1<?php
2// must be run within Dokuwiki
3if (!defined('DOKU_INC')) die();
4require_once(dirname(__FILE__).'/TokenHelper.php');
5require_once(dirname(__FILE__).'/GoogleAuthenticator.php');
6/**
7 * Google Authenticator Two Factor Form Action Plugin
8 *
9 * @author Andreas Boehler dev@aboehler.at
10 * @author Daniel Popp dan@danpopp.net
11 */
12class action_plugin_authg2fa extends DokuWiki_Action_Plugin {
13
14    /**
15     * Registers the event handlers.
16     */
17    function register(Doku_Event_Handler $controller)
18    {
19        $enable = $this->getConf("g2fa_enable");
20        if($enable===1) {
21            $controller->register_hook('HTML_LOGINFORM_OUTPUT', 'BEFORE', $this, 'two_fa_login_form', array());
22            $controller->register_hook('HTML_UPDATEPROFILEFORM_OUTPUT', 'AFTER', $this, 'handle_profile_form', array());
23        }
24    }
25    /**
26     * Handles the login form rendering.
27     */
28    function two_fa_login_form(&$event, $param) {
29        global $conf;
30
31        // Show login form above submit button (and above remember me option, if enabled)
32        $pos = $event->data->findElementByAttribute('type', 'submit');
33        if($conf["rememberme"])
34          $pos = $pos-1;
35        $event->data->insertElement($pos, form_makePasswordField('t', $this->getLang('g2fa'), '', 'block'));
36    }
37
38    function handle_profile_form(&$event, $param) {
39        global $ID;
40        global $INPUT;
41
42        $fn = $INPUT->param('fn');
43        if(is_array($fn)) {
44          $cmd = key($fn);
45          $param = is_array($fn[$cmd]) ? key($fn[$cmd]) : null;
46        } else {
47          $cmd = $fn;
48          $param = null;
49        }
50
51        $th = new TokenHelper();
52        $secret = $th->getSecret($_SERVER['REMOTE_USER']);
53
54        $form = new Doku_Form($ID);
55        $form->startFieldset($this->getLang('g2fa_fieldset'));
56        $form->addHidden('do', 'profile');
57        $form->addHidden('g2fa', '1');
58        $reveal = false;
59
60
61
62        switch($cmd) {
63        case "gensecret" :
64          if($th->createTokenForUser($_SERVER['REMOTE_USER'])) {
65            msg($this->getLang('g2fa_created'));
66            $secret = $th->getSecret($_SERVER['REMOTE_USER']);
67          }
68          break;
69        case "update":
70          if($INPUT->param('secret') == "********")
71          {
72            msg($this->getLang('g2fa_notchanged'));
73            break;
74          }
75          if($th->saveToken($_SERVER['REMOTE_USER'], $INPUT->param('secret')))
76            msg($this->getLang('g2fa_updated'));
77          else
78            msg($this->getLang('g2fa_notchanged'));
79          $secret = $th->getSecret($_SERVER['REMOTE_USER']);
80          break;
81        case "showqr" :
82          if($secret != '') {
83            $ga = new PHPGangsta_GoogleAuthenticator();
84            $url = $ga->getQRCodeGoogleUrl(urlencode('DokuWiki:'.$_SERVER['REMOTE_USER']), $secret);
85            $form->addElement(form_makeTag('img', array('src' => $url, 'alt' => 'Google 2FA QR Image')));
86            $form->addElement(form_makeTag('br'));
87            $reveal = true;
88          }
89          break;
90        case "delsecret" :
91          if($th->deleteTokenForUser($_SERVER['REMOTE_USER'])) {
92            msg($this->getLang('g2fa_removed'));
93            $secret = '';
94          }
95          break;
96        }
97        if($reveal) {
98          $form->addElement(form_makeTextField('secret', $secret, $this->getLang('secret'), '', 'block', array('size'=>'50')));
99        } else {
100          $form->addElement(form_makeTextField('secret', '********', $this->getLang('secret'), '', 'block', array('size'=>'50')));
101        }
102        $form->addElement(form_makeButton('submit', '', $this->getLang('showqr'), array('name' => 'fn[showqr]', 'disabled' => $secret == '' ? 'disabled' : '')));
103        $form->addElement(form_makeTag('br'));
104        $form->addElement(form_makeButton('submit', '', $this->getLang('generate'), array('name' => 'fn[gensecret]')));
105        $form->addElement(form_makeButton('submit', '', $this->getLang('update'), array('name' => 'fn[update]')));
106        $form->addElement(form_makeTag('br'));
107        $form->addElement(form_makeButton('submit', '', $this->getLang('delete'), array('name' => 'fn[delsecret]', 'disabled' => $secret == '' ? 'disabled' : '' )));
108        $form->endFieldset();
109        html_form('g2fa', $form);
110    }
111
112}
113?>
114