‪TYPO3CMS  11.5
Public Member Functions | Static Public Member Functions | Protected Member Functions | Protected Attributes | Private Attributes | List of all members
TYPO3\CMS\Core\Authentication\Mfa\Provider\Totp Class Reference

Public Member Functions

 __construct (string $secret, string $algo='sha1', int $length=6, int $step=30, int $epoch=0)
 
string generateTotp (int $counter)
 
bool verifyTotp (string $totp, int $gracePeriod=null)
 
string getTotpAuthUrl (string $issuer, string $account='', array $additionalParameters=[])
 

Static Public Member Functions

static string generateEncodedSecret (array $additionalAuthFactors=[])
 

Protected Member Functions

bool compare (string $totp, int $counter)
 
int getTimeCounter (int $timestamp)
 
 getDecodedSecret ()
 

Protected Attributes

string $secret
 
string $algo
 
int $length
 
int $step
 
int $epoch
 

Private Attributes

const ALLOWED_ALGOS = ['sha1', 'sha256', 'sha512']
 
const MIN_LENGTH = 6
 
const MAX_LENGTH = 8
 

Detailed Description

Time-based one-time password (TOTP) implementation according to rfc6238

should only be used by the TYPO3 Core

Definition at line 29 of file Totp.php.

Constructor & Destructor Documentation

◆ __construct()

TYPO3\CMS\Core\Authentication\Mfa\Provider\Totp::__construct ( string  $secret,
string  $algo = 'sha1',
int  $length = 6,
int  $step = 30,
int  $epoch = 0 
)

Definition at line 41 of file Totp.php.

References TYPO3\CMS\Core\Authentication\Mfa\Provider\Totp\$algo, TYPO3\CMS\Core\Authentication\Mfa\Provider\Totp\$epoch, TYPO3\CMS\Core\Authentication\Mfa\Provider\Totp\$length, TYPO3\CMS\Core\Authentication\Mfa\Provider\Totp\$secret, and TYPO3\CMS\Core\Authentication\Mfa\Provider\Totp\$step.

Member Function Documentation

◆ compare()

bool TYPO3\CMS\Core\Authentication\Mfa\Provider\Totp::compare ( string  $totp,
int  $counter 
)
protected

Compare given time-based one-time password with a time-based one-time password generated from the known $counter (the moving factor).

Parameters
string$totp‪The time-based one-time password to verify
int$counter‪The counter value, the moving factor
Returns
‪bool

Definition at line 179 of file Totp.php.

References TYPO3\CMS\Core\Authentication\Mfa\Provider\Totp\generateTotp().

Referenced by TYPO3\CMS\Core\Authentication\Mfa\Provider\Totp\verifyTotp().

◆ generateEncodedSecret()

static string TYPO3\CMS\Core\Authentication\Mfa\Provider\Totp::generateEncodedSecret ( array  $additionalAuthFactors = [])
static

Generate the shared secret (K) by using a random and applying additional authentication factors like username or email address.

Parameters
array$additionalAuthFactors
Returns
‪string

Definition at line 202 of file Totp.php.

References TYPO3\CMS\Core\Authentication\Mfa\Provider\Totp\$secret.

Referenced by TYPO3\CMS\Core\Tests\Unit\Authentication\Mfa\Provider\TotpTest\generateEncodedSecretTest(), and TYPO3\CMS\Core\Authentication\Mfa\Provider\TotpProvider\prepareSetupView().

◆ generateTotp()

string TYPO3\CMS\Core\Authentication\Mfa\Provider\Totp::generateTotp ( int  $counter)

Generate a time-based one-time password for the given counter according to rfc4226

Parameters
int$counter‪A timestamp (counter) according to rfc6238
Returns
‪string The generated TOTP

Definition at line 75 of file Totp.php.

References TYPO3\CMS\Core\Authentication\Mfa\Provider\Totp\getDecodedSecret().

Referenced by TYPO3\CMS\Core\Authentication\Mfa\Provider\Totp\compare().

◆ getDecodedSecret()

TYPO3\CMS\Core\Authentication\Mfa\Provider\Totp::getDecodedSecret ( )
protected

Definition at line 216 of file Totp.php.

Referenced by TYPO3\CMS\Core\Authentication\Mfa\Provider\Totp\generateTotp().

◆ getTimeCounter()

int TYPO3\CMS\Core\Authentication\Mfa\Provider\Totp::getTimeCounter ( int  $timestamp)
protected

Generate the counter value (moving factor) from the given timestamp

Parameters
int$timestamp
Returns
‪int

Definition at line 190 of file Totp.php.

Referenced by TYPO3\CMS\Core\Authentication\Mfa\Provider\Totp\verifyTotp().

◆ getTotpAuthUrl()

string TYPO3\CMS\Core\Authentication\Mfa\Provider\Totp::getTotpAuthUrl ( string  $issuer,
string  $account = '',
array  $additionalParameters = [] 
)

Generate and return the otpauth URL for TOTP

Parameters
string$issuer
string$account
array$additionalParameters
Returns
‪string

Definition at line 137 of file Totp.php.

References TYPO3\CMS\Core\Authentication\Mfa\Provider\Totp\$algo, TYPO3\CMS\Core\Authentication\Mfa\Provider\Totp\$epoch, TYPO3\CMS\Core\Authentication\Mfa\Provider\Totp\$length, TYPO3\CMS\Core\Authentication\Mfa\Provider\Totp\$secret, and TYPO3\CMS\Core\Authentication\Mfa\Provider\Totp\$step.

◆ verifyTotp()

bool TYPO3\CMS\Core\Authentication\Mfa\Provider\Totp::verifyTotp ( string  $totp,
int  $gracePeriod = null 
)

Verify the given time-based one-time password

Parameters
string$totp‪The time-based one-time password to be verified
int | null$gracePeriod‪The grace period for the TOTP +- (mainly to circumvent transmission delays)
Returns
‪bool

Definition at line 106 of file Totp.php.

References TYPO3\CMS\Core\Authentication\Mfa\Provider\Totp\$step, TYPO3\CMS\Core\Authentication\Mfa\Provider\Totp\compare(), and TYPO3\CMS\Core\Authentication\Mfa\Provider\Totp\getTimeCounter().

Member Data Documentation

◆ $algo

string TYPO3\CMS\Core\Authentication\Mfa\Provider\Totp::$algo
protected

Definition at line 36 of file Totp.php.

Referenced by TYPO3\CMS\Core\Authentication\Mfa\Provider\Totp\__construct(), and TYPO3\CMS\Core\Authentication\Mfa\Provider\Totp\getTotpAuthUrl().

◆ $epoch

int TYPO3\CMS\Core\Authentication\Mfa\Provider\Totp::$epoch
protected

Definition at line 39 of file Totp.php.

Referenced by TYPO3\CMS\Core\Authentication\Mfa\Provider\Totp\__construct(), and TYPO3\CMS\Core\Authentication\Mfa\Provider\Totp\getTotpAuthUrl().

◆ $length

int TYPO3\CMS\Core\Authentication\Mfa\Provider\Totp::$length
protected

Definition at line 37 of file Totp.php.

Referenced by TYPO3\CMS\Core\Authentication\Mfa\Provider\Totp\__construct(), and TYPO3\CMS\Core\Authentication\Mfa\Provider\Totp\getTotpAuthUrl().

◆ $secret

string TYPO3\CMS\Core\Authentication\Mfa\Provider\Totp::$secret
protected

Definition at line 35 of file Totp.php.

Referenced by TYPO3\CMS\Core\Authentication\Mfa\Provider\Totp\__construct(), TYPO3\CMS\Core\Authentication\Mfa\Provider\Totp\generateEncodedSecret(), and TYPO3\CMS\Core\Authentication\Mfa\Provider\Totp\getTotpAuthUrl().

◆ $step

int TYPO3\CMS\Core\Authentication\Mfa\Provider\Totp::$step
protected

Definition at line 38 of file Totp.php.

Referenced by TYPO3\CMS\Core\Authentication\Mfa\Provider\Totp\__construct(), TYPO3\CMS\Core\Authentication\Mfa\Provider\Totp\getTotpAuthUrl(), and TYPO3\CMS\Core\Authentication\Mfa\Provider\Totp\verifyTotp().

◆ ALLOWED_ALGOS

const TYPO3\CMS\Core\Authentication\Mfa\Provider\Totp::ALLOWED_ALGOS = ['sha1', 'sha256', 'sha512']
private

Definition at line 31 of file Totp.php.

◆ MAX_LENGTH

const TYPO3\CMS\Core\Authentication\Mfa\Provider\Totp::MAX_LENGTH = 8
private

Definition at line 33 of file Totp.php.

◆ MIN_LENGTH

const TYPO3\CMS\Core\Authentication\Mfa\Provider\Totp::MIN_LENGTH = 6
private

Definition at line 32 of file Totp.php.