Adding all the code i changed. It now supports mfa, passkeys and passwords

2024-12-25 23:56:19 +01:00
parent ea743d19e9
commit e8cba3edf6
49 changed files with 7730 additions and 24 deletions
--- a/app-code/api/utils/create_key.php
+++ b/app-code/api/utils/create_key.php
@@ -0,0 +1,37 @@
+<?php
+function generateBase32Secret($length = 16) {
+    // Generate a random binary string (length in bytes)
+    $randomBytes = random_bytes($length); // Length in bytes (16 bytes = 128 bits)
+
+    // Encode the binary string to Base32
+    $base32Secret = base32_encode($randomBytes);
+    
+    return $base32Secret;
+}
+
+// Function to encode to Base32
+function base32_encode($data) {
+    $base32Chars = 'ABCDEFGHIJKLMNOPQRSTUVWXYZ234567'; // Base32 alphabet
+    $encoded = '';
+    $buffer = 0;
+    $bitsLeft = 0;
+
+    foreach (str_split($data) as $char) {
+        $buffer = ($buffer << 8) | ord($char);
+        $bitsLeft += 8;
+
+        while ($bitsLeft >= 5) {
+            $bitsLeft -= 5;
+            $encoded .= $base32Chars[($buffer >> $bitsLeft) & 31];
+            $buffer &= (1 << $bitsLeft) - 1;
+        }
+    }
+
+    if ($bitsLeft > 0) {
+        $encoded .= $base32Chars[($buffer << (5 - $bitsLeft)) & 31];
+    }
+
+    return $encoded;
+}
+
+?>
--- a/app-code/api/utils/generate_pin.php
+++ b/app-code/api/utils/generate_pin.php
@@ -0,0 +1,53 @@
+<?php
+function base32_decode($base32) {
+    $base32Chars = 'ABCDEFGHIJKLMNOPQRSTUVWXYZ234567';
+    $base32 = strtoupper($base32);
+    $buffer = 0;
+    $bitsLeft = 0;
+    $decoded = '';
+
+    foreach (str_split($base32) as $char) {
+        $value = strpos($base32Chars, $char);
+        if ($value === false) {
+            continue;
+        }
+
+        $buffer = ($buffer << 5) | $value;
+        $bitsLeft += 5;
+
+        if ($bitsLeft >= 8) {
+            $bitsLeft -= 8;
+            $decoded .= chr(($buffer >> $bitsLeft) & 0xFF);
+        }
+    }
+
+    return $decoded;
+}
+
+function generateTOTP($secret) {
+    // Convert the secret from Base32 to binary
+    $secretBinary = base32_decode($secret);
+
+    // Get the current time in seconds
+    $time = floor(time() / 30); // 30-second time step
+    
+    // Convert the time to a 8-byte string
+    $timeBytes = pack('N*', 0) . pack('N*', $time);  // Pack time as an 8-byte string
+
+    // Hash the time with the secret key using HMAC-SHA1
+    $hash = hash_hmac('sha1', $timeBytes, $secretBinary, true); 
+
+    // Extract a 4-byte dynamic offset from the hash
+    $offset = ord($hash[19]) & 0x0F; 
+
+    // Calculate the 6-digit code by truncating the hash
+    $code = unpack('N', substr($hash, $offset, 4))[1] & 0x7FFFFFFF;  // Ensure non-negative
+    
+    // Modulo 10^6 to get the final 6-digit code
+    $otp = $code % 1000000;
+    
+    // Pad with leading zeros if necessary
+    return str_pad($otp, 6, '0', STR_PAD_LEFT);
+}
+
+?>