Changeset 1533544

Timestamp:

11/14/2016 08:36:19 AM (8 years ago)

Author:

rcdevs

Message:

U2F javascript scripts updated - WebService API is now versioned

Location:

openotp-authentication/trunk

Files:

• fidou2f.js (added)
• openotp.class.php (modified) (5 diffs)
• openotp.js (modified) (3 diffs)
• openotp.wsdl (modified) (6 diffs)
• openotp_banner.png (modified) (previous)
• readme.txt (modified) (1 diff)
• u2f.png (added)

openotp-authentication/trunk/openotp.class.php

@@ -1 +1 @@
 <?php
 /*
- RCDevs OpenOTP Plugin for RoundCube Webmail v2.0
- Copyright (c) 2010-2012 RCDevs, All rights reserved.
+ RCDevs OpenOTP Plugin for Wordpress 4-6
+ Copyright (c) 2010-2016 RCDevs, All rights reserved.
  
  This program is free software; you can redistribute it and/or
@@ -201 +201 @@
             $options['stream_context'] = $stream_context;
         }
-                    
-        $soap_client = new SoapClientTimeout(dirname(__FILE__).'/openotp.wsdl', $options);
+        
+        try{    
+            $soap_client = new SoapClientTimeout(dirname(__FILE__).'/openotp.wsdl', $options);
+        }catch(exception $e){
+            $excpetion = $e->getMessage();
+            return false;
+        }                   
         if (!$soap_client) {
             return false;
         }
         $soap_client->setTimeout(30);       
+        $soap_client->setVersion(2);        
         $this->soap_client = $soap_client;  
         return true;
@@ -228 +234 @@
 class SoapClientTimeout extends SoapClient {
     private $timeout;
+    private $version;
 
     public function setTimeout ($timeout) {
         $this->timeout = $timeout;
+    }
+    public function setVersion ($version) {
+        $this->version = $version;
     }
 
@@ -246 +256 @@
             curl_setopt($curl, CURLOPT_POSTFIELDS, $request);
             curl_setopt($curl, CURLOPT_HEADER, false);
-            curl_setopt($curl, CURLOPT_HTTPHEADER, array("Content-Type: text/xml"));
+            curl_setopt($curl, CURLOPT_HTTPHEADER, array("Content-Type: text/xml", "API-Version: ".strval($this->version)));
             curl_setopt($curl, CURLOPT_TIMEOUT, $this->timeout);
 
@@ -257 +267 @@
     }
 }
-
-?>

openotp-authentication/trunk/openotp.js

@@ -88 +88 @@
     var new_width =  Math.round(c*div_width/base);
     document.getElementById('div_orange').style.width=new_width+'px';
-    
-    if( document.getElementsByName('openotp_password') ){
+
+    //if( document.getElementsByName('openotp_password')[0] === undefined ) alert("Fuck");
+
+    if( document.getElementsByName('openotp_password')[0] !== undefined ){
         document.getElementsByName('openotp_password')[0].focus();
     }
@@ -135 +137 @@
 var timer = setInterval(function() {count();  }, 1000);
 
-
-if( otp_settings.openotp_u2fChallenge){
-    if (/chrom(e|ium)/.test(navigator.userAgent.toLowerCase())) {
-        u2f.sign([ JSON.parse(otp_settings.openotp_u2fChallenge)], function(response) { 
-        document.getElementsByName('openotp_u2f')[0].value = JSON.stringify(response); 
-        document.getElementById("openotpform").submit();
-        }, otp_settings.openotp_timeout );  
+if( otp_settings.openotp_u2fChallenge ){
+    if (/chrome|chromium|firefox|opera/.test(navigator.userAgent.toLowerCase())) {
+        var u2f_request = JSON.parse(otp_settings.openotp_u2fChallenge);
+        var u2f_regkeys = [];
+        for (var i=0, len=u2f_request.keyHandles.length; i<len; i++) {
+            u2f_regkeys.push({version:u2f_request.version,keyHandle:u2f_request.keyHandles[i]});
+        }
+        u2f.sign(u2f_request.appId, u2f_request.challenge, u2f_regkeys, function(response) {
+            document.getElementsByName('openotp_u2f')[0].value = JSON.stringify(response); 
+            document.getElementById('openotpform').submit();                    
+        }, otp_settings.openotp_timeout ); 
     } else { 
         var u2f_activate = document.getElementById('u2f_activate'); 
@@ -162 +168 @@
 
 
-

openotp-authentication/trunk/openotp.wsdl

@@ -17 +17 @@
     <part name="source" type="xsd:string"/>
     <part name="settings" type="xsd:string"/>
-    <part name="options" type="xsd:string"/>
-    <part name="context" type="xsd:string"/>
 </message>
 
@@ -30 +28 @@
     <part name="settings" type="xsd:string"/>
     <part name="options" type="xsd:string"/>
-    <part name="context" type="xsd:string"/>
 </message>
 
 <message name="openotpLoginResponse">
     <part name="code" type="xsd:integer"/>
+    <part name="error" type="xsd:string"/>
     <part name="message" type="xsd:string"/>
     <part name="session" type="xsd:string"/>
@@ -54 +52 @@
 <message name="openotpChallengeResponse">
     <part name="code" type="xsd:integer"/>
+    <part name="error" type="xsd:string"/>
     <part name="message" type="xsd:string"/>
     <part name="data" type="xsd:string"/>
@@ -92 +91 @@
    <operation name="openotpSimpleLogin">
       <soap:operation soapAction="openotpSimpleLogin"/>
-      <input><soap:body use="literal" namespace="urn:openotp" encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/></input>
-      <output><soap:body use="literal" namespace="urn:openotp" encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/></output>
+      <input><soap:body use="encoded" namespace="urn:openotp" encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/></input>
+      <output><soap:body use="encoded" namespace="urn:openotp" encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/></output>
    </operation>
    <operation name="openotpNormalLogin">
       <soap:operation soapAction="openotpNormalLogin"/>
-      <input><soap:body use="literal" namespace="urn:openotp" encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/></input>
-      <output><soap:body use="literal" namespace="urn:openotp" encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/></output>
+      <input><soap:body use="encoded" namespace="urn:openotp" encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/></input>
+      <output><soap:body use="encoded" namespace="urn:openotp" encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/></output>
    </operation>
    <operation name="openotpLogin">
@@ -104 +103 @@
            It is kept for backward compatibility with OpenOTP v1.0. -->
       <soap:operation soapAction="openotpLogin"/>
-      <input><soap:body use="literal" namespace="urn:openotp" encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/></input>
-      <output><soap:body use="literal" namespace="urn:openotp" encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/></output>
+      <input><soap:body use="encoded" namespace="urn:openotp" encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/></input>
+      <output><soap:body use="encoded" namespace="urn:openotp" encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/></output>
    </operation>
    <operation name="openotpChallenge">
       <soap:operation soapAction="openotpChallenge"/>
-      <input><soap:body use="literal" namespace="urn:openotp" encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/></input>
-      <output><soap:body use="literal" namespace="urn:openotp" encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/></output>
+      <input><soap:body use="encoded" namespace="urn:openotp" encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/></input>
+      <output><soap:body use="encoded" namespace="urn:openotp" encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/></output>
    </operation>
    <operation name="openotpStatus">
       <soap:operation soapAction="openotpStatus"/>
-      <input><soap:body use="literal" namespace="urn:openotp" encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/></input>
-      <output><soap:body use="literal" namespace="urn:openotp" encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/></output>
+      <input><soap:body use="encoded" namespace="urn:openotp" encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/></input>
+      <output><soap:body use="encoded" namespace="urn:openotp" encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/></output>
    </operation>
 </binding>
@@ -121 +120 @@
 <service name="openotpService">
    <port name="openotpPort" binding="tns:openotpBinding">
-      <soap:address location="%ADDRESS%"/>
+      <soap:address location="http://localhost:8080/openotp/"/>
    </port>
 </service>

openotp-authentication/trunk/readme.txt

@@ -50 +50 @@
 == Changelog ==
 
+= 1.2.4 =
+- WebService API is now versioned
+- U2F javascript scripts updated
+- OTP Challenge input doesn't show anymore characters in clear text (type=password) 
+
 = 1.2.3 =
 - Added support to OpenOTP Software Token to handle push logins