Version Notes
Initial release.
Download this release
Release Info
Developer | netz98 new media GmbH |
Extension | N98_Yubikey |
Version | 1.0.0 |
Comparing to | |
See all releases |
Version 1.0.0
- app/code/community/N98/Yubikey/Block/Adminhtml/Permission/User/Edit/Tab/Yubikey.php +72 -0
- app/code/community/N98/Yubikey/Block/Adminhtml/Permission/User/Edit/Tabs.php +55 -0
- app/code/community/N98/Yubikey/Helper/Data.php +46 -0
- app/code/community/N98/Yubikey/Model/Auth.php +444 -0
- app/code/community/N98/Yubikey/Model/Config.php +166 -0
- app/code/community/N98/Yubikey/Model/Observer.php +102 -0
- app/code/community/N98/Yubikey/controllers/Adminhtml/YubikeyController.php +69 -0
- app/code/community/N98/Yubikey/etc/config.xml +83 -0
- app/code/community/N98/Yubikey/etc/system.xml +114 -0
- app/code/community/N98/Yubikey/sql/n98_yubikey_setup/install-1.0.0.php +23 -0
- app/design/adminhtml/default/default/layout/n98_yubikey.xml +7 -0
- app/design/adminhtml/default/default/template/n98_yubikey/login.phtml +59 -0
- app/etc/modules/N98_Yubikey.xml +13 -0
- app/locale/de_DE/N98_Yubikey.csv +17 -0
- app/locale/en_US/N98_Yubikey.csv +17 -0
- package.xml +18 -0
- skin/adminhtml/default/default/images/n98_yubikey/yubiright_16x16.gif +0 -0
app/code/community/N98/Yubikey/Block/Adminhtml/Permission/User/Edit/Tab/Yubikey.php
ADDED
@@ -0,0 +1,72 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
/**
|
3 |
+
* netz98 magento module
|
4 |
+
*
|
5 |
+
* LICENSE
|
6 |
+
*
|
7 |
+
* Copyright © 2012.
|
8 |
+
* netz98 new media GmbH. Alle Rechte vorbehalten.
|
9 |
+
*
|
10 |
+
* Die Nutzung und Weiterverbreitung dieser Software in kompilierter oder nichtkompilierter Form, mit oder ohne Veränderung, ist unter den folgenden Bedingungen zulässig:
|
11 |
+
*
|
12 |
+
* 1. Weiterverbreitete kompilierte oder nichtkompilierte Exemplare müssen das obere Copyright, die Liste der Bedingungen und den folgenden Verzicht im Sourcecode enthalten.
|
13 |
+
* 2. Alle Werbematerialien, die sich auf die Eigenschaften oder die Benutzung der Software beziehen, müssen die folgende Bemerkung enthalten: "Dieses Produkt enthält Software, die von der netz98 new media GmbH entwickelt wurde."
|
14 |
+
* 3. Der Name der netz98 new media GmbH darf nicht ohne vorherige ausdrückliche, schriftliche Genehmigung zur Kennzeichnung oder Bewerbung von Produkten, die von dieser Software abgeleitet wurden, verwendet werden.
|
15 |
+
* 4. Es ist Lizenznehmern der netz98 new media GmbH nur dann erlaubt die veränderte Software zu verbreiten, wenn jene zu den Bedingungen einer Lizenz, die eine Copyleft-Klausel enthält, lizenziert wird.
|
16 |
+
*
|
17 |
+
* Diese Software wird von der netz98 new media GmbH ohne jegliche spezielle oder implizierte Garantien zur Verfügung gestellt. So übernimmt die netz98 new media GmbH keine Gewährleistung für die Verwendbarkeit der Software für einen speziellen Zweck oder die generelle Nutzbarkeit. Unter keinen Umständen ist netz98 haftbar für indirekte oder direkte Schäden, die aus der Verwendung der Software resultieren. Jegliche Schadensersatzansprüche sind ausgeschlossen.
|
18 |
+
*
|
19 |
+
*
|
20 |
+
* Copyright © 2012
|
21 |
+
* netz98 new media GmbH. All rights reserved.
|
22 |
+
*
|
23 |
+
* The use and redistribution of this software, either compiled or uncompiled, with or without modifications are permitted provided that the following conditions are met:
|
24 |
+
*
|
25 |
+
* 1. Redistributions of compiled or uncompiled source must contain the above copyright notice, this list of the conditions and the following disclaimer:
|
26 |
+
* 2. All advertising materials mentioning features or use of this software must display the following acknowledgement: “This product includes software developed by the netz98 new media GmbH, Mainz.”
|
27 |
+
* 3. The name of the netz98 new media GmbH may not be used to endorse or promote products derived from this software without specific prior written permission.
|
28 |
+
* 4. License holders of the netz98 new media GmbH are only permitted to redistribute altered software, if this is licensed under conditions that contain a copyleft-clause.
|
29 |
+
* This software is provided by the netz98 new media GmbH without any express or implied warranties. netz98 is under no condition liable for the functional capability of this software for a certain purpose or the general usability. netz98 is under no condition liable for any direct or indirect damages resulting from the use of the software. Liability and Claims for damages of any kind are excluded.
|
30 |
+
*
|
31 |
+
* @copyright Copyright (c) 2012 netz98 new media GmbH (http://www.netz98.de)
|
32 |
+
* @author netz98 new media GmbH <info@netz98.de>
|
33 |
+
* @category N98
|
34 |
+
* @package N98_Yubikey
|
35 |
+
*/
|
36 |
+
|
37 |
+
/**
|
38 |
+
* Additional tab for user permission configurartion
|
39 |
+
*/
|
40 |
+
class N98_Yubikey_Block_Adminhtml_Permission_User_Edit_Tab_Yubikey
|
41 |
+
extends Mage_Adminhtml_Block_Widget_Form
|
42 |
+
{
|
43 |
+
|
44 |
+
/**
|
45 |
+
* @return Mage_Adminhtml_Block_Widget_Form
|
46 |
+
*/
|
47 |
+
protected function _prepareForm()
|
48 |
+
{
|
49 |
+
$model = Mage::registry('permissions_user');
|
50 |
+
|
51 |
+
$form = new Varien_Data_Form();
|
52 |
+
|
53 |
+
$form->setHtmlIdPrefix('user_');
|
54 |
+
|
55 |
+
$fieldset = $form->addFieldset('yubikey_fieldset', array('legend' => Mage::helper('adminhtml')->__('Assign yubikey for login')));
|
56 |
+
|
57 |
+
$fieldset->addField('yubikey', 'text', array(
|
58 |
+
'name' => 'yubikey',
|
59 |
+
'label' => Mage::helper('n98_yubikey')->__('Yubikey'),
|
60 |
+
'id' => 'yubikey',
|
61 |
+
'maxlength' => 12,
|
62 |
+
'title' => Mage::helper('n98_yubikey')->__('Yubikey'),
|
63 |
+
'required' => false,
|
64 |
+
));
|
65 |
+
|
66 |
+
$data = $model->getData();
|
67 |
+
$form->setValues($data);
|
68 |
+
$this->setForm($form);
|
69 |
+
|
70 |
+
return parent::_prepareForm();
|
71 |
+
}
|
72 |
+
}
|
app/code/community/N98/Yubikey/Block/Adminhtml/Permission/User/Edit/Tabs.php
ADDED
@@ -0,0 +1,55 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
/**
|
3 |
+
* netz98 magento module
|
4 |
+
*
|
5 |
+
* LICENSE
|
6 |
+
*
|
7 |
+
* Copyright © 2012.
|
8 |
+
* netz98 new media GmbH. Alle Rechte vorbehalten.
|
9 |
+
*
|
10 |
+
* Die Nutzung und Weiterverbreitung dieser Software in kompilierter oder nichtkompilierter Form, mit oder ohne Veränderung, ist unter den folgenden Bedingungen zulässig:
|
11 |
+
*
|
12 |
+
* 1. Weiterverbreitete kompilierte oder nichtkompilierte Exemplare müssen das obere Copyright, die Liste der Bedingungen und den folgenden Verzicht im Sourcecode enthalten.
|
13 |
+
* 2. Alle Werbematerialien, die sich auf die Eigenschaften oder die Benutzung der Software beziehen, müssen die folgende Bemerkung enthalten: "Dieses Produkt enthält Software, die von der netz98 new media GmbH entwickelt wurde."
|
14 |
+
* 3. Der Name der netz98 new media GmbH darf nicht ohne vorherige ausdrückliche, schriftliche Genehmigung zur Kennzeichnung oder Bewerbung von Produkten, die von dieser Software abgeleitet wurden, verwendet werden.
|
15 |
+
* 4. Es ist Lizenznehmern der netz98 new media GmbH nur dann erlaubt die veränderte Software zu verbreiten, wenn jene zu den Bedingungen einer Lizenz, die eine Copyleft-Klausel enthält, lizenziert wird.
|
16 |
+
*
|
17 |
+
* Diese Software wird von der netz98 new media GmbH ohne jegliche spezielle oder implizierte Garantien zur Verfügung gestellt. So übernimmt die netz98 new media GmbH keine Gewährleistung für die Verwendbarkeit der Software für einen speziellen Zweck oder die generelle Nutzbarkeit. Unter keinen Umständen ist netz98 haftbar für indirekte oder direkte Schäden, die aus der Verwendung der Software resultieren. Jegliche Schadensersatzansprüche sind ausgeschlossen.
|
18 |
+
*
|
19 |
+
*
|
20 |
+
* Copyright © 2012
|
21 |
+
* netz98 new media GmbH. All rights reserved.
|
22 |
+
*
|
23 |
+
* The use and redistribution of this software, either compiled or uncompiled, with or without modifications are permitted provided that the following conditions are met:
|
24 |
+
*
|
25 |
+
* 1. Redistributions of compiled or uncompiled source must contain the above copyright notice, this list of the conditions and the following disclaimer:
|
26 |
+
* 2. All advertising materials mentioning features or use of this software must display the following acknowledgement: “This product includes software developed by the netz98 new media GmbH, Mainz.”
|
27 |
+
* 3. The name of the netz98 new media GmbH may not be used to endorse or promote products derived from this software without specific prior written permission.
|
28 |
+
* 4. License holders of the netz98 new media GmbH are only permitted to redistribute altered software, if this is licensed under conditions that contain a copyleft-clause.
|
29 |
+
* This software is provided by the netz98 new media GmbH without any express or implied warranties. netz98 is under no condition liable for the functional capability of this software for a certain purpose or the general usability. netz98 is under no condition liable for any direct or indirect damages resulting from the use of the software. Liability and Claims for damages of any kind are excluded.
|
30 |
+
*
|
31 |
+
* @copyright Copyright (c) 2012 netz98 new media GmbH (http://www.netz98.de)
|
32 |
+
* @author netz98 new media GmbH <info@netz98.de>
|
33 |
+
* @category N98
|
34 |
+
* @package N98_Yubikey
|
35 |
+
*/
|
36 |
+
|
37 |
+
/**
|
38 |
+
* Adds the yubikey tab to form.
|
39 |
+
*/
|
40 |
+
class N98_Yubikey_Block_Adminhtml_Permission_User_Edit_Tabs extends Mage_Adminhtml_Block_Permissions_User_Edit_Tabs
|
41 |
+
{
|
42 |
+
/**
|
43 |
+
* @return Mage_Core_Block_Abstract
|
44 |
+
*/
|
45 |
+
protected function _beforeToHtml()
|
46 |
+
{
|
47 |
+
$this->addTab('yubikey_section', array(
|
48 |
+
'label' => Mage::helper('n98_yubikey')->__('Yubikey setup'),
|
49 |
+
'title' => Mage::helper('n98_yubikey')->__('Yubikey setup'),
|
50 |
+
'content' => $this->getLayout()->createBlock('n98_yubikey/adminhtml_permission_user_edit_tab_yubikey')->toHtml(),
|
51 |
+
'active' => true
|
52 |
+
));
|
53 |
+
return parent::_beforeToHtml();
|
54 |
+
}
|
55 |
+
}
|
app/code/community/N98/Yubikey/Helper/Data.php
ADDED
@@ -0,0 +1,46 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
/**
|
3 |
+
* netz98 magento module
|
4 |
+
*
|
5 |
+
* LICENSE
|
6 |
+
*
|
7 |
+
* Copyright © 2012.
|
8 |
+
* netz98 new media GmbH. Alle Rechte vorbehalten.
|
9 |
+
*
|
10 |
+
* Die Nutzung und Weiterverbreitung dieser Software in kompilierter oder nichtkompilierter Form, mit oder ohne Veränderung, ist unter den folgenden Bedingungen zulässig:
|
11 |
+
*
|
12 |
+
* 1. Weiterverbreitete kompilierte oder nichtkompilierte Exemplare müssen das obere Copyright, die Liste der Bedingungen und den folgenden Verzicht im Sourcecode enthalten.
|
13 |
+
* 2. Alle Werbematerialien, die sich auf die Eigenschaften oder die Benutzung der Software beziehen, müssen die folgende Bemerkung enthalten: "Dieses Produkt enthält Software, die von der netz98 new media GmbH entwickelt wurde."
|
14 |
+
* 3. Der Name der netz98 new media GmbH darf nicht ohne vorherige ausdrückliche, schriftliche Genehmigung zur Kennzeichnung oder Bewerbung von Produkten, die von dieser Software abgeleitet wurden, verwendet werden.
|
15 |
+
* 4. Es ist Lizenznehmern der netz98 new media GmbH nur dann erlaubt die veränderte Software zu verbreiten, wenn jene zu den Bedingungen einer Lizenz, die eine Copyleft-Klausel enthält, lizenziert wird.
|
16 |
+
*
|
17 |
+
* Diese Software wird von der netz98 new media GmbH ohne jegliche spezielle oder implizierte Garantien zur Verfügung gestellt. So übernimmt die netz98 new media GmbH keine Gewährleistung für die Verwendbarkeit der Software für einen speziellen Zweck oder die generelle Nutzbarkeit. Unter keinen Umständen ist netz98 haftbar für indirekte oder direkte Schäden, die aus der Verwendung der Software resultieren. Jegliche Schadensersatzansprüche sind ausgeschlossen.
|
18 |
+
*
|
19 |
+
*
|
20 |
+
* Copyright © 2012
|
21 |
+
* netz98 new media GmbH. All rights reserved.
|
22 |
+
*
|
23 |
+
* The use and redistribution of this software, either compiled or uncompiled, with or without modifications are permitted provided that the following conditions are met:
|
24 |
+
*
|
25 |
+
* 1. Redistributions of compiled or uncompiled source must contain the above copyright notice, this list of the conditions and the following disclaimer:
|
26 |
+
* 2. All advertising materials mentioning features or use of this software must display the following acknowledgement: “This product includes software developed by the netz98 new media GmbH, Mainz.”
|
27 |
+
* 3. The name of the netz98 new media GmbH may not be used to endorse or promote products derived from this software without specific prior written permission.
|
28 |
+
* 4. License holders of the netz98 new media GmbH are only permitted to redistribute altered software, if this is licensed under conditions that contain a copyleft-clause.
|
29 |
+
* This software is provided by the netz98 new media GmbH without any express or implied warranties. netz98 is under no condition liable for the functional capability of this software for a certain purpose or the general usability. netz98 is under no condition liable for any direct or indirect damages resulting from the use of the software. Liability and Claims for damages of any kind are excluded.
|
30 |
+
*
|
31 |
+
* @copyright Copyright (c) 2012 netz98 new media GmbH (http://www.netz98.de)
|
32 |
+
* @author netz98 new media GmbH <info@netz98.de>
|
33 |
+
* @category N98
|
34 |
+
* @package N98_Yubikey
|
35 |
+
*/
|
36 |
+
|
37 |
+
/**
|
38 |
+
* Standard data helper
|
39 |
+
*
|
40 |
+
* @category N98
|
41 |
+
* @package N98_Yubikey
|
42 |
+
*/
|
43 |
+
class N98_Yubikey_Helper_Data extends Mage_Core_Helper_Abstract
|
44 |
+
{
|
45 |
+
|
46 |
+
}
|
app/code/community/N98/Yubikey/Model/Auth.php
ADDED
@@ -0,0 +1,444 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
/**
|
3 |
+
* netz98 magento module
|
4 |
+
*
|
5 |
+
* LICENSE
|
6 |
+
*
|
7 |
+
* Copyright © 2012.
|
8 |
+
* netz98 new media GmbH. Alle Rechte vorbehalten.
|
9 |
+
*
|
10 |
+
* Die Nutzung und Weiterverbreitung dieser Software in kompilierter oder nichtkompilierter Form, mit oder ohne Veränderung, ist unter den folgenden Bedingungen zulässig:
|
11 |
+
*
|
12 |
+
* 1. Weiterverbreitete kompilierte oder nichtkompilierte Exemplare müssen das obere Copyright, die Liste der Bedingungen und den folgenden Verzicht im Sourcecode enthalten.
|
13 |
+
* 2. Alle Werbematerialien, die sich auf die Eigenschaften oder die Benutzung der Software beziehen, müssen die folgende Bemerkung enthalten: "Dieses Produkt enthält Software, die von der netz98 new media GmbH entwickelt wurde."
|
14 |
+
* 3. Der Name der netz98 new media GmbH darf nicht ohne vorherige ausdrückliche, schriftliche Genehmigung zur Kennzeichnung oder Bewerbung von Produkten, die von dieser Software abgeleitet wurden, verwendet werden.
|
15 |
+
* 4. Es ist Lizenznehmern der netz98 new media GmbH nur dann erlaubt die veränderte Software zu verbreiten, wenn jene zu den Bedingungen einer Lizenz, die eine Copyleft-Klausel enthält, lizenziert wird.
|
16 |
+
*
|
17 |
+
* Diese Software wird von der netz98 new media GmbH ohne jegliche spezielle oder implizierte Garantien zur Verfügung gestellt. So übernimmt die netz98 new media GmbH keine Gewährleistung für die Verwendbarkeit der Software für einen speziellen Zweck oder die generelle Nutzbarkeit. Unter keinen Umständen ist netz98 haftbar für indirekte oder direkte Schäden, die aus der Verwendung der Software resultieren. Jegliche Schadensersatzansprüche sind ausgeschlossen.
|
18 |
+
*
|
19 |
+
*
|
20 |
+
* Copyright © 2012
|
21 |
+
* netz98 new media GmbH. All rights reserved.
|
22 |
+
*
|
23 |
+
* The use and redistribution of this software, either compiled or uncompiled, with or without modifications are permitted provided that the following conditions are met:
|
24 |
+
*
|
25 |
+
* 1. Redistributions of compiled or uncompiled source must contain the above copyright notice, this list of the conditions and the following disclaimer:
|
26 |
+
* 2. All advertising materials mentioning features or use of this software must display the following acknowledgement: “This product includes software developed by the netz98 new media GmbH, Mainz.”
|
27 |
+
* 3. The name of the netz98 new media GmbH may not be used to endorse or promote products derived from this software without specific prior written permission.
|
28 |
+
* 4. License holders of the netz98 new media GmbH are only permitted to redistribute altered software, if this is licensed under conditions that contain a copyleft-clause.
|
29 |
+
* This software is provided by the netz98 new media GmbH without any express or implied warranties. netz98 is under no condition liable for the functional capability of this software for a certain purpose or the general usability. netz98 is under no condition liable for any direct or indirect damages resulting from the use of the software. Liability and Claims for damages of any kind are excluded.
|
30 |
+
*
|
31 |
+
* @copyright Copyright (c) 2012 netz98 new media GmbH (http://www.netz98.de)
|
32 |
+
* @author netz98 new media GmbH <info@netz98.de>
|
33 |
+
* @category N98
|
34 |
+
* @package N98_Yubikey
|
35 |
+
*/
|
36 |
+
|
37 |
+
/**
|
38 |
+
* Yubikey service class
|
39 |
+
*/
|
40 |
+
class N98_Yubikey_Model_Auth extends Zend_Service_Abstract
|
41 |
+
{
|
42 |
+
/**
|
43 |
+
* @var int
|
44 |
+
*/
|
45 |
+
const MIN_NONCE_LENGTH = 16;
|
46 |
+
|
47 |
+
/**
|
48 |
+
* @var int
|
49 |
+
*/
|
50 |
+
const MAX_NONCE_LENGTH = 40;
|
51 |
+
|
52 |
+
/**
|
53 |
+
* Length of the yubikey
|
54 |
+
*/
|
55 |
+
const YUBKEY_LENGTH = 12;
|
56 |
+
|
57 |
+
/**
|
58 |
+
* @var string
|
59 |
+
*/
|
60 |
+
const STATUS_OK = 'OK';
|
61 |
+
|
62 |
+
/**
|
63 |
+
* @var string
|
64 |
+
*/
|
65 |
+
const STATUS_BAD_OTP = 'BAD_OTP';
|
66 |
+
|
67 |
+
/**
|
68 |
+
* @var string
|
69 |
+
*/
|
70 |
+
const STATUS_REPLAYED_OTP = 'REPLAYED_OTP';
|
71 |
+
|
72 |
+
/**
|
73 |
+
* @var string
|
74 |
+
*/
|
75 |
+
const STATUS_BAD_SIGNATURE = 'BAD_SIGNATURE';
|
76 |
+
|
77 |
+
/**
|
78 |
+
* @var string
|
79 |
+
*/
|
80 |
+
const STATUS_MISSING_PARAMETER = 'MISSING_PARAMETER';
|
81 |
+
|
82 |
+
/**
|
83 |
+
* @var string
|
84 |
+
*/
|
85 |
+
const STATUS_NO_SUCH_CLIENT = 'NO_SUCH_CLIENT';
|
86 |
+
|
87 |
+
/**
|
88 |
+
* @var string
|
89 |
+
*/
|
90 |
+
const STATUS_OPERATION_NOT_ALLOWED = 'OPERATION_NOT_ALLOWED';
|
91 |
+
|
92 |
+
/**
|
93 |
+
* @var string
|
94 |
+
*/
|
95 |
+
const STATUS_BACKEND_ERROR = 'BACKEND_ERROR';
|
96 |
+
|
97 |
+
/**
|
98 |
+
* @var string
|
99 |
+
*/
|
100 |
+
const STATUS_NOT_ENOUGH_ANSWERS = 'NOT_ENOUGH_ANSWERS';
|
101 |
+
|
102 |
+
/**
|
103 |
+
* @var string
|
104 |
+
*/
|
105 |
+
const STATUS_REPLAYED_REQUEST = 'REPLAYED_REQUEST';
|
106 |
+
|
107 |
+
/**
|
108 |
+
* @var array
|
109 |
+
*/
|
110 |
+
protected $_validationServers = array(
|
111 |
+
'api.yubico.com/wsapi/2.0/verify',
|
112 |
+
'api2.yubico.com/wsapi/2.0/verify',
|
113 |
+
'api3.yubico.com/wsapi/2.0/verify',
|
114 |
+
'api4.yubico.com/wsapi/2.0/verify',
|
115 |
+
'api5.yubico.com/wsapi/2.0/verify'
|
116 |
+
);
|
117 |
+
|
118 |
+
/**
|
119 |
+
* @var string
|
120 |
+
*/
|
121 |
+
protected $_clientId = null;
|
122 |
+
|
123 |
+
/**
|
124 |
+
* @var string
|
125 |
+
*/
|
126 |
+
protected $_apiSecret = null;
|
127 |
+
|
128 |
+
/**
|
129 |
+
* @var bool
|
130 |
+
*/
|
131 |
+
protected $_useHttps = true;
|
132 |
+
|
133 |
+
/**
|
134 |
+
* Sync level in percentage between 0 and 100 or "fast" or "secure"
|
135 |
+
*
|
136 |
+
* @var int
|
137 |
+
*/
|
138 |
+
protected $_syncLevel = 50;
|
139 |
+
|
140 |
+
/**
|
141 |
+
* @var int
|
142 |
+
*/
|
143 |
+
protected $_timeout = 10; // seconds
|
144 |
+
|
145 |
+
/**
|
146 |
+
* @var bool
|
147 |
+
*/
|
148 |
+
protected $_useTimestamp = true;
|
149 |
+
|
150 |
+
/**
|
151 |
+
* @var string
|
152 |
+
*/
|
153 |
+
protected $_status = null;
|
154 |
+
|
155 |
+
/**
|
156 |
+
* @param $serverIndex
|
157 |
+
*/
|
158 |
+
protected function _getQueryString($opt)
|
159 |
+
{
|
160 |
+
$data = array(
|
161 |
+
'id' => $this->_clientId,
|
162 |
+
'otp' => $opt,
|
163 |
+
'nonce' => $this->_generateNonce(),
|
164 |
+
);
|
165 |
+
if ($this->_useTimestamp) {
|
166 |
+
$data['timestamp'] = 1;
|
167 |
+
}
|
168 |
+
$data['sl'] = $this->_syncLevel;
|
169 |
+
$data['timeout'] = $this->_timeout;
|
170 |
+
ksort($data);
|
171 |
+
foreach ($data as $key => &$value) {
|
172 |
+
$value = urlencode($value);
|
173 |
+
}
|
174 |
+
$data['h'] = $this->_generateSignature(http_build_query($data));
|
175 |
+
return http_build_query($data);
|
176 |
+
}
|
177 |
+
|
178 |
+
/**
|
179 |
+
* @return string
|
180 |
+
*/
|
181 |
+
protected function _generateNonce()
|
182 |
+
{
|
183 |
+
$length = rand(self::MIN_NONCE_LENGTH, self::MAX_NONCE_LENGTH);
|
184 |
+
$characters = '0123456789abcdefghijklmnopqrstuvwxyz';
|
185 |
+
$string = '';
|
186 |
+
for ($p = 0; $p < $length; $p++) {
|
187 |
+
$string .= substr($characters, rand(0, strlen($characters)), 1);
|
188 |
+
}
|
189 |
+
return $string;
|
190 |
+
}
|
191 |
+
|
192 |
+
/**
|
193 |
+
* Generates a signature by given url parameters
|
194 |
+
*
|
195 |
+
* @param string $data
|
196 |
+
* @return string
|
197 |
+
*/
|
198 |
+
protected function _generateSignature($data)
|
199 |
+
{
|
200 |
+
return base64_encode(hash_hmac('sha1', $data, base64_decode($this->_apiSecret), true));
|
201 |
+
}
|
202 |
+
|
203 |
+
/**
|
204 |
+
* @param string $otp
|
205 |
+
* @param string $yubikey
|
206 |
+
* @return bool
|
207 |
+
*/
|
208 |
+
public function verify($otp, $yubikey = null)
|
209 |
+
{
|
210 |
+
if (!$this->_isValidOtp($otp, $yubikey)) {
|
211 |
+
return false;
|
212 |
+
}
|
213 |
+
$queryString = $this->_getQueryString($otp);
|
214 |
+
foreach ($this->_validationServers as $apiUrl) {
|
215 |
+
try {
|
216 |
+
$apiServerUrl = ($this->_useHttps ? 'https://' : 'http://')
|
217 |
+
. $apiUrl
|
218 |
+
. '?'
|
219 |
+
. $queryString;
|
220 |
+
|
221 |
+
$response = $this->getHttpClient()
|
222 |
+
->setUri($apiServerUrl)
|
223 |
+
->request();
|
224 |
+
if ($response->isSuccessful()) {
|
225 |
+
$parts = $this->_extractParts($response);
|
226 |
+
$this->_status = $parts['status'];
|
227 |
+
}
|
228 |
+
|
229 |
+
// Sometimes yubico sends a backend error status
|
230 |
+
// try next server.
|
231 |
+
if ($parts['status'] == self::STATUS_BACKEND_ERROR) {
|
232 |
+
continue;
|
233 |
+
}
|
234 |
+
|
235 |
+
// Check if response contains OTP and nonce
|
236 |
+
if (!isset($parts['otp']) || !isset($parts['nonce'])) {
|
237 |
+
return false;
|
238 |
+
}
|
239 |
+
|
240 |
+
// Check if send yubikey is same as received yubikey.
|
241 |
+
// This must be done to prevent "cut & paste" attacks.
|
242 |
+
if ($parts['otp'] != $otp) {
|
243 |
+
return false;
|
244 |
+
}
|
245 |
+
|
246 |
+
// Status OK
|
247 |
+
if ($parts['status'] == self::STATUS_OK) {
|
248 |
+
return true;
|
249 |
+
}
|
250 |
+
} catch (Zend_Http_Client_Exception $e) {
|
251 |
+
continue; // Take next URL
|
252 |
+
}
|
253 |
+
}
|
254 |
+
|
255 |
+
return false;
|
256 |
+
}
|
257 |
+
|
258 |
+
/**
|
259 |
+
* Check if OTP has a valid format
|
260 |
+
*
|
261 |
+
* @param string $otp
|
262 |
+
* @param string $yubikey
|
263 |
+
* @return bool
|
264 |
+
*/
|
265 |
+
protected function _isValidOtp($otp, $yubikey = null)
|
266 |
+
{
|
267 |
+
$yubikeyIsValid = true;
|
268 |
+
$formatIsValid = preg_match("/^[cbdefghijklnrtuvCBDEFGHIJKLNRTUV]{44}$/", $otp);
|
269 |
+
if ($yubikey != null) {
|
270 |
+
// Check if first 12 chars match yubikey of user
|
271 |
+
if (substr($otp, 0, self::YUBKEY_LENGTH) !== $yubikey) {
|
272 |
+
$yubikeyIsValid = false;
|
273 |
+
}
|
274 |
+
}
|
275 |
+
return $formatIsValid && $yubikeyIsValid;
|
276 |
+
}
|
277 |
+
|
278 |
+
/**
|
279 |
+
* Extract the status from response string
|
280 |
+
*
|
281 |
+
* Response looks like this:
|
282 |
+
*
|
283 |
+
* h=vjhFxZrNHB5CjI6vhuSeF2n46a8=
|
284 |
+
* t=2010-09-23T20:34:51Z0678
|
285 |
+
* otp=cccccccbchdifctrndncchkftchjlnbhvhtugdljibej
|
286 |
+
* nonce=somesendrandomstring
|
287 |
+
* sl=75
|
288 |
+
* status=OK
|
289 |
+
*/
|
290 |
+
protected function _extractParts(Zend_Http_Response $response)
|
291 |
+
{
|
292 |
+
$message = $response->getBody();
|
293 |
+
$parts = array();
|
294 |
+
foreach (explode("\r\n", trim($message)) as $line) {
|
295 |
+
list($key, $value) = explode('=', $line);
|
296 |
+
$parts[$key] = $value;
|
297 |
+
}
|
298 |
+
return $parts;
|
299 |
+
}
|
300 |
+
|
301 |
+
/**
|
302 |
+
* @param string $apiSecret
|
303 |
+
*/
|
304 |
+
public function setApiSecret($apiSecret)
|
305 |
+
{
|
306 |
+
$this->_apiSecret = $apiSecret;
|
307 |
+
}
|
308 |
+
|
309 |
+
/**
|
310 |
+
* @return string
|
311 |
+
*/
|
312 |
+
public function getApiSecret()
|
313 |
+
{
|
314 |
+
return $this->_apiSecret;
|
315 |
+
}
|
316 |
+
|
317 |
+
/**
|
318 |
+
* @param array $apiUrls
|
319 |
+
*/
|
320 |
+
public function setValidationServers($apiUrls)
|
321 |
+
{
|
322 |
+
$this->_validationServers = $apiUrls;
|
323 |
+
}
|
324 |
+
|
325 |
+
/**
|
326 |
+
* @return array
|
327 |
+
*/
|
328 |
+
public function getValidationServers()
|
329 |
+
{
|
330 |
+
return $this->_validationServers;
|
331 |
+
}
|
332 |
+
|
333 |
+
/**
|
334 |
+
* @param string $clientId
|
335 |
+
*/
|
336 |
+
public function setClientId($clientId)
|
337 |
+
{
|
338 |
+
$this->_clientId = $clientId;
|
339 |
+
}
|
340 |
+
|
341 |
+
/**
|
342 |
+
* @return string
|
343 |
+
*/
|
344 |
+
public function getClientId()
|
345 |
+
{
|
346 |
+
return $this->_clientId;
|
347 |
+
}
|
348 |
+
|
349 |
+
/**
|
350 |
+
* @param int $syncLevel
|
351 |
+
*/
|
352 |
+
public function setSyncLevel($syncLevel)
|
353 |
+
{
|
354 |
+
$this->_syncLevel = $syncLevel;
|
355 |
+
}
|
356 |
+
|
357 |
+
/**
|
358 |
+
* @return int
|
359 |
+
*/
|
360 |
+
public function getSyncLevel()
|
361 |
+
{
|
362 |
+
return $this->_syncLevel;
|
363 |
+
}
|
364 |
+
|
365 |
+
/**
|
366 |
+
* @param int $timeout
|
367 |
+
*/
|
368 |
+
public function setTimeout($timeout)
|
369 |
+
{
|
370 |
+
$this->_timeout = $timeout;
|
371 |
+
}
|
372 |
+
|
373 |
+
/**
|
374 |
+
* @return int
|
375 |
+
*/
|
376 |
+
public function getTimeout()
|
377 |
+
{
|
378 |
+
return $this->_timeout;
|
379 |
+
}
|
380 |
+
|
381 |
+
/**
|
382 |
+
* @param boolean $translateOtp
|
383 |
+
*/
|
384 |
+
public function setTranslateOtp($translateOtp)
|
385 |
+
{
|
386 |
+
$this->_translateOtp = $translateOtp;
|
387 |
+
}
|
388 |
+
|
389 |
+
/**
|
390 |
+
* @return boolean
|
391 |
+
*/
|
392 |
+
public function getTranslateOtp()
|
393 |
+
{
|
394 |
+
return $this->_translateOtp;
|
395 |
+
}
|
396 |
+
|
397 |
+
/**
|
398 |
+
* @param boolean $useHttps
|
399 |
+
*/
|
400 |
+
public function setUseHttps($useHttps)
|
401 |
+
{
|
402 |
+
$this->_useHttps = $useHttps;
|
403 |
+
}
|
404 |
+
|
405 |
+
/**
|
406 |
+
* @return boolean
|
407 |
+
*/
|
408 |
+
public function getUseHttps()
|
409 |
+
{
|
410 |
+
return $this->_useHttps;
|
411 |
+
}
|
412 |
+
|
413 |
+
/**
|
414 |
+
* @param boolean $useTimestamp
|
415 |
+
*/
|
416 |
+
public function setUseTimestamp($useTimestamp)
|
417 |
+
{
|
418 |
+
$this->_useTimestamp = $useTimestamp;
|
419 |
+
}
|
420 |
+
|
421 |
+
/**
|
422 |
+
* @return boolean
|
423 |
+
*/
|
424 |
+
public function getUseTimestamp()
|
425 |
+
{
|
426 |
+
return $this->_useTimestamp;
|
427 |
+
}
|
428 |
+
|
429 |
+
/**
|
430 |
+
* @param string $status
|
431 |
+
*/
|
432 |
+
public function setStatus($status)
|
433 |
+
{
|
434 |
+
$this->_status = $status;
|
435 |
+
}
|
436 |
+
|
437 |
+
/**
|
438 |
+
* @return string
|
439 |
+
*/
|
440 |
+
public function getStatus()
|
441 |
+
{
|
442 |
+
return $this->_status;
|
443 |
+
}
|
444 |
+
}
|
app/code/community/N98/Yubikey/Model/Config.php
ADDED
@@ -0,0 +1,166 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
/**
|
3 |
+
* netz98 magento module
|
4 |
+
*
|
5 |
+
* LICENSE
|
6 |
+
*
|
7 |
+
* Copyright © 2012.
|
8 |
+
* netz98 new media GmbH. Alle Rechte vorbehalten.
|
9 |
+
*
|
10 |
+
* Die Nutzung und Weiterverbreitung dieser Software in kompilierter oder nichtkompilierter Form, mit oder ohne Veränderung, ist unter den folgenden Bedingungen zulässig:
|
11 |
+
*
|
12 |
+
* 1. Weiterverbreitete kompilierte oder nichtkompilierte Exemplare müssen das obere Copyright, die Liste der Bedingungen und den folgenden Verzicht im Sourcecode enthalten.
|
13 |
+
* 2. Alle Werbematerialien, die sich auf die Eigenschaften oder die Benutzung der Software beziehen, müssen die folgende Bemerkung enthalten: "Dieses Produkt enthält Software, die von der netz98 new media GmbH entwickelt wurde."
|
14 |
+
* 3. Der Name der netz98 new media GmbH darf nicht ohne vorherige ausdrückliche, schriftliche Genehmigung zur Kennzeichnung oder Bewerbung von Produkten, die von dieser Software abgeleitet wurden, verwendet werden.
|
15 |
+
* 4. Es ist Lizenznehmern der netz98 new media GmbH nur dann erlaubt die veränderte Software zu verbreiten, wenn jene zu den Bedingungen einer Lizenz, die eine Copyleft-Klausel enthält, lizenziert wird.
|
16 |
+
*
|
17 |
+
* Diese Software wird von der netz98 new media GmbH ohne jegliche spezielle oder implizierte Garantien zur Verfügung gestellt. So übernimmt die netz98 new media GmbH keine Gewährleistung für die Verwendbarkeit der Software für einen speziellen Zweck oder die generelle Nutzbarkeit. Unter keinen Umständen ist netz98 haftbar für indirekte oder direkte Schäden, die aus der Verwendung der Software resultieren. Jegliche Schadensersatzansprüche sind ausgeschlossen.
|
18 |
+
*
|
19 |
+
*
|
20 |
+
* Copyright © 2012
|
21 |
+
* netz98 new media GmbH. All rights reserved.
|
22 |
+
*
|
23 |
+
* The use and redistribution of this software, either compiled or uncompiled, with or without modifications are permitted provided that the following conditions are met:
|
24 |
+
*
|
25 |
+
* 1. Redistributions of compiled or uncompiled source must contain the above copyright notice, this list of the conditions and the following disclaimer:
|
26 |
+
* 2. All advertising materials mentioning features or use of this software must display the following acknowledgement: “This product includes software developed by the netz98 new media GmbH, Mainz.”
|
27 |
+
* 3. The name of the netz98 new media GmbH may not be used to endorse or promote products derived from this software without specific prior written permission.
|
28 |
+
* 4. License holders of the netz98 new media GmbH are only permitted to redistribute altered software, if this is licensed under conditions that contain a copyleft-clause.
|
29 |
+
* This software is provided by the netz98 new media GmbH without any express or implied warranties. netz98 is under no condition liable for the functional capability of this software for a certain purpose or the general usability. netz98 is under no condition liable for any direct or indirect damages resulting from the use of the software. Liability and Claims for damages of any kind are excluded.
|
30 |
+
*
|
31 |
+
* @copyright Copyright (c) 2012 netz98 new media GmbH (http://www.netz98.de)
|
32 |
+
* @author netz98 new media GmbH <info@netz98.de>
|
33 |
+
* @category N98
|
34 |
+
* @package N98_Yubikey
|
35 |
+
*/
|
36 |
+
|
37 |
+
/**
|
38 |
+
* Abstraction for store config to fetch global yubikey settings
|
39 |
+
*/
|
40 |
+
class N98_Yubikey_Model_Config extends Mage_Core_Model_Abstract
|
41 |
+
{
|
42 |
+
/**
|
43 |
+
* @var int
|
44 |
+
*/
|
45 |
+
const DEFAULT_TIMEOUT = 10;
|
46 |
+
|
47 |
+
/**
|
48 |
+
* @var string
|
49 |
+
*/
|
50 |
+
const XML_PATH_YUBIKEY_ENABLED = 'admin/yubikey/enabled';
|
51 |
+
|
52 |
+
/**
|
53 |
+
* @var string
|
54 |
+
*/
|
55 |
+
const XML_PATH_YUBIKEY_APIKEY = 'admin/yubikey/api_key';
|
56 |
+
|
57 |
+
/**
|
58 |
+
* @var string
|
59 |
+
*/
|
60 |
+
const XML_PATH_YUBIKEY_APIID = 'admin/yubikey/api_id';
|
61 |
+
|
62 |
+
/**
|
63 |
+
* @var string
|
64 |
+
*/
|
65 |
+
const XML_PATH_YUBIKEY_USE_HTTPS = 'admin/yubikey/use_https';
|
66 |
+
|
67 |
+
/**
|
68 |
+
* @var string
|
69 |
+
*/
|
70 |
+
const XML_PATH_YUBIKEY_TIMEOUT = 'admin/yubikey/timeout';
|
71 |
+
|
72 |
+
/**
|
73 |
+
* @var string
|
74 |
+
*/
|
75 |
+
const XML_PATH_YUBIKEY_LOG_ENABLED = 'admin/yubikey/log_enabled';
|
76 |
+
|
77 |
+
/**
|
78 |
+
* @var string
|
79 |
+
*/
|
80 |
+
const XML_PATH_YUBIKEY_VALIDATION_SERVER1 = 'admin/yubikey/validation_server_1';
|
81 |
+
|
82 |
+
/**
|
83 |
+
* @var string
|
84 |
+
*/
|
85 |
+
const XML_PATH_YUBIKEY_VALIDATION_SERVER2 = 'admin/yubikey/validation_server_2';
|
86 |
+
|
87 |
+
/**
|
88 |
+
* @var string
|
89 |
+
*/
|
90 |
+
const XML_PATH_YUBIKEY_VALIDATION_SERVER3 = 'admin/yubikey/validation_server_3';
|
91 |
+
|
92 |
+
/**
|
93 |
+
* @var string
|
94 |
+
*/
|
95 |
+
const XML_PATH_YUBIKEY_VALIDATION_SERVER4 = 'admin/yubikey/validation_server_4';
|
96 |
+
|
97 |
+
/**
|
98 |
+
* @var string
|
99 |
+
*/
|
100 |
+
const XML_PATH_YUBIKEY_VALIDATION_SERVER5 = 'admin/yubikey/validation_server_5';
|
101 |
+
|
102 |
+
/**
|
103 |
+
* @return bool
|
104 |
+
*/
|
105 |
+
public function isEnabled()
|
106 |
+
{
|
107 |
+
return Mage::getStoreConfig(self::XML_PATH_YUBIKEY_ENABLED) == 1;
|
108 |
+
}
|
109 |
+
|
110 |
+
/**
|
111 |
+
* @return string
|
112 |
+
*/
|
113 |
+
public function getApiKey()
|
114 |
+
{
|
115 |
+
return Mage::getStoreConfig(self::XML_PATH_YUBIKEY_APIKEY);
|
116 |
+
}
|
117 |
+
|
118 |
+
/**
|
119 |
+
* @return string
|
120 |
+
*/
|
121 |
+
public function getApiId()
|
122 |
+
{
|
123 |
+
return Mage::getStoreConfig(self::XML_PATH_YUBIKEY_APIID);
|
124 |
+
}
|
125 |
+
|
126 |
+
/**
|
127 |
+
* @return bool
|
128 |
+
*/
|
129 |
+
public function useHttps()
|
130 |
+
{
|
131 |
+
return Mage::getStoreConfig(self::XML_PATH_YUBIKEY_USE_HTTPS) == 1;
|
132 |
+
}
|
133 |
+
|
134 |
+
/**
|
135 |
+
* @return int
|
136 |
+
*/
|
137 |
+
public function getTimeout()
|
138 |
+
{
|
139 |
+
$timeout = intval(Mage::getStoreConfig(self::XML_PATH_YUBIKEY_TIMEOUT));
|
140 |
+
if ($timeout < 10) {
|
141 |
+
$timeout = self::DEFAULT_TIMEOUT;
|
142 |
+
}
|
143 |
+
return $timeout;
|
144 |
+
}
|
145 |
+
|
146 |
+
/**
|
147 |
+
* @return bool
|
148 |
+
*/
|
149 |
+
public function isLogEnabled()
|
150 |
+
{
|
151 |
+
return Mage::getStoreConfig(self::XML_PATH_YUBIKEY_LOG_ENABLED) == 1;
|
152 |
+
}
|
153 |
+
|
154 |
+
/**
|
155 |
+
* @return array
|
156 |
+
*/
|
157 |
+
public function getValidationServers()
|
158 |
+
{
|
159 |
+
$r = new ReflectionClass(__CLASS__);
|
160 |
+
$servers = array();
|
161 |
+
for ($i = 1; $i < 6; $i++) {
|
162 |
+
$servers[] = Mage::getStoreConfig($r->getConstant('XML_PATH_YUBIKEY_VALIDATION_SERVER' . $i));
|
163 |
+
}
|
164 |
+
return $servers;
|
165 |
+
}
|
166 |
+
}
|
app/code/community/N98/Yubikey/Model/Observer.php
ADDED
@@ -0,0 +1,102 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
/**
|
3 |
+
* netz98 magento module
|
4 |
+
*
|
5 |
+
* LICENSE
|
6 |
+
*
|
7 |
+
* Copyright © 2012.
|
8 |
+
* netz98 new media GmbH. Alle Rechte vorbehalten.
|
9 |
+
*
|
10 |
+
* Die Nutzung und Weiterverbreitung dieser Software in kompilierter oder nichtkompilierter Form, mit oder ohne Veränderung, ist unter den folgenden Bedingungen zulässig:
|
11 |
+
*
|
12 |
+
* 1. Weiterverbreitete kompilierte oder nichtkompilierte Exemplare müssen das obere Copyright, die Liste der Bedingungen und den folgenden Verzicht im Sourcecode enthalten.
|
13 |
+
* 2. Alle Werbematerialien, die sich auf die Eigenschaften oder die Benutzung der Software beziehen, müssen die folgende Bemerkung enthalten: "Dieses Produkt enthält Software, die von der netz98 new media GmbH entwickelt wurde."
|
14 |
+
* 3. Der Name der netz98 new media GmbH darf nicht ohne vorherige ausdrückliche, schriftliche Genehmigung zur Kennzeichnung oder Bewerbung von Produkten, die von dieser Software abgeleitet wurden, verwendet werden.
|
15 |
+
* 4. Es ist Lizenznehmern der netz98 new media GmbH nur dann erlaubt die veränderte Software zu verbreiten, wenn jene zu den Bedingungen einer Lizenz, die eine Copyleft-Klausel enthält, lizenziert wird.
|
16 |
+
*
|
17 |
+
* Diese Software wird von der netz98 new media GmbH ohne jegliche spezielle oder implizierte Garantien zur Verfügung gestellt. So übernimmt die netz98 new media GmbH keine Gewährleistung für die Verwendbarkeit der Software für einen speziellen Zweck oder die generelle Nutzbarkeit. Unter keinen Umständen ist netz98 haftbar für indirekte oder direkte Schäden, die aus der Verwendung der Software resultieren. Jegliche Schadensersatzansprüche sind ausgeschlossen.
|
18 |
+
*
|
19 |
+
*
|
20 |
+
* Copyright © 2012
|
21 |
+
* netz98 new media GmbH. All rights reserved.
|
22 |
+
*
|
23 |
+
* The use and redistribution of this software, either compiled or uncompiled, with or without modifications are permitted provided that the following conditions are met:
|
24 |
+
*
|
25 |
+
* 1. Redistributions of compiled or uncompiled source must contain the above copyright notice, this list of the conditions and the following disclaimer:
|
26 |
+
* 2. All advertising materials mentioning features or use of this software must display the following acknowledgement: “This product includes software developed by the netz98 new media GmbH, Mainz.”
|
27 |
+
* 3. The name of the netz98 new media GmbH may not be used to endorse or promote products derived from this software without specific prior written permission.
|
28 |
+
* 4. License holders of the netz98 new media GmbH are only permitted to redistribute altered software, if this is licensed under conditions that contain a copyleft-clause.
|
29 |
+
* This software is provided by the netz98 new media GmbH without any express or implied warranties. netz98 is under no condition liable for the functional capability of this software for a certain purpose or the general usability. netz98 is under no condition liable for any direct or indirect damages resulting from the use of the software. Liability and Claims for damages of any kind are excluded.
|
30 |
+
*
|
31 |
+
* @copyright Copyright (c) 2012 netz98 new media GmbH (http://www.netz98.de)
|
32 |
+
* @author netz98 new media GmbH <info@netz98.de>
|
33 |
+
* @category N98
|
34 |
+
* @package N98_Yubikey
|
35 |
+
*/
|
36 |
+
|
37 |
+
/**
|
38 |
+
* Hooks into every adminhtml controller and checks if yubikey is enabled.
|
39 |
+
* Forwards not authorized yubikey enabled users to yubikey login form.
|
40 |
+
*/
|
41 |
+
class N98_Yubikey_Model_Observer
|
42 |
+
{
|
43 |
+
/**
|
44 |
+
* @param Varien_Event_Observer $observer
|
45 |
+
*/
|
46 |
+
public function controllerActionPredispatch($observer)
|
47 |
+
{
|
48 |
+
$session = Mage::getSingleton('admin/session');
|
49 |
+
/* @var $session Mage_Admin_Model_Session */
|
50 |
+
if ($session->getUser() == null) {
|
51 |
+
return;
|
52 |
+
}
|
53 |
+
$yubikey = $session->getUser()->getYubikey();
|
54 |
+
|
55 |
+
$config = Mage::getSingleton('n98_yubikey/config');
|
56 |
+
/* @var $config N98_Yubikey_Model_Config */
|
57 |
+
if ($config->isEnabled() && !empty($yubikey)) {
|
58 |
+
/** @var $session Mage_Admin_Model_Session */
|
59 |
+
if (!$session->getIsYubikeyAuthenticated()) {
|
60 |
+
$request = Mage::app()->getRequest();
|
61 |
+
/* @var $request Mage_Core_Controller_Request_Http */
|
62 |
+
if ($request->getRequestedControllerName() != 'yubikey'
|
63 |
+
&& $request->getRequestedActionName() != 'login'
|
64 |
+
){
|
65 |
+
$request->setControllerName('yubikey')
|
66 |
+
->setActionName('login')
|
67 |
+
->setDispatched(false);
|
68 |
+
} else {
|
69 |
+
if ($request->getPost('otp')) {
|
70 |
+
$yubiAuth = Mage::getModel('n98_yubikey/auth');
|
71 |
+
/* @var $yubiAuth N98_Yubikey_Model_Auth */
|
72 |
+
$yubiAuth->setApiSecret($config->getApiKey());
|
73 |
+
$yubiAuth->setClientId($config->getApiId());
|
74 |
+
$yubiAuth->setUseHttps($config->useHttps());
|
75 |
+
$yubiAuth->setTimeout($config->getTimeout());
|
76 |
+
$yubiAuth->setValidationServers($config->getValidationServers());
|
77 |
+
if ($yubiAuth->verify($request->getPost('otp'), $yubikey)) {
|
78 |
+
$session->setIsYubikeyAuthenticated(true);
|
79 |
+
$request->setControllerName('index')
|
80 |
+
->setActionName('index')
|
81 |
+
->setDispatched(false);
|
82 |
+
} else {
|
83 |
+
if ($config->isLogEnabled()) {
|
84 |
+
$this->_log($request->getPost('otp'), $yubiAuth->getStatus());
|
85 |
+
}
|
86 |
+
}
|
87 |
+
}
|
88 |
+
}
|
89 |
+
}
|
90 |
+
}
|
91 |
+
}
|
92 |
+
|
93 |
+
/**
|
94 |
+
* @param string $otp
|
95 |
+
* @param string $status
|
96 |
+
*/
|
97 |
+
protected function _log($otp, $status)
|
98 |
+
{
|
99 |
+
$message = date('c') . "\n OTP: " . $otp . ' | Status: ' . $status;
|
100 |
+
Mage::log($message, Zend_Log::DEBUG, 'yubikey.log');
|
101 |
+
}
|
102 |
+
}
|
app/code/community/N98/Yubikey/controllers/Adminhtml/YubikeyController.php
ADDED
@@ -0,0 +1,69 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
/**
|
3 |
+
* netz98 magento module
|
4 |
+
*
|
5 |
+
* LICENSE
|
6 |
+
*
|
7 |
+
* Copyright © 2012.
|
8 |
+
* netz98 new media GmbH. Alle Rechte vorbehalten.
|
9 |
+
*
|
10 |
+
* Die Nutzung und Weiterverbreitung dieser Software in kompilierter oder nichtkompilierter Form, mit oder ohne Veränderung, ist unter den folgenden Bedingungen zulässig:
|
11 |
+
*
|
12 |
+
* 1. Weiterverbreitete kompilierte oder nichtkompilierte Exemplare müssen das obere Copyright, die Liste der Bedingungen und den folgenden Verzicht im Sourcecode enthalten.
|
13 |
+
* 2. Alle Werbematerialien, die sich auf die Eigenschaften oder die Benutzung der Software beziehen, müssen die folgende Bemerkung enthalten: "Dieses Produkt enthält Software, die von der netz98 new media GmbH entwickelt wurde."
|
14 |
+
* 3. Der Name der netz98 new media GmbH darf nicht ohne vorherige ausdrückliche, schriftliche Genehmigung zur Kennzeichnung oder Bewerbung von Produkten, die von dieser Software abgeleitet wurden, verwendet werden.
|
15 |
+
* 4. Es ist Lizenznehmern der netz98 new media GmbH nur dann erlaubt die veränderte Software zu verbreiten, wenn jene zu den Bedingungen einer Lizenz, die eine Copyleft-Klausel enthält, lizenziert wird.
|
16 |
+
*
|
17 |
+
* Diese Software wird von der netz98 new media GmbH ohne jegliche spezielle oder implizierte Garantien zur Verfügung gestellt. So übernimmt die netz98 new media GmbH keine Gewährleistung für die Verwendbarkeit der Software für einen speziellen Zweck oder die generelle Nutzbarkeit. Unter keinen Umständen ist netz98 haftbar für indirekte oder direkte Schäden, die aus der Verwendung der Software resultieren. Jegliche Schadensersatzansprüche sind ausgeschlossen.
|
18 |
+
*
|
19 |
+
*
|
20 |
+
* Copyright © 2012
|
21 |
+
* netz98 new media GmbH. All rights reserved.
|
22 |
+
*
|
23 |
+
* The use and redistribution of this software, either compiled or uncompiled, with or without modifications are permitted provided that the following conditions are met:
|
24 |
+
*
|
25 |
+
* 1. Redistributions of compiled or uncompiled source must contain the above copyright notice, this list of the conditions and the following disclaimer:
|
26 |
+
* 2. All advertising materials mentioning features or use of this software must display the following acknowledgement: “This product includes software developed by the netz98 new media GmbH, Mainz.”
|
27 |
+
* 3. The name of the netz98 new media GmbH may not be used to endorse or promote products derived from this software without specific prior written permission.
|
28 |
+
* 4. License holders of the netz98 new media GmbH are only permitted to redistribute altered software, if this is licensed under conditions that contain a copyleft-clause.
|
29 |
+
* This software is provided by the netz98 new media GmbH without any express or implied warranties. netz98 is under no condition liable for the functional capability of this software for a certain purpose or the general usability. netz98 is under no condition liable for any direct or indirect damages resulting from the use of the software. Liability and Claims for damages of any kind are excluded.
|
30 |
+
*
|
31 |
+
* @copyright Copyright (c) 2012 netz98 new media GmbH (http://www.netz98.de)
|
32 |
+
* @author netz98 new media GmbH <info@netz98.de>
|
33 |
+
* @category N98
|
34 |
+
* @package N98_Yubikey
|
35 |
+
*/
|
36 |
+
|
37 |
+
/**
|
38 |
+
* Controller for yubikey login form.
|
39 |
+
*/
|
40 |
+
class N98_Yubikey_Adminhtml_YubikeyController extends Mage_Adminhtml_Controller_Action
|
41 |
+
{
|
42 |
+
protected function _isAllowed()
|
43 |
+
{
|
44 |
+
return true;
|
45 |
+
}
|
46 |
+
|
47 |
+
public function loginAction()
|
48 |
+
{
|
49 |
+
$this->_outTemplate('n98_yubikey/login');
|
50 |
+
}
|
51 |
+
|
52 |
+
/**
|
53 |
+
* Render specified template
|
54 |
+
*
|
55 |
+
* @param string $tplName
|
56 |
+
* @param array $data parameters required by template
|
57 |
+
*/
|
58 |
+
protected function _outTemplate($tplName, $data = array())
|
59 |
+
{
|
60 |
+
$this->_initLayoutMessages('adminhtml/session');
|
61 |
+
$block = $this->getLayout()->createBlock('adminhtml/template')->setTemplate("$tplName.phtml");
|
62 |
+
foreach ($data as $index => $value) {
|
63 |
+
$block->assign($index, $value);
|
64 |
+
}
|
65 |
+
$html = $block->toHtml();
|
66 |
+
Mage::getSingleton('core/translate_inline')->processResponseBody($html);
|
67 |
+
$this->getResponse()->setBody($html);
|
68 |
+
}
|
69 |
+
}
|
app/code/community/N98/Yubikey/etc/config.xml
ADDED
@@ -0,0 +1,83 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?xml version="1.0"?>
|
2 |
+
<config>
|
3 |
+
<modules>
|
4 |
+
<N98_Yubikey>
|
5 |
+
<version>1.0.0</version>
|
6 |
+
</N98_Yubikey>
|
7 |
+
</modules>
|
8 |
+
<admin>
|
9 |
+
<routers>
|
10 |
+
<adminhtml>
|
11 |
+
<args>
|
12 |
+
<modules>
|
13 |
+
<N98_Yubikey before="Mage_Adminhtml">N98_Yubikey_Adminhtml</N98_Yubikey>
|
14 |
+
</modules>
|
15 |
+
</args>
|
16 |
+
</adminhtml>
|
17 |
+
</routers>
|
18 |
+
</admin>
|
19 |
+
<adminhtml>
|
20 |
+
<translate>
|
21 |
+
<modules>
|
22 |
+
<N98_Yubikey>
|
23 |
+
<files>
|
24 |
+
<default>N98_Yubikey.csv</default>
|
25 |
+
</files>
|
26 |
+
</N98_Yubikey>
|
27 |
+
</modules>
|
28 |
+
</translate>
|
29 |
+
<events>
|
30 |
+
<controller_action_predispatch>
|
31 |
+
<observers>
|
32 |
+
<n98_yubikey>
|
33 |
+
<class>n98_yubikey/observer</class>
|
34 |
+
<method>controllerActionPredispatch</method>
|
35 |
+
</n98_yubikey>
|
36 |
+
</observers>
|
37 |
+
</controller_action_predispatch>
|
38 |
+
</events>
|
39 |
+
</adminhtml>
|
40 |
+
<global>
|
41 |
+
<blocks>
|
42 |
+
<n98_yubikey>
|
43 |
+
<class>N98_Yubikey_Block</class>
|
44 |
+
</n98_yubikey>
|
45 |
+
<adminhtml>
|
46 |
+
<rewrite>
|
47 |
+
<permissions_user_edit_tabs>N98_Yubikey_Block_Adminhtml_Permission_User_Edit_Tabs</permissions_user_edit_tabs>
|
48 |
+
</rewrite>
|
49 |
+
</adminhtml>
|
50 |
+
</blocks>
|
51 |
+
<models>
|
52 |
+
<n98_yubikey>
|
53 |
+
<class>N98_Yubikey_Model</class>
|
54 |
+
</n98_yubikey>
|
55 |
+
</models>
|
56 |
+
<helpers>
|
57 |
+
<n98_yubikey>
|
58 |
+
<class>N98_Yubikey_Helper</class>
|
59 |
+
</n98_yubikey>
|
60 |
+
</helpers>
|
61 |
+
<resources>
|
62 |
+
<n98_yubikey_setup>
|
63 |
+
<setup>
|
64 |
+
<module>N98_Yubikey</module>
|
65 |
+
</setup>
|
66 |
+
</n98_yubikey_setup>
|
67 |
+
</resources>
|
68 |
+
</global>
|
69 |
+
<default>
|
70 |
+
<admin>
|
71 |
+
<yubikey>
|
72 |
+
<use_https>1</use_https>
|
73 |
+
<timeout>10</timeout>
|
74 |
+
<log_enabled>0</log_enabled>
|
75 |
+
<validation_server_1>api.yubico.com/wsapi/2.0/verify</validation_server_1>
|
76 |
+
<validation_server_2>api2.yubico.com/wsapi/2.0/verify</validation_server_2>
|
77 |
+
<validation_server_3>api3.yubico.com/wsapi/2.0/verify</validation_server_3>
|
78 |
+
<validation_server_4>api4.yubico.com/wsapi/2.0/verify</validation_server_4>
|
79 |
+
<validation_server_5>api5.yubico.com/wsapi/2.0/verify</validation_server_5>
|
80 |
+
</yubikey>
|
81 |
+
</admin>
|
82 |
+
</default>
|
83 |
+
</config>
|
app/code/community/N98/Yubikey/etc/system.xml
ADDED
@@ -0,0 +1,114 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?xml version="1.0"?>
|
2 |
+
<config>
|
3 |
+
<sections>
|
4 |
+
<admin>
|
5 |
+
<groups>
|
6 |
+
<yubikey translate="label" module="n98_yubikey">
|
7 |
+
<label>Yubikey</label>
|
8 |
+
<frontend_type>text</frontend_type>
|
9 |
+
<show_in_default>1</show_in_default>
|
10 |
+
<show_in_website>0</show_in_website>
|
11 |
+
<show_in_store>0</show_in_store>
|
12 |
+
<sort_order>500</sort_order>
|
13 |
+
<fields>
|
14 |
+
<enabled translate="label">
|
15 |
+
<label>Yubikey enabled</label>
|
16 |
+
<frontend_type>select</frontend_type>
|
17 |
+
<source_model>adminhtml/system_config_source_yesno</source_model>
|
18 |
+
<sort_order>1</sort_order>
|
19 |
+
<show_in_default>1</show_in_default>
|
20 |
+
<show_in_website>0</show_in_website>
|
21 |
+
<show_in_store>0</show_in_store>
|
22 |
+
</enabled>
|
23 |
+
<authscheme>
|
24 |
+
</authscheme>
|
25 |
+
<api_id>
|
26 |
+
<label>API ID / Client ID</label>
|
27 |
+
<frontend_type>text</frontend_type>
|
28 |
+
<sort_order>2</sort_order>
|
29 |
+
<show_in_default>1</show_in_default>
|
30 |
+
<show_in_website>0</show_in_website>
|
31 |
+
<show_in_store>0</show_in_store>
|
32 |
+
</api_id>
|
33 |
+
<api_key>
|
34 |
+
<label>API Key / Secret key</label>
|
35 |
+
<frontend_type>text</frontend_type>
|
36 |
+
<sort_order>3</sort_order>
|
37 |
+
<show_in_default>1</show_in_default>
|
38 |
+
<show_in_website>0</show_in_website>
|
39 |
+
<show_in_store>0</show_in_store>
|
40 |
+
<comment><![CDATA[<a target="_blank" href="https://upgrade.yubico.com/getapikey/">https://upgrade.yubico.com/getapikey/</a>]]></comment>
|
41 |
+
</api_key>
|
42 |
+
<use_https>
|
43 |
+
<label>Use HTTPS</label>
|
44 |
+
<frontend_type>select</frontend_type>
|
45 |
+
<source_model>adminhtml/system_config_source_yesno</source_model>
|
46 |
+
<sort_order>4</sort_order>
|
47 |
+
<show_in_default>1</show_in_default>
|
48 |
+
<show_in_website>0</show_in_website>
|
49 |
+
<show_in_store>0</show_in_store>
|
50 |
+
</use_https>
|
51 |
+
<timeout>
|
52 |
+
<label>Timeout (seconds)</label>
|
53 |
+
<frontend_type>text</frontend_type>
|
54 |
+
<sort_order>5</sort_order>
|
55 |
+
<show_in_default>1</show_in_default>
|
56 |
+
<show_in_website>0</show_in_website>
|
57 |
+
<show_in_store>0</show_in_store>
|
58 |
+
<validate>validate-int</validate>
|
59 |
+
</timeout>
|
60 |
+
<log_enabled>
|
61 |
+
<label>Enable log</label>
|
62 |
+
<frontend_type>select</frontend_type>
|
63 |
+
<sort_order>5</sort_order>
|
64 |
+
<source_model>adminhtml/system_config_source_yesno</source_model>
|
65 |
+
<sort_order>6</sort_order>
|
66 |
+
<show_in_default>1</show_in_default>
|
67 |
+
<show_in_website>0</show_in_website>
|
68 |
+
</log_enabled>
|
69 |
+
<validation_server_1>
|
70 |
+
<label>Validation server 1</label>
|
71 |
+
<frontend_type>text</frontend_type>
|
72 |
+
<sort_order>7</sort_order>
|
73 |
+
<show_in_default>1</show_in_default>
|
74 |
+
<show_in_website>0</show_in_website>
|
75 |
+
<show_in_store>0</show_in_store>
|
76 |
+
</validation_server_1>
|
77 |
+
<validation_server_2>
|
78 |
+
<label>Validation server 2</label>
|
79 |
+
<frontend_type>text</frontend_type>
|
80 |
+
<sort_order>8</sort_order>
|
81 |
+
<show_in_default>1</show_in_default>
|
82 |
+
<show_in_website>0</show_in_website>
|
83 |
+
<show_in_store>0</show_in_store>
|
84 |
+
</validation_server_2>
|
85 |
+
<validation_server_3>
|
86 |
+
<label>Validation server 3</label>
|
87 |
+
<frontend_type>text</frontend_type>
|
88 |
+
<sort_order>9</sort_order>
|
89 |
+
<show_in_default>1</show_in_default>
|
90 |
+
<show_in_website>0</show_in_website>
|
91 |
+
<show_in_store>0</show_in_store>
|
92 |
+
</validation_server_3>
|
93 |
+
<validation_server_4>
|
94 |
+
<label>Validation server 4</label>
|
95 |
+
<frontend_type>text</frontend_type>
|
96 |
+
<sort_order>8</sort_order>
|
97 |
+
<show_in_default>1</show_in_default>
|
98 |
+
<show_in_website>0</show_in_website>
|
99 |
+
<show_in_store>0</show_in_store>
|
100 |
+
</validation_server_4>
|
101 |
+
<validation_server_5>
|
102 |
+
<label>Validation server 5</label>
|
103 |
+
<frontend_type>text</frontend_type>
|
104 |
+
<sort_order>9</sort_order>
|
105 |
+
<show_in_default>1</show_in_default>
|
106 |
+
<show_in_website>0</show_in_website>
|
107 |
+
<show_in_store>0</show_in_store>
|
108 |
+
</validation_server_5>
|
109 |
+
</fields>
|
110 |
+
</yubikey>
|
111 |
+
</groups>
|
112 |
+
</admin>
|
113 |
+
</sections>
|
114 |
+
</config>
|
app/code/community/N98/Yubikey/sql/n98_yubikey_setup/install-1.0.0.php
ADDED
@@ -0,0 +1,23 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
|
3 |
+
$installer = $this;
|
4 |
+
/* @var $installer Mage_Core_Model_Resource_Setup */
|
5 |
+
|
6 |
+
$installer->startSetup();
|
7 |
+
|
8 |
+
/**
|
9 |
+
* Add yubikey field to table 'admin/user'
|
10 |
+
*/
|
11 |
+
$installer->getConnection()->addColumn(
|
12 |
+
$installer->getTable('admin/user'),
|
13 |
+
'yubikey',
|
14 |
+
array(
|
15 |
+
'type' => Varien_Db_Ddl_Table::TYPE_TEXT,
|
16 |
+
'length' => 12,
|
17 |
+
'default' => null,
|
18 |
+
'nullable' => true,
|
19 |
+
'comment' => 'Yubikey (16 chars)'
|
20 |
+
)
|
21 |
+
);
|
22 |
+
|
23 |
+
$installer->endSetup();
|
app/design/adminhtml/default/default/layout/n98_yubikey.xml
ADDED
@@ -0,0 +1,7 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<layout version="0.1.0">
|
2 |
+
|
3 |
+
<!-- Yubikey prompt as second step after login -->
|
4 |
+
<adminhtml_yubikey_login>
|
5 |
+
<block name="n98.yubikey.login" template="n98_yubikey/login.phtml" />
|
6 |
+
</adminhtml_yubikey_login>
|
7 |
+
</layout>
|
app/design/adminhtml/default/default/template/n98_yubikey/login.phtml
ADDED
@@ -0,0 +1,59 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
|
2 |
+
<html lang="en">
|
3 |
+
<head>
|
4 |
+
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
|
5 |
+
<title><?php echo Mage::helper('adminhtml')->__('Log into Magento Admin Page') ?></title>
|
6 |
+
<link type="text/css" rel="stylesheet" href="<?php echo $this->getSkinUrl('reset.css') ?>" media="all" />
|
7 |
+
<link type="text/css" rel="stylesheet" href="<?php echo $this->getSkinUrl('boxes.css') ?>" media="all" />
|
8 |
+
<link rel="icon" href="<?php echo $this->getSkinUrl('favicon.ico') ?>" type="image/x-icon" />
|
9 |
+
<link rel="shortcut icon" href="<?php echo $this->getSkinUrl('favicon.ico') ?>" type="image/x-icon" />
|
10 |
+
|
11 |
+
<script type="text/javascript" src="<?php echo $this->getJsUrl('prototype/prototype.js') ?>"></script>
|
12 |
+
<script type="text/javascript" src="<?php echo $this->getJsUrl('prototype/validation.js') ?>"></script>
|
13 |
+
<script type="text/javascript" src="<?php echo $this->getJsUrl('scriptaculous/effects.js') ?>"></script>
|
14 |
+
<script type="text/javascript" src="<?php echo $this->getJsUrl('mage/adminhtml/form.js') ?>"></script>
|
15 |
+
|
16 |
+
<!--[if IE]> <link rel="stylesheet" href="<?php echo $this->getSkinUrl('iestyles.css') ?>" type="text/css" media="all" /> <![endif]-->
|
17 |
+
<!--[if lt IE 7]> <link rel="stylesheet" href="<?php echo $this->getSkinUrl('below_ie7.css') ?>" type="text/css" media="all" /> <![endif]-->
|
18 |
+
<!--[if IE 7]> <link rel="stylesheet" href="<?php echo $this->getSkinUrl('ie7.css') ?>" type="text/css" media="all" /> <![endif]-->
|
19 |
+
|
20 |
+
<style type="text/css">
|
21 |
+
/* Yubico Mice header*/
|
22 |
+
.yubi-key-input {
|
23 |
+
background: white url("<?php echo $this->getSkinUrl('images/n98_yubikey/yubiright_16x16.gif') ?>") no-repeat 2px 2px !important;
|
24 |
+
padding-left: 20px !important;
|
25 |
+
}
|
26 |
+
</style>
|
27 |
+
|
28 |
+
</head>
|
29 |
+
<body id="page-login" onload="document.forms.loginForm.otp.focus();">
|
30 |
+
<div class="login-container">
|
31 |
+
<div class="login-box">
|
32 |
+
<form method="post" action="" id="loginForm">
|
33 |
+
<div class="login-form">
|
34 |
+
<input name="form_key" type="hidden" value="<?php echo $this->getFormKey() ?>" />
|
35 |
+
<h2><?php echo Mage::helper('adminhtml')->__('Log in to Admin Panel') ?></h2>
|
36 |
+
<div id="messages">
|
37 |
+
<?php echo $this->getMessagesBlock()->getGroupedHtml() ?>
|
38 |
+
</div>
|
39 |
+
<div class="input-box"><label for="login"><?php echo Mage::helper('n98_yubikey')->__('YubiKey / One time password:') ?></label><br />
|
40 |
+
<input type="password" id="login" name="otp" class="yubi-key-input required-entry input-text" value="" />
|
41 |
+
</div>
|
42 |
+
<div class="input-box input-right">
|
43 |
+
<ul>
|
44 |
+
<li><?php echo Mage::helper('n98_yubikey')->__('1. Place your YubiKey in the USB-port.') ?></li>
|
45 |
+
<li><?php echo Mage::helper('n98_yubikey')->__('2. Touch YubiKey button.') ?></li>
|
46 |
+
</ul>
|
47 |
+
</div>
|
48 |
+
<div class="clear"></div>
|
49 |
+
</div>
|
50 |
+
</form>
|
51 |
+
|
52 |
+
<div class="bottom"></div>
|
53 |
+
<script type="text/javascript">
|
54 |
+
var loginForm = new varienForm('loginForm');
|
55 |
+
</script>
|
56 |
+
</div>
|
57 |
+
</div>
|
58 |
+
</body>
|
59 |
+
</html>
|
app/etc/modules/N98_Yubikey.xml
ADDED
@@ -0,0 +1,13 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?xml version="1.0"?>
|
2 |
+
<config>
|
3 |
+
<modules>
|
4 |
+
<N98_Yubikey>
|
5 |
+
<active>true</active>
|
6 |
+
<codePool>community</codePool>
|
7 |
+
<depends>
|
8 |
+
<Mage_Admin />
|
9 |
+
<Mage_Adminhtml />
|
10 |
+
</depends>
|
11 |
+
</N98_Yubikey>
|
12 |
+
</modules>
|
13 |
+
</config>
|
app/locale/de_DE/N98_Yubikey.csv
ADDED
@@ -0,0 +1,17 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
"Yubikey setup","Yubikey Einstellungen"
|
2 |
+
"Assign yubikey for login","Yubikey für Login zuweisen"
|
3 |
+
"YubiKey / One time password:","YubiKey / Einmalpasswort:"
|
4 |
+
"Yubikey","Yubikey"
|
5 |
+
"Yubikey enabled","Yubikey aktiviert"
|
6 |
+
"API ID / Client ID","API ID / Client ID"
|
7 |
+
"API Key / Secret key","API Key / Secret key"
|
8 |
+
"Use HTTPS","HTTPS (Verschlüsselung) nutzen"
|
9 |
+
"Timeout (seconds)","Timeout (Sekunden)"
|
10 |
+
"Enable log","Log aktivieren"
|
11 |
+
"Validation server 1","Validation Server 1"
|
12 |
+
"Validation server 2","Validation Server 2"
|
13 |
+
"Validation server 3","Validation Server 3"
|
14 |
+
"Validation server 4","Validation Server 4"
|
15 |
+
"Validation server 5","Validation Server 5"
|
16 |
+
"1. Place your YubiKey in the USB-port.","2. Stecken Sie ihren Yubikey in einen USB-Port an ihrem Rechner."
|
17 |
+
"2. Touch YubiKey button.","2. Betätigen Sie den YubiKey Knopf."
|
app/locale/en_US/N98_Yubikey.csv
ADDED
@@ -0,0 +1,17 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
"Yubikey setup","Yubikey setup"
|
2 |
+
"Assign yubikey for login","Assign yubikey for login"
|
3 |
+
"YubiKey / One time password:","YubiKey / One time password:"
|
4 |
+
"Yubikey","Yubikey"
|
5 |
+
"Yubikey enabled","Yubikey enabled"
|
6 |
+
"API ID / Client ID","API ID / Client ID"
|
7 |
+
"API Key / Secret key","API Key / Secret key"
|
8 |
+
"Use HTTPS","Use HTTPS"
|
9 |
+
"Timeout (seconds)","Timeout (seconds)"
|
10 |
+
"Enable log","Enable log"
|
11 |
+
"Validation server 1","Validation server 1"
|
12 |
+
"Validation server 2","Validation server 2"
|
13 |
+
"Validation server 3","Validation server 3"
|
14 |
+
"Validation server 4","Validation server 4"
|
15 |
+
"Validation server 5","Validation server 5"
|
16 |
+
"1. Place your YubiKey in the USB-port.","1. Place your YubiKey in the USB-port."
|
17 |
+
"2. Touch YubiKey button.","2. Touch YubiKey button."
|
package.xml
ADDED
@@ -0,0 +1,18 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?xml version="1.0"?>
|
2 |
+
<package>
|
3 |
+
<name>N98_Yubikey</name>
|
4 |
+
<version>1.0.0</version>
|
5 |
+
<stability>stable</stability>
|
6 |
+
<license uri="http://www.opensource.org/licenses/osl-3.0.php">OSL v3.0</license>
|
7 |
+
<channel>community</channel>
|
8 |
+
<extends/>
|
9 |
+
<summary>Enables yubikey support to admin login.</summary>
|
10 |
+
<description>Enables yubikey support to admin login.</description>
|
11 |
+
<notes>Initial release.</notes>
|
12 |
+
<authors><author><name>netz98 new media GmbH</name><user>netz98magento</user><email>magento@netz98.de</email></author></authors>
|
13 |
+
<date>2012-02-19</date>
|
14 |
+
<time>13:54:12</time>
|
15 |
+
<contents><target name="magecommunity"><dir name="N98"><dir name="Yubikey"><dir name="Block"><dir name="Adminhtml"><dir name="Permission"><dir name="User"><dir name="Edit"><dir name="Tab"><file name="Yubikey.php" hash="51e0b73f433833b91ddf1723145dfc8d"/></dir><file name="Tabs.php" hash="1060b63113e3ba19b5a6ba81542b35ee"/></dir></dir></dir></dir></dir><dir name="Helper"><file name="Data.php" hash="4ce4b0011885e1bbd497dafd5107dad2"/></dir><dir name="Model"><file name="Auth.php" hash="eb8a8d8197183ca9e0ebb8426188bff3"/><file name="Config.php" hash="55eebbebbe9fd548879e43bf22413c83"/><file name="Observer.php" hash="dee7252b0b3bd71780ee419ce83df3dd"/></dir><dir name="controllers"><dir name="Adminhtml"><file name="YubikeyController.php" hash="bb985baa3fd4bcd73bc5630a669df668"/></dir></dir><dir name="etc"><file name="config.xml" hash="62be6a19c2625e5ba3935822bb1b272f"/><file name="system.xml" hash="a2d81528a5440a8ed4b0997e97e1196b"/></dir><dir name="sql"><dir name="n98_yubikey_setup"><file name="install-1.0.0.php" hash="e29fde7500032491d3692cdbd5ab0766"/></dir></dir></dir></dir></target><target name="magedesign"><dir name="adminhtml"><dir name="default"><dir name="default"><dir name="layout"><file name="n98_yubikey.xml" hash="ba0ac4c7b3ab434e7e05452384298034"/></dir><dir name="template"><dir name="n98_yubikey"><file name="login.phtml" hash="275b2dd71d947d19173208c0a813ad0f"/></dir></dir></dir></dir></dir></target><target name="magelocale"><dir name="de_DE"><file name="N98_Yubikey.csv" hash="8e503219cc5fe885851cd5ae2defe7ec"/></dir><dir name="en_US"><file name="N98_Yubikey.csv" hash="7691953b0a32fa0a960de1aa3eb8ca39"/></dir></target><target name="mageskin"><dir name="adminhtml"><dir name="default"><dir name="default"><dir name="images"><dir name="n98_yubikey"><file name="yubiright_16x16.gif" hash="9346ef9d8d719916d92c15a785f8b48a"/></dir></dir></dir></dir></dir></target><target name="mageetc"><dir name="modules"><file name="N98_Yubikey.xml" hash="9c73d2a127559d9a8cd73d055c1eb22c"/></dir></target></contents>
|
16 |
+
<compatible/>
|
17 |
+
<dependencies><required><php><min>5.3.0</min><max>6.0.0</max></php></required></dependencies>
|
18 |
+
</package>
|
skin/adminhtml/default/default/images/n98_yubikey/yubiright_16x16.gif
ADDED
Binary file
|