D3Public/oxtotp
8
0
Fork 1
Code Pull Requests Releases Activity

fix unthrown invalid totp exception

Browse Source
This commit is contained in:
Daniel Seifert 2022-11-13 23:40:54 +01:00
parent 42bab2bd25
commit 12bb6355ee
Signed by: DanielS
GPG Key ID: 6A513E13AEE66170
5 changed files with 10 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
src/Application/Controller/Admin/d3totpadminlogin.php
View File

@ -179,10 +179,8 @@ class d3totpadminlogin extends AdminController
*/ */
public function d3TotpHasValidTotp(string $sTotp = null, d3totp $totp): bool public function d3TotpHasValidTotp(string $sTotp = null, d3totp $totp): bool
{ {
return $this->d3TotpGetSession()->getVariable(d3totp_conf::SESSION_AUTH) || return $this->d3TotpGetSession()->getVariable(d3totp_conf::SESSION_AUTH)
( || $totp->verify($sTotp);
$sTotp && $totp->verify($sTotp)
);
} }
/** /**

2
src/Application/Model/d3totp.php
View File

@ -143,7 +143,7 @@ class d3totp extends BaseModel
{ {
if (false == $this->totp) { if (false == $this->totp) {
$this->totp = TOTP::create($seed ?: $this->getSavedSecret()); $this->totp = TOTP::create($seed ?: $this->getSavedSecret());
$this->totp->setLabel($this->getUser()->getFieldData('oxusername')); $this->totp->setLabel($this->getUser()->getFieldData('oxusername')?: '');
$this->totp->setIssuer(Registry::getConfig()->getActiveShop()->getFieldData('oxname')); $this->totp->setIssuer(Registry::getConfig()->getActiveShop()->getFieldData('oxname'));
} }

4
src/Modules/Application/Component/d3_totp_UserComponent.php
View File

@ -157,9 +157,7 @@ class d3_totp_UserComponent extends d3_totp_UserComponent_parent
public function d3TotpHasValidTotp($sTotp, $totp) public function d3TotpHasValidTotp($sTotp, $totp)
{ {
return Registry::getSession()->getVariable(d3totp_conf::SESSION_AUTH) || return Registry::getSession()->getVariable(d3totp_conf::SESSION_AUTH) ||
( $totp->verify($sTotp);
$sTotp && $totp->verify($sTotp)
);
} }
public function d3TotpClearSessionVariables() public function d3TotpClearSessionVariables()

7
src/tests/unit/Application/Controller/Admin/d3totpadminloginTest.php
View File

@ -537,11 +537,10 @@ class d3totpadminloginTest extends d3TotpUnitTestCase
->onlyMethods(['verify']) ->onlyMethods(['verify'])
->disableOriginalConstructor() ->disableOriginalConstructor()
->getMock(); ->getMock();
$oTotpMock->method('verify')->willReturn(true); $oTotpMock->method('verify')->willThrowException(oxNew(d3totp_wrongOtpException::class));
$this->assertFalse( $this->expectException(d3totp_wrongOtpException::class);
$this->callMethod($this->_oController, 'd3TotpHasValidTotp', [null, $oTotpMock]) $this->callMethod($this->_oController, 'd3TotpHasValidTotp', [null, $oTotpMock]);
);
} }
/** /**

7
src/tests/unit/Modules/Application/Component/d3_totp_UserComponentTest.php
View File

@ -566,11 +566,10 @@ class d3_totp_UserComponentTest extends d3TotpUnitTestCase
->onlyMethods(['verify']) ->onlyMethods(['verify'])
->disableOriginalConstructor() ->disableOriginalConstructor()
->getMock(); ->getMock();
$oTotpMock->method('verify')->willReturn(true); $oTotpMock->method('verify')->willThrowException(oxNew(d3totp_wrongOtpException::class));
$this->assertFalse( $this->expectException(d3totp_wrongOtpException::class);
$this->callMethod($this->_oController, 'd3TotpHasValidTotp', [null, $oTotpMock]) $this->callMethod($this->_oController, 'd3TotpHasValidTotp', [null, $oTotpMock]);
);
} }
/** /**