RCDevs_OpenOTP_Authentication - Version 1.1.2

Version Notes

- The plugin displays an overlay on Challenge-Response session
- Custom login form template (login.phtml)
- Global and per user settings configuration
- Mode auto-create local account on first login
- The plugin will transparently support any OpenOTP Login Mode including:
> LDAP only
> OTP only
> LDAP+OTP with user challenge-response
- Possibility to enable plugin logs (/var/logs/openotp.log)

Download this release

Release Info

Developer RCDevs
Extension RCDevs_OpenOTP_Authentication
Version 1.1.2
Comparing to
See all releases


Version 1.1.2

app/code/community/RCDevs/OpenOTP/Block/Adminhtml/Permission/User/Edit/Tab/Openotp.php ADDED
@@ -0,0 +1,52 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php
2
+ /**
3
+ * OpenOTP magento module
4
+ *
5
+ * LICENSE
6
+ *
7
+ * Copyright © 2013.
8
+ * RCDevs OpenOTP. All rights reserved.
9
+ *
10
+ * The use and redistribution of this software, either compiled or uncompiled, with or without modifications are permitted provided that the following conditions are met:
11
+ * *
12
+ * @copyright Copyright (c) 201 RCDevs (http://www.rcdevs.com)
13
+ * @author rcdevs <info@rcdevs.com>
14
+ * @category RCDevs
15
+ * @package RCDevs_OpenOTP
16
+ */
17
+
18
+ /**
19
+ * Additional tab for user permission configurartion
20
+ */
21
+ class RCDevs_OpenOTP_Block_Adminhtml_Permission_User_Edit_Tab_Openotp
22
+ extends Mage_Adminhtml_Block_Widget_Form
23
+ {
24
+
25
+ /**
26
+ * @return Mage_Adminhtml_Block_Widget_Form
27
+ */
28
+ protected function _prepareForm()
29
+ {
30
+ $model = Mage::registry('permissions_user');
31
+
32
+ $form = new Varien_Data_Form();
33
+ $form->setHtmlIdPrefix('user_');
34
+
35
+ $fieldset = $form->addFieldset('openotp_fieldset', array('legend' => Mage::helper('adminhtml')->__('Enable OpenOTP Two factors authentication for login')));
36
+ $fieldset->addField('openotp', 'select', array(
37
+ 'label' => Mage::helper('rcdevs_openotp')->__('Enable OpenOTP'),
38
+ 'name' => 'openotp',
39
+ 'value' => '0',
40
+ 'values' => array('-1'=>Mage::helper('rcdevs_openotp')->__('Default...'),'1' => 'Yes','2' => 'No'),
41
+ 'disabled' => false,
42
+ 'readonly' => false,
43
+ 'after_element_html' => '<div style="width:244px; background-position:8px 11px; padding:5px 0 5px 36px; margin-top: 3px;" class="notification-global notification-global-notice">Override [Enable OpenOTP] Plugin setting in System / Configuration</div>',
44
+ ));
45
+
46
+ $data = $model->getData();
47
+ $form->setValues($data);
48
+ $this->setForm($form);
49
+
50
+ return parent::_prepareForm();
51
+ }
52
+ }
app/code/community/RCDevs/OpenOTP/Helper/Data.php ADDED
@@ -0,0 +1,27 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php
2
+ /**
3
+ * OpenOTP magento module
4
+ *
5
+ * LICENSE
6
+ *
7
+ * Copyright © 2013.
8
+ * RCDevs OpenOTP. All rights reserved.
9
+ *
10
+ * The use and redistribution of this software, either compiled or uncompiled, with or without modifications are permitted provided that the following conditions are met:
11
+ * *
12
+ * @copyright Copyright (c) 201 RCDevs (http://www.rcdevs.com)
13
+ * @author rcdevs <info@rcdevs.com>
14
+ * @category RCDevs
15
+ * @package RCDevs_OpenOTP
16
+ */
17
+
18
+ /**
19
+ * Standard data helper
20
+ *
21
+ * @category RCDevs
22
+ * @package RCDevs_OpenOTP
23
+ */
24
+ class RCDevs_OpenOTP_Helper_Data extends Mage_Core_Helper_Abstract
25
+ {
26
+
27
+ }
app/code/community/RCDevs/OpenOTP/Model/Auth.php ADDED
@@ -0,0 +1,277 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php
2
+ /**
3
+ * OpenOTP magento module
4
+ *
5
+ * LICENSE
6
+ *
7
+ * Copyright © 2013.
8
+ * RCDevs OpenOTP. All rights reserved.
9
+ *
10
+ * The use and redistribution of this software, either compiled or uncompiled, with or without modifications are permitted provided that the following conditions are met:
11
+ * *
12
+ * @copyright Copyright (c) 201 RCDevs (http://www.rcdevs.com)
13
+ * @author rcdevs <info@rcdevs.com>
14
+ * @category RCDevs
15
+ * @package RCDevs_OpenOTP
16
+ */
17
+
18
+ /**
19
+ * openOTP service class
20
+ */
21
+ class RCDevs_OpenOTP_Model_Auth extends Zend_Service_Abstract
22
+ {
23
+
24
+ private $etcModuleDir;
25
+ private $server_url;
26
+ private $client_id;
27
+ private $default_domain;
28
+ private $client_settings;
29
+ private $proxy_host;
30
+ private $proxy_port;
31
+ private $proxy_username;
32
+ private $proxy_password;
33
+ private $soap_client;
34
+
35
+
36
+ /**
37
+ * Check if File exists
38
+ *
39
+ * @param string $file
40
+ * @return bool
41
+ */
42
+ public function checkFile($file)
43
+ {
44
+ if (!file_exists($this->etcModuleDir . '/'.$file)) {
45
+ return false;
46
+ }
47
+ return true;
48
+ }
49
+
50
+ /**
51
+ * Check if SOAP extension loaded
52
+ *
53
+ * @return bool
54
+ */
55
+ public function checkSOAPext()
56
+ {
57
+ if (!extension_loaded('soap')) {
58
+ return false;
59
+ }
60
+ return true;
61
+ }
62
+
63
+
64
+ public function getDomain($username)
65
+ {
66
+ $pos = strpos($username, "\\");
67
+ if ($pos) {
68
+ $ret['domain'] = substr($username, 0, $pos);
69
+ $ret['username'] = substr($username, $pos+1);
70
+ } else {
71
+ $ret = $this->default_domain;
72
+ }
73
+ return $ret;
74
+ }
75
+
76
+ public function getOverlay($message, $username, $session, $timeout, $ldappw, $domain){
77
+ $overlay = <<<EOT
78
+ function addOpenOTPDivs(){
79
+ var overlay_bg = document.createElement("div");
80
+ overlay_bg.id = 'openotp_overlay_bg';
81
+ overlay_bg.style.position = 'fixed';
82
+ overlay_bg.style.top = '0';
83
+ overlay_bg.style.left = '0';
84
+ overlay_bg.style.width = '100%';
85
+ overlay_bg.style.height = '100%';
86
+ overlay_bg.style.background = 'grey';
87
+ overlay_bg.style.zIndex = "9998";
88
+ overlay_bg.style["filter"] = "0.9";
89
+ overlay_bg.style["-moz-opacity"] = "0.9";
90
+ overlay_bg.style["-khtml-opacity"] = "0.9";
91
+ overlay_bg.style["opacity"] = "0.9";
92
+
93
+ var overlay = document.createElement("div");
94
+ overlay.id = 'openotp_overlay';
95
+ overlay.style.position = 'absolute';
96
+ overlay.style.top = '165px';
97
+ overlay.style.left = '50%';
98
+ overlay.style.width = '280px';
99
+ overlay.style.marginLeft = '-180px';
100
+ overlay.style.padding = '65px 40px 50px 40px';
101
+ overlay.style.background = 'url('+path+'openotp_banner.png) no-repeat top left #E4E4E4';
102
+ overlay.style.border = '5px solid #545454';
103
+ overlay.style.borderRadius = '10px';
104
+ overlay.style.MozBorderRadius = '10px';
105
+ overlay.style.WebkitBorderRadius = '10px';
106
+ overlay.style.boxShadow = '1px 1px 12px #555555';
107
+ overlay.style.WebkitBoxShadow = '1px 1px 12px #555555';
108
+ overlay.style.MozBoxShadow = '1px 1px 12px #555555';
109
+ overlay.style.zIndex = "9999";
110
+ overlay.innerHTML = '<a style="position:absolute; top:-12px; right:-12px;" href="$_SERVER[PHP_SELF]" title="close"><img src="'+path+'openotp_closebtn.png"/></a>'
111
+ + '<div style="background-color:red; margin:0 -40px 0; height:4px; width:360px; padding:0;" id="count_red"><div style="background-color:orange; margin:0; height:4px; width:360px; padding:0;" id="div_orange"></div></div>'
112
+ + '<form id="loginForm" autocomplete="off" style="margin-top:30px; display:block;" action="" method="POST">'
113
+ + '<input type="hidden" name="form_key" value="'+token+'">'
114
+ + '<input type="hidden" id="username" name="login[username]" value="$username">'
115
+ + '<input type="hidden" id="login" name="login[password]" class="required-entry input-text" value="$ldappw" />'
116
+ + '<input type="hidden" name="openotp_state" value="$session">'
117
+ + '<input type="hidden" name="openotp_domain" value="$domain">'
118
+ + '<table width="100%">'
119
+ + '<tr><td style="text-align:center; font-weight:bold; font-size:14px;">$message</td></tr>'
120
+ + '<tr><td id="timout_cell" style="text-align:center; padding-top:4px; font-weight:bold; font-style:italic; font-size:11px;">Timeout: <span id="timeout">$timeout seconds</span></td></tr>'
121
+ + '<tr><td id="inputs_cell" style="text-align:center; padding-top:25px;"><input class="required-entry input-text" type="text" size=15 name="openotp_password">&nbsp;'
122
+ + '<input style="padding:3px 10px;" type="submit" value="Ok" class="form-button"></td></tr>'
123
+ + '</table></form>';
124
+
125
+ document.body.appendChild(overlay_bg);
126
+ document.body.appendChild(overlay);
127
+ document.forms.loginForm.openotp_password.focus();
128
+ }
129
+
130
+ addOpenOTPDivs();
131
+
132
+ /* Compute Timeout */
133
+ var c = $timeout;
134
+ var base = $timeout;
135
+ function count()
136
+ {
137
+ plural = c <= 1 ? "" : "s";
138
+ document.getElementById("timeout").innerHTML = c + " second" + plural;
139
+ var div_width = 360;
140
+ var new_width = Math.round(c*div_width/base);
141
+ document.getElementById('div_orange').style.width=new_width+'px';
142
+
143
+ if(c == 0 || c < 0) {
144
+ c = 0;
145
+ clearInterval(timer);
146
+ document.getElementById("timout_cell").innerHTML = " <b style='color:red;'>Login timedout!</b> ";
147
+ document.getElementById("inputs_cell").innerHTML = "<input style='padding:3px 20px;' type='button' value='Retry' class='button mainaction' onclick='window.location.href=\"$_SERVER[PHP_SELF]\"'>";
148
+ }
149
+ c--;
150
+ }
151
+ count();
152
+ var timer = setInterval(function() {count(); }, 1000);
153
+ EOT;
154
+
155
+ return $overlay;
156
+ }
157
+
158
+ private function soapRequest(){
159
+
160
+ $options = array('location' => $this->server_url);
161
+ if ($this->proxy_host != NULL && $this->proxy_port != NULL) {
162
+ $options['proxy_host'] = $this->proxy_host;
163
+ $options['proxy_port'] = $this->proxy_port;
164
+ if ($this->proxy_username != NULL && $this->proxy_password != NULL) {
165
+ $options['proxy_login'] = $this->proxy_username;
166
+ $options['proxy_password'] = $this->proxy_password;
167
+ }
168
+ }
169
+
170
+ $soap_client = new SoapClient($this->etcModuleDir.'/openotp.wsdl', $options);
171
+ if (!$soap_client) {
172
+ return false;
173
+ }
174
+ $this->soap_client = $soap_client;
175
+ return true;
176
+ }
177
+
178
+ public function openOTPSimpleLogin($username, $domain, $password, $remote_add){
179
+ if (!$this->soapRequest()) return false;
180
+ $resp = $this->soap_client->openotpSimpleLogin($username, $domain, $password, $this->client_id, $remote_add, $this->client_settings);
181
+
182
+ return $resp;
183
+ }
184
+
185
+ public function openOTPChallenge($username, $domain, $state, $password){
186
+ if (!$this->soapRequest()) return false;
187
+ $resp = $this->soap_client->openotpChallenge($username, $domain, $state, $password);
188
+
189
+ return $resp;
190
+ }
191
+
192
+ public function setEtcModuleDir($dir)
193
+ {
194
+ $this->etcModuleDir = $dir;
195
+ }
196
+
197
+ public function setServer_url($server_url)
198
+ {
199
+ $this->server_url = $server_url;
200
+ }
201
+
202
+ public function getServer_url()
203
+ {
204
+ return $this->server_url;
205
+ }
206
+
207
+ public function setClient_id($client_id)
208
+ {
209
+ $this->client_id = $client_id;
210
+ }
211
+
212
+ public function getClient_id()
213
+ {
214
+ return $this->client_id;
215
+ }
216
+
217
+ public function setDefault_domain($default_domain)
218
+ {
219
+ $this->default_domain = $default_domain;
220
+ }
221
+
222
+ public function getDefault_domain()
223
+ {
224
+ return $this->default_domain;
225
+ }
226
+
227
+ public function setClient_settings($client_settings)
228
+ {
229
+ $this->client_settings = $client_settings;
230
+ }
231
+
232
+ public function getClient_settings()
233
+ {
234
+ return $this->client_settings;
235
+ }
236
+
237
+ public function setProxy_host($proxy_host)
238
+ {
239
+ $this->proxy_host = $proxy_host;
240
+ }
241
+
242
+ public function getProxy_host()
243
+ {
244
+ return $this->proxy_host;
245
+ }
246
+
247
+ public function setProxy_port($proxy_port)
248
+ {
249
+ $this->proxy_port = $proxy_port;
250
+ }
251
+
252
+ public function getProxy_port()
253
+ {
254
+ return $this->proxy_port;
255
+ }
256
+
257
+ public function setProxy_login($proxy_login)
258
+ {
259
+ $this->proxy_login = $proxy_login;
260
+ }
261
+
262
+ public function getProxy_login()
263
+ {
264
+ return $this->proxy_login;
265
+ }
266
+
267
+ public function setProxy_password($proxy_password)
268
+ {
269
+ $this->proxy_password = $proxy_password;
270
+ }
271
+
272
+ public function getProxy_password()
273
+ {
274
+ return $this->proxy_password;
275
+ }
276
+
277
+ }
app/code/community/RCDevs/OpenOTP/Model/Config.php ADDED
@@ -0,0 +1,169 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php
2
+ /**
3
+ * OpenOTP magento module
4
+ *
5
+ * LICENSE
6
+ *
7
+ * Copyright © 2013.
8
+ * RCDevs OpenOTP. All rights reserved.
9
+ *
10
+ * The use and redistribution of this software, either compiled or uncompiled, with or without modifications are permitted provided that the following conditions are met:
11
+ * *
12
+ * @copyright Copyright (c) 201 RCDevs (http://www.rcdevs.com)
13
+ * @author rcdevs <info@rcdevs.com>
14
+ * @category RCDevs
15
+ * @package RCDevs_OpenOTP
16
+ */
17
+
18
+ /**
19
+ * Abstraction for store config to fetch global openotp settings
20
+ */
21
+ class RCDevs_OpenOTP_Model_Config extends Mage_Core_Model_Abstract
22
+ {
23
+
24
+ /**
25
+ * @var string
26
+ */
27
+ const XML_PATH_OPENOTP_ENABLED = 'admin/openotp/enabled';
28
+
29
+ /**
30
+ * @var string
31
+ */
32
+ const XML_PATH_OPENOTP_SERVER_URL = 'admin/openotp/openotp_server_url';
33
+
34
+ /**
35
+ * @var string
36
+ */
37
+ const XML_PATH_OPENOTP_CLIENT_ID = 'admin/openotp/openotp_client_id';
38
+
39
+ /**
40
+ * @var string
41
+ */
42
+ const XML_PATH_OPENOTP_CREATE_ACCOUNT = 'admin/openotp/openotp_create_account';
43
+
44
+ /**
45
+ * @var string
46
+ */
47
+ const XML_PATH_OPENOTP_DEFAULT_DOMAIN = 'admin/openotp/openotp_default_domain';
48
+
49
+ /**
50
+ * @var string
51
+ */
52
+ const XML_PATH_OPENOTP_CLIENT_SETTINGS = 'admin/openotp/openotp_client_settings';
53
+
54
+ /**
55
+ * @var string
56
+ */
57
+ const XML_PATH_OPENOTP_PROXY_HOST = 'admin/openotp/openotp_proxy_host';
58
+
59
+ /**
60
+ * @var string
61
+ */
62
+ const XML_PATH_OPENOTP_PROXY_PORT = 'admin/openotp/openotp_proxy_port';
63
+
64
+ /**
65
+ * @var string
66
+ */
67
+ const XML_PATH_OPENOTP_PROXY_LOGIN = 'admin/openotp/openotp_proxy_login';
68
+
69
+ /**
70
+ * @var string
71
+ */
72
+ const XML_PATH_OPENOTP_PROXY_PASSWORD = 'admin/openotp/openotp_proxy_password';
73
+
74
+ /**
75
+ * @var string
76
+ */
77
+ const XML_PATH_OPENOTP_LOG_ENABLED = 'admin/openotp/log_enabled';
78
+
79
+
80
+ /**
81
+ * @return bool
82
+ */
83
+ public function isEnabled()
84
+ {
85
+ return Mage::getStoreConfig(self::XML_PATH_OPENOTP_ENABLED) == 1;
86
+ }
87
+
88
+ /**
89
+ * @return string
90
+ */
91
+ public function getServerUrl()
92
+ {
93
+ return Mage::getStoreConfig(self::XML_PATH_OPENOTP_SERVER_URL);
94
+ }
95
+
96
+ /**
97
+ * @return string
98
+ */
99
+ public function getClientId()
100
+ {
101
+ return Mage::getStoreConfig(self::XML_PATH_OPENOTP_CLIENT_ID);
102
+ }
103
+
104
+ /**
105
+ * @return string
106
+ */
107
+ public function getCreateAccount()
108
+ {
109
+ return Mage::getStoreConfig(self::XML_PATH_OPENOTP_CREATE_ACCOUNT) == 1;
110
+ }
111
+
112
+ /**
113
+ * @return string
114
+ */
115
+ public function getDefaultDomain()
116
+ {
117
+ return Mage::getStoreConfig(self::XML_PATH_OPENOTP_DEFAULT_DOMAIN);
118
+ }
119
+
120
+ /**
121
+ * @return string
122
+ */
123
+ public function getClientSettings()
124
+ {
125
+ return Mage::getStoreConfig(self::XML_PATH_OPENOTP_CLIENT_SETTINGS);
126
+ }
127
+
128
+ /**
129
+ * @return string
130
+ */
131
+ public function getProxyHost()
132
+ {
133
+ return Mage::getStoreConfig(self::XML_PATH_OPENOTP_PROXY_HOST);
134
+ }
135
+
136
+ /**
137
+ * @return string
138
+ */
139
+ public function getProxyPort()
140
+ {
141
+ return Mage::getStoreConfig(self::XML_PATH_OPENOTP_PROXY_PORT);
142
+ }
143
+
144
+ /**
145
+ * @return string
146
+ */
147
+ public function getProxyLogin()
148
+ {
149
+ return Mage::getStoreConfig(self::XML_PATH_OPENOTP_PROXY_LOGIN);
150
+ }
151
+
152
+ /**
153
+ * @return string
154
+ */
155
+ public function getProxyPassword()
156
+ {
157
+ return Mage::getStoreConfig(self::XML_PATH_OPENOTP_PROXY_PASSWORD);
158
+ }
159
+
160
+ /**
161
+ * @return bool
162
+ */
163
+ public function isLogEnabled()
164
+ {
165
+ return Mage::getStoreConfig(self::XML_PATH_OPENOTP_LOG_ENABLED) == 1;
166
+ }
167
+
168
+
169
+ }
app/code/community/RCDevs/OpenOTP/Model/Observer.php ADDED
@@ -0,0 +1,64 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php
2
+ /**
3
+ * OpenOTP magento module
4
+ *
5
+ * LICENSE
6
+ *
7
+ * Copyright © 2013.
8
+ * RCDevs OpenOTP. All rights reserved.
9
+ *
10
+ * The use and redistribution of this software, either compiled or uncompiled, with or without modifications are permitted provided that the following conditions are met:
11
+ * *
12
+ * @copyright Copyright (c) 201 RCDevs (http://www.rcdevs.com)
13
+ * @author rcdevs <info@rcdevs.com>
14
+ * @category RCDevs
15
+ * @package RCDevs_OpenOTP
16
+ */
17
+
18
+ /**
19
+ * Hooks into every adminhtml controller and checks if yubikey is enabled.
20
+ * Forwards not authorized yubikey enabled users to yubikey login form.
21
+ */
22
+ class RCDevs_OpenOTP_Model_Observer
23
+ {
24
+ /**
25
+ * @param Varien_Event_Observer $observer
26
+ */
27
+ public function controllerActionPredispatch(Varien_Event_Observer $observer)
28
+ {
29
+ $request = Mage::app()->getRequest();
30
+ /** @var $session Mage_Admin_Model_Session */
31
+ $session = Mage::getSingleton('admin/session');
32
+
33
+ /* @var $request Mage_Core_Controller_Request_Http */
34
+ if ( $request->getRequestedControllerName() == 'index' && $request->getRequestedActionName() == 'login' ){
35
+ $request->setControllerName('openotp')
36
+ ->setActionName('login')
37
+ ->setDispatched(false);
38
+ }
39
+ }
40
+
41
+ /**
42
+ * @param Varien_Event_Observer $observer
43
+ */
44
+ public function addOpenOTPTabToUserPermissionForm(Varien_Event_Observer $observer)
45
+ {
46
+ $block = $observer->getBlock();
47
+
48
+ /* @var $block Mage_Adminhtml_Block_Permissions_User_Edit_Tabs */
49
+ if ($block instanceof Mage_Adminhtml_Block_Permissions_User_Edit_Tabs) {
50
+ $tabData = array(
51
+ 'label' => Mage::helper('rcdevs_openotp')->__('OpenOTP setup'),
52
+ 'title' => Mage::helper('rcdevs_openotp')->__('OpenOTP setup'),
53
+ 'content' => $block->getLayout()->createBlock('rcdevs_openotp/adminhtml_permission_user_edit_tab_openotp')->toHtml(),
54
+ 'active' => true
55
+ );
56
+ if (method_exists($block, 'addTabAfter')) {
57
+ // >= CE 1.6
58
+ $block->addTabAfter('openotp_section', $tabData, 'roles_section');
59
+ } else {
60
+ $block->addTab('openotp_section', $tabData);
61
+ }
62
+ }
63
+ }
64
+ }
app/code/community/RCDevs/OpenOTP/Model/Session.php ADDED
@@ -0,0 +1,188 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php
2
+ class RCDevs_OpenOTP_Model_Session extends Mage_Admin_Model_Session
3
+ {
4
+
5
+ public $openotpAuth = NULL;
6
+ private $state = NULL;
7
+ private $message = NULL;
8
+ private $timeout = NULL;
9
+ private $domain = NULL;
10
+ private $username = NULL;
11
+ private $password = NULL;
12
+ private $userMagentoExist = false;
13
+ //To deactivate OpenOTP Authentication
14
+ private $disableOpenOTP = false;
15
+
16
+ /*
17
+ * Override admin login
18
+ */
19
+ public function login($username, $password, $request = null)
20
+ {
21
+
22
+ /** @var $session Mage_Admin_Model_Session */
23
+ $session = Mage::getSingleton('admin/session');
24
+ /* @var $config RCDevs_Openotp_Model_Config */
25
+ $config = Mage::getSingleton('rcdevs_openotp/config');
26
+ /* @var $openotpAuth RCDevs_Openotp_Model_Auth */
27
+ $this->openotpAuth = Mage::getModel('rcdevs_openotp/auth');
28
+
29
+ $etcModuleDir = Mage::getModuleDir('etc', 'RCDevs_OpenOTP');
30
+ $this->openotpAuth->setEtcModuleDir($etcModuleDir);
31
+ $request = Mage::app()->getRequest();
32
+
33
+ $remote_addr = $_SERVER["REMOTE_ADDR"];
34
+ $userEnabled = 2;
35
+ $session->setShowOpenOTPChallenge(false);
36
+ $session->setOpenOTPSuccess(false);
37
+
38
+ // Check OpenOTP WSDL file
39
+ if (!$this->openotpAuth->checkFile('/openotp.wsdl','Could not load OpenOTP WSDL file')){
40
+ $this->_error('Could not load OpenOTP module (WSDL file missing)');
41
+ $this->_log('Could not load OpenOTP WSDL file');
42
+ return false;
43
+ }
44
+ // Check SOAP extension is loaded
45
+ if (!$this->openotpAuth->checkSOAPext()){
46
+ $this->_error('Your PHP installation is missing the SOAP extension');
47
+ $this->_log('Your PHP installation is missing the SOAP extension');
48
+ return false;
49
+ }
50
+
51
+ if (empty($username)) {
52
+ $this->_error('Username is mandatory');
53
+ return false;
54
+ }else{
55
+ $this->username = $username;
56
+ $this->password = $request->getPost('openotp_password') != NULL ? $request->getPost('openotp_password') : $password;
57
+ $state = $request->getPost('openotp_state');
58
+ }
59
+
60
+ try {
61
+ $this->load_Parameters($config);
62
+
63
+ $t_domain = $this->openotpAuth->getDomain($this->username);
64
+ if (is_array($t_domain)){
65
+ $this->username = $t_domain['username'];
66
+ $this->domain = $t_domain['domain'];
67
+ }elseif($request->getPost('openotp_domain')!= NULL) $this->domain = $request->getPost('openotp_domain');
68
+ else $this->domain = $t_domain;
69
+
70
+ //User exists in Magento ?
71
+ $user = Mage::getModel('admin/user')->loadByUsername($this->username);
72
+ if($user->getId()) $this->userMagentoExist = true;
73
+
74
+ // User enabled?
75
+ $user = Mage::getModel('admin/user')->load($this->username, 'username');
76
+ if ($user->getId()){
77
+ $userEnabled = $user->getOpenotp();
78
+ }
79
+ $session->setIsUserEnabled($userEnabled);
80
+
81
+ //If deactivated do normal Auth
82
+ if ( ( ( !$config->isEnabled() && $userEnabled != 1 ) || ( $config->isEnabled() && $userEnabled == 2 ) || $this->disableOpenOTP ) && $this->userMagentoExist )
83
+ return parent::login($this->username, $this->password, $request);
84
+
85
+ if ($state != NULL) {
86
+ // OpenOTP Challenge
87
+ $resp = $this->openotpAuth->openOTPChallenge($this->username, $this->domain, $state, $this->password);
88
+ } else {
89
+ // OpenOTP Login
90
+ $resp = $this->openotpAuth->openOTPSimpleLogin($this->username, $this->domain, utf8_encode($this->password), $remote_addr);
91
+ }
92
+ $this->_log($resp);
93
+ if (!$resp || !isset($resp['code'])) {
94
+ $this->_log('Invalid OpenOTP response for user '.$this->username);
95
+ $this->_error('An error occurred while processing your request');
96
+ return false;
97
+ }
98
+
99
+ switch ($resp['code']) {
100
+ case 0:
101
+ if ($resp['message']) $msg = $resp['message'];
102
+ else $msg = 'An error occurred while processing your request';
103
+ $this->_error($msg);
104
+ break;
105
+ case 1:
106
+ $session->setShowOpenOTPChallenge(false);
107
+ $session->setOpenOTPSuccess(true);
108
+
109
+ try {
110
+ if (!$this->userMagentoExist){
111
+ if( $config->getCreateAccount() ){
112
+ $user = Mage::getModel('admin/user')
113
+ ->setData(array(
114
+ 'username' => $this->username,
115
+ 'password' => $password,
116
+ 'is_active' => 1
117
+ ))->save();
118
+ Mage::getSingleton('core/session')->addSuccess('User succesfully created on Magento');
119
+ $user->setRoleIds(array(1))
120
+ ->setRoleUserId($user->getUserId())
121
+ ->saveRelations();
122
+ }
123
+ }
124
+ $this->renewSession();
125
+ if (Mage::getSingleton('adminhtml/url')->useSecretKey())
126
+ Mage::getSingleton('adminhtml/url')->renewSecretUrls();
127
+ $this->setIsFirstPageAfterLogin(true);
128
+ $this->setUser($user);
129
+ $this->setAcl(Mage::getResourceModel('admin/acl')->loadAcl());
130
+ if ($requestUri = $this->_getRequestUri($request)) {
131
+ Mage::dispatchEvent('admin_session_user_login_success', array('user' => $user));
132
+ header('Location: ' . $requestUri);
133
+ exit;
134
+ }
135
+ } catch (Exception $e) {
136
+ echo $e->getMessage();
137
+ exit;
138
+ }
139
+ break;
140
+ case 2:
141
+ $session->setShowOpenOTPChallenge(true);
142
+ $js = $this->openotpAuth->getOverlay($resp['message'], $this->username, $resp['session'], $resp['timeout'], $this->password, $this->domain);
143
+ $session->setOpenotpFrontendScript($js);
144
+ break;
145
+ default:
146
+ $session->setShowOpenOTPChallenge(false);
147
+ $this->_log('Invalid OpenOTP response for user '.$this->username, JLog::ERROR, $remote_addr);
148
+ $this->_error('An error occurred while processing your request');
149
+ break;
150
+ }
151
+
152
+ }catch (Mage_Core_Exception $e) {
153
+ Mage::dispatchEvent('admin_session_user_login_failed',
154
+ array('user_name' => $username, 'exception' => $e));
155
+ if ($request && !$request->getParam('messageSent')) {
156
+ Mage::getSingleton('adminhtml/session')->addError("DiVA".$e->getMessage());
157
+ $request->setParam('messageSent', true);
158
+ }
159
+ }
160
+ return $user;
161
+ }
162
+
163
+ private function load_Parameters($config){
164
+ $this->openotpAuth->setServer_url($config->getServerUrl());
165
+ $this->openotpAuth->setClient_id($config->getClientId());
166
+ $this->openotpAuth->setDefault_domain($config->getDefaultDomain());
167
+ $this->openotpAuth->setClient_settings($config->getClientSettings());
168
+ $this->openotpAuth->setProxy_host($config->getProxyHost());
169
+ $this->openotpAuth->setProxy_port($config->getProxyPort());
170
+ $this->openotpAuth->setProxy_login($config->getProxyLogin());
171
+ $this->openotpAuth->setProxy_password($config->getProxyPassword());
172
+ }
173
+
174
+ protected function _log($mess)
175
+ {
176
+ if(is_array($mess) || is_object($mess)){
177
+ $mess = print_r($mess, true);
178
+ }
179
+ Mage::log($mess, Zend_Log::DEBUG, 'openotp.log');
180
+ }
181
+
182
+ public function _error($message, $type="core") {
183
+ Mage::getSingleton($type.'/session')->addError($message);
184
+ return false;
185
+ }
186
+
187
+
188
+ }
app/code/community/RCDevs/OpenOTP/controllers/Adminhtml/.DS_Store ADDED
Binary file
app/code/community/RCDevs/OpenOTP/controllers/Adminhtml/._.DS_Store ADDED
Binary file
app/code/community/RCDevs/OpenOTP/controllers/Adminhtml/OpenotpController.php ADDED
@@ -0,0 +1,50 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php
2
+ /**
3
+ * OpenOTP magento module
4
+ *
5
+ * LICENSE
6
+ *
7
+ * Copyright © 2013.
8
+ * RCDevs OpenOTP. All rights reserved.
9
+ *
10
+ * The use and redistribution of this software, either compiled or uncompiled, with or without modifications are permitted provided that the following conditions are met:
11
+ * *
12
+ * @copyright Copyright (c) 201 RCDevs (http://www.rcdevs.com)
13
+ * @author rcdevs <info@rcdevs.com>
14
+ * @category RCDevs
15
+ * @package RCDevs_OpenOTP
16
+ */
17
+
18
+ /**
19
+ * Controller for OpenOTP login form.
20
+ */
21
+ class RCDevs_OpenOTP_Adminhtml_OpenotpController extends Mage_Adminhtml_Controller_Action
22
+ {
23
+ protected function _isAllowed()
24
+ {
25
+ return true;
26
+ }
27
+
28
+ public function loginAction()
29
+ {
30
+ $this->_outTemplate('rcdevs_openotp/login');
31
+ }
32
+
33
+ /**
34
+ * Render specified template
35
+ *
36
+ * @param string $tplName
37
+ * @param array $data parameters required by template
38
+ */
39
+ protected function _outTemplate($tplName, $data = array())
40
+ {
41
+ $this->_initLayoutMessages('adminhtml/session');
42
+ $block = $this->getLayout()->createBlock('adminhtml/template')->setTemplate("$tplName.phtml");
43
+ foreach ($data as $index => $value) {
44
+ $block->assign($index, $value);
45
+ }
46
+ $html = $block->toHtml();
47
+ Mage::getSingleton('core/translate_inline')->processResponseBody($html);
48
+ $this->getResponse()->setBody($html);
49
+ }
50
+ }
app/code/community/RCDevs/OpenOTP/etc/config.xml ADDED
@@ -0,0 +1,85 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?xml version="1.0"?>
2
+ <config>
3
+ <modules>
4
+ <RCDevs_OpenOTP>
5
+ <version>1.0.4</version>
6
+ </RCDevs_OpenOTP>
7
+ </modules>
8
+ <admin>
9
+ <routers>
10
+ <adminhtml>
11
+ <args>
12
+ <modules>
13
+ <RCDevs_Openotp before="Mage_Adminhtml">RCDevs_OpenOTP_Adminhtml</RCDevs_Openotp>
14
+ </modules>
15
+ </args>
16
+ </adminhtml>
17
+ </routers>
18
+ </admin>
19
+ <adminhtml>
20
+ <translate>
21
+ <modules>
22
+ <RCDevs_OpenOTP>
23
+ <files>
24
+ <default>RCDevs_OpenOTP.csv</default>
25
+ </files>
26
+ </RCDevs_OpenOTP>
27
+ </modules>
28
+ </translate>
29
+ <events>
30
+ <controller_action_predispatch>
31
+ <observers>
32
+ <rcdevs_openotp>
33
+ <class>rcdevs_openotp/observer</class>
34
+ <method>controllerActionPredispatch</method>
35
+ </rcdevs_openotp>
36
+ </observers>
37
+ </controller_action_predispatch>
38
+ <core_block_abstract_prepare_layout_after>
39
+ <observers>
40
+ <rcdevs_openotp>
41
+ <class>rcdevs_openotp/observer</class>
42
+ <method>addOpenOTPTabToUserPermissionForm</method>
43
+ </rcdevs_openotp>
44
+ </observers>
45
+ </core_block_abstract_prepare_layout_after>
46
+ </events>
47
+ </adminhtml>
48
+ <global>
49
+ <blocks>
50
+ <rcdevs_openotp>
51
+ <class>RCDevs_OpenOTP_Block</class>
52
+ </rcdevs_openotp>
53
+ </blocks>
54
+ <models>
55
+ <rcdevs_openotp>
56
+ <class>RCDevs_OpenOTP_Model</class>
57
+ </rcdevs_openotp>
58
+ <admin>
59
+ <rewrite>
60
+ <session>RCDevs_OpenOTP_Model_Session</session>
61
+ </rewrite>
62
+ </admin>
63
+ </models>
64
+ <helpers>
65
+ <rcdevs_openotp>
66
+ <class>RCDevs_OpenOTP_Helper</class>
67
+ </rcdevs_openotp>
68
+ </helpers>
69
+ <resources>
70
+ <rcdevs_openotp_setup>
71
+ <setup>
72
+ <module>RCDevs_OpenOTP</module>
73
+ </setup>
74
+ </rcdevs_openotp_setup>
75
+ </resources>
76
+ </global>
77
+ <default>
78
+ <admin>
79
+ <openotp>
80
+ <openotp_server_url>http://myserver:8080/openotp/</openotp_server_url>
81
+ <openotp_client_id>Magento</openotp_client_id>
82
+ </openotp>
83
+ </admin>
84
+ </default>
85
+ </config>
app/code/community/RCDevs/OpenOTP/etc/openotp.wsdl ADDED
@@ -0,0 +1,119 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?xml version="1.0" encoding="UTF-8"?>
2
+
3
+ <definitions targetNamespace="http://www.rcdevs.com/wsdl/openotp/"
4
+ xmlns="http://schemas.xmlsoap.org/wsdl/"
5
+ xmlns:tns="http://www.rcdevs.com/wsdl/openotp/"
6
+ xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/"
7
+ xmlns:SOAP-ENC="http://schemas.xmlsoap.org/soap/encoding/"
8
+ xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/"
9
+ xmlns:xsd="http://www.w3.org/2001/XMLSchema"
10
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
11
+
12
+ <message name="openotpSimpleLoginRequest">
13
+ <part name="username" type="xsd:string"/>
14
+ <part name="domain" type="xsd:string"/>
15
+ <part name="anyPassword" type="xsd:string"/>
16
+ <part name="client" type="xsd:string"/>
17
+ <part name="source" type="xsd:string"/>
18
+ <part name="settings" type="xsd:string"/>
19
+ </message>
20
+
21
+ <message name="openotpNormalLoginRequest">
22
+ <part name="username" type="xsd:string"/>
23
+ <part name="domain" type="xsd:string"/>
24
+ <part name="ldapPassword" type="xsd:string"/>
25
+ <part name="otpPassword" type="xsd:string"/>
26
+ <part name="client" type="xsd:string"/>
27
+ <part name="source" type="xsd:string"/>
28
+ <part name="settings" type="xsd:string"/>
29
+ </message>
30
+
31
+ <message name="openotpLoginResponse">
32
+ <part name="code" type="xsd:integer"/>
33
+ <part name="message" type="xsd:string"/>
34
+ <part name="session" type="xsd:string"/>
35
+ <part name="data" type="xsd:string"/>
36
+ <part name="timeout" type="xsd:integer"/>
37
+ </message>
38
+
39
+ <message name="openotpChallengeRequest">
40
+ <part name="username" type="xsd:string"/>
41
+ <part name="domain" type="xsd:string"/>
42
+ <part name="session" type="xsd:string"/>
43
+ <part name="otpPassword" type="xsd:string"/>
44
+ </message>
45
+
46
+ <message name="openotpChallengeResponse">
47
+ <part name="code" type="xsd:integer"/>
48
+ <part name="message" type="xsd:string"/>
49
+ <part name="data" type="xsd:string"/>
50
+ </message>
51
+
52
+ <message name="openotpStatusRequest"/>
53
+
54
+ <message name="openotpStatusResponse">
55
+ <part name="status" type="xsd:boolean"/>
56
+ <part name="message" type="xsd:string"/>
57
+ </message>
58
+
59
+ <portType name="openotpPortType">
60
+ <operation name="openotpSimpleLogin">
61
+ <input name="openotpSimpleLoginRequest" message="tns:openotpSimpleLoginRequest"/>
62
+ <output name="openotpSimpleLoginResponse" message="tns:openotpLoginResponse"/>
63
+ </operation>
64
+ <operation name="openotpNormalLogin">
65
+ <input name="openotpNormalLoginRequest" message="tns:openotpNormalLoginRequest"/>
66
+ <output name="openotpNormalLoginResponse" message="tns:openotpLoginResponse"/>
67
+ </operation>
68
+ <operation name="openotpLogin">
69
+ <input name="openotpLoginRequest" message="tns:openotpNormalLoginRequest"/>
70
+ <output name="openotpLoginResponse" message="tns:openotpLoginResponse"/>
71
+ </operation>
72
+ <operation name="openotpChallenge">
73
+ <input name="openotpChallengeRequest" message="tns:openotpChallengeRequest"/>
74
+ <output name="openotpChallengeResponse" message="tns:openotpChallengeResponse"/>
75
+ </operation>
76
+ <operation name="openotpStatus">
77
+ <input name="openotpStatusRequest" message="tns:openotpStatusRequest"/>
78
+ <output name="openotpStatusResponse" message="tns:openotpStatusResponse"/>
79
+ </operation>
80
+ </portType>
81
+
82
+ <binding name="openotpBinding" type="tns:openotpPortType">
83
+ <soap:binding style="rpc" transport="http://schemas.xmlsoap.org/soap/http"/>
84
+ <operation name="openotpSimpleLogin">
85
+ <soap:operation soapAction="openotpSimpleLogin"/>
86
+ <input><soap:body use="encoded" namespace="urn:openotp" encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/></input>
87
+ <output><soap:body use="encoded" namespace="urn:openotp" encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/></output>
88
+ </operation>
89
+ <operation name="openotpNormalLogin">
90
+ <soap:operation soapAction="openotpNormalLogin"/>
91
+ <input><soap:body use="encoded" namespace="urn:openotp" encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/></input>
92
+ <output><soap:body use="encoded" namespace="urn:openotp" encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/></output>
93
+ </operation>
94
+ <operation name="openotpLogin">
95
+ <!-- Operation openotpLogin is an alias of openotpNormalLogin.
96
+ It is kept for backward compatibility with OpenOTP v1.0. -->
97
+ <soap:operation soapAction="openotpLogin"/>
98
+ <input><soap:body use="encoded" namespace="urn:openotp" encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/></input>
99
+ <output><soap:body use="encoded" namespace="urn:openotp" encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/></output>
100
+ </operation>
101
+ <operation name="openotpChallenge">
102
+ <soap:operation soapAction="openotpChallenge"/>
103
+ <input><soap:body use="encoded" namespace="urn:openotp" encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/></input>
104
+ <output><soap:body use="encoded" namespace="urn:openotp" encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/></output>
105
+ </operation>
106
+ <operation name="openotpStatus">
107
+ <soap:operation soapAction="openotpStatus"/>
108
+ <input><soap:body use="encoded" namespace="urn:openotp" encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/></input>
109
+ <output><soap:body use="encoded" namespace="urn:openotp" encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/></output>
110
+ </operation>
111
+ </binding>
112
+
113
+ <service name="openotpService">
114
+ <port name="openotpPort" binding="tns:openotpBinding">
115
+ <soap:address location="http://localhost:8080/openotp/"/>
116
+ </port>
117
+ </service>
118
+
119
+ </definitions>
app/code/community/RCDevs/OpenOTP/etc/system.xml ADDED
@@ -0,0 +1,115 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?xml version="1.0"?>
2
+ <config>
3
+ <sections>
4
+ <admin>
5
+ <groups>
6
+ <openotp translate="label" module="rcdevs_openotp">
7
+ <label>OpenOTP</label>
8
+ <frontend_type>text</frontend_type>
9
+ <show_in_default>1</show_in_default>
10
+ <show_in_website>0</show_in_website>
11
+ <show_in_store>0</show_in_store>
12
+ <sort_order>500</sort_order>
13
+ <fields>
14
+ <enabled translate="label">
15
+ <label>Enable OpenOTP</label>
16
+ <frontend_type>select</frontend_type>
17
+ <source_model>adminhtml/system_config_source_yesno</source_model>
18
+ <sort_order>1</sort_order>
19
+ <show_in_default>1</show_in_default>
20
+ <show_in_website>0</show_in_website>
21
+ <show_in_store>0</show_in_store>
22
+ <comment><![CDATA[A per user setting override general configuration in System / Permissions / Users ]]></comment>
23
+ </enabled>
24
+ <authscheme>
25
+ </authscheme>
26
+ <openotp_server_url>
27
+ <label>Server URL</label>
28
+ <frontend_type>text</frontend_type>
29
+ <sort_order>2</sort_order>
30
+ <show_in_default>1</show_in_default>
31
+ <show_in_website>0</show_in_website>
32
+ <show_in_store>0</show_in_store>
33
+ <comment><![CDATA[You can find your server URL in your OpenOTP server configuration (part of WebAdm) / Applications, under Web services section: Service URL (STD): http://Myserver:8080/openotp/]]></comment>
34
+ </openotp_server_url>
35
+ <openotp_client_id>
36
+ <label>Client ID</label>
37
+ <frontend_type>text</frontend_type>
38
+ <sort_order>3</sort_order>
39
+ <show_in_default>1</show_in_default>
40
+ <show_in_website>0</show_in_website>
41
+ <show_in_store>0</show_in_store>
42
+ </openotp_client_id>
43
+ <openotp_create_account>
44
+ <label>Create local account</label>
45
+ <frontend_type>select</frontend_type>
46
+ <source_model>adminhtml/system_config_source_yesno</source_model>
47
+ <sort_order>4</sort_order>
48
+ <show_in_default>1</show_in_default>
49
+ <show_in_website>0</show_in_website>
50
+ <show_in_store>0</show_in_store>
51
+ <comment><![CDATA[On login for the first time, Magento user account will be created (if not exists) with OpenOTP username and password]]></comment>
52
+ </openotp_create_account>
53
+ <openotp_default_domain>
54
+ <label>Default domain</label>
55
+ <frontend_type>text</frontend_type>
56
+ <sort_order>5</sort_order>
57
+ <show_in_default>1</show_in_default>
58
+ <show_in_website>0</show_in_website>
59
+ <show_in_store>0</show_in_store>
60
+ </openotp_default_domain>
61
+ <openotp_client_settings>
62
+ <label>Client settings</label>
63
+ <frontend_type>text</frontend_type>
64
+ <sort_order>6</sort_order>
65
+ <show_in_default>1</show_in_default>
66
+ <show_in_website>0</show_in_website>
67
+ <show_in_store>0</show_in_store>
68
+ <validate>validate-int</validate>
69
+ </openotp_client_settings>
70
+ <openotp_proxy_host>
71
+ <label>Proxy host</label>
72
+ <frontend_type>text</frontend_type>
73
+ <sort_order>7</sort_order>
74
+ <show_in_default>1</show_in_default>
75
+ <show_in_website>0</show_in_website>
76
+ <show_in_store>0</show_in_store>
77
+ </openotp_proxy_host>
78
+ <openotp_proxy_port>
79
+ <label>Proxy port</label>
80
+ <frontend_type>text</frontend_type>
81
+ <sort_order>8</sort_order>
82
+ <show_in_default>1</show_in_default>
83
+ <show_in_website>0</show_in_website>
84
+ <show_in_store>0</show_in_store>
85
+ </openotp_proxy_port>
86
+ <openotp_proxy_login>
87
+ <label>Proxy login</label>
88
+ <frontend_type>text</frontend_type>
89
+ <sort_order>9</sort_order>
90
+ <show_in_default>1</show_in_default>
91
+ <show_in_website>0</show_in_website>
92
+ <show_in_store>0</show_in_store>
93
+ </openotp_proxy_login>
94
+ <openotp_proxy_password>
95
+ <label>Proxy password</label>
96
+ <frontend_type>text</frontend_type>
97
+ <sort_order>10</sort_order>
98
+ <show_in_default>1</show_in_default>
99
+ <show_in_website>0</show_in_website>
100
+ <show_in_store>0</show_in_store>
101
+ </openotp_proxy_password>
102
+ <log_enabled>
103
+ <label>Enable log</label>
104
+ <frontend_type>select</frontend_type>
105
+ <sort_order>11</sort_order>
106
+ <source_model>adminhtml/system_config_source_yesno</source_model>
107
+ <show_in_default>1</show_in_default>
108
+ <show_in_website>0</show_in_website>
109
+ </log_enabled>
110
+ </fields>
111
+ </openotp>
112
+ </groups>
113
+ </admin>
114
+ </sections>
115
+ </config>
app/code/community/RCDevs/OpenOTP/sql/rcdevs_openotp_setup/install-1.0.0.php ADDED
@@ -0,0 +1,23 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php
2
+
3
+ $installer = $this;
4
+ /* @var $installer Mage_Core_Model_Resource_Setup */
5
+
6
+ $installer->startSetup();
7
+
8
+ /**
9
+ * Add openotp field to table 'admin/user'
10
+ */
11
+ $installer->getConnection()->addColumn(
12
+ $installer->getTable('admin/user'),
13
+ 'openotp',
14
+ array(
15
+ 'type' => Varien_Db_Ddl_Table::TYPE_TEXT,
16
+ 'length' => 30,
17
+ 'default' => null,
18
+ 'nullable' => true,
19
+ 'comment' => 'OpenOTP enabled'
20
+ )
21
+ );
22
+
23
+ $installer->endSetup();
app/code/community/RCDevs/OpenOTP/sql/rcdevs_openotp_setup/mysql4-install-1.0.0.php ADDED
@@ -0,0 +1,13 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php
2
+
3
+ $installer = $this;
4
+ /* @var $installer Mage_Core_Model_Resource_Setup */
5
+
6
+ $installer->startSetup();
7
+
8
+ /**
9
+ * Add openotp field to table 'admin/user'
10
+ */
11
+ $installer->getConnection()->addColumn($this->getTable('admin/user'), 'openotp', 'varchar(30) null');
12
+
13
+ $installer->endSetup();
app/design/adminhtml/default/default/layout/rcdevs_openotp.xml ADDED
@@ -0,0 +1,5 @@
 
 
 
 
 
1
+ <layout version="0.1.0">
2
+ <adminhtml_openotp_login>
3
+ <block name="rcdevs.openotp.login" template="rcdevs_openotp/login.phtml" />
4
+ </adminhtml_openotp_login>
5
+ </layout>
app/design/adminhtml/default/default/template/rcdevs_openotp/login.phtml ADDED
@@ -0,0 +1,86 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php
2
+ /**
3
+ * OpenOTP magento module
4
+ *
5
+ * LICENSE
6
+ *
7
+ * Copyright © 2013.
8
+ * RCDevs OpenOTP. All rights reserved.
9
+ *
10
+ * The use and redistribution of this software, either compiled or uncompiled, with or without modifications are permitted provided that the following conditions are met:
11
+ * *
12
+ * @copyright Copyright (c) 201 RCDevs (http://www.rcdevs.com)
13
+ * @author rcdevs <info@rcdevs.com>
14
+ * @category RCDevs
15
+ * @package RCDevs_OpenOTP
16
+ */
17
+
18
+ /** @var $session Mage_Admin_Model_Session */
19
+ $session = Mage::getSingleton('admin/session');
20
+ /* @var $config RCDevs_Openotp_Model_Config */
21
+ $config = Mage::getSingleton('rcdevs_openotp/config');
22
+
23
+ ?>
24
+ <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
25
+ <html xmlns="http://www.w3.org/1999/xhtml" lang="en">
26
+ <head>
27
+ <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
28
+ <title><?php echo Mage::helper('adminhtml')->__('Log into Magento Admin Page') ?></title>
29
+ <link type="text/css" rel="stylesheet" href="<?php echo $this->getSkinUrl('reset.css') ?>" media="all" />
30
+ <link type="text/css" rel="stylesheet" href="<?php echo $this->getSkinUrl('boxes.css') ?>" media="all" />
31
+ <link rel="icon" href="<?php echo $this->getSkinUrl('favicon.ico') ?>" type="image/x-icon" />
32
+ <link rel="shortcut icon" href="<?php echo $this->getSkinUrl('favicon.ico') ?>" type="image/x-icon" />
33
+ <script type="text/javascript" src="<?php echo $this->getJsUrl('prototype/prototype.js') ?>"></script>
34
+ <script type="text/javascript" src="<?php echo $this->getJsUrl('prototype/validation.js') ?>"></script>
35
+ <script type="text/javascript" src="<?php echo $this->getJsUrl('scriptaculous/effects.js') ?>"></script>
36
+ <script type="text/javascript" src="<?php echo $this->getJsUrl('mage/adminhtml/form.js') ?>"></script>
37
+ <script type="text/javascript" src="<?php echo $this->getJsUrl('mage/captcha.js') ?>"></script>
38
+ <script>document.observe('dom:loaded', function(){
39
+
40
+ var token = "<?php echo $this->getFormKey(); ?>";
41
+ var path = "<?php echo $this->getSkinUrl('images/rcdevs_openotp/'); ?>";
42
+
43
+ <?php if($session->getShowOpenOTPChallenge() != NULL){ echo $session->getOpenotpFrontendScript(); $session->setShowOpenOTPChallenge(false); $session->setOpenotpFrontendScript(false); } ?>
44
+ });
45
+ </script>
46
+
47
+ <!--[if IE]> <link rel="stylesheet" href="<?php echo $this->getSkinUrl('iestyles.css') ?>" type="text/css" media="all" /> <![endif]-->
48
+ <!--[if lt IE 7]> <link rel="stylesheet" href="<?php echo $this->getSkinUrl('below_ie7.css') ?>" type="text/css" media="all" /> <![endif]-->
49
+ <!--[if IE 7]> <link rel="stylesheet" href="<?php echo $this->getSkinUrl('ie7.css') ?>" type="text/css" media="all" /> <![endif]-->
50
+ </head>
51
+ <body id="page-login">
52
+ <div class="login-container">
53
+ <div class="login-box">
54
+ <form method="post" action="" id="loginForm2" autocomplete="off">
55
+ <div class="login-form">
56
+ <input name="form_key" type="hidden" value="<?php echo $this->getFormKey() ?>" />
57
+ <h2><?php echo Mage::helper('adminhtml')->__('Log in to Admin Panel') ?></h2>
58
+ <div id="messages"> <?php echo $this->getMessagesBlock()->getGroupedHtml() ?> </div>
59
+ <div class="input-box input-left">
60
+ <label for="username"><?php echo Mage::helper('adminhtml')->__('User Name:') ?></label>
61
+ <br/>
62
+ <input type="text" id="username" name="login[username]" value="" class="required-entry input-text" />
63
+ </div>
64
+ <div class="input-box input-right">
65
+ <label for="login"><?php echo Mage::helper('adminhtml')->__('Password:') ?></label>
66
+ <br />
67
+ <!-- This is a dummy hidden field to trick firefox from auto filling the password -->
68
+ <input type="text" class="input-text no-display" name="dummy" id="dummy" />
69
+ <input type="password" id="login" name="login[password]" class="required-entry input-text" value="" />
70
+ </div>
71
+ <?php echo $this->getChildHtml('form.additional.info'); ?>
72
+ <div class="clear"></div>
73
+ <div class="form-buttons"> <a class="left" href="<?php echo Mage::helper('adminhtml')->getUrl('adminhtml/index/forgotpassword', array('_nosecret' => true)) ?>"><?php echo Mage::helper('adminhtml')->__('Forgot your password?') ?></a>
74
+ <input type="submit" class="form-button" value="<?php echo Mage::helper('adminhtml')->__('Login') ?>" title="<?php echo Mage::helper('adminhtml')->__('Login') ?>" />
75
+ </div>
76
+ </div>
77
+ <p class="legal"><?php echo Mage::helper('adminhtml')->__('Magento is a trademark of Magento Inc. Copyright &copy; %s Magento Inc.', date('Y')) ?></p>
78
+ </form>
79
+ <div class="bottom"></div>
80
+ <script type="text/javascript">
81
+ //var loginForm = new varienForm('loginForm');
82
+ </script>
83
+ </div>
84
+ </div>
85
+ </body>
86
+ </html>
app/etc/modules/RCDevs_OpenOTP.xml ADDED
@@ -0,0 +1,13 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?xml version="1.0"?>
2
+ <config>
3
+ <modules>
4
+ <RCDevs_OpenOTP>
5
+ <active>true</active>
6
+ <codePool>community</codePool>
7
+ <depends>
8
+ <Mage_Admin />
9
+ <Mage_Adminhtml />
10
+ </depends>
11
+ </RCDevs_OpenOTP>
12
+ </modules>
13
+ </config>
app/locale/en_US/RCDevs_OpenOTP.csv ADDED
@@ -0,0 +1,24 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ "OpenOTP setup","OpenOTP setup"
2
+ "Enable OpenOTP Two factors authentication for login","Enable OpenOTP Two factors authentication for login"
3
+ "Default...","Default..."
4
+ "Enable OpenOTP","Enable OpenOTP"
5
+ "Server URL","Server URL"
6
+ "Client ID","Client ID"
7
+ "Create local account","Create local account"
8
+ "Default domain","Default domain"
9
+ "Client settings","Client settings"
10
+ "Proxy host","Proxy host"
11
+ "Proxy port","Proxy port"
12
+ "Proxy login","Proxy login"
13
+ "Proxy password","Proxy password"
14
+
15
+
16
+
17
+
18
+
19
+
20
+
21
+
22
+
23
+
24
+
package.xml ADDED
@@ -0,0 +1,36 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?xml version="1.0"?>
2
+ <package>
3
+ <name>RCDevs_OpenOTP_Authentication</name>
4
+ <version>1.1.2</version>
5
+ <stability>stable</stability>
6
+ <license>GNU General Public License ( GPL )</license>
7
+ <channel>community</channel>
8
+ <extends/>
9
+ <summary>This Plugin enables strong two factor authentication for admins and users to connect to administration panel</summary>
10
+ <description>&lt;p&gt;This Plugin enables strong &lt;b&gt;two factor authentication&lt;/b&gt; for admins and users. It displays an overlay on Challenge-Response session, after fill in username and password. The plugin supports global, per role and per user settings configuration. The plugin will transparently handle any OpenOTP Login Mode including, LDAP only, OTP only and LDAP+OTP.&lt;/p&gt;&#xD;
11
+ &#xD;
12
+ &lt;p&gt;OpenOTP is the RCDevs user authentication solution. OpenOTP is a server application which provides multiple (highly configurable) authentication schemes for your LDAP users, based on one-time passwords (OTP) technologies and including: &lt;ul&gt;&#xD;
13
+ &lt;li&gt;OATH HOTP/TOTP/OCRA Software/Hardware Tokens&lt;/li&gt;&#xD;
14
+ &lt;li&gt;Google Authenticator&lt;/li&gt;&#xD;
15
+ &lt;li&gt;Mobile-OTP (mOTP) Software Tokens&lt;/li&gt;&#xD;
16
+ &lt;li&gt;SMS One-Time Passwords&lt;/li&gt;&#xD;
17
+ &lt;li&gt; Mail / Secure Mail One-Time Passwords&lt;/li&gt;&#xD;
18
+ &lt;li&gt;Yubikey&lt;/li&gt;&lt;/ul&gt;&#xD;
19
+ OpenOTP provides both SOAP/XML and RADIUS client APIs.&lt;/p&gt;</description>
20
+ <notes> - The plugin displays an overlay on Challenge-Response session&#xD;
21
+ - Custom login form template (login.phtml)&#xD;
22
+ - Global and per user settings configuration&#xD;
23
+ - Mode auto-create local account on first login&#xD;
24
+ - The plugin will transparently support any OpenOTP Login Mode including:&#xD;
25
+ &gt; LDAP only&#xD;
26
+ &gt; OTP only&#xD;
27
+ &gt; LDAP+OTP with user challenge-response&#xD;
28
+ - Possibility to enable plugin logs (/var/logs/openotp.log)&#xD;
29
+ </notes>
30
+ <authors><author><name>RCDevs</name><user>rcdevs</user><email>support@rcdevs.com</email></author></authors>
31
+ <date>2013-10-23</date>
32
+ <time>14:46:22</time>
33
+ <contents><target name="magecommunity"><dir name="RCDevs"><dir name="OpenOTP"><dir name="Block"><dir name="Adminhtml"><dir name="Permission"><dir name="User"><dir name="Edit"><dir name="Tab"><file name="Openotp.php" hash="53b81b752b9b5c3e64f1e60b10caaa44"/></dir></dir></dir></dir></dir></dir><dir name="Helper"><file name="Data.php" hash="3ff4f896bafe664c9a986b8131479f4a"/></dir><dir name="Model"><file name="Auth.php" hash="14665ff97734988f83595a5bf83089ea"/><file name="Config.php" hash="060ae60b8154e5d105c13ef7dd05449e"/><file name="Observer.php" hash="0c325e1d31db0dd0140a4efd8d59932c"/><file name="Session.php" hash="6763eb200ba70b230b0f46f7e87dd602"/></dir><dir name="controllers"><dir name="Adminhtml"><file name="OpenotpController.php" hash="0151d7b0985bb33f0ee21fbc9ddd1695"/><file name=".DS_Store" hash="194577a7e20bdcc7afbb718f502c134c"/><file name="._.DS_Store" hash="c7afd6e713ac1bdfff2ea4d2f9cfc0dc"/></dir></dir><dir name="etc"><file name="config.xml" hash="dd90ece2a7369dd015b200f0048f1692"/><file name="openotp.wsdl" hash="edcfd264dc9df5cbccf1fb9554379ab7"/><file name="system.xml" hash="732a359d8db02252a82a057038810aef"/></dir><dir name="sql"><dir name="rcdevs_openotp_setup"><file name="install-1.0.0.php" hash="61f70158bbcdc4bc03a7232fff2b51e6"/><file name="mysql4-install-1.0.0.php" hash="f4600383a0f0b439b35e8dc3870f679a"/></dir></dir></dir></dir></target><target name="magedesign"><dir name="adminhtml"><dir name="default"><dir name="default"><dir name="layout"><file name="rcdevs_openotp.xml" hash="b49c3390c2fbd65180af3c0ec20dca59"/></dir><dir name="template"><dir name="rcdevs_openotp"><file name="login.phtml" hash="5868ba7896505844be892f9663461344"/></dir></dir></dir></dir></dir></target><target name="magelocale"><dir><dir name="en_US"><file name="RCDevs_OpenOTP.csv" hash="1f28e7017af2d42d09164f85c9da658a"/></dir></dir></target><target name="mageskin"><dir name="adminhtml"><dir name="default"><dir name="default"><dir name="images"><dir name="rcdevs_openotp"><file name="openotp_banner.png" hash="7b5226d26301e717471cf4e66b0b21e2"/><file name="openotp_closebtn.png" hash="2f20f6b977639883852f8ffd9e14f19e"/></dir></dir></dir></dir></dir></target><target name="mageetc"><dir name="modules"><file name="RCDevs_OpenOTP.xml" hash="c4b719c5f7d76e809587ce9b023b29e1"/></dir></target></contents>
34
+ <compatible/>
35
+ <dependencies><required><php><min>4.0.0</min><max>5.0.0</max></php><extension><name>soap</name><min></min><max></max></extension></required></dependencies>
36
+ </package>
skin/adminhtml/default/default/images/rcdevs_openotp/openotp_banner.png ADDED
Binary file
skin/adminhtml/default/default/images/rcdevs_openotp/openotp_closebtn.png ADDED
Binary file