNOPQRSTUVWXYZ234567', TRUE, TRUE);
+        return  $base32->encode($secret);
+
+
+    }
+
+}