Google Authenticator - Version 0.36

Version Description

Bugfix, now an App password can only be used for XMLRPC/APP-Request logins.

Release Info

Developer	Henrik.Schack
Plugin	Google Authenticator
Version	0.36
Comparing to
See all releases

Code changes from version 0.35 to 0.36

Files changed (3) hide show

google-authenticator.php +6 -10
lang/google-authenticator.pot +17 -17
readme.txt +5 -2

google-authenticator.php CHANGED Viewed

	@@ -4,9 +4,9 @@ Plugin Name: Google Authenticator
4	Plugin URI: http://henrik.schack.dk/google-authenticator-for-wordpress
5	Description: Two-Factor Authentication for WordPress using the Android/iPhone/Blackberry app as One Time Password generator.
6	Author: Henrik Schack
7	- Version: 0.35
8	Author URI: http://henrik.schack.dk/
9	- Compatibility: WordPress 3.2
10	Text Domain: google-authenticator
11	Domain Path: /lang
12
	@@ -150,20 +150,16 @@ function check_otp( $user, $username = '', $password = '' ) {
150	if ( $this->verify( $GA_secret, $otp ) ) {
151	return $userstate;
152	} else {
153	- // No, lets see if an app password is enabled
154	- if ( trim( get_user_option( 'googleauthenticator_pwdenabled', $user->ID ) ) == 'enabled' ) {
155	$GA_passwords = json_decode( get_user_option( 'googleauthenticator_passwords', $user->ID ) );
156	$passwordsha1 = trim($GA_passwords->{'password'} );
157	$usersha1 = sha1( strtoupper( str_replace( ' ', '', $password ) ) );
158	if ( $passwordsha1 == $usersha1 ) {
159	return new WP_User( $user->ID );
160	} else {
161	- if ( ~~$otp~~ == ~~'' ) {~~
162	- // No ~~Google~~ ~~Authenticator~~ ~~code~~ ~~entered,~~ ~~must~~ be a ~~wrong~~ ~~app~~ ~~login~~ ~~attempt~~
163	- return new WP_Error( 'invalid_google_authenticator_password', __( '<strong>ERROR</strong>: The Google Authenticator password is incorrect.', 'google-authenticator' ) );
164	- } else {
165	- return new WP_Error( 'invalid_google_authenticator_token', __( '<strong>ERROR</strong>: The Google Authenticator code is incorrect or has expired.', 'google-authenticator' ) );
166	- }
167	}
168	} else {
169	return new WP_Error( 'invalid_google_authenticator_token', __( '<strong>ERROR</strong>: The Google Authenticator code is incorrect or has expired.', 'google-authenticator' ) );


4	Plugin URI: http://henrik.schack.dk/google-authenticator-for-wordpress
5	Description: Two-Factor Authentication for WordPress using the Android/iPhone/Blackberry app as One Time Password generator.
6	Author: Henrik Schack
7	+ Version: 0.36
8	Author URI: http://henrik.schack.dk/
9	+ Compatibility: WordPress 3.2.1
10	Text Domain: google-authenticator
11	Domain Path: /lang
12

150	if ( $this->verify( $GA_secret, $otp ) ) {
151	return $userstate;
152	} else {
153	+ // No, lets see if an app password is enabled, and this is an XMLRPC / APP login ?
154	+ if ( trim( get_user_option( 'googleauthenticator_pwdenabled', $user->ID ) ) == 'enabled' && ( defined('XMLRPC_REQUEST') \|\| defined('APP_REQUEST') ) ) {
155	$GA_passwords = json_decode( get_user_option( 'googleauthenticator_passwords', $user->ID ) );
156	$passwordsha1 = trim($GA_passwords->{'password'} );
157	$usersha1 = sha1( strtoupper( str_replace( ' ', '', $password ) ) );
158	if ( $passwordsha1 == $usersha1 ) {
159	return new WP_User( $user->ID );
160	} else {
161	+ // Wrong XMLRPC/APP password !
162	+ return new WP_Error( 'invalid_google_authenticator_password', __( '<strong>ERROR</strong>: The Google Authenticator password is incorrect.', 'google-authenticator' ) );




163	}
164	} else {
165	return new WP_Error( 'invalid_google_authenticator_token', __( '<strong>ERROR</strong>: The Google Authenticator code is incorrect or has expired.', 'google-authenticator' ) );

lang/google-authenticator.pot CHANGED Viewed

	@@ -2,9 +2,9 @@
2	# This file is distributed under the same license as the Google Authenticator package.
3	msgid ""
4	msgstr ""
5	- "Project-Id-Version: Google Authenticator 0.35\n"
6	"Report-Msgid-Bugs-To: http://wordpress.org/tag/google-authenticator\n"
7	- "POT-Creation-Date: 2011-07-18 20:06:38+00:00\n"
8	"MIME-Version: 1.0\n"
9	"Content-Type: text/plain; charset=UTF-8\n"
10	"Content-Transfer-Encoding: 8bit\n"
	@@ -22,66 +22,66 @@ msgstr ""
22	msgid "Google Authenticator code"
23	msgstr ""
24
25	- #: google-authenticator.php:~~163~~
26	msgid "<strong>ERROR</strong>: The Google Authenticator password is incorrect."
27	msgstr ""
28
29	- #: google-authenticator.php:165 ~~google-authenticator.php:169~~
30	msgid ""
31	"<strong>ERROR</strong>: The Google Authenticator code is incorrect or has "
32	"expired."
33	msgstr ""
34
35	- #: google-authenticator.php:~~204~~
36	msgid "WordPress Blog"
37	msgstr ""
38
39	- #: google-authenticator.php:~~207~~ google-authenticator.php:~~365~~
40	msgid "Google Authenticator Settings"
41	msgstr ""
42
43	- #: google-authenticator.php:~~212~~ google-authenticator.php:~~369~~
44	msgid "Active"
45	msgstr ""
46
47	- #: google-authenticator.php:~~224~~
48	msgid "Description"
49	msgstr ""
50
51	- #: google-authenticator.php:~~225~~
52	msgid ""
53	" Description that you'll see in the Google Authenticator app on your phone."
54	msgstr ""
55
56	- #: google-authenticator.php:~~229~~
57	msgid "Secret"
58	msgstr ""
59
60	- #: google-authenticator.php:~~232~~
61	msgid "Create new secret"
62	msgstr ""
63
64	- #: google-authenticator.php:~~233~~
65	msgid "Show/Hide QR code"
66	msgstr ""
67
68	- #: google-authenticator.php:~~241~~
69	msgid "Scan this with the Google Authenticator app."
70	msgstr ""
71
72	- #: google-authenticator.php:~~246~~
73	msgid "Enable App password"
74	msgstr ""
75
76	- #: google-authenticator.php:~~248~~
77	msgid " Enabling an App password will decrease your overall login security."
78	msgstr ""
79
80	- #: google-authenticator.php:~~256~~
81	msgid "Create new password"
82	msgstr ""
83
84	- #: google-authenticator.php:~~257~~
85	msgid ""
86	" Password is not stored in cleartext, this is your only chance to see it."
87	msgstr ""


2	# This file is distributed under the same license as the Google Authenticator package.
3	msgid ""
4	msgstr ""
5	+ "Project-Id-Version: Google Authenticator 0.36\n"
6	"Report-Msgid-Bugs-To: http://wordpress.org/tag/google-authenticator\n"
7	+ "POT-Creation-Date: 2011-08-10 20:20:57+00:00\n"
8	"MIME-Version: 1.0\n"
9	"Content-Type: text/plain; charset=UTF-8\n"
10	"Content-Transfer-Encoding: 8bit\n"

22	msgid "Google Authenticator code"
23	msgstr ""
24
25	+ #: google-authenticator.php:162
26	msgid "<strong>ERROR</strong>: The Google Authenticator password is incorrect."
27	msgstr ""
28
29	+ #: google-authenticator.php:165
30	msgid ""
31	"<strong>ERROR</strong>: The Google Authenticator code is incorrect or has "
32	"expired."
33	msgstr ""
34
35	+ #: google-authenticator.php:200
36	msgid "WordPress Blog"
37	msgstr ""
38
39	+ #: google-authenticator.php:203 google-authenticator.php:361
40	msgid "Google Authenticator Settings"
41	msgstr ""
42
43	+ #: google-authenticator.php:208 google-authenticator.php:365
44	msgid "Active"
45	msgstr ""
46
47	+ #: google-authenticator.php:220
48	msgid "Description"
49	msgstr ""
50
51	+ #: google-authenticator.php:221
52	msgid ""
53	" Description that you'll see in the Google Authenticator app on your phone."
54	msgstr ""
55
56	+ #: google-authenticator.php:225
57	msgid "Secret"
58	msgstr ""
59
60	+ #: google-authenticator.php:228
61	msgid "Create new secret"
62	msgstr ""
63
64	+ #: google-authenticator.php:229
65	msgid "Show/Hide QR code"
66	msgstr ""
67
68	+ #: google-authenticator.php:237
69	msgid "Scan this with the Google Authenticator app."
70	msgstr ""
71
72	+ #: google-authenticator.php:242
73	msgid "Enable App password"
74	msgstr ""
75
76	+ #: google-authenticator.php:244
77	msgid " Enabling an App password will decrease your overall login security."
78	msgstr ""
79
80	+ #: google-authenticator.php:252
81	msgid "Create new password"
82	msgstr ""
83
84	+ #: google-authenticator.php:253
85	msgid ""
86	" Password is not stored in cleartext, this is your only chance to see it."
87	msgstr ""

readme.txt CHANGED Viewed

	@@ -3,8 +3,8 @@ Contributors: Henrik.Schack
3	Donate Link: https://www.paypal.com/cgi-bin/webscr?cmd=_donations&business=henrik%40schack%2edk&lc=US&item_name=Google%20Authenticator&item_number=Google%20Authenticator&no_shipping=0&no_note=1&tax=0&bn=PP%2dDonationsBF&charset=UTF%2d8
4	Tags: authentication,otp,password,security,login,android,iphone,blackberry
5	Requires at least: 3.1.2
6	- Tested up to: 3.2
7	- Stable tag: 0.35
8
9	Google Authenticator for your WordPress blog.
10
	@@ -56,6 +56,9 @@ If you have an Android phone, you can use an app like [ClockSync](https://market
56
57	== Changelog ==
58



59	= 0.35 =
60	* Initial WordPress app support added (XMLRPC).
61


3	Donate Link: https://www.paypal.com/cgi-bin/webscr?cmd=_donations&business=henrik%40schack%2edk&lc=US&item_name=Google%20Authenticator&item_number=Google%20Authenticator&no_shipping=0&no_note=1&tax=0&bn=PP%2dDonationsBF&charset=UTF%2d8
4	Tags: authentication,otp,password,security,login,android,iphone,blackberry
5	Requires at least: 3.1.2
6	+ Tested up to: 3.2.1
7	+ Stable tag: 0.36
8
9	Google Authenticator for your WordPress blog.
10

56
57	== Changelog ==
58
59	+ = 0.36 =
60	+ * Bugfix, now an App password can only be used for XMLRPC/APP-Request logins.
61	+
62	= 0.35 =
63	* Initial WordPress app support added (XMLRPC).
64