Version Notes
- The plugin displays an overlay on Challenge-Response session
- Custom login form template (login.phtml)
- Global and per user settings configuration
- Mode auto-create local account on first login
- The plugin will transparently support any OpenOTP Login Mode including:
> LDAP only
> OTP only
> LDAP+OTP with user challenge-response
- Possibility to enable plugin logs (/var/logs/openotp.log)
Download this release
Release Info
Developer | RCDevs |
Extension | RCDevs_OpenOTP_Authentication |
Version | 1.1.2 |
Comparing to | |
See all releases |
Version 1.1.2
- app/code/community/RCDevs/OpenOTP/Block/Adminhtml/Permission/User/Edit/Tab/Openotp.php +52 -0
- app/code/community/RCDevs/OpenOTP/Helper/Data.php +27 -0
- app/code/community/RCDevs/OpenOTP/Model/Auth.php +277 -0
- app/code/community/RCDevs/OpenOTP/Model/Config.php +169 -0
- app/code/community/RCDevs/OpenOTP/Model/Observer.php +64 -0
- app/code/community/RCDevs/OpenOTP/Model/Session.php +188 -0
- app/code/community/RCDevs/OpenOTP/controllers/Adminhtml/.DS_Store +0 -0
- app/code/community/RCDevs/OpenOTP/controllers/Adminhtml/._.DS_Store +0 -0
- app/code/community/RCDevs/OpenOTP/controllers/Adminhtml/OpenotpController.php +50 -0
- app/code/community/RCDevs/OpenOTP/etc/config.xml +85 -0
- app/code/community/RCDevs/OpenOTP/etc/openotp.wsdl +119 -0
- app/code/community/RCDevs/OpenOTP/etc/system.xml +115 -0
- app/code/community/RCDevs/OpenOTP/sql/rcdevs_openotp_setup/install-1.0.0.php +23 -0
- app/code/community/RCDevs/OpenOTP/sql/rcdevs_openotp_setup/mysql4-install-1.0.0.php +13 -0
- app/design/adminhtml/default/default/layout/rcdevs_openotp.xml +5 -0
- app/design/adminhtml/default/default/template/rcdevs_openotp/login.phtml +86 -0
- app/etc/modules/RCDevs_OpenOTP.xml +13 -0
- app/locale/en_US/RCDevs_OpenOTP.csv +24 -0
- package.xml +36 -0
- skin/adminhtml/default/default/images/rcdevs_openotp/openotp_banner.png +0 -0
- skin/adminhtml/default/default/images/rcdevs_openotp/openotp_closebtn.png +0 -0
app/code/community/RCDevs/OpenOTP/Block/Adminhtml/Permission/User/Edit/Tab/Openotp.php
ADDED
@@ -0,0 +1,52 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
/**
|
3 |
+
* OpenOTP magento module
|
4 |
+
*
|
5 |
+
* LICENSE
|
6 |
+
*
|
7 |
+
* Copyright © 2013.
|
8 |
+
* RCDevs OpenOTP. All rights reserved.
|
9 |
+
*
|
10 |
+
* The use and redistribution of this software, either compiled or uncompiled, with or without modifications are permitted provided that the following conditions are met:
|
11 |
+
* *
|
12 |
+
* @copyright Copyright (c) 201 RCDevs (http://www.rcdevs.com)
|
13 |
+
* @author rcdevs <info@rcdevs.com>
|
14 |
+
* @category RCDevs
|
15 |
+
* @package RCDevs_OpenOTP
|
16 |
+
*/
|
17 |
+
|
18 |
+
/**
|
19 |
+
* Additional tab for user permission configurartion
|
20 |
+
*/
|
21 |
+
class RCDevs_OpenOTP_Block_Adminhtml_Permission_User_Edit_Tab_Openotp
|
22 |
+
extends Mage_Adminhtml_Block_Widget_Form
|
23 |
+
{
|
24 |
+
|
25 |
+
/**
|
26 |
+
* @return Mage_Adminhtml_Block_Widget_Form
|
27 |
+
*/
|
28 |
+
protected function _prepareForm()
|
29 |
+
{
|
30 |
+
$model = Mage::registry('permissions_user');
|
31 |
+
|
32 |
+
$form = new Varien_Data_Form();
|
33 |
+
$form->setHtmlIdPrefix('user_');
|
34 |
+
|
35 |
+
$fieldset = $form->addFieldset('openotp_fieldset', array('legend' => Mage::helper('adminhtml')->__('Enable OpenOTP Two factors authentication for login')));
|
36 |
+
$fieldset->addField('openotp', 'select', array(
|
37 |
+
'label' => Mage::helper('rcdevs_openotp')->__('Enable OpenOTP'),
|
38 |
+
'name' => 'openotp',
|
39 |
+
'value' => '0',
|
40 |
+
'values' => array('-1'=>Mage::helper('rcdevs_openotp')->__('Default...'),'1' => 'Yes','2' => 'No'),
|
41 |
+
'disabled' => false,
|
42 |
+
'readonly' => false,
|
43 |
+
'after_element_html' => '<div style="width:244px; background-position:8px 11px; padding:5px 0 5px 36px; margin-top: 3px;" class="notification-global notification-global-notice">Override [Enable OpenOTP] Plugin setting in System / Configuration</div>',
|
44 |
+
));
|
45 |
+
|
46 |
+
$data = $model->getData();
|
47 |
+
$form->setValues($data);
|
48 |
+
$this->setForm($form);
|
49 |
+
|
50 |
+
return parent::_prepareForm();
|
51 |
+
}
|
52 |
+
}
|
app/code/community/RCDevs/OpenOTP/Helper/Data.php
ADDED
@@ -0,0 +1,27 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
/**
|
3 |
+
* OpenOTP magento module
|
4 |
+
*
|
5 |
+
* LICENSE
|
6 |
+
*
|
7 |
+
* Copyright © 2013.
|
8 |
+
* RCDevs OpenOTP. All rights reserved.
|
9 |
+
*
|
10 |
+
* The use and redistribution of this software, either compiled or uncompiled, with or without modifications are permitted provided that the following conditions are met:
|
11 |
+
* *
|
12 |
+
* @copyright Copyright (c) 201 RCDevs (http://www.rcdevs.com)
|
13 |
+
* @author rcdevs <info@rcdevs.com>
|
14 |
+
* @category RCDevs
|
15 |
+
* @package RCDevs_OpenOTP
|
16 |
+
*/
|
17 |
+
|
18 |
+
/**
|
19 |
+
* Standard data helper
|
20 |
+
*
|
21 |
+
* @category RCDevs
|
22 |
+
* @package RCDevs_OpenOTP
|
23 |
+
*/
|
24 |
+
class RCDevs_OpenOTP_Helper_Data extends Mage_Core_Helper_Abstract
|
25 |
+
{
|
26 |
+
|
27 |
+
}
|
app/code/community/RCDevs/OpenOTP/Model/Auth.php
ADDED
@@ -0,0 +1,277 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
/**
|
3 |
+
* OpenOTP magento module
|
4 |
+
*
|
5 |
+
* LICENSE
|
6 |
+
*
|
7 |
+
* Copyright © 2013.
|
8 |
+
* RCDevs OpenOTP. All rights reserved.
|
9 |
+
*
|
10 |
+
* The use and redistribution of this software, either compiled or uncompiled, with or without modifications are permitted provided that the following conditions are met:
|
11 |
+
* *
|
12 |
+
* @copyright Copyright (c) 201 RCDevs (http://www.rcdevs.com)
|
13 |
+
* @author rcdevs <info@rcdevs.com>
|
14 |
+
* @category RCDevs
|
15 |
+
* @package RCDevs_OpenOTP
|
16 |
+
*/
|
17 |
+
|
18 |
+
/**
|
19 |
+
* openOTP service class
|
20 |
+
*/
|
21 |
+
class RCDevs_OpenOTP_Model_Auth extends Zend_Service_Abstract
|
22 |
+
{
|
23 |
+
|
24 |
+
private $etcModuleDir;
|
25 |
+
private $server_url;
|
26 |
+
private $client_id;
|
27 |
+
private $default_domain;
|
28 |
+
private $client_settings;
|
29 |
+
private $proxy_host;
|
30 |
+
private $proxy_port;
|
31 |
+
private $proxy_username;
|
32 |
+
private $proxy_password;
|
33 |
+
private $soap_client;
|
34 |
+
|
35 |
+
|
36 |
+
/**
|
37 |
+
* Check if File exists
|
38 |
+
*
|
39 |
+
* @param string $file
|
40 |
+
* @return bool
|
41 |
+
*/
|
42 |
+
public function checkFile($file)
|
43 |
+
{
|
44 |
+
if (!file_exists($this->etcModuleDir . '/'.$file)) {
|
45 |
+
return false;
|
46 |
+
}
|
47 |
+
return true;
|
48 |
+
}
|
49 |
+
|
50 |
+
/**
|
51 |
+
* Check if SOAP extension loaded
|
52 |
+
*
|
53 |
+
* @return bool
|
54 |
+
*/
|
55 |
+
public function checkSOAPext()
|
56 |
+
{
|
57 |
+
if (!extension_loaded('soap')) {
|
58 |
+
return false;
|
59 |
+
}
|
60 |
+
return true;
|
61 |
+
}
|
62 |
+
|
63 |
+
|
64 |
+
public function getDomain($username)
|
65 |
+
{
|
66 |
+
$pos = strpos($username, "\\");
|
67 |
+
if ($pos) {
|
68 |
+
$ret['domain'] = substr($username, 0, $pos);
|
69 |
+
$ret['username'] = substr($username, $pos+1);
|
70 |
+
} else {
|
71 |
+
$ret = $this->default_domain;
|
72 |
+
}
|
73 |
+
return $ret;
|
74 |
+
}
|
75 |
+
|
76 |
+
public function getOverlay($message, $username, $session, $timeout, $ldappw, $domain){
|
77 |
+
$overlay = <<<EOT
|
78 |
+
function addOpenOTPDivs(){
|
79 |
+
var overlay_bg = document.createElement("div");
|
80 |
+
overlay_bg.id = 'openotp_overlay_bg';
|
81 |
+
overlay_bg.style.position = 'fixed';
|
82 |
+
overlay_bg.style.top = '0';
|
83 |
+
overlay_bg.style.left = '0';
|
84 |
+
overlay_bg.style.width = '100%';
|
85 |
+
overlay_bg.style.height = '100%';
|
86 |
+
overlay_bg.style.background = 'grey';
|
87 |
+
overlay_bg.style.zIndex = "9998";
|
88 |
+
overlay_bg.style["filter"] = "0.9";
|
89 |
+
overlay_bg.style["-moz-opacity"] = "0.9";
|
90 |
+
overlay_bg.style["-khtml-opacity"] = "0.9";
|
91 |
+
overlay_bg.style["opacity"] = "0.9";
|
92 |
+
|
93 |
+
var overlay = document.createElement("div");
|
94 |
+
overlay.id = 'openotp_overlay';
|
95 |
+
overlay.style.position = 'absolute';
|
96 |
+
overlay.style.top = '165px';
|
97 |
+
overlay.style.left = '50%';
|
98 |
+
overlay.style.width = '280px';
|
99 |
+
overlay.style.marginLeft = '-180px';
|
100 |
+
overlay.style.padding = '65px 40px 50px 40px';
|
101 |
+
overlay.style.background = 'url('+path+'openotp_banner.png) no-repeat top left #E4E4E4';
|
102 |
+
overlay.style.border = '5px solid #545454';
|
103 |
+
overlay.style.borderRadius = '10px';
|
104 |
+
overlay.style.MozBorderRadius = '10px';
|
105 |
+
overlay.style.WebkitBorderRadius = '10px';
|
106 |
+
overlay.style.boxShadow = '1px 1px 12px #555555';
|
107 |
+
overlay.style.WebkitBoxShadow = '1px 1px 12px #555555';
|
108 |
+
overlay.style.MozBoxShadow = '1px 1px 12px #555555';
|
109 |
+
overlay.style.zIndex = "9999";
|
110 |
+
overlay.innerHTML = '<a style="position:absolute; top:-12px; right:-12px;" href="$_SERVER[PHP_SELF]" title="close"><img src="'+path+'openotp_closebtn.png"/></a>'
|
111 |
+
+ '<div style="background-color:red; margin:0 -40px 0; height:4px; width:360px; padding:0;" id="count_red"><div style="background-color:orange; margin:0; height:4px; width:360px; padding:0;" id="div_orange"></div></div>'
|
112 |
+
+ '<form id="loginForm" autocomplete="off" style="margin-top:30px; display:block;" action="" method="POST">'
|
113 |
+
+ '<input type="hidden" name="form_key" value="'+token+'">'
|
114 |
+
+ '<input type="hidden" id="username" name="login[username]" value="$username">'
|
115 |
+
+ '<input type="hidden" id="login" name="login[password]" class="required-entry input-text" value="$ldappw" />'
|
116 |
+
+ '<input type="hidden" name="openotp_state" value="$session">'
|
117 |
+
+ '<input type="hidden" name="openotp_domain" value="$domain">'
|
118 |
+
+ '<table width="100%">'
|
119 |
+
+ '<tr><td style="text-align:center; font-weight:bold; font-size:14px;">$message</td></tr>'
|
120 |
+
+ '<tr><td id="timout_cell" style="text-align:center; padding-top:4px; font-weight:bold; font-style:italic; font-size:11px;">Timeout: <span id="timeout">$timeout seconds</span></td></tr>'
|
121 |
+
+ '<tr><td id="inputs_cell" style="text-align:center; padding-top:25px;"><input class="required-entry input-text" type="text" size=15 name="openotp_password"> '
|
122 |
+
+ '<input style="padding:3px 10px;" type="submit" value="Ok" class="form-button"></td></tr>'
|
123 |
+
+ '</table></form>';
|
124 |
+
|
125 |
+
document.body.appendChild(overlay_bg);
|
126 |
+
document.body.appendChild(overlay);
|
127 |
+
document.forms.loginForm.openotp_password.focus();
|
128 |
+
}
|
129 |
+
|
130 |
+
addOpenOTPDivs();
|
131 |
+
|
132 |
+
/* Compute Timeout */
|
133 |
+
var c = $timeout;
|
134 |
+
var base = $timeout;
|
135 |
+
function count()
|
136 |
+
{
|
137 |
+
plural = c <= 1 ? "" : "s";
|
138 |
+
document.getElementById("timeout").innerHTML = c + " second" + plural;
|
139 |
+
var div_width = 360;
|
140 |
+
var new_width = Math.round(c*div_width/base);
|
141 |
+
document.getElementById('div_orange').style.width=new_width+'px';
|
142 |
+
|
143 |
+
if(c == 0 || c < 0) {
|
144 |
+
c = 0;
|
145 |
+
clearInterval(timer);
|
146 |
+
document.getElementById("timout_cell").innerHTML = " <b style='color:red;'>Login timedout!</b> ";
|
147 |
+
document.getElementById("inputs_cell").innerHTML = "<input style='padding:3px 20px;' type='button' value='Retry' class='button mainaction' onclick='window.location.href=\"$_SERVER[PHP_SELF]\"'>";
|
148 |
+
}
|
149 |
+
c--;
|
150 |
+
}
|
151 |
+
count();
|
152 |
+
var timer = setInterval(function() {count(); }, 1000);
|
153 |
+
EOT;
|
154 |
+
|
155 |
+
return $overlay;
|
156 |
+
}
|
157 |
+
|
158 |
+
private function soapRequest(){
|
159 |
+
|
160 |
+
$options = array('location' => $this->server_url);
|
161 |
+
if ($this->proxy_host != NULL && $this->proxy_port != NULL) {
|
162 |
+
$options['proxy_host'] = $this->proxy_host;
|
163 |
+
$options['proxy_port'] = $this->proxy_port;
|
164 |
+
if ($this->proxy_username != NULL && $this->proxy_password != NULL) {
|
165 |
+
$options['proxy_login'] = $this->proxy_username;
|
166 |
+
$options['proxy_password'] = $this->proxy_password;
|
167 |
+
}
|
168 |
+
}
|
169 |
+
|
170 |
+
$soap_client = new SoapClient($this->etcModuleDir.'/openotp.wsdl', $options);
|
171 |
+
if (!$soap_client) {
|
172 |
+
return false;
|
173 |
+
}
|
174 |
+
$this->soap_client = $soap_client;
|
175 |
+
return true;
|
176 |
+
}
|
177 |
+
|
178 |
+
public function openOTPSimpleLogin($username, $domain, $password, $remote_add){
|
179 |
+
if (!$this->soapRequest()) return false;
|
180 |
+
$resp = $this->soap_client->openotpSimpleLogin($username, $domain, $password, $this->client_id, $remote_add, $this->client_settings);
|
181 |
+
|
182 |
+
return $resp;
|
183 |
+
}
|
184 |
+
|
185 |
+
public function openOTPChallenge($username, $domain, $state, $password){
|
186 |
+
if (!$this->soapRequest()) return false;
|
187 |
+
$resp = $this->soap_client->openotpChallenge($username, $domain, $state, $password);
|
188 |
+
|
189 |
+
return $resp;
|
190 |
+
}
|
191 |
+
|
192 |
+
public function setEtcModuleDir($dir)
|
193 |
+
{
|
194 |
+
$this->etcModuleDir = $dir;
|
195 |
+
}
|
196 |
+
|
197 |
+
public function setServer_url($server_url)
|
198 |
+
{
|
199 |
+
$this->server_url = $server_url;
|
200 |
+
}
|
201 |
+
|
202 |
+
public function getServer_url()
|
203 |
+
{
|
204 |
+
return $this->server_url;
|
205 |
+
}
|
206 |
+
|
207 |
+
public function setClient_id($client_id)
|
208 |
+
{
|
209 |
+
$this->client_id = $client_id;
|
210 |
+
}
|
211 |
+
|
212 |
+
public function getClient_id()
|
213 |
+
{
|
214 |
+
return $this->client_id;
|
215 |
+
}
|
216 |
+
|
217 |
+
public function setDefault_domain($default_domain)
|
218 |
+
{
|
219 |
+
$this->default_domain = $default_domain;
|
220 |
+
}
|
221 |
+
|
222 |
+
public function getDefault_domain()
|
223 |
+
{
|
224 |
+
return $this->default_domain;
|
225 |
+
}
|
226 |
+
|
227 |
+
public function setClient_settings($client_settings)
|
228 |
+
{
|
229 |
+
$this->client_settings = $client_settings;
|
230 |
+
}
|
231 |
+
|
232 |
+
public function getClient_settings()
|
233 |
+
{
|
234 |
+
return $this->client_settings;
|
235 |
+
}
|
236 |
+
|
237 |
+
public function setProxy_host($proxy_host)
|
238 |
+
{
|
239 |
+
$this->proxy_host = $proxy_host;
|
240 |
+
}
|
241 |
+
|
242 |
+
public function getProxy_host()
|
243 |
+
{
|
244 |
+
return $this->proxy_host;
|
245 |
+
}
|
246 |
+
|
247 |
+
public function setProxy_port($proxy_port)
|
248 |
+
{
|
249 |
+
$this->proxy_port = $proxy_port;
|
250 |
+
}
|
251 |
+
|
252 |
+
public function getProxy_port()
|
253 |
+
{
|
254 |
+
return $this->proxy_port;
|
255 |
+
}
|
256 |
+
|
257 |
+
public function setProxy_login($proxy_login)
|
258 |
+
{
|
259 |
+
$this->proxy_login = $proxy_login;
|
260 |
+
}
|
261 |
+
|
262 |
+
public function getProxy_login()
|
263 |
+
{
|
264 |
+
return $this->proxy_login;
|
265 |
+
}
|
266 |
+
|
267 |
+
public function setProxy_password($proxy_password)
|
268 |
+
{
|
269 |
+
$this->proxy_password = $proxy_password;
|
270 |
+
}
|
271 |
+
|
272 |
+
public function getProxy_password()
|
273 |
+
{
|
274 |
+
return $this->proxy_password;
|
275 |
+
}
|
276 |
+
|
277 |
+
}
|
app/code/community/RCDevs/OpenOTP/Model/Config.php
ADDED
@@ -0,0 +1,169 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
/**
|
3 |
+
* OpenOTP magento module
|
4 |
+
*
|
5 |
+
* LICENSE
|
6 |
+
*
|
7 |
+
* Copyright © 2013.
|
8 |
+
* RCDevs OpenOTP. All rights reserved.
|
9 |
+
*
|
10 |
+
* The use and redistribution of this software, either compiled or uncompiled, with or without modifications are permitted provided that the following conditions are met:
|
11 |
+
* *
|
12 |
+
* @copyright Copyright (c) 201 RCDevs (http://www.rcdevs.com)
|
13 |
+
* @author rcdevs <info@rcdevs.com>
|
14 |
+
* @category RCDevs
|
15 |
+
* @package RCDevs_OpenOTP
|
16 |
+
*/
|
17 |
+
|
18 |
+
/**
|
19 |
+
* Abstraction for store config to fetch global openotp settings
|
20 |
+
*/
|
21 |
+
class RCDevs_OpenOTP_Model_Config extends Mage_Core_Model_Abstract
|
22 |
+
{
|
23 |
+
|
24 |
+
/**
|
25 |
+
* @var string
|
26 |
+
*/
|
27 |
+
const XML_PATH_OPENOTP_ENABLED = 'admin/openotp/enabled';
|
28 |
+
|
29 |
+
/**
|
30 |
+
* @var string
|
31 |
+
*/
|
32 |
+
const XML_PATH_OPENOTP_SERVER_URL = 'admin/openotp/openotp_server_url';
|
33 |
+
|
34 |
+
/**
|
35 |
+
* @var string
|
36 |
+
*/
|
37 |
+
const XML_PATH_OPENOTP_CLIENT_ID = 'admin/openotp/openotp_client_id';
|
38 |
+
|
39 |
+
/**
|
40 |
+
* @var string
|
41 |
+
*/
|
42 |
+
const XML_PATH_OPENOTP_CREATE_ACCOUNT = 'admin/openotp/openotp_create_account';
|
43 |
+
|
44 |
+
/**
|
45 |
+
* @var string
|
46 |
+
*/
|
47 |
+
const XML_PATH_OPENOTP_DEFAULT_DOMAIN = 'admin/openotp/openotp_default_domain';
|
48 |
+
|
49 |
+
/**
|
50 |
+
* @var string
|
51 |
+
*/
|
52 |
+
const XML_PATH_OPENOTP_CLIENT_SETTINGS = 'admin/openotp/openotp_client_settings';
|
53 |
+
|
54 |
+
/**
|
55 |
+
* @var string
|
56 |
+
*/
|
57 |
+
const XML_PATH_OPENOTP_PROXY_HOST = 'admin/openotp/openotp_proxy_host';
|
58 |
+
|
59 |
+
/**
|
60 |
+
* @var string
|
61 |
+
*/
|
62 |
+
const XML_PATH_OPENOTP_PROXY_PORT = 'admin/openotp/openotp_proxy_port';
|
63 |
+
|
64 |
+
/**
|
65 |
+
* @var string
|
66 |
+
*/
|
67 |
+
const XML_PATH_OPENOTP_PROXY_LOGIN = 'admin/openotp/openotp_proxy_login';
|
68 |
+
|
69 |
+
/**
|
70 |
+
* @var string
|
71 |
+
*/
|
72 |
+
const XML_PATH_OPENOTP_PROXY_PASSWORD = 'admin/openotp/openotp_proxy_password';
|
73 |
+
|
74 |
+
/**
|
75 |
+
* @var string
|
76 |
+
*/
|
77 |
+
const XML_PATH_OPENOTP_LOG_ENABLED = 'admin/openotp/log_enabled';
|
78 |
+
|
79 |
+
|
80 |
+
/**
|
81 |
+
* @return bool
|
82 |
+
*/
|
83 |
+
public function isEnabled()
|
84 |
+
{
|
85 |
+
return Mage::getStoreConfig(self::XML_PATH_OPENOTP_ENABLED) == 1;
|
86 |
+
}
|
87 |
+
|
88 |
+
/**
|
89 |
+
* @return string
|
90 |
+
*/
|
91 |
+
public function getServerUrl()
|
92 |
+
{
|
93 |
+
return Mage::getStoreConfig(self::XML_PATH_OPENOTP_SERVER_URL);
|
94 |
+
}
|
95 |
+
|
96 |
+
/**
|
97 |
+
* @return string
|
98 |
+
*/
|
99 |
+
public function getClientId()
|
100 |
+
{
|
101 |
+
return Mage::getStoreConfig(self::XML_PATH_OPENOTP_CLIENT_ID);
|
102 |
+
}
|
103 |
+
|
104 |
+
/**
|
105 |
+
* @return string
|
106 |
+
*/
|
107 |
+
public function getCreateAccount()
|
108 |
+
{
|
109 |
+
return Mage::getStoreConfig(self::XML_PATH_OPENOTP_CREATE_ACCOUNT) == 1;
|
110 |
+
}
|
111 |
+
|
112 |
+
/**
|
113 |
+
* @return string
|
114 |
+
*/
|
115 |
+
public function getDefaultDomain()
|
116 |
+
{
|
117 |
+
return Mage::getStoreConfig(self::XML_PATH_OPENOTP_DEFAULT_DOMAIN);
|
118 |
+
}
|
119 |
+
|
120 |
+
/**
|
121 |
+
* @return string
|
122 |
+
*/
|
123 |
+
public function getClientSettings()
|
124 |
+
{
|
125 |
+
return Mage::getStoreConfig(self::XML_PATH_OPENOTP_CLIENT_SETTINGS);
|
126 |
+
}
|
127 |
+
|
128 |
+
/**
|
129 |
+
* @return string
|
130 |
+
*/
|
131 |
+
public function getProxyHost()
|
132 |
+
{
|
133 |
+
return Mage::getStoreConfig(self::XML_PATH_OPENOTP_PROXY_HOST);
|
134 |
+
}
|
135 |
+
|
136 |
+
/**
|
137 |
+
* @return string
|
138 |
+
*/
|
139 |
+
public function getProxyPort()
|
140 |
+
{
|
141 |
+
return Mage::getStoreConfig(self::XML_PATH_OPENOTP_PROXY_PORT);
|
142 |
+
}
|
143 |
+
|
144 |
+
/**
|
145 |
+
* @return string
|
146 |
+
*/
|
147 |
+
public function getProxyLogin()
|
148 |
+
{
|
149 |
+
return Mage::getStoreConfig(self::XML_PATH_OPENOTP_PROXY_LOGIN);
|
150 |
+
}
|
151 |
+
|
152 |
+
/**
|
153 |
+
* @return string
|
154 |
+
*/
|
155 |
+
public function getProxyPassword()
|
156 |
+
{
|
157 |
+
return Mage::getStoreConfig(self::XML_PATH_OPENOTP_PROXY_PASSWORD);
|
158 |
+
}
|
159 |
+
|
160 |
+
/**
|
161 |
+
* @return bool
|
162 |
+
*/
|
163 |
+
public function isLogEnabled()
|
164 |
+
{
|
165 |
+
return Mage::getStoreConfig(self::XML_PATH_OPENOTP_LOG_ENABLED) == 1;
|
166 |
+
}
|
167 |
+
|
168 |
+
|
169 |
+
}
|
app/code/community/RCDevs/OpenOTP/Model/Observer.php
ADDED
@@ -0,0 +1,64 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
/**
|
3 |
+
* OpenOTP magento module
|
4 |
+
*
|
5 |
+
* LICENSE
|
6 |
+
*
|
7 |
+
* Copyright © 2013.
|
8 |
+
* RCDevs OpenOTP. All rights reserved.
|
9 |
+
*
|
10 |
+
* The use and redistribution of this software, either compiled or uncompiled, with or without modifications are permitted provided that the following conditions are met:
|
11 |
+
* *
|
12 |
+
* @copyright Copyright (c) 201 RCDevs (http://www.rcdevs.com)
|
13 |
+
* @author rcdevs <info@rcdevs.com>
|
14 |
+
* @category RCDevs
|
15 |
+
* @package RCDevs_OpenOTP
|
16 |
+
*/
|
17 |
+
|
18 |
+
/**
|
19 |
+
* Hooks into every adminhtml controller and checks if yubikey is enabled.
|
20 |
+
* Forwards not authorized yubikey enabled users to yubikey login form.
|
21 |
+
*/
|
22 |
+
class RCDevs_OpenOTP_Model_Observer
|
23 |
+
{
|
24 |
+
/**
|
25 |
+
* @param Varien_Event_Observer $observer
|
26 |
+
*/
|
27 |
+
public function controllerActionPredispatch(Varien_Event_Observer $observer)
|
28 |
+
{
|
29 |
+
$request = Mage::app()->getRequest();
|
30 |
+
/** @var $session Mage_Admin_Model_Session */
|
31 |
+
$session = Mage::getSingleton('admin/session');
|
32 |
+
|
33 |
+
/* @var $request Mage_Core_Controller_Request_Http */
|
34 |
+
if ( $request->getRequestedControllerName() == 'index' && $request->getRequestedActionName() == 'login' ){
|
35 |
+
$request->setControllerName('openotp')
|
36 |
+
->setActionName('login')
|
37 |
+
->setDispatched(false);
|
38 |
+
}
|
39 |
+
}
|
40 |
+
|
41 |
+
/**
|
42 |
+
* @param Varien_Event_Observer $observer
|
43 |
+
*/
|
44 |
+
public function addOpenOTPTabToUserPermissionForm(Varien_Event_Observer $observer)
|
45 |
+
{
|
46 |
+
$block = $observer->getBlock();
|
47 |
+
|
48 |
+
/* @var $block Mage_Adminhtml_Block_Permissions_User_Edit_Tabs */
|
49 |
+
if ($block instanceof Mage_Adminhtml_Block_Permissions_User_Edit_Tabs) {
|
50 |
+
$tabData = array(
|
51 |
+
'label' => Mage::helper('rcdevs_openotp')->__('OpenOTP setup'),
|
52 |
+
'title' => Mage::helper('rcdevs_openotp')->__('OpenOTP setup'),
|
53 |
+
'content' => $block->getLayout()->createBlock('rcdevs_openotp/adminhtml_permission_user_edit_tab_openotp')->toHtml(),
|
54 |
+
'active' => true
|
55 |
+
);
|
56 |
+
if (method_exists($block, 'addTabAfter')) {
|
57 |
+
// >= CE 1.6
|
58 |
+
$block->addTabAfter('openotp_section', $tabData, 'roles_section');
|
59 |
+
} else {
|
60 |
+
$block->addTab('openotp_section', $tabData);
|
61 |
+
}
|
62 |
+
}
|
63 |
+
}
|
64 |
+
}
|
app/code/community/RCDevs/OpenOTP/Model/Session.php
ADDED
@@ -0,0 +1,188 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
class RCDevs_OpenOTP_Model_Session extends Mage_Admin_Model_Session
|
3 |
+
{
|
4 |
+
|
5 |
+
public $openotpAuth = NULL;
|
6 |
+
private $state = NULL;
|
7 |
+
private $message = NULL;
|
8 |
+
private $timeout = NULL;
|
9 |
+
private $domain = NULL;
|
10 |
+
private $username = NULL;
|
11 |
+
private $password = NULL;
|
12 |
+
private $userMagentoExist = false;
|
13 |
+
//To deactivate OpenOTP Authentication
|
14 |
+
private $disableOpenOTP = false;
|
15 |
+
|
16 |
+
/*
|
17 |
+
* Override admin login
|
18 |
+
*/
|
19 |
+
public function login($username, $password, $request = null)
|
20 |
+
{
|
21 |
+
|
22 |
+
/** @var $session Mage_Admin_Model_Session */
|
23 |
+
$session = Mage::getSingleton('admin/session');
|
24 |
+
/* @var $config RCDevs_Openotp_Model_Config */
|
25 |
+
$config = Mage::getSingleton('rcdevs_openotp/config');
|
26 |
+
/* @var $openotpAuth RCDevs_Openotp_Model_Auth */
|
27 |
+
$this->openotpAuth = Mage::getModel('rcdevs_openotp/auth');
|
28 |
+
|
29 |
+
$etcModuleDir = Mage::getModuleDir('etc', 'RCDevs_OpenOTP');
|
30 |
+
$this->openotpAuth->setEtcModuleDir($etcModuleDir);
|
31 |
+
$request = Mage::app()->getRequest();
|
32 |
+
|
33 |
+
$remote_addr = $_SERVER["REMOTE_ADDR"];
|
34 |
+
$userEnabled = 2;
|
35 |
+
$session->setShowOpenOTPChallenge(false);
|
36 |
+
$session->setOpenOTPSuccess(false);
|
37 |
+
|
38 |
+
// Check OpenOTP WSDL file
|
39 |
+
if (!$this->openotpAuth->checkFile('/openotp.wsdl','Could not load OpenOTP WSDL file')){
|
40 |
+
$this->_error('Could not load OpenOTP module (WSDL file missing)');
|
41 |
+
$this->_log('Could not load OpenOTP WSDL file');
|
42 |
+
return false;
|
43 |
+
}
|
44 |
+
// Check SOAP extension is loaded
|
45 |
+
if (!$this->openotpAuth->checkSOAPext()){
|
46 |
+
$this->_error('Your PHP installation is missing the SOAP extension');
|
47 |
+
$this->_log('Your PHP installation is missing the SOAP extension');
|
48 |
+
return false;
|
49 |
+
}
|
50 |
+
|
51 |
+
if (empty($username)) {
|
52 |
+
$this->_error('Username is mandatory');
|
53 |
+
return false;
|
54 |
+
}else{
|
55 |
+
$this->username = $username;
|
56 |
+
$this->password = $request->getPost('openotp_password') != NULL ? $request->getPost('openotp_password') : $password;
|
57 |
+
$state = $request->getPost('openotp_state');
|
58 |
+
}
|
59 |
+
|
60 |
+
try {
|
61 |
+
$this->load_Parameters($config);
|
62 |
+
|
63 |
+
$t_domain = $this->openotpAuth->getDomain($this->username);
|
64 |
+
if (is_array($t_domain)){
|
65 |
+
$this->username = $t_domain['username'];
|
66 |
+
$this->domain = $t_domain['domain'];
|
67 |
+
}elseif($request->getPost('openotp_domain')!= NULL) $this->domain = $request->getPost('openotp_domain');
|
68 |
+
else $this->domain = $t_domain;
|
69 |
+
|
70 |
+
//User exists in Magento ?
|
71 |
+
$user = Mage::getModel('admin/user')->loadByUsername($this->username);
|
72 |
+
if($user->getId()) $this->userMagentoExist = true;
|
73 |
+
|
74 |
+
// User enabled?
|
75 |
+
$user = Mage::getModel('admin/user')->load($this->username, 'username');
|
76 |
+
if ($user->getId()){
|
77 |
+
$userEnabled = $user->getOpenotp();
|
78 |
+
}
|
79 |
+
$session->setIsUserEnabled($userEnabled);
|
80 |
+
|
81 |
+
//If deactivated do normal Auth
|
82 |
+
if ( ( ( !$config->isEnabled() && $userEnabled != 1 ) || ( $config->isEnabled() && $userEnabled == 2 ) || $this->disableOpenOTP ) && $this->userMagentoExist )
|
83 |
+
return parent::login($this->username, $this->password, $request);
|
84 |
+
|
85 |
+
if ($state != NULL) {
|
86 |
+
// OpenOTP Challenge
|
87 |
+
$resp = $this->openotpAuth->openOTPChallenge($this->username, $this->domain, $state, $this->password);
|
88 |
+
} else {
|
89 |
+
// OpenOTP Login
|
90 |
+
$resp = $this->openotpAuth->openOTPSimpleLogin($this->username, $this->domain, utf8_encode($this->password), $remote_addr);
|
91 |
+
}
|
92 |
+
$this->_log($resp);
|
93 |
+
if (!$resp || !isset($resp['code'])) {
|
94 |
+
$this->_log('Invalid OpenOTP response for user '.$this->username);
|
95 |
+
$this->_error('An error occurred while processing your request');
|
96 |
+
return false;
|
97 |
+
}
|
98 |
+
|
99 |
+
switch ($resp['code']) {
|
100 |
+
case 0:
|
101 |
+
if ($resp['message']) $msg = $resp['message'];
|
102 |
+
else $msg = 'An error occurred while processing your request';
|
103 |
+
$this->_error($msg);
|
104 |
+
break;
|
105 |
+
case 1:
|
106 |
+
$session->setShowOpenOTPChallenge(false);
|
107 |
+
$session->setOpenOTPSuccess(true);
|
108 |
+
|
109 |
+
try {
|
110 |
+
if (!$this->userMagentoExist){
|
111 |
+
if( $config->getCreateAccount() ){
|
112 |
+
$user = Mage::getModel('admin/user')
|
113 |
+
->setData(array(
|
114 |
+
'username' => $this->username,
|
115 |
+
'password' => $password,
|
116 |
+
'is_active' => 1
|
117 |
+
))->save();
|
118 |
+
Mage::getSingleton('core/session')->addSuccess('User succesfully created on Magento');
|
119 |
+
$user->setRoleIds(array(1))
|
120 |
+
->setRoleUserId($user->getUserId())
|
121 |
+
->saveRelations();
|
122 |
+
}
|
123 |
+
}
|
124 |
+
$this->renewSession();
|
125 |
+
if (Mage::getSingleton('adminhtml/url')->useSecretKey())
|
126 |
+
Mage::getSingleton('adminhtml/url')->renewSecretUrls();
|
127 |
+
$this->setIsFirstPageAfterLogin(true);
|
128 |
+
$this->setUser($user);
|
129 |
+
$this->setAcl(Mage::getResourceModel('admin/acl')->loadAcl());
|
130 |
+
if ($requestUri = $this->_getRequestUri($request)) {
|
131 |
+
Mage::dispatchEvent('admin_session_user_login_success', array('user' => $user));
|
132 |
+
header('Location: ' . $requestUri);
|
133 |
+
exit;
|
134 |
+
}
|
135 |
+
} catch (Exception $e) {
|
136 |
+
echo $e->getMessage();
|
137 |
+
exit;
|
138 |
+
}
|
139 |
+
break;
|
140 |
+
case 2:
|
141 |
+
$session->setShowOpenOTPChallenge(true);
|
142 |
+
$js = $this->openotpAuth->getOverlay($resp['message'], $this->username, $resp['session'], $resp['timeout'], $this->password, $this->domain);
|
143 |
+
$session->setOpenotpFrontendScript($js);
|
144 |
+
break;
|
145 |
+
default:
|
146 |
+
$session->setShowOpenOTPChallenge(false);
|
147 |
+
$this->_log('Invalid OpenOTP response for user '.$this->username, JLog::ERROR, $remote_addr);
|
148 |
+
$this->_error('An error occurred while processing your request');
|
149 |
+
break;
|
150 |
+
}
|
151 |
+
|
152 |
+
}catch (Mage_Core_Exception $e) {
|
153 |
+
Mage::dispatchEvent('admin_session_user_login_failed',
|
154 |
+
array('user_name' => $username, 'exception' => $e));
|
155 |
+
if ($request && !$request->getParam('messageSent')) {
|
156 |
+
Mage::getSingleton('adminhtml/session')->addError("DiVA".$e->getMessage());
|
157 |
+
$request->setParam('messageSent', true);
|
158 |
+
}
|
159 |
+
}
|
160 |
+
return $user;
|
161 |
+
}
|
162 |
+
|
163 |
+
private function load_Parameters($config){
|
164 |
+
$this->openotpAuth->setServer_url($config->getServerUrl());
|
165 |
+
$this->openotpAuth->setClient_id($config->getClientId());
|
166 |
+
$this->openotpAuth->setDefault_domain($config->getDefaultDomain());
|
167 |
+
$this->openotpAuth->setClient_settings($config->getClientSettings());
|
168 |
+
$this->openotpAuth->setProxy_host($config->getProxyHost());
|
169 |
+
$this->openotpAuth->setProxy_port($config->getProxyPort());
|
170 |
+
$this->openotpAuth->setProxy_login($config->getProxyLogin());
|
171 |
+
$this->openotpAuth->setProxy_password($config->getProxyPassword());
|
172 |
+
}
|
173 |
+
|
174 |
+
protected function _log($mess)
|
175 |
+
{
|
176 |
+
if(is_array($mess) || is_object($mess)){
|
177 |
+
$mess = print_r($mess, true);
|
178 |
+
}
|
179 |
+
Mage::log($mess, Zend_Log::DEBUG, 'openotp.log');
|
180 |
+
}
|
181 |
+
|
182 |
+
public function _error($message, $type="core") {
|
183 |
+
Mage::getSingleton($type.'/session')->addError($message);
|
184 |
+
return false;
|
185 |
+
}
|
186 |
+
|
187 |
+
|
188 |
+
}
|
app/code/community/RCDevs/OpenOTP/controllers/Adminhtml/.DS_Store
ADDED
Binary file
|
app/code/community/RCDevs/OpenOTP/controllers/Adminhtml/._.DS_Store
ADDED
Binary file
|
app/code/community/RCDevs/OpenOTP/controllers/Adminhtml/OpenotpController.php
ADDED
@@ -0,0 +1,50 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
/**
|
3 |
+
* OpenOTP magento module
|
4 |
+
*
|
5 |
+
* LICENSE
|
6 |
+
*
|
7 |
+
* Copyright © 2013.
|
8 |
+
* RCDevs OpenOTP. All rights reserved.
|
9 |
+
*
|
10 |
+
* The use and redistribution of this software, either compiled or uncompiled, with or without modifications are permitted provided that the following conditions are met:
|
11 |
+
* *
|
12 |
+
* @copyright Copyright (c) 201 RCDevs (http://www.rcdevs.com)
|
13 |
+
* @author rcdevs <info@rcdevs.com>
|
14 |
+
* @category RCDevs
|
15 |
+
* @package RCDevs_OpenOTP
|
16 |
+
*/
|
17 |
+
|
18 |
+
/**
|
19 |
+
* Controller for OpenOTP login form.
|
20 |
+
*/
|
21 |
+
class RCDevs_OpenOTP_Adminhtml_OpenotpController extends Mage_Adminhtml_Controller_Action
|
22 |
+
{
|
23 |
+
protected function _isAllowed()
|
24 |
+
{
|
25 |
+
return true;
|
26 |
+
}
|
27 |
+
|
28 |
+
public function loginAction()
|
29 |
+
{
|
30 |
+
$this->_outTemplate('rcdevs_openotp/login');
|
31 |
+
}
|
32 |
+
|
33 |
+
/**
|
34 |
+
* Render specified template
|
35 |
+
*
|
36 |
+
* @param string $tplName
|
37 |
+
* @param array $data parameters required by template
|
38 |
+
*/
|
39 |
+
protected function _outTemplate($tplName, $data = array())
|
40 |
+
{
|
41 |
+
$this->_initLayoutMessages('adminhtml/session');
|
42 |
+
$block = $this->getLayout()->createBlock('adminhtml/template')->setTemplate("$tplName.phtml");
|
43 |
+
foreach ($data as $index => $value) {
|
44 |
+
$block->assign($index, $value);
|
45 |
+
}
|
46 |
+
$html = $block->toHtml();
|
47 |
+
Mage::getSingleton('core/translate_inline')->processResponseBody($html);
|
48 |
+
$this->getResponse()->setBody($html);
|
49 |
+
}
|
50 |
+
}
|
app/code/community/RCDevs/OpenOTP/etc/config.xml
ADDED
@@ -0,0 +1,85 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?xml version="1.0"?>
|
2 |
+
<config>
|
3 |
+
<modules>
|
4 |
+
<RCDevs_OpenOTP>
|
5 |
+
<version>1.0.4</version>
|
6 |
+
</RCDevs_OpenOTP>
|
7 |
+
</modules>
|
8 |
+
<admin>
|
9 |
+
<routers>
|
10 |
+
<adminhtml>
|
11 |
+
<args>
|
12 |
+
<modules>
|
13 |
+
<RCDevs_Openotp before="Mage_Adminhtml">RCDevs_OpenOTP_Adminhtml</RCDevs_Openotp>
|
14 |
+
</modules>
|
15 |
+
</args>
|
16 |
+
</adminhtml>
|
17 |
+
</routers>
|
18 |
+
</admin>
|
19 |
+
<adminhtml>
|
20 |
+
<translate>
|
21 |
+
<modules>
|
22 |
+
<RCDevs_OpenOTP>
|
23 |
+
<files>
|
24 |
+
<default>RCDevs_OpenOTP.csv</default>
|
25 |
+
</files>
|
26 |
+
</RCDevs_OpenOTP>
|
27 |
+
</modules>
|
28 |
+
</translate>
|
29 |
+
<events>
|
30 |
+
<controller_action_predispatch>
|
31 |
+
<observers>
|
32 |
+
<rcdevs_openotp>
|
33 |
+
<class>rcdevs_openotp/observer</class>
|
34 |
+
<method>controllerActionPredispatch</method>
|
35 |
+
</rcdevs_openotp>
|
36 |
+
</observers>
|
37 |
+
</controller_action_predispatch>
|
38 |
+
<core_block_abstract_prepare_layout_after>
|
39 |
+
<observers>
|
40 |
+
<rcdevs_openotp>
|
41 |
+
<class>rcdevs_openotp/observer</class>
|
42 |
+
<method>addOpenOTPTabToUserPermissionForm</method>
|
43 |
+
</rcdevs_openotp>
|
44 |
+
</observers>
|
45 |
+
</core_block_abstract_prepare_layout_after>
|
46 |
+
</events>
|
47 |
+
</adminhtml>
|
48 |
+
<global>
|
49 |
+
<blocks>
|
50 |
+
<rcdevs_openotp>
|
51 |
+
<class>RCDevs_OpenOTP_Block</class>
|
52 |
+
</rcdevs_openotp>
|
53 |
+
</blocks>
|
54 |
+
<models>
|
55 |
+
<rcdevs_openotp>
|
56 |
+
<class>RCDevs_OpenOTP_Model</class>
|
57 |
+
</rcdevs_openotp>
|
58 |
+
<admin>
|
59 |
+
<rewrite>
|
60 |
+
<session>RCDevs_OpenOTP_Model_Session</session>
|
61 |
+
</rewrite>
|
62 |
+
</admin>
|
63 |
+
</models>
|
64 |
+
<helpers>
|
65 |
+
<rcdevs_openotp>
|
66 |
+
<class>RCDevs_OpenOTP_Helper</class>
|
67 |
+
</rcdevs_openotp>
|
68 |
+
</helpers>
|
69 |
+
<resources>
|
70 |
+
<rcdevs_openotp_setup>
|
71 |
+
<setup>
|
72 |
+
<module>RCDevs_OpenOTP</module>
|
73 |
+
</setup>
|
74 |
+
</rcdevs_openotp_setup>
|
75 |
+
</resources>
|
76 |
+
</global>
|
77 |
+
<default>
|
78 |
+
<admin>
|
79 |
+
<openotp>
|
80 |
+
<openotp_server_url>http://myserver:8080/openotp/</openotp_server_url>
|
81 |
+
<openotp_client_id>Magento</openotp_client_id>
|
82 |
+
</openotp>
|
83 |
+
</admin>
|
84 |
+
</default>
|
85 |
+
</config>
|
app/code/community/RCDevs/OpenOTP/etc/openotp.wsdl
ADDED
@@ -0,0 +1,119 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?xml version="1.0" encoding="UTF-8"?>
|
2 |
+
|
3 |
+
<definitions targetNamespace="http://www.rcdevs.com/wsdl/openotp/"
|
4 |
+
xmlns="http://schemas.xmlsoap.org/wsdl/"
|
5 |
+
xmlns:tns="http://www.rcdevs.com/wsdl/openotp/"
|
6 |
+
xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/"
|
7 |
+
xmlns:SOAP-ENC="http://schemas.xmlsoap.org/soap/encoding/"
|
8 |
+
xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/"
|
9 |
+
xmlns:xsd="http://www.w3.org/2001/XMLSchema"
|
10 |
+
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
|
11 |
+
|
12 |
+
<message name="openotpSimpleLoginRequest">
|
13 |
+
<part name="username" type="xsd:string"/>
|
14 |
+
<part name="domain" type="xsd:string"/>
|
15 |
+
<part name="anyPassword" type="xsd:string"/>
|
16 |
+
<part name="client" type="xsd:string"/>
|
17 |
+
<part name="source" type="xsd:string"/>
|
18 |
+
<part name="settings" type="xsd:string"/>
|
19 |
+
</message>
|
20 |
+
|
21 |
+
<message name="openotpNormalLoginRequest">
|
22 |
+
<part name="username" type="xsd:string"/>
|
23 |
+
<part name="domain" type="xsd:string"/>
|
24 |
+
<part name="ldapPassword" type="xsd:string"/>
|
25 |
+
<part name="otpPassword" type="xsd:string"/>
|
26 |
+
<part name="client" type="xsd:string"/>
|
27 |
+
<part name="source" type="xsd:string"/>
|
28 |
+
<part name="settings" type="xsd:string"/>
|
29 |
+
</message>
|
30 |
+
|
31 |
+
<message name="openotpLoginResponse">
|
32 |
+
<part name="code" type="xsd:integer"/>
|
33 |
+
<part name="message" type="xsd:string"/>
|
34 |
+
<part name="session" type="xsd:string"/>
|
35 |
+
<part name="data" type="xsd:string"/>
|
36 |
+
<part name="timeout" type="xsd:integer"/>
|
37 |
+
</message>
|
38 |
+
|
39 |
+
<message name="openotpChallengeRequest">
|
40 |
+
<part name="username" type="xsd:string"/>
|
41 |
+
<part name="domain" type="xsd:string"/>
|
42 |
+
<part name="session" type="xsd:string"/>
|
43 |
+
<part name="otpPassword" type="xsd:string"/>
|
44 |
+
</message>
|
45 |
+
|
46 |
+
<message name="openotpChallengeResponse">
|
47 |
+
<part name="code" type="xsd:integer"/>
|
48 |
+
<part name="message" type="xsd:string"/>
|
49 |
+
<part name="data" type="xsd:string"/>
|
50 |
+
</message>
|
51 |
+
|
52 |
+
<message name="openotpStatusRequest"/>
|
53 |
+
|
54 |
+
<message name="openotpStatusResponse">
|
55 |
+
<part name="status" type="xsd:boolean"/>
|
56 |
+
<part name="message" type="xsd:string"/>
|
57 |
+
</message>
|
58 |
+
|
59 |
+
<portType name="openotpPortType">
|
60 |
+
<operation name="openotpSimpleLogin">
|
61 |
+
<input name="openotpSimpleLoginRequest" message="tns:openotpSimpleLoginRequest"/>
|
62 |
+
<output name="openotpSimpleLoginResponse" message="tns:openotpLoginResponse"/>
|
63 |
+
</operation>
|
64 |
+
<operation name="openotpNormalLogin">
|
65 |
+
<input name="openotpNormalLoginRequest" message="tns:openotpNormalLoginRequest"/>
|
66 |
+
<output name="openotpNormalLoginResponse" message="tns:openotpLoginResponse"/>
|
67 |
+
</operation>
|
68 |
+
<operation name="openotpLogin">
|
69 |
+
<input name="openotpLoginRequest" message="tns:openotpNormalLoginRequest"/>
|
70 |
+
<output name="openotpLoginResponse" message="tns:openotpLoginResponse"/>
|
71 |
+
</operation>
|
72 |
+
<operation name="openotpChallenge">
|
73 |
+
<input name="openotpChallengeRequest" message="tns:openotpChallengeRequest"/>
|
74 |
+
<output name="openotpChallengeResponse" message="tns:openotpChallengeResponse"/>
|
75 |
+
</operation>
|
76 |
+
<operation name="openotpStatus">
|
77 |
+
<input name="openotpStatusRequest" message="tns:openotpStatusRequest"/>
|
78 |
+
<output name="openotpStatusResponse" message="tns:openotpStatusResponse"/>
|
79 |
+
</operation>
|
80 |
+
</portType>
|
81 |
+
|
82 |
+
<binding name="openotpBinding" type="tns:openotpPortType">
|
83 |
+
<soap:binding style="rpc" transport="http://schemas.xmlsoap.org/soap/http"/>
|
84 |
+
<operation name="openotpSimpleLogin">
|
85 |
+
<soap:operation soapAction="openotpSimpleLogin"/>
|
86 |
+
<input><soap:body use="encoded" namespace="urn:openotp" encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/></input>
|
87 |
+
<output><soap:body use="encoded" namespace="urn:openotp" encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/></output>
|
88 |
+
</operation>
|
89 |
+
<operation name="openotpNormalLogin">
|
90 |
+
<soap:operation soapAction="openotpNormalLogin"/>
|
91 |
+
<input><soap:body use="encoded" namespace="urn:openotp" encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/></input>
|
92 |
+
<output><soap:body use="encoded" namespace="urn:openotp" encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/></output>
|
93 |
+
</operation>
|
94 |
+
<operation name="openotpLogin">
|
95 |
+
<!-- Operation openotpLogin is an alias of openotpNormalLogin.
|
96 |
+
It is kept for backward compatibility with OpenOTP v1.0. -->
|
97 |
+
<soap:operation soapAction="openotpLogin"/>
|
98 |
+
<input><soap:body use="encoded" namespace="urn:openotp" encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/></input>
|
99 |
+
<output><soap:body use="encoded" namespace="urn:openotp" encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/></output>
|
100 |
+
</operation>
|
101 |
+
<operation name="openotpChallenge">
|
102 |
+
<soap:operation soapAction="openotpChallenge"/>
|
103 |
+
<input><soap:body use="encoded" namespace="urn:openotp" encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/></input>
|
104 |
+
<output><soap:body use="encoded" namespace="urn:openotp" encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/></output>
|
105 |
+
</operation>
|
106 |
+
<operation name="openotpStatus">
|
107 |
+
<soap:operation soapAction="openotpStatus"/>
|
108 |
+
<input><soap:body use="encoded" namespace="urn:openotp" encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/></input>
|
109 |
+
<output><soap:body use="encoded" namespace="urn:openotp" encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/></output>
|
110 |
+
</operation>
|
111 |
+
</binding>
|
112 |
+
|
113 |
+
<service name="openotpService">
|
114 |
+
<port name="openotpPort" binding="tns:openotpBinding">
|
115 |
+
<soap:address location="http://localhost:8080/openotp/"/>
|
116 |
+
</port>
|
117 |
+
</service>
|
118 |
+
|
119 |
+
</definitions>
|
app/code/community/RCDevs/OpenOTP/etc/system.xml
ADDED
@@ -0,0 +1,115 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?xml version="1.0"?>
|
2 |
+
<config>
|
3 |
+
<sections>
|
4 |
+
<admin>
|
5 |
+
<groups>
|
6 |
+
<openotp translate="label" module="rcdevs_openotp">
|
7 |
+
<label>OpenOTP</label>
|
8 |
+
<frontend_type>text</frontend_type>
|
9 |
+
<show_in_default>1</show_in_default>
|
10 |
+
<show_in_website>0</show_in_website>
|
11 |
+
<show_in_store>0</show_in_store>
|
12 |
+
<sort_order>500</sort_order>
|
13 |
+
<fields>
|
14 |
+
<enabled translate="label">
|
15 |
+
<label>Enable OpenOTP</label>
|
16 |
+
<frontend_type>select</frontend_type>
|
17 |
+
<source_model>adminhtml/system_config_source_yesno</source_model>
|
18 |
+
<sort_order>1</sort_order>
|
19 |
+
<show_in_default>1</show_in_default>
|
20 |
+
<show_in_website>0</show_in_website>
|
21 |
+
<show_in_store>0</show_in_store>
|
22 |
+
<comment><![CDATA[A per user setting override general configuration in System / Permissions / Users ]]></comment>
|
23 |
+
</enabled>
|
24 |
+
<authscheme>
|
25 |
+
</authscheme>
|
26 |
+
<openotp_server_url>
|
27 |
+
<label>Server URL</label>
|
28 |
+
<frontend_type>text</frontend_type>
|
29 |
+
<sort_order>2</sort_order>
|
30 |
+
<show_in_default>1</show_in_default>
|
31 |
+
<show_in_website>0</show_in_website>
|
32 |
+
<show_in_store>0</show_in_store>
|
33 |
+
<comment><![CDATA[You can find your server URL in your OpenOTP server configuration (part of WebAdm) / Applications, under Web services section: Service URL (STD): http://Myserver:8080/openotp/]]></comment>
|
34 |
+
</openotp_server_url>
|
35 |
+
<openotp_client_id>
|
36 |
+
<label>Client ID</label>
|
37 |
+
<frontend_type>text</frontend_type>
|
38 |
+
<sort_order>3</sort_order>
|
39 |
+
<show_in_default>1</show_in_default>
|
40 |
+
<show_in_website>0</show_in_website>
|
41 |
+
<show_in_store>0</show_in_store>
|
42 |
+
</openotp_client_id>
|
43 |
+
<openotp_create_account>
|
44 |
+
<label>Create local account</label>
|
45 |
+
<frontend_type>select</frontend_type>
|
46 |
+
<source_model>adminhtml/system_config_source_yesno</source_model>
|
47 |
+
<sort_order>4</sort_order>
|
48 |
+
<show_in_default>1</show_in_default>
|
49 |
+
<show_in_website>0</show_in_website>
|
50 |
+
<show_in_store>0</show_in_store>
|
51 |
+
<comment><![CDATA[On login for the first time, Magento user account will be created (if not exists) with OpenOTP username and password]]></comment>
|
52 |
+
</openotp_create_account>
|
53 |
+
<openotp_default_domain>
|
54 |
+
<label>Default domain</label>
|
55 |
+
<frontend_type>text</frontend_type>
|
56 |
+
<sort_order>5</sort_order>
|
57 |
+
<show_in_default>1</show_in_default>
|
58 |
+
<show_in_website>0</show_in_website>
|
59 |
+
<show_in_store>0</show_in_store>
|
60 |
+
</openotp_default_domain>
|
61 |
+
<openotp_client_settings>
|
62 |
+
<label>Client settings</label>
|
63 |
+
<frontend_type>text</frontend_type>
|
64 |
+
<sort_order>6</sort_order>
|
65 |
+
<show_in_default>1</show_in_default>
|
66 |
+
<show_in_website>0</show_in_website>
|
67 |
+
<show_in_store>0</show_in_store>
|
68 |
+
<validate>validate-int</validate>
|
69 |
+
</openotp_client_settings>
|
70 |
+
<openotp_proxy_host>
|
71 |
+
<label>Proxy host</label>
|
72 |
+
<frontend_type>text</frontend_type>
|
73 |
+
<sort_order>7</sort_order>
|
74 |
+
<show_in_default>1</show_in_default>
|
75 |
+
<show_in_website>0</show_in_website>
|
76 |
+
<show_in_store>0</show_in_store>
|
77 |
+
</openotp_proxy_host>
|
78 |
+
<openotp_proxy_port>
|
79 |
+
<label>Proxy port</label>
|
80 |
+
<frontend_type>text</frontend_type>
|
81 |
+
<sort_order>8</sort_order>
|
82 |
+
<show_in_default>1</show_in_default>
|
83 |
+
<show_in_website>0</show_in_website>
|
84 |
+
<show_in_store>0</show_in_store>
|
85 |
+
</openotp_proxy_port>
|
86 |
+
<openotp_proxy_login>
|
87 |
+
<label>Proxy login</label>
|
88 |
+
<frontend_type>text</frontend_type>
|
89 |
+
<sort_order>9</sort_order>
|
90 |
+
<show_in_default>1</show_in_default>
|
91 |
+
<show_in_website>0</show_in_website>
|
92 |
+
<show_in_store>0</show_in_store>
|
93 |
+
</openotp_proxy_login>
|
94 |
+
<openotp_proxy_password>
|
95 |
+
<label>Proxy password</label>
|
96 |
+
<frontend_type>text</frontend_type>
|
97 |
+
<sort_order>10</sort_order>
|
98 |
+
<show_in_default>1</show_in_default>
|
99 |
+
<show_in_website>0</show_in_website>
|
100 |
+
<show_in_store>0</show_in_store>
|
101 |
+
</openotp_proxy_password>
|
102 |
+
<log_enabled>
|
103 |
+
<label>Enable log</label>
|
104 |
+
<frontend_type>select</frontend_type>
|
105 |
+
<sort_order>11</sort_order>
|
106 |
+
<source_model>adminhtml/system_config_source_yesno</source_model>
|
107 |
+
<show_in_default>1</show_in_default>
|
108 |
+
<show_in_website>0</show_in_website>
|
109 |
+
</log_enabled>
|
110 |
+
</fields>
|
111 |
+
</openotp>
|
112 |
+
</groups>
|
113 |
+
</admin>
|
114 |
+
</sections>
|
115 |
+
</config>
|
app/code/community/RCDevs/OpenOTP/sql/rcdevs_openotp_setup/install-1.0.0.php
ADDED
@@ -0,0 +1,23 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
|
3 |
+
$installer = $this;
|
4 |
+
/* @var $installer Mage_Core_Model_Resource_Setup */
|
5 |
+
|
6 |
+
$installer->startSetup();
|
7 |
+
|
8 |
+
/**
|
9 |
+
* Add openotp field to table 'admin/user'
|
10 |
+
*/
|
11 |
+
$installer->getConnection()->addColumn(
|
12 |
+
$installer->getTable('admin/user'),
|
13 |
+
'openotp',
|
14 |
+
array(
|
15 |
+
'type' => Varien_Db_Ddl_Table::TYPE_TEXT,
|
16 |
+
'length' => 30,
|
17 |
+
'default' => null,
|
18 |
+
'nullable' => true,
|
19 |
+
'comment' => 'OpenOTP enabled'
|
20 |
+
)
|
21 |
+
);
|
22 |
+
|
23 |
+
$installer->endSetup();
|
app/code/community/RCDevs/OpenOTP/sql/rcdevs_openotp_setup/mysql4-install-1.0.0.php
ADDED
@@ -0,0 +1,13 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
|
3 |
+
$installer = $this;
|
4 |
+
/* @var $installer Mage_Core_Model_Resource_Setup */
|
5 |
+
|
6 |
+
$installer->startSetup();
|
7 |
+
|
8 |
+
/**
|
9 |
+
* Add openotp field to table 'admin/user'
|
10 |
+
*/
|
11 |
+
$installer->getConnection()->addColumn($this->getTable('admin/user'), 'openotp', 'varchar(30) null');
|
12 |
+
|
13 |
+
$installer->endSetup();
|
app/design/adminhtml/default/default/layout/rcdevs_openotp.xml
ADDED
@@ -0,0 +1,5 @@
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<layout version="0.1.0">
|
2 |
+
<adminhtml_openotp_login>
|
3 |
+
<block name="rcdevs.openotp.login" template="rcdevs_openotp/login.phtml" />
|
4 |
+
</adminhtml_openotp_login>
|
5 |
+
</layout>
|
app/design/adminhtml/default/default/template/rcdevs_openotp/login.phtml
ADDED
@@ -0,0 +1,86 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
/**
|
3 |
+
* OpenOTP magento module
|
4 |
+
*
|
5 |
+
* LICENSE
|
6 |
+
*
|
7 |
+
* Copyright © 2013.
|
8 |
+
* RCDevs OpenOTP. All rights reserved.
|
9 |
+
*
|
10 |
+
* The use and redistribution of this software, either compiled or uncompiled, with or without modifications are permitted provided that the following conditions are met:
|
11 |
+
* *
|
12 |
+
* @copyright Copyright (c) 201 RCDevs (http://www.rcdevs.com)
|
13 |
+
* @author rcdevs <info@rcdevs.com>
|
14 |
+
* @category RCDevs
|
15 |
+
* @package RCDevs_OpenOTP
|
16 |
+
*/
|
17 |
+
|
18 |
+
/** @var $session Mage_Admin_Model_Session */
|
19 |
+
$session = Mage::getSingleton('admin/session');
|
20 |
+
/* @var $config RCDevs_Openotp_Model_Config */
|
21 |
+
$config = Mage::getSingleton('rcdevs_openotp/config');
|
22 |
+
|
23 |
+
?>
|
24 |
+
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
|
25 |
+
<html xmlns="http://www.w3.org/1999/xhtml" lang="en">
|
26 |
+
<head>
|
27 |
+
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
|
28 |
+
<title><?php echo Mage::helper('adminhtml')->__('Log into Magento Admin Page') ?></title>
|
29 |
+
<link type="text/css" rel="stylesheet" href="<?php echo $this->getSkinUrl('reset.css') ?>" media="all" />
|
30 |
+
<link type="text/css" rel="stylesheet" href="<?php echo $this->getSkinUrl('boxes.css') ?>" media="all" />
|
31 |
+
<link rel="icon" href="<?php echo $this->getSkinUrl('favicon.ico') ?>" type="image/x-icon" />
|
32 |
+
<link rel="shortcut icon" href="<?php echo $this->getSkinUrl('favicon.ico') ?>" type="image/x-icon" />
|
33 |
+
<script type="text/javascript" src="<?php echo $this->getJsUrl('prototype/prototype.js') ?>"></script>
|
34 |
+
<script type="text/javascript" src="<?php echo $this->getJsUrl('prototype/validation.js') ?>"></script>
|
35 |
+
<script type="text/javascript" src="<?php echo $this->getJsUrl('scriptaculous/effects.js') ?>"></script>
|
36 |
+
<script type="text/javascript" src="<?php echo $this->getJsUrl('mage/adminhtml/form.js') ?>"></script>
|
37 |
+
<script type="text/javascript" src="<?php echo $this->getJsUrl('mage/captcha.js') ?>"></script>
|
38 |
+
<script>document.observe('dom:loaded', function(){
|
39 |
+
|
40 |
+
var token = "<?php echo $this->getFormKey(); ?>";
|
41 |
+
var path = "<?php echo $this->getSkinUrl('images/rcdevs_openotp/'); ?>";
|
42 |
+
|
43 |
+
<?php if($session->getShowOpenOTPChallenge() != NULL){ echo $session->getOpenotpFrontendScript(); $session->setShowOpenOTPChallenge(false); $session->setOpenotpFrontendScript(false); } ?>
|
44 |
+
});
|
45 |
+
</script>
|
46 |
+
|
47 |
+
<!--[if IE]> <link rel="stylesheet" href="<?php echo $this->getSkinUrl('iestyles.css') ?>" type="text/css" media="all" /> <![endif]-->
|
48 |
+
<!--[if lt IE 7]> <link rel="stylesheet" href="<?php echo $this->getSkinUrl('below_ie7.css') ?>" type="text/css" media="all" /> <![endif]-->
|
49 |
+
<!--[if IE 7]> <link rel="stylesheet" href="<?php echo $this->getSkinUrl('ie7.css') ?>" type="text/css" media="all" /> <![endif]-->
|
50 |
+
</head>
|
51 |
+
<body id="page-login">
|
52 |
+
<div class="login-container">
|
53 |
+
<div class="login-box">
|
54 |
+
<form method="post" action="" id="loginForm2" autocomplete="off">
|
55 |
+
<div class="login-form">
|
56 |
+
<input name="form_key" type="hidden" value="<?php echo $this->getFormKey() ?>" />
|
57 |
+
<h2><?php echo Mage::helper('adminhtml')->__('Log in to Admin Panel') ?></h2>
|
58 |
+
<div id="messages"> <?php echo $this->getMessagesBlock()->getGroupedHtml() ?> </div>
|
59 |
+
<div class="input-box input-left">
|
60 |
+
<label for="username"><?php echo Mage::helper('adminhtml')->__('User Name:') ?></label>
|
61 |
+
<br/>
|
62 |
+
<input type="text" id="username" name="login[username]" value="" class="required-entry input-text" />
|
63 |
+
</div>
|
64 |
+
<div class="input-box input-right">
|
65 |
+
<label for="login"><?php echo Mage::helper('adminhtml')->__('Password:') ?></label>
|
66 |
+
<br />
|
67 |
+
<!-- This is a dummy hidden field to trick firefox from auto filling the password -->
|
68 |
+
<input type="text" class="input-text no-display" name="dummy" id="dummy" />
|
69 |
+
<input type="password" id="login" name="login[password]" class="required-entry input-text" value="" />
|
70 |
+
</div>
|
71 |
+
<?php echo $this->getChildHtml('form.additional.info'); ?>
|
72 |
+
<div class="clear"></div>
|
73 |
+
<div class="form-buttons"> <a class="left" href="<?php echo Mage::helper('adminhtml')->getUrl('adminhtml/index/forgotpassword', array('_nosecret' => true)) ?>"><?php echo Mage::helper('adminhtml')->__('Forgot your password?') ?></a>
|
74 |
+
<input type="submit" class="form-button" value="<?php echo Mage::helper('adminhtml')->__('Login') ?>" title="<?php echo Mage::helper('adminhtml')->__('Login') ?>" />
|
75 |
+
</div>
|
76 |
+
</div>
|
77 |
+
<p class="legal"><?php echo Mage::helper('adminhtml')->__('Magento is a trademark of Magento Inc. Copyright © %s Magento Inc.', date('Y')) ?></p>
|
78 |
+
</form>
|
79 |
+
<div class="bottom"></div>
|
80 |
+
<script type="text/javascript">
|
81 |
+
//var loginForm = new varienForm('loginForm');
|
82 |
+
</script>
|
83 |
+
</div>
|
84 |
+
</div>
|
85 |
+
</body>
|
86 |
+
</html>
|
app/etc/modules/RCDevs_OpenOTP.xml
ADDED
@@ -0,0 +1,13 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?xml version="1.0"?>
|
2 |
+
<config>
|
3 |
+
<modules>
|
4 |
+
<RCDevs_OpenOTP>
|
5 |
+
<active>true</active>
|
6 |
+
<codePool>community</codePool>
|
7 |
+
<depends>
|
8 |
+
<Mage_Admin />
|
9 |
+
<Mage_Adminhtml />
|
10 |
+
</depends>
|
11 |
+
</RCDevs_OpenOTP>
|
12 |
+
</modules>
|
13 |
+
</config>
|
app/locale/en_US/RCDevs_OpenOTP.csv
ADDED
@@ -0,0 +1,24 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
"OpenOTP setup","OpenOTP setup"
|
2 |
+
"Enable OpenOTP Two factors authentication for login","Enable OpenOTP Two factors authentication for login"
|
3 |
+
"Default...","Default..."
|
4 |
+
"Enable OpenOTP","Enable OpenOTP"
|
5 |
+
"Server URL","Server URL"
|
6 |
+
"Client ID","Client ID"
|
7 |
+
"Create local account","Create local account"
|
8 |
+
"Default domain","Default domain"
|
9 |
+
"Client settings","Client settings"
|
10 |
+
"Proxy host","Proxy host"
|
11 |
+
"Proxy port","Proxy port"
|
12 |
+
"Proxy login","Proxy login"
|
13 |
+
"Proxy password","Proxy password"
|
14 |
+
|
15 |
+
|
16 |
+
|
17 |
+
|
18 |
+
|
19 |
+
|
20 |
+
|
21 |
+
|
22 |
+
|
23 |
+
|
24 |
+
|
package.xml
ADDED
@@ -0,0 +1,36 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?xml version="1.0"?>
|
2 |
+
<package>
|
3 |
+
<name>RCDevs_OpenOTP_Authentication</name>
|
4 |
+
<version>1.1.2</version>
|
5 |
+
<stability>stable</stability>
|
6 |
+
<license>GNU General Public License ( GPL )</license>
|
7 |
+
<channel>community</channel>
|
8 |
+
<extends/>
|
9 |
+
<summary>This Plugin enables strong two factor authentication for admins and users to connect to administration panel</summary>
|
10 |
+
<description><p>This Plugin enables strong <b>two factor authentication</b> for admins and users. It displays an overlay on Challenge-Response session, after fill in username and password. The plugin supports global, per role and per user settings configuration. The plugin will transparently handle any OpenOTP Login Mode including, LDAP only, OTP only and LDAP+OTP.</p>
|
11 |
+

|
12 |
+
<p>OpenOTP is the RCDevs user authentication solution. OpenOTP is a server application which provides multiple (highly configurable) authentication schemes for your LDAP users, based on one-time passwords (OTP) technologies and including: <ul>
|
13 |
+
<li>OATH HOTP/TOTP/OCRA Software/Hardware Tokens</li>
|
14 |
+
<li>Google Authenticator</li>
|
15 |
+
<li>Mobile-OTP (mOTP) Software Tokens</li>
|
16 |
+
<li>SMS One-Time Passwords</li>
|
17 |
+
<li> Mail / Secure Mail One-Time Passwords</li>
|
18 |
+
<li>Yubikey</li></ul>
|
19 |
+
OpenOTP provides both SOAP/XML and RADIUS client APIs.</p></description>
|
20 |
+
<notes> - The plugin displays an overlay on Challenge-Response session
|
21 |
+
- Custom login form template (login.phtml)
|
22 |
+
- Global and per user settings configuration
|
23 |
+
- Mode auto-create local account on first login
|
24 |
+
- The plugin will transparently support any OpenOTP Login Mode including:
|
25 |
+
> LDAP only
|
26 |
+
> OTP only
|
27 |
+
> LDAP+OTP with user challenge-response
|
28 |
+
- Possibility to enable plugin logs (/var/logs/openotp.log)
|
29 |
+
</notes>
|
30 |
+
<authors><author><name>RCDevs</name><user>rcdevs</user><email>support@rcdevs.com</email></author></authors>
|
31 |
+
<date>2013-10-23</date>
|
32 |
+
<time>14:46:22</time>
|
33 |
+
<contents><target name="magecommunity"><dir name="RCDevs"><dir name="OpenOTP"><dir name="Block"><dir name="Adminhtml"><dir name="Permission"><dir name="User"><dir name="Edit"><dir name="Tab"><file name="Openotp.php" hash="53b81b752b9b5c3e64f1e60b10caaa44"/></dir></dir></dir></dir></dir></dir><dir name="Helper"><file name="Data.php" hash="3ff4f896bafe664c9a986b8131479f4a"/></dir><dir name="Model"><file name="Auth.php" hash="14665ff97734988f83595a5bf83089ea"/><file name="Config.php" hash="060ae60b8154e5d105c13ef7dd05449e"/><file name="Observer.php" hash="0c325e1d31db0dd0140a4efd8d59932c"/><file name="Session.php" hash="6763eb200ba70b230b0f46f7e87dd602"/></dir><dir name="controllers"><dir name="Adminhtml"><file name="OpenotpController.php" hash="0151d7b0985bb33f0ee21fbc9ddd1695"/><file name=".DS_Store" hash="194577a7e20bdcc7afbb718f502c134c"/><file name="._.DS_Store" hash="c7afd6e713ac1bdfff2ea4d2f9cfc0dc"/></dir></dir><dir name="etc"><file name="config.xml" hash="dd90ece2a7369dd015b200f0048f1692"/><file name="openotp.wsdl" hash="edcfd264dc9df5cbccf1fb9554379ab7"/><file name="system.xml" hash="732a359d8db02252a82a057038810aef"/></dir><dir name="sql"><dir name="rcdevs_openotp_setup"><file name="install-1.0.0.php" hash="61f70158bbcdc4bc03a7232fff2b51e6"/><file name="mysql4-install-1.0.0.php" hash="f4600383a0f0b439b35e8dc3870f679a"/></dir></dir></dir></dir></target><target name="magedesign"><dir name="adminhtml"><dir name="default"><dir name="default"><dir name="layout"><file name="rcdevs_openotp.xml" hash="b49c3390c2fbd65180af3c0ec20dca59"/></dir><dir name="template"><dir name="rcdevs_openotp"><file name="login.phtml" hash="5868ba7896505844be892f9663461344"/></dir></dir></dir></dir></dir></target><target name="magelocale"><dir><dir name="en_US"><file name="RCDevs_OpenOTP.csv" hash="1f28e7017af2d42d09164f85c9da658a"/></dir></dir></target><target name="mageskin"><dir name="adminhtml"><dir name="default"><dir name="default"><dir name="images"><dir name="rcdevs_openotp"><file name="openotp_banner.png" hash="7b5226d26301e717471cf4e66b0b21e2"/><file name="openotp_closebtn.png" hash="2f20f6b977639883852f8ffd9e14f19e"/></dir></dir></dir></dir></dir></target><target name="mageetc"><dir name="modules"><file name="RCDevs_OpenOTP.xml" hash="c4b719c5f7d76e809587ce9b023b29e1"/></dir></target></contents>
|
34 |
+
<compatible/>
|
35 |
+
<dependencies><required><php><min>4.0.0</min><max>5.0.0</max></php><extension><name>soap</name><min></min><max></max></extension></required></dependencies>
|
36 |
+
</package>
|
skin/adminhtml/default/default/images/rcdevs_openotp/openotp_banner.png
ADDED
Binary file
|
skin/adminhtml/default/default/images/rcdevs_openotp/openotp_closebtn.png
ADDED
Binary file
|