Beranda>Kode sumber PHP>Kategori lainnya
Unduh

php oath server suite

Kumpulan kelas untuk menyediakan otentikasi faktor kedua seperti sisi server Yubico OTP (Yubikey), Oath (TOTP, HOTP, GoogleAuthenticator).

Untuk informasi lebih lanjut tentang Sumpah, lihat https://openauthentication.org/.

Informasi lebih lanjut tentang TOTP (Algoritma Kata Sandi Satu Kali Berbasis Waktu) dapat ditemukan di Wikipedia.

Informasi lebih lanjut tentang HOTP (Algoritma Kata Sandi Satu Kali Berbasis HMAC) dapat ditemukan di Wikipedia.

Untuk informasi lebih lanjut tentang mekanisme otentikasi Yubico OTP, baca artikel "Apa itu YubiKey OTP?" di https://developers.yubico.com/OTP/.

Instalasi 

 {
   	"require": {
        "chroma-x/oath-server-suite": "~4.0"
    }
}

Penggunaan

Pemuatan otomatis dan nameapce 

 require_once('path/to/vendor/autoload.php');

Yubico OTP (YubiCloud)

Untuk menggunakan Yubico OTP Anda memerlukan akses YubiCloud. Anda bisa mendapatkan kredensial API gratis dari https://upgrade.yubico.com/getapikey/.

Memvalidasi kata sandi satu kali Yubico 

 use ChromaXCommonExceptionNetworkExceptionBaseNetworkException;

$otp = $_POST['otp'];
$userPublicId = 'fetchedFromDatabaseOrSimilar';

$validator = new OathServerSuiteValidationYubicoOtpValidator('yubiCloudClientId', 'yubiCloudSecretKey');
try {
	$validator->validate($otp, $userPublicId);
	if ($validator->isValid()) {
		// Validation was successful
	} else {
		// Validation failed
	}
} catch (NetworkException $exception) {
	// Accessing the YubiCloud webservice failed.
}

Sumpah – gaya Google Authenticator

Berbagi nama kunci dan rahasia

Untuk mengizinkan otentikasi, klien dan server harus berbagi rahasia. Biasanya server memotong sebuah rahasia dan menampilkan semuanya bersama dengan nama kunci dan mekanisme otentikasi sebagai kode QR.

Google Authenticator dan beberapa aplikasi serta perangkat keras lainnya – seperti Yubikey – tidak mengikuti standar dengan mengharapkan rahasia tidak dalam bentuk heksadesimal tetapi sebagai data yang dikodekan Base32.

TOTP (Algoritma Kata Sandi Satu Kali Berbasis Waktu) 
 use ChromaXOathServerSuiteSecretSharingSharedSecretQrCodeProviderSharedSecretQrCodeProvider;
use ChromaXOathServerSuiteSecretSharingSharedSecretUrlEncoderTotpBase32SharedSecretUrlEncoder;
use ChromaXQrCodeSuiteQrEncodeQrEncoder;

// Initialize Oath URL encoder for TOTP (Time-based One-time Password Algorithm)
$contentEncoder = new TotpBase32SharedSecretUrlEncoder();

// Setting the key name
$keyName = 'My Username';

// Setting the issuer name
$issuerName = 'Awesome Application';

// Setting a secret
// Attention: This is just an example value
// Use a random value of a proper length stored with your user credentials
$sharedSecret = openssl_random_pseudo_bytes(30);

// Getting the shared secret URL for usage wihtout QR code provision
$sharedSecretUrl = $contentEncoder->encode($keyName, $sharedSecret);

// Start QR code provision
// Initialize the QR code provider with Oath URL encoder for TOTP
$sharedSecretQrProvider = new SharedSecretQrCodeProvider(new TotpBase32SharedSecretUrlEncoder(), $keyName, $sharedSecret, $issuerName);

// Configure the QR code renderer for your needs
$sharedSecretQrProvider->getQrEncoder()
	->setLevel(QrEncoder::QR_CODE_LEVEL_LOW)
	->setTempDir('/path/to/a/writable/temp-dir');

// Persist the QR code PNG to the filesystem
$sharedSecretQrProvider->provideQrCode('/path/to/the/qrcode.png');
HOTP (Algoritma Kata Sandi Sekali Pakai berbasis HMAC) 
 use ChromaXOathServerSuiteSecretSharingSharedSecretQrCodeProviderSharedSecretQrCodeProvider;
use ChromaXOathServerSuiteSecretSharingSharedSecretUrlEncoderHotpBase32SharedSecretUrlEncoder;
use ChromaXQrCodeSuiteQrEncodeQrEncoder;

// Initialize Oath URL encoder for HOTP (HMAC-based One-time Password Algorithm)
$contentEncoder = new HotpBase32SharedSecretUrlEncoder();

// Setting the key name
$keyName = 'My Username';

// Setting the issuer name
$issuerName = 'Awesome Application';

// Setting a secret
// Attention: This is just an example value
// Use a random value of a proper length stored with your user credentials
$sharedSecret = openssl_random_pseudo_bytes(30);

// Getting the shared secret URL for usage wihtout QR code provision
$sharedSecretUrl = $contentEncoder->encode($keyName, $sharedSecret);

// Start QR code provision
// Initialize the QR code provider with Oath URL encoder for HOTP
$sharedSecretQrProvider = new SharedSecretQrCodeProvider(new HotpBase32SharedSecretUrlEncoder(), $keyName, $sharedSecret, $issuerName);

// Configure the QR code renderer for your needs
$sharedSecretQrProvider->getQrEncoder()
	->setLevel(QrEncoder::QR_CODE_LEVEL_LOW)
	->setTempDir('/path/to/a/writable/temp-dir');

// Persist the QR code PNG to the filesystem
$sharedSecretQrProvider->provideQrCode('/path/to/the/qrcode.png');

Memvalidasi kata sandi satu kali Sumpah

TOTP (Algoritma Kata Sandi Satu Kali Berbasis Waktu) 
 $totp = $_POST['totp'];
$sharedSecret = 'fetchedFromDatabaseOrSimilar';

$validator = new OathServerSuiteValidationOathTotpValidator();
$validator->validate($totp, $sharedSecret);
if ($validator->isValid()) {
	// Validation was successful
} else {
	// Validation failed
}
HOTP (Algoritma Kata Sandi Sekali Pakai berbasis HMAC) 
 $hotp = $_POST['hotp'];
$sharedSecret = 'fetchedFromDatabaseOrSimilar';
$counter = (int)'fetchedFromDatabaseOrSimilar';

$validator = new OathServerSuiteValidationOathHotpValidator();
$validator->validate($hotp, $sharedSecret, $counter);
if ($validator->isValid()) {
	// Validation was successful
} else {
	// Validation failed
}

Sumpah – mengikuti standar

Berbagi nama kunci dan rahasia

TOTP (Algoritma Kata Sandi Satu Kali Berbasis Waktu) 
 use ChromaXOathServerSuiteSecretSharingSharedSecretQrCodeProviderSharedSecretQrCodeProvider;
use ChromaXOathServerSuiteSecretSharingSharedSecretUrlEncoderTotpSharedSecretUrlEncoder;
use ChromaXQrCodeSuiteQrEncodeQrEncoder;

// Initialize Oath URL encoder for TOTP (Time-based One-time Password Algorithm)
$contentEncoder = new TotpSharedSecretUrlEncoder();

// Setting the key name
$keyName = 'My Username';

// Setting the issuer name
$issuerName = 'Awesome Application';

// Setting a secret
// Attention: This is just an example value
// Use a random value of a proper length stored with your user credentials
$sharedSecret = openssl_random_pseudo_bytes(30);

// Getting the shared secret URL for usage wihtout QR code provision
$sharedSecretUrl = $contentEncoder->encode($keyName, $sharedSecret);

// Start QR code provision
// Initialize the QR code provider with Oath URL encoder for TOTP
$sharedSecretQrProvider = new SharedSecretQrCodeProvider(new TotpSharedSecretUrlEncoder(), $keyName, $sharedSecret, $issuerName);

// Configure the QR code renderer for your needs
$sharedSecretQrProvider->getQrEncoder()
	->setLevel(QrEncoder::QR_CODE_LEVEL_LOW)
	->setTempDir('/path/to/a/writable/temp-dir');

// Persist the QR code PNG to the filesystem
$sharedSecretQrProvider->provideQrCode('/path/to/the/qrcode.png');
HOTP (Algoritma Kata Sandi Sekali Pakai berbasis HMAC) 
 use ChromaXOathServerSuiteSecretSharingSharedSecretQrCodeProviderSharedSecretQrCodeProvider;
use ChromaXOathServerSuiteSecretSharingSharedSecretUrlEncoderHotpSharedSecretUrlEncoder;
use ChromaXQrCodeSuiteQrEncodeQrEncoder;

// Initialize Oath URL encoder for HOTP (HMAC-based One-time Password Algorithm)
$contentEncoder = new HotpSharedSecretUrlEncoder();

// Setting the key name
$keyName = 'My Username';

// Setting the issuer name
$issuerName = 'Awesome Application';

// Setting a secret
// Attention: This is just an example value
// Use a random value of a proper length stored with your user credentials
$sharedSecret = openssl_random_pseudo_bytes(30);

// Getting the shared secret URL for usage wihtout QR code provision
$sharedSecretUrl = $contentEncoder->encode($keyName, $sharedSecret);

// Start QR code provision
// Initialize the QR code provider with Oath URL encoder for HOTP
$sharedSecretQrProvider = new SharedSecretQrCodeProvider(new HotpSharedSecretUrlEncoder(), $keyName, $sharedSecret, $issuerName);

// Configure the QR code renderer for your needs
$sharedSecretQrProvider->getQrEncoder()
	->setLevel(QrEncoder::QR_CODE_LEVEL_LOW)
	->setTempDir('/path/to/a/writable/temp-dir');

// Persist the QR code PNG to the filesystem
$sharedSecretQrProvider->provideQrCode('/path/to/the/qrcode.png');

Memvalidasi kata sandi satu kali Sumpah

TOTP (Algoritma Kata Sandi Satu Kali Berbasis Waktu) 
 $totp = $_POST['totp'];
$sharedSecret = 'fetchedFromDatabaseOrSimilar';

$validator = new OathServerSuiteValidationOathTotpValidator();
$validator->validate($totp, $sharedSecret);
if ($validator->isValid()) {
	// Validation was successful
} else {
	// Validation failed
}
HOTP (Algoritma Kata Sandi Sekali Pakai berbasis HMAC) 
 $hotp = $_POST['hotp'];
$sharedSecret = 'fetchedFromDatabaseOrSimilar';
$counter = (int)'fetchedFromDatabaseOrSimilar';

$validator = new OathServerSuiteValidationOathHotpValidator();
$validator->validate($hotp, $sharedSecret, $counter);
if ($validator->isValid()) {
	// Validation was successful
} else {
	// Validation failed
}

Penanganan pengecualian

php oath server suite memberikan pengecualian yang berbeda – beberapa disediakan oleh proyek Pengecualian Umum PHP – untuk penanganan yang tepat.
Anda dapat menemukan informasi lebih lanjut tentang Pengecualian Umum PHP di Github.

Kontribusi

Berkontribusi pada proyek kami selalu sangat dihargai.
Namun: harap ikuti pedoman kontribusi yang tertulis di dokumen CONTRIBUTING.md.

Lisensi

php oath server suite berada di bawah lisensi MIT.

Memperluas
Informasi Tambahan
Aplikasi Terkait
Direkomendasikan untuk Anda
Informasi Terkait Semua