diff --git a/app/Http/Controllers/AuthController.php b/app/Http/Controllers/AuthController.php index 9295c06f..8da6b508 100644 --- a/app/Http/Controllers/AuthController.php +++ b/app/Http/Controllers/AuthController.php @@ -22,7 +22,7 @@ use Illuminate\Support\Facades\Auth; use Illuminate\Support\Facades\Redirect; use Illuminate\Support\Facades\Session; use Illuminate\Support\Facades\View; -use PragmaRX\Google2FA\Vendor\Laravel\Facade as Google2FA; +use PragmaRX\Google2FA\Google2FA; class AuthController extends Controller { @@ -90,6 +90,9 @@ class AuthController extends Controller * This feels very hacky, but we have to juggle authentication and codes. * * @return \Illuminate\Http\RedirectResponse + * @throws \PragmaRX\Google2FA\Exceptions\IncompatibleWithGoogleAuthenticatorException + * @throws \PragmaRX\Google2FA\Exceptions\InvalidCharactersException + * @throws \PragmaRX\Google2FA\Exceptions\SecretKeyTooShortException */ public function postTwoFactor() { @@ -102,7 +105,8 @@ class AuthController extends Controller $user = Auth::user(); - $valid = Google2FA::verifyKey($user->google_2fa_secret, $code); + $google2fa = new Google2FA(); + $valid = $google2fa->verifyKey($user->google_2fa_secret, $code); if ($valid) { event(new UserPassedTwoAuthEvent($user)); diff --git a/app/Http/Controllers/Dashboard/UserController.php b/app/Http/Controllers/Dashboard/UserController.php index 751f50f2..76dc642b 100644 --- a/app/Http/Controllers/Dashboard/UserController.php +++ b/app/Http/Controllers/Dashboard/UserController.php @@ -21,7 +21,7 @@ use Illuminate\Routing\Controller; use Illuminate\Support\Arr; use Illuminate\Support\Facades\Auth; use Illuminate\Support\Facades\View; -use PragmaRX\Google2FA\Vendor\Laravel\Facade as Google2FA; +use PragmaRX\Google2FA\Google2FA; class UserController extends Controller { @@ -40,6 +40,8 @@ class UserController extends Controller * Updates the current user. * * @return \Illuminate\View\View + * @throws \PragmaRX\Google2FA\Exceptions\IncompatibleWithGoogleAuthenticatorException + * @throws \PragmaRX\Google2FA\Exceptions\InvalidCharactersException */ public function postUser() { @@ -50,7 +52,8 @@ class UserController extends Controller // Let's enable/disable auth if ($enable2FA && !Auth::user()->hasTwoFactor) { event(new UserEnabledTwoAuthEvent(Auth::user())); - $userData['google_2fa_secret'] = Google2FA::generateSecretKey(); + $google2fa = new Google2FA(); + $userData['google_2fa_secret'] = $google2fa->generateSecretKey(); } elseif (!$enable2FA) { event(new UserDisabledTwoAuthEvent(Auth::user())); $userData['google_2fa_secret'] = ''; diff --git a/composer.json b/composer.json index 7f6eeac8..75b1e4b9 100644 --- a/composer.json +++ b/composer.json @@ -30,6 +30,7 @@ }, "require": { "php": "^7.1.3", + "ext-imagick": "*", "ext-mbstring": "*", "ext-openssl": "*", "ext-xml": "*", @@ -39,6 +40,7 @@ "alt-three/twitter": "^3.1", "alt-three/validator": "^4.1", "aws/aws-sdk-php": "^3.7", + "bacon/bacon-qr-code": "^2.0", "barryvdh/laravel-cors": "^0.11.0", "doctrine/dbal": "2.9.*", "fideloper/proxy": "^4.0", @@ -52,7 +54,7 @@ "laravolt/avatar": "^2.1", "mccool/laravel-auto-presenter": "^7.1", "nexmo/client": "^1.5", - "pragmarx/google2fa": "^0.7.1", + "pragmarx/google2fa": "^5.0", "predis/predis": "^1.1", "twig/twig": "^2.6" }, diff --git a/composer.lock b/composer.lock index c2ccb49f..549050cd 100644 --- a/composer.lock +++ b/composer.lock @@ -4,7 +4,7 @@ "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies", "This file is @generated automatically" ], - "content-hash": "616135d38596e8d3c78ed774082dad7e", + "content-hash": "c54bcbef46226dd1ef73c6a65935cf9d", "packages": [ { "name": "alt-three/badger", @@ -358,16 +358,16 @@ }, { "name": "aws/aws-sdk-php", - "version": "3.94.1", + "version": "3.94.3", "source": { "type": "git", "url": "https://github.com/aws/aws-sdk-php.git", - "reference": "759a565285324d2248b6ee783de541ce65bddd46" + "reference": "402a7e30c4ad979ca264079cd224984840ce6b37" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/aws/aws-sdk-php/zipball/759a565285324d2248b6ee783de541ce65bddd46", - "reference": "759a565285324d2248b6ee783de541ce65bddd46", + "url": "https://api.github.com/repos/aws/aws-sdk-php/zipball/402a7e30c4ad979ca264079cd224984840ce6b37", + "reference": "402a7e30c4ad979ca264079cd224984840ce6b37", "shasum": "" }, "require": { @@ -437,36 +437,39 @@ "s3", "sdk" ], - "time": "2019-05-21T18:29:47+00:00" + "time": "2019-05-23T18:07:25+00:00" }, { "name": "bacon/bacon-qr-code", - "version": "1.0.3", + "version": "2.0.0", "source": { "type": "git", "url": "https://github.com/Bacon/BaconQrCode.git", - "reference": "5a91b62b9d37cee635bbf8d553f4546057250bee" + "reference": "eaac909da3ccc32b748a65b127acd8918f58d9b0" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/Bacon/BaconQrCode/zipball/5a91b62b9d37cee635bbf8d553f4546057250bee", - "reference": "5a91b62b9d37cee635bbf8d553f4546057250bee", + "url": "https://api.github.com/repos/Bacon/BaconQrCode/zipball/eaac909da3ccc32b748a65b127acd8918f58d9b0", + "reference": "eaac909da3ccc32b748a65b127acd8918f58d9b0", "shasum": "" }, "require": { + "dasprid/enum": "^1.0", "ext-iconv": "*", - "php": "^5.4|^7.0" + "php": "^7.1" }, "require-dev": { - "phpunit/phpunit": "^4.8" + "phly/keep-a-changelog": "^1.4", + "phpunit/phpunit": "^6.4", + "squizlabs/php_codesniffer": "^3.1" }, "suggest": { - "ext-gd": "to generate QR code images" + "ext-imagick": "to generate QR code images" }, "type": "library", "autoload": { - "psr-0": { - "BaconQrCode": "src/" + "psr-4": { + "BaconQrCode\\": "src/" } }, "notification-url": "https://packagist.org/downloads/", @@ -483,7 +486,7 @@ ], "description": "BaconQrCode is a QR code generator for PHP.", "homepage": "https://github.com/Bacon/BaconQrCode", - "time": "2017-10-17T09:59:25+00:00" + "time": "2018-04-25T17:53:56+00:00" }, { "name": "barryvdh/laravel-cors", @@ -547,61 +550,6 @@ ], "time": "2019-02-26T18:08:30+00:00" }, - { - "name": "christian-riesen/base32", - "version": "1.3.2", - "source": { - "type": "git", - "url": "https://github.com/ChristianRiesen/base32.git", - "reference": "80ff0e3b2124e61b4b39e2535709452f70bff367" - }, - "dist": { - "type": "zip", - "url": "https://api.github.com/repos/ChristianRiesen/base32/zipball/80ff0e3b2124e61b4b39e2535709452f70bff367", - "reference": "80ff0e3b2124e61b4b39e2535709452f70bff367", - "shasum": "" - }, - "require": { - "php": ">=5.3" - }, - "require-dev": { - "php": ">=5.6", - "phpunit/phpunit": "^5.0", - "satooshi/php-coveralls": "^1.0" - }, - "type": "library", - "extra": { - "branch-alias": { - "dev-master": "1.1.x-dev" - } - }, - "autoload": { - "psr-4": { - "Base32\\": "src/" - } - }, - "notification-url": "https://packagist.org/downloads/", - "license": [ - "MIT" - ], - "authors": [ - { - "name": "Christian Riesen", - "email": "chris.riesen@gmail.com", - "homepage": "http://christianriesen.com", - "role": "Developer" - } - ], - "description": "Base32 encoder/decoder according to RFC 4648", - "homepage": "https://github.com/ChristianRiesen/base32", - "keywords": [ - "base32", - "decode", - "encode", - "rfc4648" - ], - "time": "2018-11-02T09:03:50+00:00" - }, { "name": "danielstjules/stringy", "version": "3.1.0", @@ -658,6 +606,48 @@ ], "time": "2017-06-12T01:10:27+00:00" }, + { + "name": "dasprid/enum", + "version": "1.0.0", + "source": { + "type": "git", + "url": "https://github.com/DASPRiD/Enum.git", + "reference": "631ef6e638e9494b0310837fa531bedd908fc22b" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/DASPRiD/Enum/zipball/631ef6e638e9494b0310837fa531bedd908fc22b", + "reference": "631ef6e638e9494b0310837fa531bedd908fc22b", + "shasum": "" + }, + "require-dev": { + "phpunit/phpunit": "^6.4", + "squizlabs/php_codesniffer": "^3.1" + }, + "type": "library", + "autoload": { + "psr-4": { + "DASPRiD\\Enum\\": "src/" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "BSD-2-Clause" + ], + "authors": [ + { + "name": "Ben Scholzen 'DASPRiD'", + "email": "mail@dasprids.de", + "homepage": "https://dasprids.de/" + } + ], + "description": "PHP 7.1 enum implementation", + "keywords": [ + "enum", + "map" + ], + "time": "2017-10-25T22:45:27+00:00" + }, { "name": "dnoegel/php-xdg-base-dir", "version": "0.1", @@ -3061,6 +3051,68 @@ ], "time": "2019-05-05T12:50:25+00:00" }, + { + "name": "paragonie/constant_time_encoding", + "version": "v2.2.3", + "source": { + "type": "git", + "url": "https://github.com/paragonie/constant_time_encoding.git", + "reference": "55af0dc01992b4d0da7f6372e2eac097bbbaffdb" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/paragonie/constant_time_encoding/zipball/55af0dc01992b4d0da7f6372e2eac097bbbaffdb", + "reference": "55af0dc01992b4d0da7f6372e2eac097bbbaffdb", + "shasum": "" + }, + "require": { + "php": "^7" + }, + "require-dev": { + "phpunit/phpunit": "^6|^7", + "vimeo/psalm": "^1|^2" + }, + "type": "library", + "autoload": { + "psr-4": { + "ParagonIE\\ConstantTime\\": "src/" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Paragon Initiative Enterprises", + "email": "security@paragonie.com", + "homepage": "https://paragonie.com", + "role": "Maintainer" + }, + { + "name": "Steve 'Sc00bz' Thomas", + "email": "steve@tobtu.com", + "homepage": "https://www.tobtu.com", + "role": "Original Developer" + } + ], + "description": "Constant-time Implementations of RFC 4648 Encoding (Base-64, Base-32, Base-16)", + "keywords": [ + "base16", + "base32", + "base32_decode", + "base32_encode", + "base64", + "base64_decode", + "base64_encode", + "bin2hex", + "encoding", + "hex", + "hex2bin", + "rfc4648" + ], + "time": "2019-01-03T20:26:31+00:00" + }, { "name": "php-http/guzzle6-adapter", "version": "v1.1.1", @@ -3229,41 +3281,43 @@ }, { "name": "pragmarx/google2fa", - "version": "v0.7.1", + "version": "v5.0.0", "source": { "type": "git", "url": "https://github.com/antonioribeiro/google2fa.git", - "reference": "908678ba9b26cf8ecd7ddca6bfd86afc5b4874df" + "reference": "17c969c82f427dd916afe4be50bafc6299aef1b4" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/antonioribeiro/google2fa/zipball/908678ba9b26cf8ecd7ddca6bfd86afc5b4874df", - "reference": "908678ba9b26cf8ecd7ddca6bfd86afc5b4874df", + "url": "https://api.github.com/repos/antonioribeiro/google2fa/zipball/17c969c82f427dd916afe4be50bafc6299aef1b4", + "reference": "17c969c82f427dd916afe4be50bafc6299aef1b4", "shasum": "" }, "require": { - "christian-riesen/base32": "~1.0", - "php": ">=5.3.7", - "simplesoftwareio/simple-qrcode": "1.3.*" + "paragonie/constant_time_encoding": "~1.0|~2.0", + "paragonie/random_compat": ">=1", + "php": ">=5.4", + "symfony/polyfill-php56": "~1.2" }, "require-dev": { - "phpspec/phpspec": "~2.1" + "phpunit/phpunit": "~4|~5|~6" }, "type": "library", "extra": { "component": "package", - "frameworks": [ - "Laravel" - ] + "branch-alias": { + "dev-master": "2.0-dev" + } }, "autoload": { "psr-4": { - "PragmaRX\\Google2FA\\": "src/" + "PragmaRX\\Google2FA\\": "src/", + "PragmaRX\\Google2FA\\Tests\\": "tests/" } }, "notification-url": "https://packagist.org/downloads/", "license": [ - "BSD-3-Clause" + "MIT" ], "authors": [ { @@ -3274,12 +3328,12 @@ ], "description": "A One Time Password Authentication package, compatible with Google Authenticator.", "keywords": [ + "2fa", "Authentication", "Two Factor Authentication", - "google2fa", - "laravel" + "google2fa" ], - "time": "2015-11-07T13:57:42+00:00" + "time": "2019-03-19T22:44:16+00:00" }, { "name": "predis/predis", @@ -3773,57 +3827,6 @@ ], "time": "2018-07-19T23:38:55+00:00" }, - { - "name": "simplesoftwareio/simple-qrcode", - "version": "1.3.3", - "source": { - "type": "git", - "url": "https://github.com/SimpleSoftwareIO/simple-qrcode.git", - "reference": "17c5e45c79c40f717d4bc08cf5e568f29ebf9333" - }, - "dist": { - "type": "zip", - "url": "https://api.github.com/repos/SimpleSoftwareIO/simple-qrcode/zipball/17c5e45c79c40f717d4bc08cf5e568f29ebf9333", - "reference": "17c5e45c79c40f717d4bc08cf5e568f29ebf9333", - "shasum": "" - }, - "require": { - "bacon/bacon-qr-code": "1.0.*", - "ext-gd": "*", - "illuminate/support": ">=4.2.0", - "php": ">=5.4.0" - }, - "require-dev": { - "mockery/mockery": "0.9.*", - "phpunit/phpunit": "4.7.*" - }, - "type": "library", - "autoload": { - "psr-0": { - "SimpleSoftwareIO\\QrCode\\": "src" - } - }, - "notification-url": "https://packagist.org/downloads/", - "license": [ - "MIT" - ], - "authors": [ - { - "name": "Simple Software LLC", - "email": "support@simplesoftware.io" - } - ], - "description": "Simple QrCode is a QR code generator made for Laravel.", - "homepage": "http://www.simplesoftware.io", - "keywords": [ - "Simple", - "generator", - "laravel", - "qrcode", - "wrapper" - ], - "time": "2016-01-31T02:09:25+00:00" - }, { "name": "swiftmailer/swiftmailer", "version": "v6.2.1", @@ -4573,6 +4576,62 @@ ], "time": "2019-03-04T13:44:35+00:00" }, + { + "name": "symfony/polyfill-php56", + "version": "v1.11.0", + "source": { + "type": "git", + "url": "https://github.com/symfony/polyfill-php56.git", + "reference": "f4dddbc5c3471e1b700a147a20ae17cdb72dbe42" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/symfony/polyfill-php56/zipball/f4dddbc5c3471e1b700a147a20ae17cdb72dbe42", + "reference": "f4dddbc5c3471e1b700a147a20ae17cdb72dbe42", + "shasum": "" + }, + "require": { + "php": ">=5.3.3", + "symfony/polyfill-util": "~1.0" + }, + "type": "library", + "extra": { + "branch-alias": { + "dev-master": "1.11-dev" + } + }, + "autoload": { + "psr-4": { + "Symfony\\Polyfill\\Php56\\": "" + }, + "files": [ + "bootstrap.php" + ] + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Nicolas Grekas", + "email": "p@tchwork.com" + }, + { + "name": "Symfony Community", + "homepage": "https://symfony.com/contributors" + } + ], + "description": "Symfony polyfill backporting some PHP 5.6+ features to lower PHP versions", + "homepage": "https://symfony.com", + "keywords": [ + "compatibility", + "polyfill", + "portable", + "shim" + ], + "time": "2019-02-06T07:57:58+00:00" + }, { "name": "symfony/polyfill-php72", "version": "v1.11.0", @@ -4628,6 +4687,58 @@ ], "time": "2019-02-06T07:57:58+00:00" }, + { + "name": "symfony/polyfill-util", + "version": "v1.11.0", + "source": { + "type": "git", + "url": "https://github.com/symfony/polyfill-util.git", + "reference": "b46c6cae28a3106735323f00a0c38eccf2328897" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/symfony/polyfill-util/zipball/b46c6cae28a3106735323f00a0c38eccf2328897", + "reference": "b46c6cae28a3106735323f00a0c38eccf2328897", + "shasum": "" + }, + "require": { + "php": ">=5.3.3" + }, + "type": "library", + "extra": { + "branch-alias": { + "dev-master": "1.11-dev" + } + }, + "autoload": { + "psr-4": { + "Symfony\\Polyfill\\Util\\": "" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Nicolas Grekas", + "email": "p@tchwork.com" + }, + { + "name": "Symfony Community", + "homepage": "https://symfony.com/contributors" + } + ], + "description": "Symfony utilities for portability of PHP codes", + "homepage": "https://symfony.com", + "keywords": [ + "compat", + "compatibility", + "polyfill", + "shim" + ], + "time": "2019-02-08T14:16:39+00:00" + }, { "name": "symfony/process", "version": "v4.2.8", @@ -7360,6 +7471,7 @@ "prefer-lowest": false, "platform": { "php": "^7.1.3", + "ext-imagick": "*", "ext-mbstring": "*", "ext-openssl": "*", "ext-xml": "*" diff --git a/config/app.php b/config/app.php index 84920b9e..68b1702b 100644 --- a/config/app.php +++ b/config/app.php @@ -187,7 +187,6 @@ return [ Laravel\Tinker\TinkerServiceProvider::class, Laravolt\Avatar\ServiceProvider::class, McCool\LaravelAutoPresenter\AutoPresenterServiceProvider::class, - PragmaRX\Google2FA\Vendor\Laravel\ServiceProvider::class, /* * Application Service Providers... diff --git a/resources/views/dashboard/user/index.blade.php b/resources/views/dashboard/user/index.blade.php index dfd40f15..9cc5d028 100644 --- a/resources/views/dashboard/user/index.blade.php +++ b/resources/views/dashboard/user/index.blade.php @@ -53,13 +53,23 @@ @if($currentUser->hasTwoFactor)
getQRCodeUrl( 'Cachet', $currentUser->email, $currentUser->google_2fa_secret ); + + $writer = new \BaconQrCode\Writer( + new \BaconQrCode\Renderer\ImageRenderer( + new \BaconQrCode\Renderer\RendererStyle\RendererStyle(200), + new \BaconQrCode\Renderer\Image\ImagickImageBackEnd() + ) + ); + + $qrcode_image = base64_encode($writer->writeString($google2fa_url)); ?> - + {!! trans('forms.user.2fa.help') !!}
@endif