Version Description
Download this release
Release Info
Developer | cyberlord92 |
Plugin | Google Authenticator – WordPress Two Factor Authentication (2FA) |
Version | 5.1.7 |
Comparing to | |
See all releases |
Code changes from version 5.1.12 to 5.1.7
- class-customer-setup.php +668 -0
- class-miniorange-2-factor-login.php +321 -0
- class-miniorange-2-factor-pass2fa-login.php +1164 -0
- class-miniorange-2-factor-user-registration.php +292 -0
- class-mo2f-constants.php +406 -0
- class-rba-attributes.php +255 -0
- class-two-factor-setup.php +272 -0
- class-utility.php +458 -0
- database/database_functions.php +111 -5
- includes/css/bootstrap.min.css +7 -0
- includes/css/style_settings.css +13 -7
- miniorange_2_factor_common_login.php +852 -0
- miniorange_2_factor_configuration.php +1226 -0
- miniorange_2_factor_mobile_configuration.php +1400 -0
- miniorange_2_factor_settings.php +2411 -0
- miniorange_2_factor_support.php +74 -0
- readme.txt +846 -0
- uninstall.php +185 -0
- views/configure_authy_authenticator +2 -2
- views/configure_google_authenticator +19 -117
- views/configure_otp_over_sms +3 -3
- views/customer_registration.php +4 -4
- views/feedback_form.php +22 -20
- views/test_2fa_notification.php +37 -0
class-customer-setup.php
ADDED
@@ -0,0 +1,668 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
/** miniOrange enables user to log in through mobile authentication as an additional layer of security over password.
|
3 |
+
* Copyright (C) 2015 miniOrange
|
4 |
+
*
|
5 |
+
* This program is free software: you can redistribute it and/or modify
|
6 |
+
* it under the terms of the GNU General Public License as published by
|
7 |
+
* the Free Software Foundation, either version 3 of the License, or
|
8 |
+
* (at your option) any later version.
|
9 |
+
*
|
10 |
+
* This program is distributed in the hope that it will be useful,
|
11 |
+
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
12 |
+
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
13 |
+
* GNU General Public License for more details.
|
14 |
+
*
|
15 |
+
* You should have received a copy of the GNU General Public License
|
16 |
+
* along with this program. If not, see <http://www.gnu.org/licenses/>
|
17 |
+
* @package miniOrange OAuth
|
18 |
+
* @license http://www.gnu.org/copyleft/gpl.html GNU/GPL, see LICENSE.php
|
19 |
+
*/
|
20 |
+
|
21 |
+
/**
|
22 |
+
* This library is miniOrange Authentication Service.
|
23 |
+
* Contains Request Calls to Customer service.
|
24 |
+
**/
|
25 |
+
class Customer_Setup {
|
26 |
+
|
27 |
+
public $email;
|
28 |
+
public $phone;
|
29 |
+
public $customerKey;
|
30 |
+
public $transactionId;
|
31 |
+
|
32 |
+
function check_customer() {
|
33 |
+
if ( ! MO2f_Utility::is_curl_installed() ) {
|
34 |
+
$message = 'Please enable curl extension. <a href="admin.php?page=miniOrange_2_factor_settings&mo2f_tab=mo2f_help">Click here</a> for the steps to enable curl or check Help & Troubleshooting.';
|
35 |
+
|
36 |
+
return json_encode( array( "status" => 'ERROR', "message" => $message ) );
|
37 |
+
}
|
38 |
+
|
39 |
+
$url = get_option( 'mo2f_host_name' ) . "/moas/rest/customer/check-if-exists";
|
40 |
+
$ch = curl_init( $url );
|
41 |
+
$email = get_option( "mo2f_email" );
|
42 |
+
|
43 |
+
$fields = array(
|
44 |
+
'email' => $email,
|
45 |
+
);
|
46 |
+
$field_string = json_encode( $fields );
|
47 |
+
|
48 |
+
curl_setopt( $ch, CURLOPT_FOLLOWLOCATION, false );
|
49 |
+
curl_setopt( $ch, CURLOPT_ENCODING, "" );
|
50 |
+
curl_setopt( $ch, CURLOPT_RETURNTRANSFER, true );
|
51 |
+
curl_setopt( $ch, CURLOPT_AUTOREFERER, true );
|
52 |
+
curl_setopt( $ch, CURLOPT_SSL_VERIFYHOST, false );
|
53 |
+
|
54 |
+
curl_setopt( $ch, CURLOPT_SSL_VERIFYPEER, false ); # required for https urls
|
55 |
+
curl_setopt( $ch, CURLOPT_MAXREDIRS, 10 );
|
56 |
+
curl_setopt( $ch, CURLOPT_HTTPHEADER, array(
|
57 |
+
'Content-Type: application/json',
|
58 |
+
'charset: UTF - 8',
|
59 |
+
'Authorization: Basic'
|
60 |
+
) );
|
61 |
+
curl_setopt( $ch, CURLOPT_POST, true );
|
62 |
+
curl_setopt( $ch, CURLOPT_POSTFIELDS, $field_string );
|
63 |
+
curl_setopt( $ch, CURLOPT_CONNECTTIMEOUT, 5 );
|
64 |
+
curl_setopt( $ch, CURLOPT_TIMEOUT, 20 );
|
65 |
+
|
66 |
+
$proxy_host = get_option( 'mo2f_proxy_host' );
|
67 |
+
if ( ! empty( $proxy_host ) ) {
|
68 |
+
curl_setopt( $ch, CURLOPT_PROXY, get_option( 'mo2f_proxy_host' ) );
|
69 |
+
curl_setopt( $ch, CURLOPT_PROXYPORT, get_option( 'mo2f_port_number' ) );
|
70 |
+
curl_setopt( $ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC );
|
71 |
+
curl_setopt( $ch, CURLOPT_PROXYUSERPWD, get_option( "mo2f_proxy_username" ) . ':' . get_option( "mo2f_proxy_password" ) );
|
72 |
+
|
73 |
+
}
|
74 |
+
|
75 |
+
$content = curl_exec( $ch );
|
76 |
+
if ( curl_errno( $ch ) ) {
|
77 |
+
return null;
|
78 |
+
}
|
79 |
+
curl_close( $ch );
|
80 |
+
|
81 |
+
return $content;
|
82 |
+
}
|
83 |
+
|
84 |
+
function send_email_alert( $email, $phone, $message ) {
|
85 |
+
|
86 |
+
$url = get_option( 'mo2f_host_name' ) . '/moas/api/notify/send';
|
87 |
+
$ch = curl_init( $url );
|
88 |
+
|
89 |
+
$customerKey = "16555";
|
90 |
+
$apiKey = "fFd2XcvTGDemZvbw1bcUesNJWEqKbbUq";
|
91 |
+
|
92 |
+
$currentTimeInMillis = self::get_timestamp();
|
93 |
+
$stringToHash = $customerKey . $currentTimeInMillis . $apiKey;
|
94 |
+
$hashValue = hash( "sha512", $stringToHash );
|
95 |
+
$customerKeyHeader = "Customer-Key: " . $customerKey;
|
96 |
+
$timestampHeader = "Timestamp: " . $currentTimeInMillis;
|
97 |
+
$authorizationHeader = "Authorization: " . $hashValue;
|
98 |
+
$fromEmail = $email;
|
99 |
+
$subject = "WordPress 2FA Plugin Feedback - " . $email;
|
100 |
+
|
101 |
+
global $user;
|
102 |
+
$user = wp_get_current_user();
|
103 |
+
$is_nc_with_unlimited_users = get_option( 'mo2f_is_NC' ) && ! get_option( 'mo2f_is_NNC' );
|
104 |
+
$is_nc_with_1_user = get_option( 'mo2f_is_NC' ) && get_option( 'mo2f_is_NNC' );
|
105 |
+
$is_ec_with_1_user = ! get_option( 'mo2f_is_NC' );
|
106 |
+
|
107 |
+
|
108 |
+
$customer_feature = "";
|
109 |
+
|
110 |
+
if ( $is_ec_with_1_user ) {
|
111 |
+
$customer_feature = "V1";
|
112 |
+
} else if ( $is_nc_with_unlimited_users ) {
|
113 |
+
$customer_feature = "V2";
|
114 |
+
} else if ( $is_nc_with_1_user ) {
|
115 |
+
$customer_feature = "V3";
|
116 |
+
}
|
117 |
+
|
118 |
+
$query = '[WordPress 2 Factor Authentication Plugin: ' . $customer_feature . ' - V 5.1.7]: ' . $message;
|
119 |
+
|
120 |
+
$content = '<div >First Name :' . $user->user_firstname . '<br><br>Last Name :' . $user->user_lastname . ' <br><br>Company :<a href="' . $_SERVER['SERVER_NAME'] . '" target="_blank" >' . $_SERVER['SERVER_NAME'] . '</a><br><br>Phone Number :' . $phone . '<br><br>Email :<a href="mailto:' . $fromEmail . '" target="_blank">' . $fromEmail . '</a><br><br>Query :' . $query . '</div>';
|
121 |
+
|
122 |
+
$fields = array(
|
123 |
+
'customerKey' => $customerKey,
|
124 |
+
'sendEmail' => true,
|
125 |
+
'email' => array(
|
126 |
+
'customerKey' => $customerKey,
|
127 |
+
'fromEmail' => $fromEmail,
|
128 |
+
'bccEmail' => $fromEmail,
|
129 |
+
'fromName' => 'miniOrange',
|
130 |
+
'toEmail' => '2fasupport@miniorange.com',
|
131 |
+
'toName' => '2fasupport@miniorange.com',
|
132 |
+
'subject' => $subject,
|
133 |
+
'content' => $content
|
134 |
+
),
|
135 |
+
);
|
136 |
+
$field_string = json_encode( $fields );
|
137 |
+
|
138 |
+
curl_setopt( $ch, CURLOPT_FOLLOWLOCATION, true );
|
139 |
+
curl_setopt( $ch, CURLOPT_ENCODING, "" );
|
140 |
+
curl_setopt( $ch, CURLOPT_RETURNTRANSFER, true );
|
141 |
+
curl_setopt( $ch, CURLOPT_AUTOREFERER, true );
|
142 |
+
curl_setopt( $ch, CURLOPT_SSL_VERIFYPEER, false ); # required for https urls
|
143 |
+
|
144 |
+
curl_setopt( $ch, CURLOPT_MAXREDIRS, 10 );
|
145 |
+
curl_setopt( $ch, CURLOPT_HTTPHEADER, array(
|
146 |
+
"Content-Type: application/json",
|
147 |
+
$customerKeyHeader,
|
148 |
+
$timestampHeader,
|
149 |
+
$authorizationHeader
|
150 |
+
) );
|
151 |
+
curl_setopt( $ch, CURLOPT_POST, true );
|
152 |
+
curl_setopt( $ch, CURLOPT_POSTFIELDS, $field_string );
|
153 |
+
$content = curl_exec( $ch );
|
154 |
+
|
155 |
+
if ( curl_errno( $ch ) ) {
|
156 |
+
return json_encode( array( "status" => 'ERROR', 'statusMessage' => curl_error( $ch ) ) );
|
157 |
+
}
|
158 |
+
curl_close( $ch );
|
159 |
+
|
160 |
+
return ( $content );
|
161 |
+
|
162 |
+
}
|
163 |
+
|
164 |
+
function get_timestamp() {
|
165 |
+
$url = get_option( 'mo2f_host_name' ) . '/moas/rest/mobile/get-timestamp';
|
166 |
+
$ch = curl_init( $url );
|
167 |
+
|
168 |
+
curl_setopt( $ch, CURLOPT_FOLLOWLOCATION, true );
|
169 |
+
curl_setopt( $ch, CURLOPT_ENCODING, "" );
|
170 |
+
curl_setopt( $ch, CURLOPT_RETURNTRANSFER, true );
|
171 |
+
curl_setopt( $ch, CURLOPT_AUTOREFERER, true );
|
172 |
+
curl_setopt( $ch, CURLOPT_SSL_VERIFYPEER, false );
|
173 |
+
curl_setopt( $ch, CURLOPT_SSL_VERIFYHOST, false ); // required for https urls
|
174 |
+
|
175 |
+
curl_setopt( $ch, CURLOPT_MAXREDIRS, 10 );
|
176 |
+
|
177 |
+
curl_setopt( $ch, CURLOPT_POST, true );
|
178 |
+
|
179 |
+
if ( defined( 'WP_PROXY_HOST' ) && defined( 'WP_PROXY_PORT' ) && defined( 'WP_PROXY_USERNAME' ) && defined( 'WP_PROXY_PASSWORD' ) ) {
|
180 |
+
curl_setopt( $ch, CURLOPT_PROXY, WP_PROXY_HOST );
|
181 |
+
curl_setopt( $ch, CURLOPT_PROXYPORT, WP_PROXY_PORT );
|
182 |
+
curl_setopt( $ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC );
|
183 |
+
curl_setopt( $ch, CURLOPT_PROXYUSERPWD, WP_PROXY_USERNAME . ':' . WP_PROXY_PASSWORD );
|
184 |
+
}
|
185 |
+
|
186 |
+
$content = curl_exec( $ch );
|
187 |
+
|
188 |
+
if ( curl_errno( $ch ) ) {
|
189 |
+
echo 'Error in sending curl Request';
|
190 |
+
exit ();
|
191 |
+
}
|
192 |
+
curl_close( $ch );
|
193 |
+
|
194 |
+
if ( empty( $content ) ) {
|
195 |
+
$currentTimeInMillis = round( microtime( true ) * 1000 );
|
196 |
+
$currentTimeInMillis = number_format( $currentTimeInMillis, 0, '', '' );
|
197 |
+
}
|
198 |
+
|
199 |
+
// $currentTimeInMillis = round( microtime( true ) * 1000 );
|
200 |
+
|
201 |
+
return empty( $content ) ? $currentTimeInMillis : $content;
|
202 |
+
}
|
203 |
+
|
204 |
+
function create_customer() {
|
205 |
+
global $Mo2fdbQueries;
|
206 |
+
if ( ! MO2f_Utility::is_curl_installed() ) {
|
207 |
+
$message = 'Please enable curl extension. <a href="admin.php?page=miniOrange_2_factor_settings&mo2f_tab=mo2f_help">Click here</a> for the steps to enable curl or check Help & Troubleshooting.';
|
208 |
+
|
209 |
+
return json_encode( array( "status" => 'ERROR', "message" => $message ) );
|
210 |
+
}
|
211 |
+
|
212 |
+
$url = get_option( 'mo2f_host_name' ) . '/moas/rest/customer/add';
|
213 |
+
$ch = curl_init( $url );
|
214 |
+
global $user;
|
215 |
+
$user = wp_get_current_user();
|
216 |
+
$this->email = get_option( 'mo2f_email' );
|
217 |
+
$this->phone = $Mo2fdbQueries->get_user_detail( 'mo2f_user_phone', $user->ID );
|
218 |
+
$password = get_option( 'mo2f_password' );
|
219 |
+
$company = get_option( 'mo2f_admin_company' ) != '' ? get_option( 'mo2f_admin_company' ) : $_SERVER['SERVER_NAME'];
|
220 |
+
$firstName = get_option( 'mo2f_admin_first_name' );
|
221 |
+
$lastName = get_option( 'mo2_admin_last_name' );
|
222 |
+
|
223 |
+
$fields = array(
|
224 |
+
'companyName' => $company,
|
225 |
+
'areaOfInterest' => 'WordPress 2 Factor Authentication Plugin',
|
226 |
+
'productInterest' => 'API_2FA',
|
227 |
+
'firstname' => $firstName,
|
228 |
+
'lastname' => $lastName,
|
229 |
+
'email' => $this->email,
|
230 |
+
'phone' => $this->phone,
|
231 |
+
'password' => $password
|
232 |
+
);
|
233 |
+
$field_string = json_encode( $fields );
|
234 |
+
curl_setopt( $ch, CURLOPT_FOLLOWLOCATION, false );
|
235 |
+
curl_setopt( $ch, CURLOPT_ENCODING, "" );
|
236 |
+
curl_setopt( $ch, CURLOPT_RETURNTRANSFER, true );
|
237 |
+
curl_setopt( $ch, CURLOPT_AUTOREFERER, true );
|
238 |
+
curl_setopt( $ch, CURLOPT_SSL_VERIFYHOST, false );
|
239 |
+
|
240 |
+
curl_setopt( $ch, CURLOPT_SSL_VERIFYPEER, false ); # required for https urls
|
241 |
+
|
242 |
+
curl_setopt( $ch, CURLOPT_MAXREDIRS, 10 );
|
243 |
+
curl_setopt( $ch, CURLOPT_HTTPHEADER, array(
|
244 |
+
'Content-Type: application/json',
|
245 |
+
'charset: UTF - 8',
|
246 |
+
'Authorization: Basic'
|
247 |
+
) );
|
248 |
+
curl_setopt( $ch, CURLOPT_POST, true );
|
249 |
+
curl_setopt( $ch, CURLOPT_POSTFIELDS, $field_string );
|
250 |
+
curl_setopt( $ch, CURLOPT_CONNECTTIMEOUT, 5 );
|
251 |
+
curl_setopt( $ch, CURLOPT_TIMEOUT, 20 );
|
252 |
+
|
253 |
+
$proxy_host = get_option( 'mo2f_proxy_host' );
|
254 |
+
if ( ! empty( $proxy_host ) ) {
|
255 |
+
curl_setopt( $ch, CURLOPT_PROXY, get_option( 'mo2f_proxy_host' ) );
|
256 |
+
curl_setopt( $ch, CURLOPT_PROXYPORT, get_option( 'mo2f_port_number' ) );
|
257 |
+
curl_setopt( $ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC );
|
258 |
+
curl_setopt( $ch, CURLOPT_PROXYUSERPWD, get_option( "mo2f_proxy_username" ) . ':' . get_option( "mo2f_proxy_password" ) );
|
259 |
+
|
260 |
+
}
|
261 |
+
|
262 |
+
$content = curl_exec( $ch );
|
263 |
+
|
264 |
+
if ( curl_errno( $ch ) ) {
|
265 |
+
return null;
|
266 |
+
}
|
267 |
+
|
268 |
+
|
269 |
+
curl_close( $ch );
|
270 |
+
|
271 |
+
return $content;
|
272 |
+
}
|
273 |
+
|
274 |
+
function get_customer_key() {
|
275 |
+
if ( ! MO2f_Utility::is_curl_installed() ) {
|
276 |
+
$message = 'Please enable curl extension. <a href="admin.php?page=miniOrange_2_factor_settings&mo2f_tab=mo2f_help">Click here</a> for the steps to enable curl or check Help & Troubleshooting.';
|
277 |
+
|
278 |
+
return json_encode( array( "status" => 'ERROR', "message" => $message ) );
|
279 |
+
}
|
280 |
+
|
281 |
+
$url = get_option( 'mo2f_host_name' ) . "/moas/rest/customer/key";
|
282 |
+
$ch = curl_init( $url );
|
283 |
+
$email = get_option( "mo2f_email" );
|
284 |
+
$password = get_option( "mo2f_password" );
|
285 |
+
|
286 |
+
$fields = array(
|
287 |
+
'email' => $email,
|
288 |
+
'password' => $password
|
289 |
+
);
|
290 |
+
$field_string = json_encode( $fields );
|
291 |
+
|
292 |
+
curl_setopt( $ch, CURLOPT_FOLLOWLOCATION, false );
|
293 |
+
curl_setopt( $ch, CURLOPT_ENCODING, "" );
|
294 |
+
curl_setopt( $ch, CURLOPT_RETURNTRANSFER, true );
|
295 |
+
|
296 |
+
|
297 |
+
curl_setopt( $ch, CURLOPT_AUTOREFERER, true );
|
298 |
+
curl_setopt( $ch, CURLOPT_SSL_VERIFYHOST, false );
|
299 |
+
curl_setopt( $ch, CURLOPT_SSL_VERIFYPEER, false ); # required for https urls
|
300 |
+
|
301 |
+
curl_setopt( $ch, CURLOPT_MAXREDIRS, 10 );
|
302 |
+
curl_setopt( $ch, CURLOPT_HTTPHEADER, array(
|
303 |
+
'Content-Type: application/json',
|
304 |
+
'charset: UTF - 8',
|
305 |
+
'Authorization: Basic'
|
306 |
+
) );
|
307 |
+
curl_setopt( $ch, CURLOPT_POST, true );
|
308 |
+
curl_setopt( $ch, CURLOPT_POSTFIELDS, $field_string );
|
309 |
+
curl_setopt( $ch, CURLOPT_CONNECTTIMEOUT, 5 );
|
310 |
+
curl_setopt( $ch, CURLOPT_TIMEOUT, 20 );
|
311 |
+
|
312 |
+
$proxy_host = get_option( 'mo2f_proxy_host' );
|
313 |
+
if ( ! empty( $proxy_host ) ) {
|
314 |
+
curl_setopt( $ch, CURLOPT_PROXY, get_option( 'mo2f_proxy_host' ) );
|
315 |
+
curl_setopt( $ch, CURLOPT_PROXYPORT, get_option( 'mo2f_port_number' ) );
|
316 |
+
curl_setopt( $ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC );
|
317 |
+
curl_setopt( $ch, CURLOPT_PROXYUSERPWD, get_option( "mo2f_proxy_username" ) . ':' . get_option( "mo2f_proxy_password" ) );
|
318 |
+
|
319 |
+
}
|
320 |
+
|
321 |
+
$content = curl_exec( $ch );
|
322 |
+
if ( curl_errno( $ch ) ) {
|
323 |
+
return null;
|
324 |
+
}
|
325 |
+
curl_close( $ch );
|
326 |
+
|
327 |
+
return $content;
|
328 |
+
}
|
329 |
+
|
330 |
+
function send_otp_token( $uKey, $authType, $cKey, $apiKey ) {
|
331 |
+
if ( ! MO2f_Utility::is_curl_installed() ) {
|
332 |
+
$message = 'Please enable curl extension. <a href="admin.php?page=miniOrange_2_factor_settings&mo2f_tab=mo2f_help">Click here</a> for the steps to enable curl or check Help & Troubleshooting.';
|
333 |
+
|
334 |
+
return json_encode( array( "status" => 'ERROR', "message" => $message ) );
|
335 |
+
}
|
336 |
+
|
337 |
+
$url = get_option( 'mo2f_host_name' ) . '/moas/api/auth/challenge';
|
338 |
+
$ch = curl_init( $url );
|
339 |
+
|
340 |
+
/* The customer Key provided to you */
|
341 |
+
$customerKey = $cKey;
|
342 |
+
|
343 |
+
/* The customer API Key provided to you */
|
344 |
+
$apiKey = $apiKey;
|
345 |
+
|
346 |
+
/* Current time in milliseconds since midnight, January 1, 1970 UTC. */
|
347 |
+
$currentTimeInMillis = self::get_timestamp();
|
348 |
+
|
349 |
+
/* Creating the Hash using SHA-512 algorithm */
|
350 |
+
$stringToHash = $customerKey . $currentTimeInMillis . $apiKey;
|
351 |
+
$hashValue = hash( "sha512", $stringToHash );
|
352 |
+
|
353 |
+
$customerKeyHeader = "Customer-Key: " . $customerKey;
|
354 |
+
$timestampHeader = "Timestamp: " . $currentTimeInMillis;
|
355 |
+
$authorizationHeader = "Authorization: " . $hashValue;
|
356 |
+
|
357 |
+
|
358 |
+
$fields = '';
|
359 |
+
if ( $authType == 'EMAIL' || $authType == 'OUT OF BAND EMAIL' ) {
|
360 |
+
$fields = array(
|
361 |
+
'customerKey' => $customerKey,
|
362 |
+
'email' => $uKey,
|
363 |
+
'authType' => $authType,
|
364 |
+
'transactionName' => 'WordPress 2 Factor Authentication Plugin'
|
365 |
+
);
|
366 |
+
} else if ( $authType == 'SMS' ) {
|
367 |
+
$authType = "SMS";
|
368 |
+
$fields = array(
|
369 |
+
'customerKey' => $customerKey,
|
370 |
+
'phone' => $uKey,
|
371 |
+
'authType' => $authType
|
372 |
+
);
|
373 |
+
} else {
|
374 |
+
$fields = array(
|
375 |
+
'customerKey' => $customerKey,
|
376 |
+
'username' => $uKey,
|
377 |
+
'authType' => $authType,
|
378 |
+
'transactionName' => 'WordPress 2 Factor Authentication Plugin'
|
379 |
+
);
|
380 |
+
}
|
381 |
+
|
382 |
+
$field_string = json_encode( $fields );
|
383 |
+
|
384 |
+
curl_setopt( $ch, CURLOPT_FOLLOWLOCATION, false );
|
385 |
+
curl_setopt( $ch, CURLOPT_ENCODING, "" );
|
386 |
+
curl_setopt( $ch, CURLOPT_RETURNTRANSFER, true );
|
387 |
+
curl_setopt( $ch, CURLOPT_AUTOREFERER, true );
|
388 |
+
curl_setopt( $ch, CURLOPT_SSL_VERIFYHOST, false );
|
389 |
+
|
390 |
+
curl_setopt( $ch, CURLOPT_SSL_VERIFYPEER, false ); # required for https urls
|
391 |
+
|
392 |
+
curl_setopt( $ch, CURLOPT_MAXREDIRS, 10 );
|
393 |
+
curl_setopt( $ch, CURLOPT_HTTPHEADER, array(
|
394 |
+
"Content-Type: application/json",
|
395 |
+
$customerKeyHeader,
|
396 |
+
$timestampHeader,
|
397 |
+
$authorizationHeader
|
398 |
+
) );
|
399 |
+
curl_setopt( $ch, CURLOPT_POST, true );
|
400 |
+
curl_setopt( $ch, CURLOPT_POSTFIELDS, $field_string );
|
401 |
+
curl_setopt( $ch, CURLOPT_CONNECTTIMEOUT, 5 );
|
402 |
+
curl_setopt( $ch, CURLOPT_TIMEOUT, 20 );
|
403 |
+
|
404 |
+
$proxy_host = get_option( 'mo2f_proxy_host' );
|
405 |
+
if ( ! empty( $proxy_host ) ) {
|
406 |
+
curl_setopt( $ch, CURLOPT_PROXY, get_option( 'mo2f_proxy_host' ) );
|
407 |
+
curl_setopt( $ch, CURLOPT_PROXYPORT, get_option( 'mo2f_port_number' ) );
|
408 |
+
curl_setopt( $ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC );
|
409 |
+
curl_setopt( $ch, CURLOPT_PROXYUSERPWD, get_option( "mo2f_proxy_username" ) . ':' . get_option( "mo2f_proxy_password" ) );
|
410 |
+
|
411 |
+
}
|
412 |
+
|
413 |
+
$content = curl_exec( $ch );
|
414 |
+
if ( curl_errno( $ch ) ) {
|
415 |
+
return null;
|
416 |
+
}
|
417 |
+
curl_close( $ch );
|
418 |
+
|
419 |
+
return $content;
|
420 |
+
}
|
421 |
+
|
422 |
+
function get_customer_transactions( $cKey, $apiKey ) {
|
423 |
+
|
424 |
+
$url = get_option( 'mo2f_host_name' ) . '/moas/rest/customer/license';
|
425 |
+
$ch = curl_init( $url );
|
426 |
+
|
427 |
+
$customerKey = $cKey;
|
428 |
+
$apiKey = $apiKey;
|
429 |
+
|
430 |
+
$currentTimeInMillis = self::get_timestamp();
|
431 |
+
|
432 |
+
|
433 |
+
$stringToHash = $customerKey . $currentTimeInMillis . $apiKey;
|
434 |
+
$hashValue = hash( "sha512", $stringToHash );
|
435 |
+
|
436 |
+
$customerKeyHeader = "Customer-Key: " . $customerKey;
|
437 |
+
$timestampHeader = "Timestamp: " . $currentTimeInMillis;
|
438 |
+
$authorizationHeader = "Authorization: " . $hashValue;
|
439 |
+
|
440 |
+
|
441 |
+
$fields = '';
|
442 |
+
$fields = array(
|
443 |
+
'customerId' => $customerKey,
|
444 |
+
'applicationName' => 'wp_2fa',
|
445 |
+
'licenseType' => 'DEMO'
|
446 |
+
);
|
447 |
+
|
448 |
+
$field_string = json_encode( $fields );
|
449 |
+
|
450 |
+
curl_setopt( $ch, CURLOPT_FOLLOWLOCATION, true );
|
451 |
+
curl_setopt( $ch, CURLOPT_ENCODING, "" );
|
452 |
+
curl_setopt( $ch, CURLOPT_RETURNTRANSFER, true );
|
453 |
+
curl_setopt( $ch, CURLOPT_AUTOREFERER, true );
|
454 |
+
curl_setopt( $ch, CURLOPT_SSL_VERIFYHOST, false );
|
455 |
+
curl_setopt( $ch, CURLOPT_SSL_VERIFYPEER, false ); # required for https urls
|
456 |
+
|
457 |
+
curl_setopt( $ch, CURLOPT_MAXREDIRS, 10 );
|
458 |
+
curl_setopt( $ch, CURLOPT_HTTPHEADER, array(
|
459 |
+
"Content-Type: application/json",
|
460 |
+
$customerKeyHeader,
|
461 |
+
$timestampHeader,
|
462 |
+
$authorizationHeader
|
463 |
+
) );
|
464 |
+
curl_setopt( $ch, CURLOPT_POST, true );
|
465 |
+
curl_setopt( $ch, CURLOPT_POSTFIELDS, $field_string );
|
466 |
+
curl_setopt( $ch, CURLOPT_CONNECTTIMEOUT, 5 );
|
467 |
+
curl_setopt( $ch, CURLOPT_TIMEOUT, 20 );
|
468 |
+
|
469 |
+
|
470 |
+
/** Proxy Details **/
|
471 |
+
$proxy_host = get_option( 'mo2f_proxy_host' );
|
472 |
+
if ( ! empty( $proxy_host ) ) {
|
473 |
+
curl_setopt( $ch, CURLOPT_PROXY, get_option( 'mo2f_proxy_host' ) );
|
474 |
+
curl_setopt( $ch, CURLOPT_PROXYPORT, get_option( 'mo2f_port_number' ) );
|
475 |
+
curl_setopt( $ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC );
|
476 |
+
curl_setopt( $ch, CURLOPT_PROXYUSERPWD, get_option( "mo2f_proxy_username" ) . ':' . get_option( "mo2f_proxy_password" ) );
|
477 |
+
|
478 |
+
} else if ( defined( 'WP_PROXY_HOST' ) && defined( 'WP_PROXY_PORT' ) ) {
|
479 |
+
curl_setopt( $ch, CURLOPT_PROXYTYPE, CURLPROXY_HTTP );
|
480 |
+
curl_setopt( $ch, CURLOPT_PROXY, WP_PROXY_HOST );
|
481 |
+
curl_setopt( $ch, CURLOPT_PROXYPORT, WP_PROXY_PORT );
|
482 |
+
}
|
483 |
+
|
484 |
+
|
485 |
+
$content = curl_exec( $ch );
|
486 |
+
if ( curl_errno( $ch ) ) {
|
487 |
+
return null;
|
488 |
+
}
|
489 |
+
|
490 |
+
curl_close( $ch );
|
491 |
+
|
492 |
+
return $content;
|
493 |
+
}
|
494 |
+
|
495 |
+
function validate_otp_token( $authType, $username, $transactionId, $otpToken, $cKey, $customerApiKey ) {
|
496 |
+
if ( ! MO2f_Utility::is_curl_installed() ) {
|
497 |
+
$message = 'Please enable curl extension. <a href="admin.php?page=miniOrange_2_factor_settings&mo2f_tab=mo2f_help">Click here</a> for the steps to enable curl or check Help & Troubleshooting.';
|
498 |
+
|
499 |
+
return json_encode( array( "status" => 'ERROR', "message" => $message ) );
|
500 |
+
}
|
501 |
+
|
502 |
+
$url = get_option( 'mo2f_host_name' ) . '/moas/api/auth/validate';
|
503 |
+
$ch = curl_init( $url );
|
504 |
+
|
505 |
+
/* The customer Key provided to you */
|
506 |
+
$customerKey = $cKey;
|
507 |
+
|
508 |
+
/* The customer API Key provided to you */
|
509 |
+
$apiKey = $customerApiKey;
|
510 |
+
|
511 |
+
/* Current time in milliseconds since midnight, January 1, 1970 UTC. */
|
512 |
+
$currentTimeInMillis = self::get_timestamp();
|
513 |
+
|
514 |
+
/* Creating the Hash using SHA-512 algorithm */
|
515 |
+
$stringToHash = $customerKey . $currentTimeInMillis . $apiKey;
|
516 |
+
$hashValue = hash( "sha512", $stringToHash );
|
517 |
+
|
518 |
+
$customerKeyHeader = "Customer-Key: " . $customerKey;
|
519 |
+
$timestampHeader = "Timestamp: " . $currentTimeInMillis;
|
520 |
+
$authorizationHeader = "Authorization: " . $hashValue;
|
521 |
+
|
522 |
+
$fields = '';
|
523 |
+
if ( $authType == 'SOFT TOKEN' || $authType == 'GOOGLE AUTHENTICATOR' ) {
|
524 |
+
/*check for soft token*/
|
525 |
+
$fields = array(
|
526 |
+
'customerKey' => $customerKey,
|
527 |
+
'username' => $username,
|
528 |
+
'token' => $otpToken,
|
529 |
+
'authType' => $authType
|
530 |
+
);
|
531 |
+
} else if ( $authType == 'KBA' ) {
|
532 |
+
$fields = array(
|
533 |
+
'txId' => $transactionId,
|
534 |
+
'answers' => array(
|
535 |
+
array(
|
536 |
+
'question' => $otpToken[0],
|
537 |
+
'answer' => $otpToken[1]
|
538 |
+
),
|
539 |
+
array(
|
540 |
+
'question' => $otpToken[2],
|
541 |
+
'answer' => $otpToken[3]
|
542 |
+
)
|
543 |
+
)
|
544 |
+
);
|
545 |
+
} else {
|
546 |
+
//*check for otp over sms/email
|
547 |
+
$fields = array(
|
548 |
+
'txId' => $transactionId,
|
549 |
+
'token' => $otpToken
|
550 |
+
);
|
551 |
+
}
|
552 |
+
$field_string = json_encode( $fields );
|
553 |
+
|
554 |
+
curl_setopt( $ch, CURLOPT_FOLLOWLOCATION, false );
|
555 |
+
curl_setopt( $ch, CURLOPT_ENCODING, "" );
|
556 |
+
curl_setopt( $ch, CURLOPT_RETURNTRANSFER, true );
|
557 |
+
curl_setopt( $ch, CURLOPT_AUTOREFERER, true );
|
558 |
+
curl_setopt( $ch, CURLOPT_SSL_VERIFYHOST, false );
|
559 |
+
|
560 |
+
curl_setopt( $ch, CURLOPT_SSL_VERIFYPEER, false ); # required for https urls
|
561 |
+
|
562 |
+
curl_setopt( $ch, CURLOPT_MAXREDIRS, 10 );
|
563 |
+
curl_setopt( $ch, CURLOPT_HTTPHEADER, array(
|
564 |
+
"Content-Type: application/json",
|
565 |
+
$customerKeyHeader,
|
566 |
+
$timestampHeader,
|
567 |
+
$authorizationHeader
|
568 |
+
) );
|
569 |
+
curl_setopt( $ch, CURLOPT_POST, true );
|
570 |
+
curl_setopt( $ch, CURLOPT_POSTFIELDS, $field_string );
|
571 |
+
curl_setopt( $ch, CURLOPT_CONNECTTIMEOUT, 5 );
|
572 |
+
curl_setopt( $ch, CURLOPT_TIMEOUT, 20 );
|
573 |
+
|
574 |
+
$proxy_host = get_option( 'mo2f_proxy_host' );
|
575 |
+
if ( ! empty( $proxy_host ) ) {
|
576 |
+
curl_setopt( $ch, CURLOPT_PROXY, get_option( 'mo2f_proxy_host' ) );
|
577 |
+
curl_setopt( $ch, CURLOPT_PROXYPORT, get_option( 'mo2f_port_number' ) );
|
578 |
+
curl_setopt( $ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC );
|
579 |
+
curl_setopt( $ch, CURLOPT_PROXYUSERPWD, get_option( "mo2f_proxy_username" ) . ':' . get_option( "mo2f_proxy_password" ) );
|
580 |
+
|
581 |
+
}
|
582 |
+
|
583 |
+
$content = curl_exec( $ch );
|
584 |
+
|
585 |
+
if ( curl_errno( $ch ) ) {
|
586 |
+
return null;
|
587 |
+
}
|
588 |
+
curl_close( $ch );
|
589 |
+
|
590 |
+
return $content;
|
591 |
+
}
|
592 |
+
|
593 |
+
function submit_contact_us( $q_email, $q_phone, $query ) {
|
594 |
+
if ( ! MO2f_Utility::is_curl_installed() ) {
|
595 |
+
$message = 'Please enable curl extension. <a href="admin.php?page=miniOrange_2_factor_settings&mo2f_tab=mo2f_help">Click here</a> for the steps to enable curl or check Help & Troubleshooting.';
|
596 |
+
|
597 |
+
return json_encode( array( "status" => 'ERROR', "message" => $message ) );
|
598 |
+
}
|
599 |
+
|
600 |
+
$url = get_option( 'mo2f_host_name' ) . "/moas/rest/customer/contact-us";
|
601 |
+
$ch = curl_init( $url );
|
602 |
+
global $user;
|
603 |
+
$user = wp_get_current_user();
|
604 |
+
$is_nc_with_unlimited_users = get_option( 'mo2f_is_NC' ) && ! get_option( 'mo2f_is_NNC' );
|
605 |
+
$is_nc_with_1_user = get_option( 'mo2f_is_NC' ) && get_option( 'mo2f_is_NNC' );
|
606 |
+
$is_ec_with_1_user = ! get_option( 'mo2f_is_NC' );
|
607 |
+
|
608 |
+
|
609 |
+
$customer_feature = "";
|
610 |
+
|
611 |
+
if ( $is_ec_with_1_user ) {
|
612 |
+
$customer_feature = "V1";
|
613 |
+
} else if ( $is_nc_with_unlimited_users ) {
|
614 |
+
$customer_feature = "V2";
|
615 |
+
} else if ( $is_nc_with_1_user ) {
|
616 |
+
$customer_feature = "V3";
|
617 |
+
}
|
618 |
+
|
619 |
+
$query = '[WordPress 2 Factor Authentication Plugin: ' . $customer_feature . ' - V 5.1.7]: ' . $query;
|
620 |
+
$fields = array(
|
621 |
+
'firstName' => $user->user_firstname,
|
622 |
+
'lastName' => $user->user_lastname,
|
623 |
+
'company' => $_SERVER['SERVER_NAME'],
|
624 |
+
'email' => $q_email,
|
625 |
+
'phone' => $q_phone,
|
626 |
+
'query' => $query
|
627 |
+
);
|
628 |
+
$field_string = json_encode( $fields );
|
629 |
+
|
630 |
+
curl_setopt( $ch, CURLOPT_FOLLOWLOCATION, false );
|
631 |
+
curl_setopt( $ch, CURLOPT_ENCODING, "" );
|
632 |
+
curl_setopt( $ch, CURLOPT_RETURNTRANSFER, true );
|
633 |
+
curl_setopt( $ch, CURLOPT_AUTOREFERER, true );
|
634 |
+
curl_setopt( $ch, CURLOPT_SSL_VERIFYHOST, false );
|
635 |
+
|
636 |
+
curl_setopt( $ch, CURLOPT_SSL_VERIFYPEER, false ); # required for https urls
|
637 |
+
|
638 |
+
curl_setopt( $ch, CURLOPT_MAXREDIRS, 10 );
|
639 |
+
curl_setopt( $ch, CURLOPT_HTTPHEADER, array(
|
640 |
+
'Content-Type: application/json',
|
641 |
+
'charset: UTF-8',
|
642 |
+
'Authorization: Basic'
|
643 |
+
) );
|
644 |
+
curl_setopt( $ch, CURLOPT_POST, true );
|
645 |
+
curl_setopt( $ch, CURLOPT_POSTFIELDS, $field_string );
|
646 |
+
curl_setopt( $ch, CURLOPT_CONNECTTIMEOUT, 5 );
|
647 |
+
curl_setopt( $ch, CURLOPT_TIMEOUT, 20 );
|
648 |
+
|
649 |
+
$proxy_host = get_option( 'mo2f_proxy_host' );
|
650 |
+
if ( ! empty( $proxy_host ) ) {
|
651 |
+
curl_setopt( $ch, CURLOPT_PROXY, get_option( 'mo2f_proxy_host' ) );
|
652 |
+
curl_setopt( $ch, CURLOPT_PROXYPORT, get_option( 'mo2f_port_number' ) );
|
653 |
+
curl_setopt( $ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC );
|
654 |
+
curl_setopt( $ch, CURLOPT_PROXYUSERPWD, get_option( "mo2f_proxy_username" ) . ':' . get_option( "mo2f_proxy_password" ) );
|
655 |
+
|
656 |
+
}
|
657 |
+
|
658 |
+
$content = curl_exec( $ch );
|
659 |
+
|
660 |
+
if ( curl_errno( $ch ) ) {
|
661 |
+
return null;
|
662 |
+
}
|
663 |
+
curl_close( $ch );
|
664 |
+
|
665 |
+
return true;
|
666 |
+
}
|
667 |
+
|
668 |
+
} ?>
|
class-miniorange-2-factor-login.php
ADDED
@@ -0,0 +1,321 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?Php
|
2 |
+
/** miniOrange enables user to log in through mobile authentication as an additional layer of security over password.
|
3 |
+
* Copyright (C) 2015 miniOrange
|
4 |
+
*
|
5 |
+
* This program is free software: you can redistribute it and/or modify
|
6 |
+
* it under the terms of the GNU General Public License as published by
|
7 |
+
* the Free Software Foundation, either version 3 of the License, or
|
8 |
+
* (at your option) any later version.
|
9 |
+
*
|
10 |
+
* This program is distributed in the hope that it will be useful,
|
11 |
+
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
12 |
+
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
13 |
+
* GNU General Public License for more details.
|
14 |
+
*
|
15 |
+
* You should have received a copy of the GNU General Public License
|
16 |
+
* along with this program. If not, see <http://www.gnu.org/licenses/>
|
17 |
+
* @package miniOrange OAuth
|
18 |
+
* @license http://www.gnu.org/copyleft/gpl.html GNU/GPL, see LICENSE.php
|
19 |
+
*/
|
20 |
+
/**
|
21 |
+
* This library is miniOrange Authentication Service.
|
22 |
+
* Contains Request Calls to Customer service.
|
23 |
+
**/
|
24 |
+
include_once dirname( __FILE__ ) . '/miniorange_2_factor_common_login.php';
|
25 |
+
|
26 |
+
|
27 |
+
class Miniorange_Mobile_Login {
|
28 |
+
|
29 |
+
function mo2fa_default_login( $user, $username, $password ) {
|
30 |
+
global $Mo2fdbQueries;
|
31 |
+
|
32 |
+
$currentuser = wp_authenticate_username_password( $user, $username, $password );
|
33 |
+
if ( is_wp_error( $currentuser ) ) {
|
34 |
+
return $currentuser;
|
35 |
+
} else {
|
36 |
+
$this->miniorange_login_start_session();
|
37 |
+
|
38 |
+
$pass2fa_login_session = new Miniorange_Password_2Factor_Login();
|
39 |
+
$session_id=$pass2fa_login_session->create_session();
|
40 |
+
|
41 |
+
$current_roles = miniorange_get_user_role( $currentuser );
|
42 |
+
|
43 |
+
$enabled = miniorange_check_if_2fa_enabled_for_roles( $current_roles );
|
44 |
+
$redirect_to = isset( $_REQUEST['redirect_to'] ) ? $_REQUEST['redirect_to'] : null;
|
45 |
+
|
46 |
+
if ( $enabled ) {
|
47 |
+
|
48 |
+
$mo2f_user_email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $currentuser->ID );
|
49 |
+
$mo2f_user_registration_status = $Mo2fdbQueries->get_user_detail( 'mo_2factor_user_registration_status', $currentuser->ID );
|
50 |
+
|
51 |
+
if ( $mo2f_user_email && $mo2f_user_registration_status == 'MO_2_FACTOR_PLUGIN_SETTINGS' ) { //checking if user has configured any 2nd factor method
|
52 |
+
MO2f_Utility::set_user_values( $session_id, "mo2f_login_message", '<strong>ERROR</strong>: Login with password is disabled for you. Please Login using your phone.' );
|
53 |
+
$this->mo_auth_show_error_message();
|
54 |
+
$this->mo2f_redirectto_wp_login();
|
55 |
+
$error = new WP_Error();
|
56 |
+
|
57 |
+
return $error;
|
58 |
+
} else { //if user has not configured any 2nd factor method then logged him in without asking 2nd factor
|
59 |
+
|
60 |
+
$this->mo2f_verify_and_authenticate_userlogin( $currentuser, $redirect_to,$session_id );
|
61 |
+
}
|
62 |
+
} else { //plugin is not activated for non-admin then logged him in
|
63 |
+
|
64 |
+
|
65 |
+
$this->mo2f_verify_and_authenticate_userlogin( $currentuser, $redirect_to,$session_id );
|
66 |
+
|
67 |
+
}
|
68 |
+
}
|
69 |
+
}
|
70 |
+
|
71 |
+
public function miniorange_login_start_session() {
|
72 |
+
if ( ! session_id() || session_id() == '' || ! isset( $_SESSION ) ) {
|
73 |
+
session_start();
|
74 |
+
}
|
75 |
+
}
|
76 |
+
|
77 |
+
function mo_auth_show_error_message() {
|
78 |
+
remove_filter( 'login_message', array( $this, 'mo_auth_success_message' ) );
|
79 |
+
add_filter( 'login_message', array( $this, 'mo_auth_error_message' ) );
|
80 |
+
|
81 |
+
}
|
82 |
+
|
83 |
+
|
84 |
+
|
85 |
+
function mo2f_redirectto_wp_login() {
|
86 |
+
global $Mo2fdbQueries;
|
87 |
+
$pass2fa_login_session = new Miniorange_Password_2Factor_Login();
|
88 |
+
$session_id=$pass2fa_login_session->create_session();
|
89 |
+
remove_action( 'login_enqueue_scripts', array( $this, 'mo_2_factor_hide_login' ) );
|
90 |
+
add_action( 'login_dequeue_scripts', array( $this, 'mo_2_factor_show_login' ) );
|
91 |
+
if ( get_option( 'mo2f_enable_login_with_2nd_factor' ) ) {
|
92 |
+
MO2f_Utility::set_user_values( $session_id, "mo_2factor_login_status", 'MO_2_FACTOR_LOGIN_WHEN_PHONELOGIN_ENABLED' );
|
93 |
+
} else {
|
94 |
+
MO2f_Utility::set_user_values( $session_id, "mo_2factor_login_status", 'MO_2_FACTOR_SHOW_USERPASS_LOGIN_FORM' );
|
95 |
+
}
|
96 |
+
}
|
97 |
+
|
98 |
+
function mo2f_verify_and_authenticate_userlogin( $user, $redirect_to = null, $session_id=null ) {
|
99 |
+
|
100 |
+
$user_id = $user->ID;
|
101 |
+
wp_set_current_user( $user_id, $user->user_login );
|
102 |
+
$this->remove_current_activity($session_id);
|
103 |
+
wp_set_auth_cookie( $user_id, true );
|
104 |
+
do_action( 'wp_login', $user->user_login, $user );
|
105 |
+
redirect_user_to( $user, $redirect_to );
|
106 |
+
exit;
|
107 |
+
|
108 |
+
}
|
109 |
+
|
110 |
+
function remove_current_activity($session_id) {
|
111 |
+
$session_variables = array(
|
112 |
+
'mo2f_current_user_id',
|
113 |
+
'mo2f_1stfactor_status',
|
114 |
+
'mo_2factor_login_status',
|
115 |
+
'mo2f-login-qrCode',
|
116 |
+
'mo2f_transactionId',
|
117 |
+
'mo2f_login_message',
|
118 |
+
'mo2f_rba_status',
|
119 |
+
'mo_2_factor_kba_questions',
|
120 |
+
'mo2f_show_qr_code',
|
121 |
+
'mo2f_google_auth',
|
122 |
+
'mo2f_authy_keys'
|
123 |
+
);
|
124 |
+
|
125 |
+
$cookie_variables = array(
|
126 |
+
'mo2f_current_user_id',
|
127 |
+
'mo2f_1stfactor_status',
|
128 |
+
'mo_2factor_login_status',
|
129 |
+
'mo2f-login-qrCode',
|
130 |
+
'mo2f_transactionId',
|
131 |
+
'mo2f_login_message',
|
132 |
+
'mo2f_rba_status_status',
|
133 |
+
'mo2f_rba_status_sessionUuid',
|
134 |
+
'mo2f_rba_status_decision_flag',
|
135 |
+
'kba_question1',
|
136 |
+
'kba_question2',
|
137 |
+
'mo2f_show_qr_code',
|
138 |
+
'mo2f_google_auth',
|
139 |
+
'mo2f_authy_keys'
|
140 |
+
);
|
141 |
+
|
142 |
+
$temp_table_variables = array(
|
143 |
+
'session_id',
|
144 |
+
'mo2f_current_user_id',
|
145 |
+
'mo2f_login_message',
|
146 |
+
'mo2f_1stfactor_status',
|
147 |
+
'mo2f_transactionId',
|
148 |
+
'mo_2_factor_kba_questions',
|
149 |
+
'mo2f_rba_status',
|
150 |
+
'ts_created'
|
151 |
+
);
|
152 |
+
|
153 |
+
MO2f_Utility::unset_session_variables( $session_variables );
|
154 |
+
MO2f_Utility::unset_cookie_variables( $cookie_variables );
|
155 |
+
MO2f_Utility::unset_temp_user_details_in_table( $temp_table_variables, $session_id, "destroy" );
|
156 |
+
}
|
157 |
+
|
158 |
+
function custom_login_enqueue_scripts() {
|
159 |
+
wp_enqueue_script( 'jquery' );
|
160 |
+
wp_enqueue_script( 'bootstrap_script', plugins_url( 'includes/js/bootstrap.min.js', __FILE__ ) );
|
161 |
+
}
|
162 |
+
|
163 |
+
function mo_2_factor_hide_login() {
|
164 |
+
wp_register_style( 'hide-login', plugins_url( 'includes/css/hide-login.css?version=5.1.7', __FILE__ ) );
|
165 |
+
wp_register_style( 'bootstrap', plugins_url( 'includes/css/bootstrap.min.css?version=5.1.7', __FILE__ ) );
|
166 |
+
|
167 |
+
wp_enqueue_style( 'hide-login' );
|
168 |
+
wp_enqueue_style( 'bootstrap' );
|
169 |
+
|
170 |
+
}
|
171 |
+
|
172 |
+
function mo_auth_success_message() {
|
173 |
+
$message = $_SESSION['mo2f_login_message'];
|
174 |
+
//if the php session folder has insufficient permissions, cookies to be used
|
175 |
+
$message = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_login_message' );
|
176 |
+
|
177 |
+
return "<div> <p class='message'>" . $message . "</p></div>";
|
178 |
+
}
|
179 |
+
|
180 |
+
function mo_auth_error_message() {
|
181 |
+
$id = "login_error1";
|
182 |
+
$message = $_SESSION['mo2f_login_message'];
|
183 |
+
|
184 |
+
//if the php session folder has insufficient permissions, cookies to be used
|
185 |
+
$message = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_login_message' );
|
186 |
+
|
187 |
+
return "<div id='" . $id . "'> <p>" . $message . "</p></div>";
|
188 |
+
}
|
189 |
+
|
190 |
+
function mo_auth_show_success_message() {
|
191 |
+
remove_filter( 'login_message', array( $this, 'mo_auth_error_message' ) );
|
192 |
+
add_filter( 'login_message', array( $this, 'mo_auth_success_message' ) );
|
193 |
+
}
|
194 |
+
|
195 |
+
function miniorange_login_form_fields( $mo2fa_login_status = null, $mo2fa_login_message = null ) {
|
196 |
+
|
197 |
+
if ( get_option( 'mo2f_enable_login_with_2nd_factor' ) ) { //login with phone overwrite default login form
|
198 |
+
|
199 |
+
//if the php session folder has insufficient permissions, cookies to be used
|
200 |
+
$login_status_phone_enable = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo_2factor_login_status' );
|
201 |
+
|
202 |
+
if ( $login_status_phone_enable == 'MO_2_FACTOR_LOGIN_WHEN_PHONELOGIN_ENABLED' && isset( $_POST['miniorange_login_nonce'] ) && wp_verify_nonce( $_POST['miniorange_login_nonce'], 'miniorange-2-factor-login-nonce' ) ) {
|
203 |
+
|
204 |
+
|
205 |
+
$this->mo_2_factor_show_login_with_password_when_phonelogin_enabled();
|
206 |
+
$this->mo_2_factor_show_wp_login_form_when_phonelogin_enabled();
|
207 |
+
$user = isset( $_SESSION['mo2f_current_user'] ) ? unserialize( $_SESSION['mo2f_current_user'] ) : null;
|
208 |
+
$mo2f_user_login = is_null( $user ) ? null : $user->user_login;
|
209 |
+
?>
|
210 |
+
<script>
|
211 |
+
jQuery('#user_login').val(<?php echo "'" . $mo2f_user_login . "'"; ?>);
|
212 |
+
</script><?php
|
213 |
+
} else {
|
214 |
+
$this->mo_2_factor_show_login();
|
215 |
+
$this->mo_2_factor_show_wp_login_form();
|
216 |
+
}
|
217 |
+
|
218 |
+
} else { //Login with phone is alogin with default login form
|
219 |
+
|
220 |
+
$this->mo_2_factor_show_login();
|
221 |
+
$this->mo_2_factor_show_wp_login_form();
|
222 |
+
}
|
223 |
+
|
224 |
+
}
|
225 |
+
|
226 |
+
function mo_2_factor_show_login_with_password_when_phonelogin_enabled() {
|
227 |
+
wp_register_style( 'show-login', plugins_url( 'includes/css/show-login.css?version=5.1.7', __FILE__ ) );
|
228 |
+
wp_enqueue_style( 'show-login' );
|
229 |
+
}
|
230 |
+
|
231 |
+
|
232 |
+
// login form fields
|
233 |
+
|
234 |
+
function mo_2_factor_show_wp_login_form_when_phonelogin_enabled() {
|
235 |
+
?>
|
236 |
+
<script>
|
237 |
+
var content = ' <a href="javascript:void(0)" id="backto_mo" onClick="mo2fa_backtomologin()" style="float:right">← Back</a>';
|
238 |
+
jQuery('#login').append(content);
|
239 |
+
|
240 |
+
function mo2fa_backtomologin() {
|
241 |
+
jQuery('#mo2f_backto_mo_loginform').submit();
|
242 |
+
}
|
243 |
+
</script>
|
244 |
+
<?php
|
245 |
+
}
|
246 |
+
|
247 |
+
function mo_2_factor_show_login() {
|
248 |
+
if ( get_option( 'mo2f_enable_login_with_2nd_factor' ) ) {
|
249 |
+
wp_register_style( 'show-login', plugins_url( 'includes/css/hide-login-form.css?version=5.1.7', __FILE__ ) );
|
250 |
+
} else {
|
251 |
+
wp_register_style( 'show-login', plugins_url( 'includes/css/show-login.css?version=5.1.7', __FILE__ ) );
|
252 |
+
}
|
253 |
+
wp_enqueue_style( 'show-login' );
|
254 |
+
}
|
255 |
+
|
256 |
+
function mo_2_factor_show_wp_login_form() {
|
257 |
+
$mo2f_enable_login_with_2nd_factor = get_option( 'mo2f_enable_login_with_2nd_factor' );
|
258 |
+
?>
|
259 |
+
<div class="mo2f-login-container">
|
260 |
+
<?php if ( ! $mo2f_enable_login_with_2nd_factor ) { ?>
|
261 |
+
<div style="position: relative" class="or-container">
|
262 |
+
<div class="login_with_2factor_inner_div"></div>
|
263 |
+
<h2 class="login_with_2factor_h2"><?php echo mo2f_lt( 'or' ); ?></h2>
|
264 |
+
</div>
|
265 |
+
<?php } ?>
|
266 |
+
<div class="mo2f-button-container" id="mo2f_button_container">
|
267 |
+
<input type="text" name="mo2fa_usernamekey" id="mo2fa_usernamekey" autofocus="true"
|
268 |
+
placeholder="<?php echo mo2f_lt( 'Username' ); ?>"/>
|
269 |
+
<p>
|
270 |
+
<input type="button" name="miniorange_login_submit" style="width:100% !important;"
|
271 |
+
onclick="mouserloginsubmit();" id="miniorange_login_submit"
|
272 |
+
class="miniorange-button button-add"
|
273 |
+
value="<?php echo mo2f_lt( 'Login with 2nd factor' ); ?>"/>
|
274 |
+
</p>
|
275 |
+
<?php if ( ! $mo2f_enable_login_with_2nd_factor ) { ?><br><br><?php } ?>
|
276 |
+
</div>
|
277 |
+
</div>
|
278 |
+
|
279 |
+
<script>
|
280 |
+
jQuery(window).scrollTop(jQuery('#mo2f_button_container').offset().top);
|
281 |
+
|
282 |
+
function mouserloginsubmit() {
|
283 |
+
var username = jQuery('#mo2fa_usernamekey').val();
|
284 |
+
document.getElementById("mo2f_show_qrcode_loginform").elements[0].value = username;
|
285 |
+
jQuery('#mo2f_show_qrcode_loginform').submit();
|
286 |
+
|
287 |
+
}
|
288 |
+
|
289 |
+
jQuery('#mo2fa_usernamekey').keypress(function (e) {
|
290 |
+
if (e.which == 13) {//Enter key pressed
|
291 |
+
e.preventDefault();
|
292 |
+
var username = jQuery('#mo2fa_usernamekey').val();
|
293 |
+
document.getElementById("mo2f_show_qrcode_loginform").elements[0].value = username;
|
294 |
+
jQuery('#mo2f_show_qrcode_loginform').submit();
|
295 |
+
}
|
296 |
+
|
297 |
+
});
|
298 |
+
</script>
|
299 |
+
<?php
|
300 |
+
}
|
301 |
+
|
302 |
+
function miniorange_login_footer_form() {
|
303 |
+
|
304 |
+
?>
|
305 |
+
<input type="hidden" name="miniorange_login_nonce"
|
306 |
+
value="<?php echo wp_create_nonce( 'miniorange-2-factor-login-nonce' ); ?>"/>
|
307 |
+
<form name="f" id="mo2f_backto_mo_loginform" method="post" action="<?php echo wp_login_url(); ?>" hidden>
|
308 |
+
<input type="hidden" name="miniorange_mobile_validation_failed_nonce"
|
309 |
+
value="<?php echo wp_create_nonce( 'miniorange-2-factor-mobile-validation-failed-nonce' ); ?>"/>
|
310 |
+
</form>
|
311 |
+
<form name="f" id="mo2f_show_qrcode_loginform" method="post" action="" hidden>
|
312 |
+
<input type="text" name="mo2fa_username" id="mo2fa_username" hidden/>
|
313 |
+
<input type="hidden" name="miniorange_login_nonce"
|
314 |
+
value="<?php echo wp_create_nonce( 'miniorange-2-factor-login-nonce' ); ?>"/>
|
315 |
+
</form>
|
316 |
+
<?php
|
317 |
+
|
318 |
+
}
|
319 |
+
}
|
320 |
+
|
321 |
+
?>
|
class-miniorange-2-factor-pass2fa-login.php
ADDED
@@ -0,0 +1,1164 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?Php
|
2 |
+
/** miniOrange enables user to log in through mobile authentication as an additional layer of security over password.
|
3 |
+
* Copyright (C) 2015 miniOrange
|
4 |
+
*
|
5 |
+
* This program is free software: you can redistribute it and/or modify
|
6 |
+
* it under the terms of the GNU General Public License as published by
|
7 |
+
* the Free Software Foundation, either version 3 of the License, or
|
8 |
+
* (at your option) any later version.
|
9 |
+
*
|
10 |
+
* This program is distributed in the hope that it will be useful,
|
11 |
+
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
12 |
+
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
13 |
+
* GNU General Public License for more details.
|
14 |
+
*
|
15 |
+
* You should have received a copy of the GNU General Public License
|
16 |
+
* along with this program. If not, see <http://www.gnu.org/licenses/>
|
17 |
+
* @package miniOrange OAuth
|
18 |
+
* @license http://www.gnu.org/copyleft/gpl.html GNU/GPL, see LICENSE.php
|
19 |
+
*/
|
20 |
+
/**
|
21 |
+
* This library is miniOrange Authentication Service.
|
22 |
+
* Contains Request Calls to Customer service.
|
23 |
+
**/
|
24 |
+
include_once dirname( __FILE__ ) . '/miniorange_2_factor_common_login.php';
|
25 |
+
include_once dirname( __FILE__ ) . '/class-rba-attributes.php';
|
26 |
+
|
27 |
+
|
28 |
+
class Miniorange_Password_2Factor_Login {
|
29 |
+
|
30 |
+
public function miniorange_pass2login_redirect() {
|
31 |
+
|
32 |
+
global $Mo2fdbQueries;
|
33 |
+
|
34 |
+
if ( ! get_option( 'mo2f_login_option' ) ) {
|
35 |
+
|
36 |
+
if ( isset( $_POST['miniorange_login_nonce'] ) ) {
|
37 |
+
$nonce = $_POST['miniorange_login_nonce'];
|
38 |
+
$session_id = $this->create_session();
|
39 |
+
|
40 |
+
if ( ! wp_verify_nonce( $nonce, 'miniorange-2-factor-login-nonce' ) ) {
|
41 |
+
|
42 |
+
$this->remove_current_activity($session_id);
|
43 |
+
$error = new WP_Error();
|
44 |
+
$error->add( 'empty_username', '<strong>' . mo2f_lt( 'ERROR' ) . '</strong>: ' . mo2f_lt( 'Invalid Request.' ) );
|
45 |
+
|
46 |
+
return $error;
|
47 |
+
} else {
|
48 |
+
|
49 |
+
$this->miniorange_pass2login_start_session();
|
50 |
+
|
51 |
+
$mobile_login = new Miniorange_Mobile_Login();
|
52 |
+
//validation and sanitization
|
53 |
+
$username = '';
|
54 |
+
if ( MO2f_Utility::mo2f_check_empty_or_null( $_POST['mo2fa_username'] ) ) {
|
55 |
+
|
56 |
+
MO2f_Utility::set_user_values($session_id, 'mo2f_login_message', 'Please enter username to proceed' );
|
57 |
+
$mobile_login->mo_auth_show_error_message();
|
58 |
+
return;
|
59 |
+
} else {
|
60 |
+
$username = sanitize_text_field( $_POST['mo2fa_username'] );
|
61 |
+
}
|
62 |
+
|
63 |
+
|
64 |
+
if ( username_exists( $username ) ) { /*if username exists in wp site */
|
65 |
+
$user = new WP_User( $username );
|
66 |
+
|
67 |
+
$redirect_to = isset( $_REQUEST['redirect_to'] ) ? $_REQUEST['redirect_to'] : null;
|
68 |
+
|
69 |
+
MO2f_Utility::set_user_values($session_id, 'mo2f_current_user_id', $user->ID );
|
70 |
+
MO2f_Utility::set_user_values($session_id, 'mo2f_1stfactor_status', 'VALIDATE_SUCCESS' );
|
71 |
+
|
72 |
+
$current_roles = miniorange_get_user_role( $user );
|
73 |
+
$enabled = miniorange_check_if_2fa_enabled_for_roles( $current_roles );
|
74 |
+
$email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $user->ID );
|
75 |
+
$mo_2factor_user_registration_status = $Mo2fdbQueries->get_user_detail( 'mo_2factor_user_registration_status', $user->ID );
|
76 |
+
$kba_configuration_status = $Mo2fdbQueries->get_user_detail( 'mo2f_SecurityQuestions_config_status', $user->ID );
|
77 |
+
if ( $enabled ) {
|
78 |
+
if ( $email && $mo_2factor_user_registration_status == 'MO_2_FACTOR_PLUGIN_SETTINGS' ) {
|
79 |
+
if ( MO2f_Utility::check_if_request_is_from_mobile_device( $_SERVER['HTTP_USER_AGENT'] ) && $kba_configuration_status ) {
|
80 |
+
$this->mo2f_pass2login_kba_verification( $user->ID, $redirect_to, $session_id );
|
81 |
+
|
82 |
+
} else {
|
83 |
+
$mo2f_second_factor = mo2f_get_user_2ndfactor( $user );
|
84 |
+
if ( $mo2f_second_factor == 'MOBILE AUTHENTICATION' ) {
|
85 |
+
$this->mo2f_pass2login_mobile_verification( $user, $redirect_to, $session_id );
|
86 |
+
} else if ( $mo2f_second_factor == 'PUSH NOTIFICATIONS' || $mo2f_second_factor == 'OUT OF BAND EMAIL' ) {
|
87 |
+
$this->mo2f_pass2login_push_oobemail_verification( $user, $mo2f_second_factor, $redirect_to, $session_id );
|
88 |
+
} else if ( $mo2f_second_factor == 'SOFT TOKEN' || $mo2f_second_factor == 'SMS' || $mo2f_second_factor == 'PHONE VERIFICATION' || $mo2f_second_factor == 'GOOGLE AUTHENTICATOR' ) {
|
89 |
+
|
90 |
+
$this->mo2f_pass2login_otp_verification( $user, $mo2f_second_factor, $redirect_to, $session_id );
|
91 |
+
|
92 |
+
} else if ( $mo2f_second_factor == 'KBA' ) {
|
93 |
+
|
94 |
+
$this->mo2f_pass2login_kba_verification( $user->ID, $redirect_to, $session_id );
|
95 |
+
} else {
|
96 |
+
$this->remove_current_activity($session_id);
|
97 |
+
MO2f_Utility::set_user_values($session_id, 'mo2f_login_message', 'Please try again or contact your admin.' );
|
98 |
+
$mobile_login->mo_auth_show_success_message();
|
99 |
+
}
|
100 |
+
}
|
101 |
+
} else {
|
102 |
+
|
103 |
+
MO2f_Utility::set_user_values($session_id, 'mo2f_login_message', 'Please login into your account using password.' );
|
104 |
+
$mobile_login->mo_auth_show_success_message();
|
105 |
+
$mobile_login->mo2f_redirectto_wp_login();
|
106 |
+
}
|
107 |
+
} else {
|
108 |
+
MO2f_Utility::set_user_values( $session_id, "mo2f_login_message", 'Please login into your account using password.' );
|
109 |
+
$mobile_login->mo_auth_show_success_message();
|
110 |
+
$mobile_login->mo2f_redirectto_wp_login();
|
111 |
+
}
|
112 |
+
} else {
|
113 |
+
$mobile_login->remove_current_activity($session_id);
|
114 |
+
MO2f_Utility::set_user_values( $session_id, "mo2f_login_message", 'Invalid Username.' );
|
115 |
+
$mobile_login->mo_auth_show_error_message();
|
116 |
+
}
|
117 |
+
}
|
118 |
+
}
|
119 |
+
|
120 |
+
}
|
121 |
+
|
122 |
+
if ( isset( $_POST['mo2f_trust_device_confirm_nonce'] ) ) { /*register device as rba profile */
|
123 |
+
$nonce = $_POST['mo2f_trust_device_confirm_nonce'];
|
124 |
+
if ( ! wp_verify_nonce( $nonce, 'miniorange-2-factor-trust-device-confirm-nonce' ) ) {
|
125 |
+
$session_id_encrypt = isset( $_POST['session_id'] ) ? $_POST['session_id'] : null;
|
126 |
+
$this->remove_current_activity($session_id_encrypt);
|
127 |
+
$error = new WP_Error();
|
128 |
+
$error->add( 'empty_username', '<strong>' . mo2f_lt( 'ERROR ' ) . '</strong>:' . mo2f_lt( 'Invalid Request.' ) );
|
129 |
+
|
130 |
+
return $error;
|
131 |
+
} else {
|
132 |
+
$this->miniorange_pass2login_start_session();
|
133 |
+
$session_id_encrypt = isset( $_POST['session_id'] ) ? $_POST['session_id'] : null;
|
134 |
+
try {
|
135 |
+
|
136 |
+
$user_id = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_current_user_id', $session_id_encrypt );
|
137 |
+
$email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $user_id );
|
138 |
+
|
139 |
+
$mo2f_rba_status = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_rba_status',$session_id_encrypt );
|
140 |
+
|
141 |
+
|
142 |
+
mo2f_register_profile( $email, 'true', $mo2f_rba_status );
|
143 |
+
} catch ( Exception $e ) {
|
144 |
+
echo $e->getMessage();
|
145 |
+
}
|
146 |
+
$redirect_to = isset( $_POST['redirect_to'] ) ? $_POST['redirect_to'] : null;
|
147 |
+
|
148 |
+
$this->mo2fa_pass2login( $redirect_to, $session_id_encrypt );
|
149 |
+
}
|
150 |
+
}
|
151 |
+
|
152 |
+
if ( isset( $_POST['mo2f_trust_device_cancel_nonce'] ) ) { /*do not register device as rba profile */
|
153 |
+
$nonce = $_POST['mo2f_trust_device_cancel_nonce'];
|
154 |
+
if ( ! wp_verify_nonce( $nonce, 'miniorange-2-factor-trust-device-cancel-nonce' ) ) {
|
155 |
+
$error = new WP_Error();
|
156 |
+
$error->add( 'empty_username', '<strong>' . mo2f_lt( 'ERROR' ) . '</strong>: ' . mo2f_lt( 'Invalid Request.' ) );
|
157 |
+
|
158 |
+
return $error;
|
159 |
+
} else {
|
160 |
+
$this->miniorange_pass2login_start_session();
|
161 |
+
$session_id_encrypt = isset( $_POST['session_id'] ) ? $_POST['session_id'] : null;
|
162 |
+
$redirect_to = isset( $_POST['redirect_to'] ) ? $_POST['redirect_to'] : null;
|
163 |
+
$this->mo2fa_pass2login( $redirect_to, $session_id_encrypt );
|
164 |
+
}
|
165 |
+
}
|
166 |
+
|
167 |
+
if ( isset( $_POST['miniorange_challenge_forgotphone_nonce'] ) ) { /*check kba validation*/
|
168 |
+
$nonce = $_POST['miniorange_challenge_forgotphone_nonce'];
|
169 |
+
if ( ! wp_verify_nonce( $nonce, 'miniorange-2-factor-challenge-forgotphone-nonce' ) ) {
|
170 |
+
$error = new WP_Error();
|
171 |
+
$error->add( 'empty_username', '<strong>' . __( 'ERROR' ) . '</strong>:' . __( 'Invalid Request.' ) );
|
172 |
+
|
173 |
+
return $error;
|
174 |
+
} else {
|
175 |
+
$this->miniorange_pass2login_start_session();
|
176 |
+
$session_id_encrypt = isset( $_POST['session_id'] ) ? $_POST['session_id'] : null;
|
177 |
+
$forgot_phone_enable = get_option( 'mo2f_enable_forgotphone' );
|
178 |
+
$forgot_phone_kba_enable = get_option( 'mo2f_enable_forgotphone_kba' );
|
179 |
+
$forgot_phone_email_enable = get_option( 'mo2f_enable_forgotphone_email' );
|
180 |
+
|
181 |
+
$second_factor = isset( $_POST['mo2f_configured_2FA_method'] ) ? $_POST['mo2f_configured_2FA_method'] : 'KBA';
|
182 |
+
$redirect_to = isset( $_POST['redirect_to'] ) ? $_POST['redirect_to'] : null;
|
183 |
+
$user = unserialize( $_SESSION['mo2f_current_user'] );
|
184 |
+
$user_id = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_current_user_id', $session_id_encrypt );
|
185 |
+
$email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $user_id );
|
186 |
+
$kba_configuration_status = $Mo2fdbQueries->get_user_detail( 'mo2f_SecurityQuestions_config_status', $user_id );
|
187 |
+
|
188 |
+
|
189 |
+
if ( $forgot_phone_enable && $forgot_phone_email_enable && $second_factor == 'OTP OVER EMAIL' ) {
|
190 |
+
$customer = new Customer_Setup();
|
191 |
+
$content = json_decode( $customer->send_otp_token( $email, 'EMAIL', get_option( 'mo2f_customerKey' ), get_option( 'mo2f_api_key' ) ), true );
|
192 |
+
|
193 |
+
$mo2fa_login_message = '';
|
194 |
+
$mo2f_login_status = '';
|
195 |
+
|
196 |
+
if ( strcasecmp( $content['status'], 'SUCCESS' ) == 0 ) {
|
197 |
+
MO2f_Utility::set_user_values( $session_id_encrypt, "mo2f_transactionId", $content['txId'] );
|
198 |
+
|
199 |
+
$mo2fa_login_message = 'A one time passcode has been sent to <b>' . MO2f_Utility::mo2f_get_hidden_email( $email ) . '</b>. Please enter the OTP to verify your identity.';
|
200 |
+
$mo2f_login_status = 'MO_2_FACTOR_CHALLENGE_OTP_OVER_EMAIL';
|
201 |
+
} else {
|
202 |
+
$mo2fa_login_message = 'Error occured while sending OTP over your regsitered email. Please try again.';
|
203 |
+
$mo2f_login_status = 'MO_2_FACTOR_CHALLENGE_KBA_AND_OTP_OVER_EMAIL';
|
204 |
+
}
|
205 |
+
$this->miniorange_pass2login_form_fields( $mo2f_login_status, $mo2fa_login_message, $redirect_to,null,$session_id_encrypt );
|
206 |
+
} else if ( $forgot_phone_enable && $forgot_phone_kba_enable ) {
|
207 |
+
if ( $kba_configuration_status ) {
|
208 |
+
$this->mo2f_pass2login_kba_verification( $user_id, $redirect_to, $session_id_encrypt );
|
209 |
+
} else {
|
210 |
+
$mo2fa_login_message = 'Your KBA is not configured. Please choose other option to procedd further.';
|
211 |
+
$mo2f_login_status = 'MO_2_FACTOR_CHALLENGE_KBA_AND_OTP_OVER_EMAIL';
|
212 |
+
$this->miniorange_pass2login_form_fields( $mo2f_login_status, $mo2fa_login_message, $redirect_to, null,$session_id_encrypt );
|
213 |
+
}
|
214 |
+
}
|
215 |
+
}
|
216 |
+
}
|
217 |
+
|
218 |
+
if ( isset( $_POST['miniorange_alternate_login_kba_nonce'] ) ) { /*check kba validation*/
|
219 |
+
$nonce = $_POST['miniorange_alternate_login_kba_nonce'];
|
220 |
+
if ( ! wp_verify_nonce( $nonce, 'miniorange-2-factor-alternate-login-kba-nonce' ) ) {
|
221 |
+
$error = new WP_Error();
|
222 |
+
$error->add( 'empty_username', __( '<strong>ERROR</strong>: Invalid Request.' ) );
|
223 |
+
|
224 |
+
return $error;
|
225 |
+
} else {
|
226 |
+
$this->miniorange_pass2login_start_session();
|
227 |
+
$session_id_encrypt = isset( $_POST['session_id'] ) ? $_POST['session_id'] : null;
|
228 |
+
$user_id = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_current_user_id',$session_id_encrypt );
|
229 |
+
|
230 |
+
$redirect_to = isset( $_POST['redirect_to'] ) ? $_POST['redirect_to'] : null;
|
231 |
+
$this->mo2f_pass2login_kba_verification( $user_id, $redirect_to,$session_id_encrypt );
|
232 |
+
}
|
233 |
+
}
|
234 |
+
|
235 |
+
if ( isset( $_POST['miniorange_kba_nonce'] ) ) { /*check kba validation*/
|
236 |
+
$nonce = $_POST['miniorange_kba_nonce'];
|
237 |
+
if ( ! wp_verify_nonce( $nonce, 'miniorange-2-factor-kba-nonce' ) ) {
|
238 |
+
$error = new WP_Error();
|
239 |
+
$error->add( 'empty_username', __( '<strong>ERROR</strong>: Invalid Request.' ) );
|
240 |
+
|
241 |
+
return $error;
|
242 |
+
} else {
|
243 |
+
|
244 |
+
$this->miniorange_pass2login_start_session();
|
245 |
+
$session_id_encrypt = isset( $_POST['session_id'] ) ? $_POST['session_id'] : null;
|
246 |
+
$user_id = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_current_user_id',$session_id_encrypt );
|
247 |
+
|
248 |
+
$redirect_to = isset( $_POST['redirect_to'] ) ? $_POST['redirect_to'] : null;
|
249 |
+
|
250 |
+
if ( isset( $user_id ) ) {
|
251 |
+
if ( MO2f_Utility::mo2f_check_empty_or_null( $_POST['mo2f_answer_1'] ) || MO2f_Utility::mo2f_check_empty_or_null( $_POST['mo2f_answer_2'] ) ) {
|
252 |
+
$mo2fa_login_message = 'Please provide both the answers.';
|
253 |
+
$mo2fa_login_status = 'MO_2_FACTOR_CHALLENGE_KBA_AUTHENTICATION';
|
254 |
+
$this->miniorange_pass2login_form_fields( $mo2fa_login_status, $mo2fa_login_message, $redirect_to,null,$session_id_encrypt );
|
255 |
+
}
|
256 |
+
$otpToken = array();
|
257 |
+
$kba_questions = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo_2_factor_kba_questions',$session_id_encrypt );
|
258 |
+
|
259 |
+
$otpToken[0] = $kba_questions[0];
|
260 |
+
$otpToken[1] = sanitize_text_field( $_POST['mo2f_answer_1'] );
|
261 |
+
$otpToken[2] = $kba_questions[1];
|
262 |
+
$otpToken[3] = sanitize_text_field( $_POST['mo2f_answer_2'] );
|
263 |
+
|
264 |
+
$check_trust_device = isset( $_POST['mo2f_trust_device'] ) ? $_POST['mo2f_trust_device'] : 'false';
|
265 |
+
|
266 |
+
//if the php session folder has insufficient permissions, cookies to be used
|
267 |
+
$mo2f_login_transaction_id = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_transactionId',$session_id_encrypt );
|
268 |
+
|
269 |
+
$mo2f_rba_status = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_rba_status',$session_id_encrypt );
|
270 |
+
|
271 |
+
$kba_validate = new Customer_Setup();
|
272 |
+
$kba_validate_response = json_decode( $kba_validate->validate_otp_token( 'KBA', null, $mo2f_login_transaction_id, $otpToken, get_option( 'mo2f_customerKey' ), get_option( 'mo2f_api_key' ) ), true );
|
273 |
+
$email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $user_id );
|
274 |
+
|
275 |
+
if ( strcasecmp( $kba_validate_response['status'], 'SUCCESS' ) == 0 ) {
|
276 |
+
if ( get_option( 'mo2f_remember_device' ) && $check_trust_device == 'on' ) {
|
277 |
+
try {
|
278 |
+
mo2f_register_profile( $email, 'true', $mo2f_rba_status );
|
279 |
+
} catch ( Exception $e ) {
|
280 |
+
echo $e->getMessage();
|
281 |
+
}
|
282 |
+
$this->mo2fa_pass2login( $redirect_to, $session_id_encrypt );
|
283 |
+
} else {
|
284 |
+
$this->mo2fa_pass2login( $redirect_to, $session_id_encrypt );
|
285 |
+
}
|
286 |
+
} else {
|
287 |
+
|
288 |
+
$mo2fa_login_message = 'The answers you have provided are incorrect.';
|
289 |
+
$mo2fa_login_status = 'MO_2_FACTOR_CHALLENGE_KBA_AUTHENTICATION';
|
290 |
+
$this->miniorange_pass2login_form_fields( $mo2fa_login_status, $mo2fa_login_message, $redirect_to,null,$session_id_encrypt);
|
291 |
+
}
|
292 |
+
} else {
|
293 |
+
$this->remove_current_activity($session_id_encrypt);
|
294 |
+
|
295 |
+
return new WP_Error( 'invalid_username', __( '<strong>ERROR</strong>: Please try again..' ) );
|
296 |
+
}
|
297 |
+
}
|
298 |
+
}
|
299 |
+
|
300 |
+
if ( isset( $_POST['miniorange_mobile_validation_nonce'] ) ) { /*check mobile validation */
|
301 |
+
$nonce = $_POST['miniorange_mobile_validation_nonce'];
|
302 |
+
if ( ! wp_verify_nonce( $nonce, 'miniorange-2-factor-mobile-validation-nonce' ) ) {
|
303 |
+
$error = new WP_Error();
|
304 |
+
$error->add( 'empty_username', __( '<strong>ERROR</strong>: Invalid Request.' ) );
|
305 |
+
|
306 |
+
return $error;
|
307 |
+
} else {
|
308 |
+
$this->miniorange_pass2login_start_session();
|
309 |
+
$session_id_encrypt = isset( $_POST['session_id'] ) ? $_POST['session_id'] : null;
|
310 |
+
//if the php session folder has insufficient permissions, cookies to be used
|
311 |
+
$mo2f_login_transaction_id = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_transactionId',$session_id_encrypt );
|
312 |
+
|
313 |
+
$redirect_to = isset( $_POST['redirect_to'] ) ? $_POST['redirect_to'] : null;
|
314 |
+
$checkMobileStatus = new Two_Factor_Setup();
|
315 |
+
$content = $checkMobileStatus->check_mobile_status( $mo2f_login_transaction_id );
|
316 |
+
$response = json_decode( $content, true );
|
317 |
+
if ( json_last_error() == JSON_ERROR_NONE ) {
|
318 |
+
if ( $response['status'] == 'SUCCESS' ) {
|
319 |
+
if ( get_option( 'mo2f_remember_device' ) ) {
|
320 |
+
$mo2fa_login_status = 'MO_2_FACTOR_REMEMBER_TRUSTED_DEVICE';
|
321 |
+
$this->miniorange_pass2login_form_fields( $mo2fa_login_status, null, $redirect_to, null,$session_id_encrypt );
|
322 |
+
} else {
|
323 |
+
$this->mo2fa_pass2login( $redirect_to, $session_id_encrypt );
|
324 |
+
}
|
325 |
+
} else {
|
326 |
+
$this->remove_current_activity($session_id_encrypt);
|
327 |
+
|
328 |
+
return new WP_Error( 'invalid_username', __( '<strong>ERROR</strong>: Please try again.' ) );
|
329 |
+
}
|
330 |
+
} else {
|
331 |
+
$this->remove_current_activity($session_id_encrypt);
|
332 |
+
|
333 |
+
return new WP_Error( 'invalid_username', __( '<strong>ERROR</strong>: Please try again.' ) );
|
334 |
+
}
|
335 |
+
}
|
336 |
+
}
|
337 |
+
|
338 |
+
if ( isset( $_POST['miniorange_mobile_validation_failed_nonce'] ) ) { /*Back to miniOrange Login Page if mobile validation failed and from back button of mobile challenge, soft token and default login*/
|
339 |
+
$nonce = $_POST['miniorange_mobile_validation_failed_nonce'];
|
340 |
+
if ( ! wp_verify_nonce( $nonce, 'miniorange-2-factor-mobile-validation-failed-nonce' ) ) {
|
341 |
+
$error = new WP_Error();
|
342 |
+
$error->add( 'empty_username', '<strong>' . mo2f_lt( 'ERROR' ) . '</strong>: ' . mo2f_lt( 'Invalid Request.' ) );
|
343 |
+
|
344 |
+
return $error;
|
345 |
+
} else {
|
346 |
+
$this->miniorange_pass2login_start_session();
|
347 |
+
$session_id_encrypt = isset( $_POST['session_id'] ) ? $_POST['session_id'] : null;
|
348 |
+
$this->remove_current_activity($session_id_encrypt);
|
349 |
+
}
|
350 |
+
}
|
351 |
+
|
352 |
+
if ( isset( $_POST['miniorange_forgotphone'] ) ) { /*Click on the link of forgotphone */
|
353 |
+
$nonce = $_POST['miniorange_forgotphone'];
|
354 |
+
if ( ! wp_verify_nonce( $nonce, 'miniorange-2-factor-forgotphone' ) ) {
|
355 |
+
$error = new WP_Error();
|
356 |
+
$error->add( 'empty_username', __( '<strong>ERROR</strong>: Invalid Request.' ) );
|
357 |
+
|
358 |
+
return $error;
|
359 |
+
} else {
|
360 |
+
$mo2fa_login_status = isset( $_POST['request_origin_method'] ) ? $_POST['request_origin_method'] : null;
|
361 |
+
$session_id_encrypt = isset( $_POST['session_id'] ) ? $_POST['session_id'] : null;
|
362 |
+
$redirect_to = isset( $_POST['redirect_to'] ) ? $_POST['redirect_to'] : null;
|
363 |
+
$mo2fa_login_message = '';
|
364 |
+
|
365 |
+
$this->miniorange_pass2login_start_session();
|
366 |
+
$customer = new Customer_Setup();
|
367 |
+
$user_id = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_current_user_id',$session_id_encrypt );
|
368 |
+
$user_email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $user_id );
|
369 |
+
$kba_configuration_status = $Mo2fdbQueries->get_user_detail( 'mo2f_SecurityQuestions_config_status', $user_id );
|
370 |
+
|
371 |
+
if ( $kba_configuration_status ) {
|
372 |
+
$mo2fa_login_status = 'MO_2_FACTOR_CHALLENGE_KBA_AND_OTP_OVER_EMAIL';
|
373 |
+
$pass2fa_login = new Miniorange_Password_2Factor_Login();
|
374 |
+
$pass2fa_login->mo2f_pass2login_kba_verification( $user_id, $redirect_to,$session_id_encrypt );
|
375 |
+
} else {
|
376 |
+
$hidden_user_email = MO2f_Utility::mo2f_get_hidden_email( $user_email );
|
377 |
+
$content = json_decode( $customer->send_otp_token( $user_email, 'EMAIL', get_option( 'mo2f_customerKey' ), get_option( 'mo2f_api_key' ) ), true );
|
378 |
+
|
379 |
+
if ( strcasecmp( $content['status'], 'SUCCESS' ) == 0 ) {
|
380 |
+
|
381 |
+
|
382 |
+
$session_cookie_variables = array( 'mo2f-login-qrCode', 'mo2f_transactionId' );
|
383 |
+
|
384 |
+
MO2f_Utility::unset_session_variables( $session_cookie_variables );
|
385 |
+
MO2f_Utility::unset_cookie_variables( $session_cookie_variables );
|
386 |
+
MO2f_Utility::unset_temp_user_details_in_table( 'mo2f_transactionId',$session_id_encrypt );
|
387 |
+
|
388 |
+
//if the php session folder has insufficient permissions, cookies to be used
|
389 |
+
MO2f_Utility::set_user_values( $session_id_encrypt,'mo2f_login_message', 'A one time passcode has been sent to <b>' . $hidden_user_email . '</b>. Please enter the OTP to verify your identity.' );
|
390 |
+
MO2f_Utility::set_user_values( $session_id_encrypt, 'mo2f_transactionId', $content['txId'] );
|
391 |
+
|
392 |
+
$mo2fa_login_message = 'A one time passcode has been sent to <b>' . $hidden_user_email . '</b>. Please enter the OTP to verify your identity.';
|
393 |
+
$mo2fa_login_status = 'MO_2_FACTOR_CHALLENGE_OTP_OVER_EMAIL';
|
394 |
+
} else {
|
395 |
+
$mo2fa_login_message = 'Error occurred while sending OTP over email. Please try again.';
|
396 |
+
}
|
397 |
+
$this->miniorange_pass2login_form_fields( $mo2fa_login_status, $mo2fa_login_message, $redirect_to, null,$session_id_encrypt );
|
398 |
+
}
|
399 |
+
$pass2fa_login = new Miniorange_Password_2Factor_Login();
|
400 |
+
|
401 |
+
$pass2fa_login->miniorange_pass2login_form_fields( $mo2fa_login_status, $mo2fa_login_message, $redirect_to,null,$session_id_encrypt );
|
402 |
+
}
|
403 |
+
}
|
404 |
+
|
405 |
+
if ( isset( $_POST['miniorange_softtoken'] ) ) { /*Click on the link of phone is offline */
|
406 |
+
$nonce = $_POST['miniorange_softtoken'];
|
407 |
+
if ( ! wp_verify_nonce( $nonce, 'miniorange-2-factor-softtoken' ) ) {
|
408 |
+
$error = new WP_Error();
|
409 |
+
$error->add( 'empty_username', __( '<strong>ERROR</strong>: Invalid Request.' ) );
|
410 |
+
|
411 |
+
return $error;
|
412 |
+
} else {
|
413 |
+
$this->miniorange_pass2login_start_session();
|
414 |
+
$session_id_encrypt = isset( $_POST['session_id'] ) ? $_POST['session_id'] : null;
|
415 |
+
$session_cookie_variables = array( 'mo2f-login-qrCode', 'mo2f_transactionId' );
|
416 |
+
|
417 |
+
MO2f_Utility::unset_session_variables( $session_cookie_variables );
|
418 |
+
MO2f_Utility::unset_cookie_variables( $session_cookie_variables );
|
419 |
+
MO2f_Utility::unset_temp_user_details_in_table('mo2f_transactionId',$session_id_encrypt );
|
420 |
+
|
421 |
+
$redirect_to = isset( $_POST['redirect_to'] ) ? $_POST['redirect_to'] : null;
|
422 |
+
$mo2fa_login_message = 'Please enter the one time passcode shown in the miniOrange<b> Authenticator</b> app.';
|
423 |
+
$mo2fa_login_status = 'MO_2_FACTOR_CHALLENGE_SOFT_TOKEN';
|
424 |
+
$this->miniorange_pass2login_form_fields( $mo2fa_login_status, $mo2fa_login_message, $redirect_to,null,$session_id_encrypt );
|
425 |
+
}
|
426 |
+
}
|
427 |
+
|
428 |
+
|
429 |
+
if ( isset( $_POST['miniorange_soft_token_nonce'] ) ) { /*Validate Soft Token,OTP over SMS,OTP over EMAIL,Phone verification */
|
430 |
+
$nonce = $_POST['miniorange_soft_token_nonce'];
|
431 |
+
if ( ! wp_verify_nonce( $nonce, 'miniorange-2-factor-soft-token-nonce' ) ) {
|
432 |
+
$error = new WP_Error();
|
433 |
+
$error->add( 'empty_username', __( '<strong>ERROR</strong>: Invalid Request.' ) );
|
434 |
+
|
435 |
+
return $error;
|
436 |
+
} else {
|
437 |
+
$this->miniorange_pass2login_start_session();
|
438 |
+
$session_id_encrypt = isset( $_POST['session_id'] ) ? $_POST['session_id'] : null;
|
439 |
+
$mo2fa_login_status = isset( $_POST['request_origin_method'] ) ? $_POST['request_origin_method'] : null;
|
440 |
+
$redirect_to = isset( $_POST['redirect_to'] ) ? $_POST['redirect_to'] : null;
|
441 |
+
$softtoken = '';
|
442 |
+
if ( MO2f_utility::mo2f_check_empty_or_null( $_POST['mo2fa_softtoken'] ) ) {
|
443 |
+
$mo2fa_login_message = 'Please enter OTP to proceed.';
|
444 |
+
$this->miniorange_pass2login_form_fields( $mo2fa_login_status, $mo2fa_login_message, $redirect_to,null,$session_id_encrypt );
|
445 |
+
} else {
|
446 |
+
$softtoken = sanitize_text_field( $_POST['mo2fa_softtoken'] );
|
447 |
+
if ( ! MO2f_utility::mo2f_check_number_length( $softtoken ) ) {
|
448 |
+
$mo2fa_login_message = 'Invalid OTP. Only digits within range 4-8 are allowed. Please try again.';
|
449 |
+
$this->miniorange_pass2login_form_fields( $mo2fa_login_status, $mo2fa_login_message, $redirect_to,null,$session_id_encrypt );
|
450 |
+
}
|
451 |
+
}
|
452 |
+
|
453 |
+
$user_id = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_current_user_id',$session_id_encrypt );
|
454 |
+
$user_email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $user_id );
|
455 |
+
|
456 |
+
if ( isset( $user_id ) ) {
|
457 |
+
|
458 |
+
$customer = new Customer_Setup();
|
459 |
+
$content = '';
|
460 |
+
//if the php session folder has insufficient permissions, cookies to be used
|
461 |
+
$mo2f_login_transaction_id = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_transactionId',$session_id_encrypt );
|
462 |
+
|
463 |
+
if ( isset( $mo2fa_login_status ) && $mo2fa_login_status == 'MO_2_FACTOR_CHALLENGE_OTP_OVER_EMAIL' ) {
|
464 |
+
$content = json_decode( $customer->validate_otp_token( 'EMAIL', null, $mo2f_login_transaction_id, $softtoken, get_option( 'mo2f_customerKey' ), get_option( 'mo2f_api_key' ) ), true );
|
465 |
+
} else if ( isset( $mo2fa_login_status ) && $mo2fa_login_status == 'MO_2_FACTOR_CHALLENGE_OTP_OVER_SMS' ) {
|
466 |
+
$content = json_decode( $customer->validate_otp_token( 'SMS', null, $mo2f_login_transaction_id, $softtoken, get_option( 'mo2f_customerKey' ), get_option( 'mo2f_api_key' ) ), true );
|
467 |
+
} else if ( isset( $mo2fa_login_status ) && $mo2fa_login_status == 'MO_2_FACTOR_CHALLENGE_PHONE_VERIFICATION' ) {
|
468 |
+
$content = json_decode( $customer->validate_otp_token( 'PHONE VERIFICATION', null, $mo2f_login_transaction_id, $softtoken, get_option( 'mo2f_customerKey' ), get_option( 'mo2f_api_key' ) ), true );
|
469 |
+
} else if ( isset( $mo2fa_login_status ) && $mo2fa_login_status == 'MO_2_FACTOR_CHALLENGE_SOFT_TOKEN' ) {
|
470 |
+
$content = json_decode( $customer->validate_otp_token( 'SOFT TOKEN', $user_email, null, $softtoken, get_option( 'mo2f_customerKey' ), get_option( 'mo2f_api_key' ) ), true );
|
471 |
+
} else if ( isset( $mo2fa_login_status ) && $mo2fa_login_status == 'MO_2_FACTOR_CHALLENGE_GOOGLE_AUTHENTICATION' ) {
|
472 |
+
$content = json_decode( $customer->validate_otp_token( 'GOOGLE AUTHENTICATOR', $user_email, null, $softtoken, get_option( 'mo2f_customerKey' ), get_option( 'mo2f_api_key' ) ), true );
|
473 |
+
} else {
|
474 |
+
$this->remove_current_activity($session_id_encrypt);
|
475 |
+
|
476 |
+
return new WP_Error( 'invalid_username', __( '<strong>ERROR</strong>: Invalid Request. Please try again.' ) );
|
477 |
+
}
|
478 |
+
|
479 |
+
if ( strcasecmp( $content['status'], 'SUCCESS' ) == 0 ) {
|
480 |
+
if ( get_option( 'mo2f_remember_device' ) ) {
|
481 |
+
$mo2fa_login_status = 'MO_2_FACTOR_REMEMBER_TRUSTED_DEVICE';
|
482 |
+
|
483 |
+
$this->miniorange_pass2login_form_fields( $mo2fa_login_status, null, $redirect_to,null,$session_id_encrypt );
|
484 |
+
} else {
|
485 |
+
$this->mo2fa_pass2login( $redirect_to, $session_id_encrypt );
|
486 |
+
}
|
487 |
+
} else {
|
488 |
+
|
489 |
+
$message = $mo2fa_login_status == 'MO_2_FACTOR_CHALLENGE_SOFT_TOKEN' ? 'You have entered an invalid OTP.<br>Please click on <b>Sync Time</b> in the miniOrange Authenticator app to sync your phone time with the miniOrange servers and try again.' : 'Invalid OTP. Please try again.';
|
490 |
+
$this->miniorange_pass2login_form_fields( $mo2fa_login_status, $message, $redirect_to,null,$session_id_encrypt );
|
491 |
+
}
|
492 |
+
|
493 |
+
} else {
|
494 |
+
$this->remove_current_activity($session_id_encrypt);
|
495 |
+
|
496 |
+
return new WP_Error( 'invalid_username', __( '<strong>ERROR</strong>: Please try again..' ) );
|
497 |
+
}
|
498 |
+
}
|
499 |
+
}
|
500 |
+
|
501 |
+
if ( isset( $_POST['miniorange_inline_skip_registration_nonce'] ) ) { /*Validate Soft Token,OTP over SMS,OTP over EMAIL,Phone verification */
|
502 |
+
$nonce = $_POST['miniorange_inline_skip_registration_nonce'];
|
503 |
+
if ( ! wp_verify_nonce( $nonce, 'miniorange-2-factor-inline-skip-registration-nonce' ) ) {
|
504 |
+
$error = new WP_Error();
|
505 |
+
$error->add( 'empty_username', __( '<strong>ERROR</strong>: Invalid Request.' ) );
|
506 |
+
|
507 |
+
return $error;
|
508 |
+
} else {
|
509 |
+
$this->miniorange_pass2login_start_session();
|
510 |
+
$session_id = isset( $_POST['session_id'] ) ? $_POST['session_id'] : null;
|
511 |
+
$user_id = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_current_user_id',$session_id);
|
512 |
+
$this->mo2fa_pass2login(null, $session_id );
|
513 |
+
}
|
514 |
+
}
|
515 |
+
|
516 |
+
if ( isset( $_POST['miniorange_attribute_collection_nonce'] ) ) { /*Handling Rba Attributes from other plugins */
|
517 |
+
$nonce = $_POST['miniorange_attribute_collection_nonce'];
|
518 |
+
if ( ! wp_verify_nonce( $nonce, 'miniorange-2-factor-login-attribute-collection-nonce' ) ) {
|
519 |
+
$error = new WP_Error();
|
520 |
+
$error->add( 'empty_username', __( '<strong>ERROR</strong>: Invalid Request.' ) );
|
521 |
+
|
522 |
+
return $error;
|
523 |
+
} else {
|
524 |
+
$this->miniorange_pass2login_start_session();
|
525 |
+
|
526 |
+
$user_id = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_current_user_id',$session_id_encrypt );
|
527 |
+
$currentuser = get_user_by( 'id', $user_id );
|
528 |
+
|
529 |
+
|
530 |
+
$attributes = isset( $_POST['miniorange_rba_attribures'] ) ? $_POST['miniorange_rba_attribures'] : null;
|
531 |
+
$redirect_to = isset( $_POST['redirect_to'] ) ? $_POST['redirect_to'] : null;
|
532 |
+
$session_id = isset( $_POST['session_id'] ) ? $_POST['session_id'] : null;
|
533 |
+
$this->miniorange_initiate_2nd_factor( $currentuser, $attributes, $redirect_to,$session_id );
|
534 |
+
}
|
535 |
+
}
|
536 |
+
}
|
537 |
+
|
538 |
+
function remove_current_activity($session_id) {
|
539 |
+
|
540 |
+
$session_variables = array(
|
541 |
+
'mo2f_current_user_id',
|
542 |
+
'mo2f_1stfactor_status',
|
543 |
+
'mo_2factor_login_status',
|
544 |
+
'mo2f-login-qrCode',
|
545 |
+
'mo2f_transactionId',
|
546 |
+
'mo2f_login_message',
|
547 |
+
'mo2f_rba_status',
|
548 |
+
'mo_2_factor_kba_questions',
|
549 |
+
'mo2f_show_qr_code',
|
550 |
+
'mo2f_google_auth',
|
551 |
+
'mo2f_authy_keys'
|
552 |
+
);
|
553 |
+
|
554 |
+
$cookie_variables = array(
|
555 |
+
'mo2f_current_user_id',
|
556 |
+
'mo2f_1stfactor_status',
|
557 |
+
'mo_2factor_login_status',
|
558 |
+
'mo2f-login-qrCode',
|
559 |
+
'mo2f_transactionId',
|
560 |
+
'mo2f_login_message',
|
561 |
+
'mo2f_rba_status_status',
|
562 |
+
'mo2f_rba_status_sessionUuid',
|
563 |
+
'mo2f_rba_status_decision_flag',
|
564 |
+
'kba_question1',
|
565 |
+
'kba_question2',
|
566 |
+
'mo2f_show_qr_code',
|
567 |
+
'mo2f_google_auth',
|
568 |
+
'mo2f_authy_keys'
|
569 |
+
);
|
570 |
+
|
571 |
+
$temp_table_variables = array(
|
572 |
+
'session_id',
|
573 |
+
'mo2f_current_user_id',
|
574 |
+
'mo2f_login_message',
|
575 |
+
'mo2f_1stfactor_status',
|
576 |
+
'mo2f_transactionId',
|
577 |
+
'mo_2_factor_kba_questions',
|
578 |
+
'mo2f_rba_status',
|
579 |
+
'ts_created'
|
580 |
+
);
|
581 |
+
|
582 |
+
MO2f_Utility::unset_session_variables( $session_variables );
|
583 |
+
MO2f_Utility::unset_cookie_variables( $cookie_variables );
|
584 |
+
MO2f_Utility::unset_temp_user_details_in_table( $temp_table_variables , $session_id, "destroy" );
|
585 |
+
|
586 |
+
|
587 |
+
}
|
588 |
+
|
589 |
+
public function miniorange_pass2login_start_session() {
|
590 |
+
if ( ! session_id() || session_id() == '' || ! isset( $_SESSION ) ) {
|
591 |
+
session_start();
|
592 |
+
}
|
593 |
+
}
|
594 |
+
|
595 |
+
function mo2f_pass2login_kba_verification( $user_id, $redirect_to, $session_id ) {
|
596 |
+
global $Mo2fdbQueries;
|
597 |
+
$user_email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $user_id );
|
598 |
+
|
599 |
+
if(is_null($session_id)) {
|
600 |
+
$session_id=$this->create_session();
|
601 |
+
}
|
602 |
+
|
603 |
+
$challengeKba = new Customer_Setup();
|
604 |
+
$content = $challengeKba->send_otp_token( $user_email, 'KBA', get_option( 'mo2f_customerKey' ), get_option( 'mo2f_api_key' ) );
|
605 |
+
$response = json_decode( $content, true );
|
606 |
+
if ( json_last_error() == JSON_ERROR_NONE ) { /* Generate Qr code */
|
607 |
+
if ( $response['status'] == 'SUCCESS' ) {
|
608 |
+
|
609 |
+
MO2f_Utility::set_user_values( $session_id,"mo2f_transactionId", $response['txId'] );
|
610 |
+
$questions = array();
|
611 |
+
$questions[0] = $response['questions'][0]['question'];
|
612 |
+
$questions[1] = $response['questions'][1]['question'];
|
613 |
+
|
614 |
+
MO2f_Utility::set_user_values( $session_id, 'mo_2_factor_kba_questions', $questions );
|
615 |
+
|
616 |
+
$mo2fa_login_message = 'Please answer the following questions:';
|
617 |
+
$mo2fa_login_status = 'MO_2_FACTOR_CHALLENGE_KBA_AUTHENTICATION';
|
618 |
+
$this->miniorange_pass2login_form_fields( $mo2fa_login_status, $mo2fa_login_message, $redirect_to,null, $session_id );
|
619 |
+
} else if ( $response['status'] == 'ERROR' ) {
|
620 |
+
$this->remove_current_activity($session_id);
|
621 |
+
$error = new WP_Error();
|
622 |
+
$error->add( 'empty_username', __( '<strong>ERROR</strong>: An error occured while processing your request. Please Try again.' ) );
|
623 |
+
|
624 |
+
return $error;
|
625 |
+
}
|
626 |
+
} else {
|
627 |
+
$this->remove_current_activity($session_id);
|
628 |
+
$error = new WP_Error();
|
629 |
+
$error->add( 'empty_username', __( '<strong>ERROR</strong>: An error occured while processing your request. Please Try again.' ) );
|
630 |
+
|
631 |
+
return $error;
|
632 |
+
}
|
633 |
+
}
|
634 |
+
|
635 |
+
function miniorange_pass2login_form_fields( $mo2fa_login_status = null, $mo2fa_login_message = null, $redirect_to = null, $qrCode = null, $session_id_encrypt ) {
|
636 |
+
|
637 |
+
$login_status = $mo2fa_login_status;
|
638 |
+
$login_message = $mo2fa_login_message;
|
639 |
+
|
640 |
+
$user_id = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_current_user_id',$session_id_encrypt );
|
641 |
+
|
642 |
+
|
643 |
+
if ( $this->miniorange_pass2login_check_mobile_status( $login_status ) ) { //for mobile
|
644 |
+
mo2f_get_qrcode_authentication_prompt( $login_status, $login_message, $redirect_to, $qrCode, $session_id_encrypt );
|
645 |
+
exit;
|
646 |
+
} else if ( $this->miniorange_pass2login_check_otp_status( $login_status ) ) { //for soft-token,otp over email,sms,phone verification,google auth
|
647 |
+
mo2f_get_otp_authentication_prompt( $login_status, $login_message, $redirect_to, $session_id_encrypt );
|
648 |
+
exit;
|
649 |
+
} else if ( $this->miniorange_pass2login_check_forgotphone_status( $login_status ) ) { // forgot phone page if both KBA and Email are configured.
|
650 |
+
mo2f_get_forgotphone_form( $login_status, $login_message, $redirect_to, $session_id_encrypt );
|
651 |
+
exit;
|
652 |
+
} else if ( $this->miniorange_pass2login_check_push_oobemail_status( $login_status ) ) { //for push and out of band email.
|
653 |
+
mo2f_get_push_notification_oobemail_prompt( $user_id, $login_status, $login_message, $redirect_to, $session_id_encrypt );
|
654 |
+
exit;
|
655 |
+
} else if ( $this->miniorange_pass2login_reconfig_google( $login_status ) ) { //MO_2_FACTOR_RECONFIG_GOOGLE
|
656 |
+
// shortcode
|
657 |
+
$this->mo2f_redirect_shortcode_addon( $user_id, $login_status, $login_message, 'reconfigure_google' );
|
658 |
+
exit;
|
659 |
+
} else if ( $this->miniorange_pass2login_reconfig_kba( $login_status ) ) { //MO_2_FACTOR_RECONFIG_KBA
|
660 |
+
$this->mo2f_redirect_shortcode_addon( $user_id, $login_status, $login_message, 'reconfigure_kba' );
|
661 |
+
exit;
|
662 |
+
} else if ( $this->miniorange_pass2login_check_kba_status( $login_status ) ) { // for Kba
|
663 |
+
mo2f_get_kba_authentication_prompt( $login_message, $redirect_to, $session_id_encrypt );
|
664 |
+
exit;
|
665 |
+
} else if ( $this->miniorange_pass2login_check_trusted_device_status( $login_status ) ) { // trusted device
|
666 |
+
mo2f_get_device_form( $redirect_to, $session_id_encrypt );
|
667 |
+
exit;
|
668 |
+
} else { //show login screen
|
669 |
+
$this->mo_2_factor_pass2login_show_wp_login_form();
|
670 |
+
}
|
671 |
+
}
|
672 |
+
|
673 |
+
function miniorange_pass2login_check_mobile_status( $login_status ) { //mobile authentication
|
674 |
+
if ( $login_status == 'MO_2_FACTOR_CHALLENGE_MOBILE_AUTHENTICATION' ) {
|
675 |
+
return true;
|
676 |
+
}
|
677 |
+
|
678 |
+
return false;
|
679 |
+
}
|
680 |
+
|
681 |
+
function miniorange_pass2login_check_otp_status( $login_status, $sso = false ) {
|
682 |
+
if ( $login_status == 'MO_2_FACTOR_CHALLENGE_SOFT_TOKEN' || $login_status == 'MO_2_FACTOR_CHALLENGE_OTP_OVER_EMAIL' || $login_status == 'MO_2_FACTOR_CHALLENGE_OTP_OVER_SMS' || $login_status == 'MO_2_FACTOR_CHALLENGE_PHONE_VERIFICATION' || $login_status == 'MO_2_FACTOR_CHALLENGE_GOOGLE_AUTHENTICATION' ) {
|
683 |
+
return true;
|
684 |
+
}
|
685 |
+
|
686 |
+
return false;
|
687 |
+
}
|
688 |
+
|
689 |
+
function miniorange_pass2login_check_forgotphone_status( $login_status ) { // after clicking on forgotphone link when both kba and email are configured
|
690 |
+
if ( $login_status == 'MO_2_FACTOR_CHALLENGE_KBA_AND_OTP_OVER_EMAIL' ) {
|
691 |
+
return true;
|
692 |
+
}
|
693 |
+
|
694 |
+
return false;
|
695 |
+
}
|
696 |
+
|
697 |
+
function miniorange_pass2login_check_push_oobemail_status( $login_status ) { // for push and out of and email
|
698 |
+
if ( $login_status == 'MO_2_FACTOR_CHALLENGE_PUSH_NOTIFICATIONS' || $login_status == 'MO_2_FACTOR_CHALLENGE_OOB_EMAIL' ) {
|
699 |
+
return true;
|
700 |
+
}
|
701 |
+
|
702 |
+
return false;
|
703 |
+
}
|
704 |
+
|
705 |
+
function miniorange_pass2login_reconfig_google( $login_status ) {
|
706 |
+
if ( $login_status == 'MO_2_FACTOR_RECONFIG_GOOGLE' ) {
|
707 |
+
return true;
|
708 |
+
}
|
709 |
+
|
710 |
+
return false;
|
711 |
+
}
|
712 |
+
|
713 |
+
function mo2f_redirect_shortcode_addon( $current_user_id, $login_status, $login_message, $identity ) {
|
714 |
+
|
715 |
+
do_action( 'mo2f_shortcode_addon', $current_user_id, $login_status, $login_message, $identity );
|
716 |
+
|
717 |
+
|
718 |
+
}
|
719 |
+
|
720 |
+
function miniorange_pass2login_reconfig_kba( $login_status ) {
|
721 |
+
if ( $login_status == 'MO_2_FACTOR_RECONFIG_KBA' ) {
|
722 |
+
return true;
|
723 |
+
}
|
724 |
+
|
725 |
+
return false;
|
726 |
+
}
|
727 |
+
|
728 |
+
function miniorange_pass2login_check_kba_status( $login_status ) {
|
729 |
+
if ( $login_status == 'MO_2_FACTOR_CHALLENGE_KBA_AUTHENTICATION' ) {
|
730 |
+
return true;
|
731 |
+
}
|
732 |
+
|
733 |
+
return false;
|
734 |
+
}
|
735 |
+
|
736 |
+
function miniorange_pass2login_check_trusted_device_status( $login_status ) {
|
737 |
+
|
738 |
+
if ( $login_status == 'MO_2_FACTOR_REMEMBER_TRUSTED_DEVICE' ) {
|
739 |
+
return true;
|
740 |
+
}
|
741 |
+
|
742 |
+
return false;
|
743 |
+
}
|
744 |
+
|
745 |
+
function mo_2_factor_pass2login_show_wp_login_form() {
|
746 |
+
|
747 |
+
$session_id_encrypt = isset( $_POST['miniorange_user_session'] ) ? $_POST['miniorange_user_session'] : (isset( $_POST['session_id'] ) ? $_POST['session_id'] : null);
|
748 |
+
|
749 |
+
if(is_null($session_id_encrypt)) {
|
750 |
+
$session_id_encrypt=$this->create_session();
|
751 |
+
}
|
752 |
+
|
753 |
+
?>
|
754 |
+
<p><input type="hidden" name="miniorange_login_nonce"
|
755 |
+
value="<?php echo wp_create_nonce( 'miniorange-2-factor-login-nonce' ); ?>"/>
|
756 |
+
|
757 |
+
<input type="hidden" name="miniorange_user_session"
|
758 |
+
value="<?php echo $session_id_encrypt; ?>"/>
|
759 |
+
|
760 |
+
</p>
|
761 |
+
|
762 |
+
<?php
|
763 |
+
if ( get_option( 'mo2f_remember_device' ) ) {
|
764 |
+
?>
|
765 |
+
<p><input type="hidden" id="miniorange_rba_attribures" name="miniorange_rba_attribures" value=""/></p>
|
766 |
+
<?php
|
767 |
+
wp_enqueue_script( 'jquery_script', plugins_url( 'includes/js/rba/js/jquery-1.9.1.js', __FILE__ ) );
|
768 |
+
wp_enqueue_script( 'flash_script', plugins_url( 'includes/js/rba/js/jquery.flash.js', __FILE__ ) );
|
769 |
+
wp_enqueue_script( 'uaparser_script', plugins_url( 'includes/js/rba/js/ua-parser.js', __FILE__ ) );
|
770 |
+
wp_enqueue_script( 'client_script', plugins_url( 'includes/js/rba/js/client.js', __FILE__ ) );
|
771 |
+
wp_enqueue_script( 'device_script', plugins_url( 'includes/js/rba/js/device_attributes.js', __FILE__ ) );
|
772 |
+
wp_enqueue_script( 'swf_script', plugins_url( 'includes/js/rba/js/swfobject.js', __FILE__ ) );
|
773 |
+
wp_enqueue_script( 'font_script', plugins_url( 'includes/js/rba/js/fontdetect.js', __FILE__ ) );
|
774 |
+
wp_enqueue_script( 'murmur_script', plugins_url( 'includes/js/rba/js/murmurhash3.js', __FILE__ ) );
|
775 |
+
wp_enqueue_script( 'miniorange_script', plugins_url( 'includes/js/rba/js/miniorange-fp.js', __FILE__ ) );
|
776 |
+
}else{
|
777 |
+
|
778 |
+
$is_nc_with_unlimited_users = get_option( 'mo2f_is_NC' ) && !get_option( 'mo2f_is_NNC' );
|
779 |
+
|
780 |
+
if( get_option('mo2f_enable_2fa_prompt_on_login_page') && ! $is_nc_with_unlimited_users &&
|
781 |
+
in_array(get_option('mo2f_configured_2_factor_method'), array("Google Authenticator", "miniOrange Soft Token", "Authy Authenticator"))){
|
782 |
+
echo "\t<p>\n";
|
783 |
+
echo "\t\t<label class=\"mo2f_instuction1\" title=\"".__('If you don\'t have 2-factor authentication enabled for your WordPress account, leave this field empty.','google-authenticator')."\">".__('2 Factor Authentication code*','google-authenticator')."<span id=\"google-auth-info\"></span><br />\n";
|
784 |
+
echo "\t\t<input type=\"text\" name=\"mo_softtoken\" id=\"mo2f_2fa_code\" class=\"mo2f_2fa_code\" value=\"\" size=\"20\" style=\"ime-mode: inactive;\" /></label>\n";
|
785 |
+
echo "\t<p class=\"mo2f_instuction2\" style='color:red; font-size:12px;padding:5px'>* Skip the authentication code if it doesn't apply.</p>\n";
|
786 |
+
echo "\t</p>\n";
|
787 |
+
echo " \r\n";
|
788 |
+
echo " \r\n";
|
789 |
+
echo "\n";
|
790 |
+
}
|
791 |
+
}
|
792 |
+
|
793 |
+
}
|
794 |
+
|
795 |
+
function mo2f_pass2login_mobile_verification( $user, $redirect_to, $session_id_encrypt=null )
|
796 |
+
{
|
797 |
+
global $Mo2fdbQueries;
|
798 |
+
if (is_null($session_id_encrypt)){
|
799 |
+
$session_id_encrypt=$this->create_session();
|
800 |
+
}
|
801 |
+
$user_email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $user->ID );
|
802 |
+
|
803 |
+
$useragent = $_SERVER['HTTP_USER_AGENT'];
|
804 |
+
if ( MO2f_Utility::check_if_request_is_from_mobile_device( $useragent ) ) {
|
805 |
+
$session_cookie_variables = array( 'mo2f-login-qrCode', 'mo2f_transactionId' );
|
806 |
+
|
807 |
+
MO2f_Utility::unset_session_variables( $session_cookie_variables );
|
808 |
+
MO2f_Utility::unset_cookie_variables( $session_cookie_variables);
|
809 |
+
MO2f_Utility::unset_temp_user_details_in_table( 'mo2f_transactionId',$session_id_encrypt);
|
810 |
+
|
811 |
+
$mo2fa_login_message = 'Please enter the one time passcode shown in the miniOrange<b> Authenticator</b> app.';
|
812 |
+
$mo2fa_login_status = 'MO_2_FACTOR_CHALLENGE_SOFT_TOKEN';
|
813 |
+
$this->miniorange_pass2login_form_fields( $mo2fa_login_status, $mo2fa_login_message, $redirect_to,null,$session_id_encrypt );
|
814 |
+
} else {
|
815 |
+
$challengeMobile = new Customer_Setup();
|
816 |
+
$content = $challengeMobile->send_otp_token( $user_email, 'MOBILE AUTHENTICATION', get_option( 'mo2f_customerKey' ), get_option( 'mo2f_api_key' ) );
|
817 |
+
$response = json_decode( $content, true );
|
818 |
+
if ( json_last_error() == JSON_ERROR_NONE ) { /* Generate Qr code */
|
819 |
+
if ( $response['status'] == 'SUCCESS' ) {
|
820 |
+
|
821 |
+
$qrCode = $response['qrCode'];
|
822 |
+
MO2f_Utility::set_user_values( $session_id_encrypt,'mo2f_transactionId', $response['txId'] );
|
823 |
+
|
824 |
+
$mo2fa_login_message = '';
|
825 |
+
$mo2fa_login_status = 'MO_2_FACTOR_CHALLENGE_MOBILE_AUTHENTICATION';
|
826 |
+
$this->miniorange_pass2login_form_fields( $mo2fa_login_status, $mo2fa_login_message, $redirect_to, $qrCode,$session_id_encrypt );
|
827 |
+
} else if ( $response['status'] == 'ERROR' ) {
|
828 |
+
$this->remove_current_activity($session_id_encrypt);
|
829 |
+
$error = new WP_Error();
|
830 |
+
$error->add( 'empty_username', __( '<strong>ERROR</strong>: An error occured while processing your request. Please Try again.' ) );
|
831 |
+
|
832 |
+
return $error;
|
833 |
+
}
|
834 |
+
} else {
|
835 |
+
$this->remove_current_activity($session_id_encrypt);
|
836 |
+
$error = new WP_Error();
|
837 |
+
$error->add( 'empty_username', __( '<strong>ERROR</strong>: An error occured while processing your request. Please Try again.' ) );
|
838 |
+
|
839 |
+
return $error;
|
840 |
+
}
|
841 |
+
}
|
842 |
+
|
843 |
+
}
|
844 |
+
|
845 |
+
function mo2f_pass2login_push_oobemail_verification( $user, $mo2f_second_factor, $redirect_to, $session_id=null ) {
|
846 |
+
global $Mo2fdbQueries;
|
847 |
+
if(is_null($session_id)){
|
848 |
+
$session_id=$this->create_session();
|
849 |
+
}
|
850 |
+
$user_email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $user->ID );
|
851 |
+
|
852 |
+
$challengeMobile = new Customer_Setup();
|
853 |
+
$content = $challengeMobile->send_otp_token( $user_email, $mo2f_second_factor, get_option( 'mo2f_customerKey' ), get_option( 'mo2f_api_key' ) );
|
854 |
+
$response = json_decode( $content, true );
|
855 |
+
if ( json_last_error() == JSON_ERROR_NONE ) { /* Generate Qr code */
|
856 |
+
if ( $response['status'] == 'SUCCESS' ) {
|
857 |
+
MO2f_Utility::set_user_values( $session_id, "mo2f_transactionId", $response['txId'] );
|
858 |
+
|
859 |
+
$mo2fa_login_message = $mo2f_second_factor == 'PUSH NOTIFICATIONS' ? 'A Push Notification has been sent to your phone. We are waiting for your approval.' : 'An email has been sent to ' . MO2f_Utility::mo2f_get_hidden_email( $user_email ) . '. We are waiting for your approval.';
|
860 |
+
$mo2fa_login_status = $mo2f_second_factor == 'PUSH NOTIFICATIONS' ? 'MO_2_FACTOR_CHALLENGE_PUSH_NOTIFICATIONS' : 'MO_2_FACTOR_CHALLENGE_OOB_EMAIL';
|
861 |
+
$this->miniorange_pass2login_form_fields( $mo2fa_login_status, $mo2fa_login_message, $redirect_to,null,$session_id);
|
862 |
+
} else if ( $response['status'] == 'ERROR' || $response['status'] == 'FAILED' ) {
|
863 |
+
MO2f_Utility::set_user_values( $session_id, "mo2f_transactionId", $response['txId'] );
|
864 |
+
|
865 |
+
$mo2fa_login_message = $mo2f_second_factor == 'PUSH NOTIFICATIONS' ? 'An error occured while sending push notification to your app. You can click on <b>Phone is Offline</b> button to enter soft token from app or <b>Forgot your phone</b> button to receive OTP to your registered email.' : 'An error occured while sending email. Please try again.';
|
866 |
+
$mo2fa_login_status = $mo2f_second_factor == 'PUSH NOTIFICATIONS' ? 'MO_2_FACTOR_CHALLENGE_PUSH_NOTIFICATIONS' : 'MO_2_FACTOR_CHALLENGE_OOB_EMAIL';
|
867 |
+
$this->miniorange_pass2login_form_fields( $mo2fa_login_status, $mo2fa_login_message, $redirect_to, null,$session_id );
|
868 |
+
}
|
869 |
+
} else {
|
870 |
+
$this->remove_current_activity($session_id);
|
871 |
+
$error = new WP_Error();
|
872 |
+
$error->add( 'empty_username', __( '<strong>ERROR</strong>: An error occured while processing your request. Please Try again.' ) );
|
873 |
+
|
874 |
+
return $error;
|
875 |
+
}
|
876 |
+
}
|
877 |
+
|
878 |
+
function mo2f_pass2login_otp_verification( $user, $mo2f_second_factor, $redirect_to,$session_id=null ) {
|
879 |
+
global $Mo2fdbQueries;
|
880 |
+
if(is_null($session_id)){
|
881 |
+
$session_id=$this->create_session();
|
882 |
+
}
|
883 |
+
|
884 |
+
$mo2f_external_app_type = get_user_meta( $user->ID, 'mo2f_external_app_type', true );
|
885 |
+
$mo2f_user_phone = $Mo2fdbQueries->get_user_detail( 'mo2f_user_phone', $user->ID );
|
886 |
+
|
887 |
+
if ( $mo2f_second_factor == 'SOFT TOKEN' ) {
|
888 |
+
$mo2fa_login_message = 'Please enter the one time passcode shown in the miniOrange<b> Authenticator</b> app.';
|
889 |
+
$mo2fa_login_status = 'MO_2_FACTOR_CHALLENGE_SOFT_TOKEN';
|
890 |
+
$this->miniorange_pass2login_form_fields( $mo2fa_login_status, $mo2fa_login_message, $redirect_to, null,$session_id );
|
891 |
+
} else if ( $mo2f_second_factor == 'GOOGLE AUTHENTICATOR' ) {
|
892 |
+
$mo2fa_login_message = $mo2f_external_app_type == 'Authy Authenticator' ? 'Please enter the one time passcode shown in the <b>Authy Authenticator</b> app.' : 'Please enter the one time passcode shown in the <b>Google Authenticator</b> app.';
|
893 |
+
$mo2fa_login_status = 'MO_2_FACTOR_CHALLENGE_GOOGLE_AUTHENTICATION';
|
894 |
+
$this->miniorange_pass2login_form_fields( $mo2fa_login_status, $mo2fa_login_message, $redirect_to, null,$session_id );
|
895 |
+
} else {
|
896 |
+
$challengeMobile = new Customer_Setup();
|
897 |
+
$content = $challengeMobile->send_otp_token( $mo2f_user_phone, $mo2f_second_factor, get_option( 'mo2f_customerKey' ), get_option( 'mo2f_api_key' ) );
|
898 |
+
$response = json_decode( $content, true );
|
899 |
+
if ( json_last_error() == JSON_ERROR_NONE ) {
|
900 |
+
if ( $response['status'] == 'SUCCESS' ) {
|
901 |
+
$message = 'The OTP has been sent to ' . MO2f_Utility::get_hidden_phone( $response['phoneDelivery']['contact'] ) . '. Please enter the OTP you received to Validate.';
|
902 |
+
update_option( 'mo2f_number_of_transactions', get_option( 'mo2f_number_of_transactions' ) - 1 );
|
903 |
+
|
904 |
+
MO2f_Utility::set_user_values( $session_id, "mo2f_transactionId", $response['txId'] );
|
905 |
+
|
906 |
+
$mo2fa_login_message = $message;
|
907 |
+
$mo2fa_login_status = 'MO_2_FACTOR_CHALLENGE_OTP_OVER_SMS';
|
908 |
+
$this->miniorange_pass2login_form_fields( $mo2fa_login_status, $mo2fa_login_message, $redirect_to,null, $session_id );
|
909 |
+
} else {
|
910 |
+
$message = $response['message'] . ' You can click on <b>Forgot your phone</b> link to login via alternate method.';
|
911 |
+
|
912 |
+
MO2f_Utility::set_user_values( $session_id, "mo2f_transactionId", $response['txId'] );
|
913 |
+
|
914 |
+
$mo2fa_login_message = $message;
|
915 |
+
$mo2fa_login_status = 'MO_2_FACTOR_CHALLENGE_OTP_OVER_SMS';
|
916 |
+
$this->miniorange_pass2login_form_fields( $mo2fa_login_status, $mo2fa_login_message, $redirect_to,null, $session_id );
|
917 |
+
}
|
918 |
+
} else {
|
919 |
+
$this->remove_current_activity($session_id);
|
920 |
+
$error = new WP_Error();
|
921 |
+
$error->add( 'empty_username', __( '<strong>ERROR</strong>: An error occured while processing your request. Please Try again.' ) );
|
922 |
+
|
923 |
+
return $error;
|
924 |
+
}
|
925 |
+
}
|
926 |
+
}
|
927 |
+
|
928 |
+
function mo2fa_pass2login( $redirect_to = null, $session_id_encrypted=null ) {
|
929 |
+
|
930 |
+
$user_id = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_current_user_id',$session_id_encrypted );
|
931 |
+
$mo2f_1stfactor_status = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_1stfactor_status',$session_id_encrypted );
|
932 |
+
|
933 |
+
if ( $user_id && $mo2f_1stfactor_status && ( $mo2f_1stfactor_status == 'VALIDATE_SUCCESS' ) ) {
|
934 |
+
|
935 |
+
$currentuser = get_user_by( 'id', $user_id );
|
936 |
+
|
937 |
+
wp_set_current_user( $user_id, $currentuser->user_login );
|
938 |
+
$this->remove_current_activity($session_id_encrypted);
|
939 |
+
wp_set_auth_cookie( $user_id, true );
|
940 |
+
do_action( 'wp_login', $currentuser->user_login, $currentuser );
|
941 |
+
redirect_user_to( $currentuser, $redirect_to );
|
942 |
+
exit;
|
943 |
+
} else {
|
944 |
+
$this->remove_current_activity($session_id_encrypted);
|
945 |
+
}
|
946 |
+
}
|
947 |
+
|
948 |
+
function create_session(){
|
949 |
+
global $Mo2fdbQueries;
|
950 |
+
$session_id = MO2f_Utility::random_str(20);
|
951 |
+
$Mo2fdbQueries->insert_user_login_session($session_id);
|
952 |
+
|
953 |
+
$key = get_option('mo2f_customer_token');
|
954 |
+
$session_id_encrypt = MO2f_Utility::encrypt_data($session_id, $key);
|
955 |
+
return $session_id_encrypt;
|
956 |
+
}
|
957 |
+
|
958 |
+
function miniorange_initiate_2nd_factor( $currentuser, $attributes = null, $redirect_to = null, $otp_token = "",$session_id_encrypt=null ) {
|
959 |
+
global $Mo2fdbQueries;
|
960 |
+
$this->miniorange_pass2login_start_session();
|
961 |
+
if(is_null($session_id_encrypt)) {
|
962 |
+
$session_id_encrypt=$this->create_session();
|
963 |
+
}
|
964 |
+
|
965 |
+
MO2f_Utility::set_user_values($session_id_encrypt, 'mo2f_current_user_id', $currentuser->ID);
|
966 |
+
MO2f_Utility::set_user_values($session_id_encrypt, 'mo2f_1stfactor_status', 'VALIDATE_SUCCESS');
|
967 |
+
|
968 |
+
$is_customer_admin = get_option( 'mo2f_miniorange_admin' ) == $currentuser->ID ? true : false;
|
969 |
+
$is_2fa_enabled_for_users = get_option( 'mo2f_enable_2fa_for_users' );
|
970 |
+
$is_2fa_enabled_by_users = get_option( 'mo2f_enable_2fa' );
|
971 |
+
|
972 |
+
//$enabled_2fa_byusers = $Mo2fdbQueries->get_user_detail( 'mo2f_2factor_enable_2fa_byusers', $currentuser->ID );
|
973 |
+
//if ( $enabled_2fa_byusers ) {
|
974 |
+
|
975 |
+
if ( $is_customer_admin || ( ! $is_customer_admin && $is_2fa_enabled_for_users && $is_2fa_enabled_by_users ) ) {
|
976 |
+
$email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $currentuser->ID );
|
977 |
+
$mo_2factor_user_registration_status = $Mo2fdbQueries->get_user_detail( 'mo_2factor_user_registration_status', $currentuser->ID );
|
978 |
+
$kba_configuration_status = $Mo2fdbQueries->get_user_detail( 'mo2f_SecurityQuestions_config_status', $currentuser->ID );
|
979 |
+
if ( $email && $mo_2factor_user_registration_status == 'MO_2_FACTOR_PLUGIN_SETTINGS' ) { //checking if user has configured any 2nd factor method
|
980 |
+
try {
|
981 |
+
$mo2f_rba_status = mo2f_collect_attributes( $email, stripslashes( $attributes ) ); // Rba flow
|
982 |
+
MO2f_Utility::set_user_values( $session_id_encrypt, 'mo2f_rba_status', $mo2f_rba_status );
|
983 |
+
} catch ( Exception $e ) {
|
984 |
+
echo $e->getMessage();
|
985 |
+
}
|
986 |
+
|
987 |
+
if ( $mo2f_rba_status['status'] == 'SUCCESS' && $mo2f_rba_status['decision_flag'] ) {
|
988 |
+
$this->mo2fa_pass2login( $redirect_to, $session_id_encrypt );
|
989 |
+
} else if ( ($mo2f_rba_status['status'] == 'DENY' ) && get_option( 'mo2f_rba_installed' ) ) {
|
990 |
+
|
991 |
+
$this->mo2f_restrict_access( 'Access_denied' );
|
992 |
+
exit;
|
993 |
+
} else if ( ($mo2f_rba_status['status'] == 'ERROR') && get_option( 'mo2f_rba_installed' ) ) {
|
994 |
+
$this->mo2f_restrict_access( 'Access_denied' );
|
995 |
+
exit;
|
996 |
+
} else {
|
997 |
+
$mo2f_second_factor = mo2f_get_user_2ndfactor( $currentuser );
|
998 |
+
$is_nc_with_unlimited_users = get_option( 'mo2f_is_NC' ) && !get_option( 'mo2f_is_NNC' );
|
999 |
+
|
1000 |
+
if(!$is_nc_with_unlimited_users && get_option('mo2f_enable_2fa_prompt_on_login_page')&& !get_option('mo2f_remember_device')&&
|
1001 |
+
in_array(get_option('mo2f_configured_2_factor_method'), array("Google Authenticator", "miniOrange Soft Token", "Authy Authenticator"))){
|
1002 |
+
$error=$this->mo2f_validate_soft_token($currentuser, $redirect_to, $mo2f_second_factor, $otp_token,$session_id_encrypt);
|
1003 |
+
|
1004 |
+
if(is_wp_error( $error)){
|
1005 |
+
return $error;
|
1006 |
+
}
|
1007 |
+
|
1008 |
+
|
1009 |
+
}else{
|
1010 |
+
if ( MO2f_Utility::check_if_request_is_from_mobile_device( $_SERVER['HTTP_USER_AGENT'] ) && $kba_configuration_status ) {
|
1011 |
+
$this->mo2f_pass2login_kba_verification( $currentuser->ID, $redirect_to, $session_id_encrypt );
|
1012 |
+
} else {
|
1013 |
+
if ( $mo2f_second_factor == 'MOBILE AUTHENTICATION' ) {
|
1014 |
+
$this->mo2f_pass2login_mobile_verification( $currentuser, $redirect_to, $session_id_encrypt );
|
1015 |
+
} else if ( $mo2f_second_factor == 'PUSH NOTIFICATIONS' || $mo2f_second_factor == 'OUT OF BAND EMAIL' ) {
|
1016 |
+
$this->mo2f_pass2login_push_oobemail_verification( $currentuser, $mo2f_second_factor, $redirect_to, $session_id_encrypt );
|
1017 |
+
} else if ( $mo2f_second_factor == 'SOFT TOKEN' || $mo2f_second_factor == 'SMS' || $mo2f_second_factor == 'PHONE VERIFICATION' || $mo2f_second_factor == 'GOOGLE AUTHENTICATOR' ) {
|
1018 |
+
$this->mo2f_pass2login_otp_verification( $currentuser, $mo2f_second_factor, $redirect_to, $session_id_encrypt );
|
1019 |
+
} else if ( $mo2f_second_factor == 'KBA' ) {
|
1020 |
+
$this->mo2f_pass2login_kba_verification( $currentuser->ID, $redirect_to , $session_id_encrypt );
|
1021 |
+
} else if ( $mo2f_second_factor == 'NONE' ) {
|
1022 |
+
$this->mo2fa_pass2login( $redirect_to, $session_id_encrypt );
|
1023 |
+
} else {
|
1024 |
+
$this->remove_current_activity($session_id_encrypt);
|
1025 |
+
$error = new WP_Error();
|
1026 |
+
$error->add( 'empty_username', __( '<strong>ERROR</strong>: Two Factor method has not been configured.' ) );
|
1027 |
+
|
1028 |
+
return $error;
|
1029 |
+
}
|
1030 |
+
}
|
1031 |
+
}
|
1032 |
+
|
1033 |
+
}
|
1034 |
+
} else {
|
1035 |
+
$this->mo2fa_pass2login( $redirect_to, $session_id_encrypt );
|
1036 |
+
}
|
1037 |
+
|
1038 |
+
} else { //plugin is not activated for current role then logged him in without asking 2 factor
|
1039 |
+
$this->mo2fa_pass2login( $redirect_to, $session_id_encrypt );
|
1040 |
+
}
|
1041 |
+
|
1042 |
+
}
|
1043 |
+
|
1044 |
+
function mo2f_validate_soft_token($currentuser, $redirect_to = null, $mo2f_second_factor, $softtoken,$session_id_encrypt){
|
1045 |
+
global $Mo2fdbQueries;
|
1046 |
+
$email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $currentuser->ID );
|
1047 |
+
$customer = new Customer_Setup();
|
1048 |
+
$content = json_decode( $customer->validate_otp_token( $mo2f_second_factor, $email, null, $softtoken, get_option( 'mo2f_customerKey' ), get_option( 'mo2f_api_key' ) ), true );
|
1049 |
+
if ( strcasecmp( $content['status'], 'SUCCESS' ) == 0 ) {
|
1050 |
+
if ( get_option( 'mo2f_remember_device' ) ) {
|
1051 |
+
$mo2fa_login_status = 'MO_2_FACTOR_REMEMBER_TRUSTED_DEVICE';
|
1052 |
+
$this->miniorange_pass2login_form_fields( $mo2fa_login_status, null, $redirect_to,null, $session_id_encrypt );
|
1053 |
+
} else {
|
1054 |
+
$this->mo2fa_pass2login( $redirect_to, $session_id_encrypt );
|
1055 |
+
}
|
1056 |
+
} else {
|
1057 |
+
return new WP_Error( 'invalid_one_time_passcode', '<strong>ERROR</strong>: Invalid One Time Passcode.');
|
1058 |
+
}
|
1059 |
+
}
|
1060 |
+
|
1061 |
+
function mo2f_restrict_access( $identity ) {
|
1062 |
+
apply_filters( 'mo2f_rba_addon', $identity );
|
1063 |
+
exit;
|
1064 |
+
}
|
1065 |
+
|
1066 |
+
function mo2f_collect_device_attributes_for_authenticated_user( $currentuser, $redirect_to = null ) {
|
1067 |
+
global $Mo2fdbQueries;
|
1068 |
+
if ( get_option( 'mo2f_remember_device' ) ) {
|
1069 |
+
$this->miniorange_pass2login_start_session();
|
1070 |
+
|
1071 |
+
$session_id=$this->create_session();
|
1072 |
+
MO2f_Utility::set_user_values( $session_id, "mo2f_current_user_id", $currentuser->ID );
|
1073 |
+
|
1074 |
+
mo2f_collect_device_attributes_handler( $redirect_to,$session_id );
|
1075 |
+
exit;
|
1076 |
+
} else {
|
1077 |
+
$this->miniorange_initiate_2nd_factor( $currentuser, null, $redirect_to );
|
1078 |
+
}
|
1079 |
+
}
|
1080 |
+
|
1081 |
+
function mo2f_check_username_password( $user, $username, $password, $redirect_to = null ) {
|
1082 |
+
if ( is_a( $user, 'WP_Error' ) && ! empty( $user ) ) {
|
1083 |
+
return $user;
|
1084 |
+
}
|
1085 |
+
|
1086 |
+
|
1087 |
+
// if an app password is enabled, this is an XMLRPC / APP login ?
|
1088 |
+
if ( defined( 'XMLRPC_REQUEST' ) && XMLRPC_REQUEST ) {
|
1089 |
+
|
1090 |
+
$currentuser = wp_authenticate_username_password( $user, $username, $password );
|
1091 |
+
if ( is_wp_error( $currentuser ) ) {
|
1092 |
+
$this->error = new IXR_Error( 403, __( 'Bad login/pass combination.' ) );
|
1093 |
+
|
1094 |
+
return false;
|
1095 |
+
} else {
|
1096 |
+
return $currentuser;
|
1097 |
+
}
|
1098 |
+
|
1099 |
+
} else {
|
1100 |
+
$currentuser = wp_authenticate_username_password( $user, $username, $password );
|
1101 |
+
if ( is_wp_error( $currentuser ) ) {
|
1102 |
+
$currentuser->add( 'invalid_username_password', '<strong>' . mo2f_lt( 'ERROR' ) . '</strong>: ' . mo2f_lt( 'Invalid Username or password.' ) );
|
1103 |
+
return $currentuser;
|
1104 |
+
} else {
|
1105 |
+
global $Mo2fdbQueries;
|
1106 |
+
$mo2f_configured_2FA_method = $Mo2fdbQueries->get_user_detail( 'mo2f_configured_2FA_method', $currentuser->ID );
|
1107 |
+
$is_nc_with_unlimited_users = get_option( 'mo2f_is_NC' ) && !get_option( 'mo2f_is_NNC' );
|
1108 |
+
|
1109 |
+
if ( !$is_nc_with_unlimited_users && empty( $_POST['mo_softtoken'] ) && get_option('mo2f_enable_2fa_prompt_on_login_page') && $mo2f_configured_2FA_method && !get_option('mo2f_remember_device')&&
|
1110 |
+
in_array(get_option('mo2f_configured_2_factor_method'), array("Google Authenticator", "miniOrange Soft Token", "Authy Authenticator"))) { // Prevent PHP notices when using app password login
|
1111 |
+
return new WP_Error( 'one_time_passcode_empty', '<strong>ERROR</strong>: Please enter the One Time Passcode.');
|
1112 |
+
} else {
|
1113 |
+
$otp_token = isset($_POST[ 'mo_softtoken' ]) ? trim( $_POST[ 'mo_softtoken' ] ) : '';
|
1114 |
+
}
|
1115 |
+
|
1116 |
+
$attributes = isset( $_POST['miniorange_rba_attribures'] ) ? $_POST['miniorange_rba_attribures'] : null;
|
1117 |
+
$session_id = isset( $_POST['miniorange_user_session'] ) ? $_POST['miniorange_user_session'] : null;
|
1118 |
+
|
1119 |
+
$redirect_to = isset( $_REQUEST['redirect_to'] ) ? $_REQUEST['redirect_to'] : null;
|
1120 |
+
|
1121 |
+
if(is_null($session_id)) {
|
1122 |
+
$session_id=$this->create_session();
|
1123 |
+
}
|
1124 |
+
|
1125 |
+
|
1126 |
+
$error=$this->miniorange_initiate_2nd_factor( $currentuser, $attributes, $redirect_to, $otp_token, $session_id );
|
1127 |
+
|
1128 |
+
|
1129 |
+
if(is_wp_error( $error)){
|
1130 |
+
return $error;
|
1131 |
+
}
|
1132 |
+
|
1133 |
+
}
|
1134 |
+
}
|
1135 |
+
}
|
1136 |
+
|
1137 |
+
function mo_2_factor_enable_jquery_default_login() {
|
1138 |
+
wp_enqueue_script( 'jquery' );
|
1139 |
+
}
|
1140 |
+
|
1141 |
+
function miniorange_pass2login_footer_form() {
|
1142 |
+
?>
|
1143 |
+
<script>
|
1144 |
+
jQuery(document).ready(function () {
|
1145 |
+
if (document.getElementById('loginform') != null) {
|
1146 |
+
jQuery('#loginform').on('submit', function (e) {
|
1147 |
+
jQuery('#miniorange_rba_attribures').val(JSON.stringify(rbaAttributes.attributes));
|
1148 |
+
});
|
1149 |
+
} else {
|
1150 |
+
if (document.getElementsByClassName('login') != null) {
|
1151 |
+
jQuery('.login').on('submit', function (e) {
|
1152 |
+
jQuery('#miniorange_rba_attribures').val(JSON.stringify(rbaAttributes.attributes));
|
1153 |
+
});
|
1154 |
+
}
|
1155 |
+
}
|
1156 |
+
});
|
1157 |
+
</script>
|
1158 |
+
<?php
|
1159 |
+
|
1160 |
+
}
|
1161 |
+
|
1162 |
+
}
|
1163 |
+
|
1164 |
+
?>
|
class-miniorange-2-factor-user-registration.php
ADDED
@@ -0,0 +1,292 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?Php
|
2 |
+
/** miniOrange enables user to log in through mobile authentication as an additional layer of security over password.
|
3 |
+
* Copyright (C) 2015 miniOrange
|
4 |
+
*
|
5 |
+
* This program is free software: you can redistribute it and/or modify
|
6 |
+
* it under the terms of the GNU General Public License as published by
|
7 |
+
* the Free Software Foundation, either version 3 of the License, or
|
8 |
+
* (at your option) any later version.
|
9 |
+
*
|
10 |
+
* This program is distributed in the hope that it will be useful,
|
11 |
+
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
12 |
+
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
13 |
+
* GNU General Public License for more details.
|
14 |
+
*
|
15 |
+
* You should have received a copy of the GNU General Public License
|
16 |
+
* along with this program. If not, see <http://www.gnu.org/licenses/>
|
17 |
+
* @package miniOrange OAuth
|
18 |
+
* @license http://www.gnu.org/copyleft/gpl.html GNU/GPL, see LICENSE.php
|
19 |
+
*/
|
20 |
+
|
21 |
+
/**
|
22 |
+
* This library is miniOrange Authentication Service.
|
23 |
+
* Contains Request Calls to Customer service.
|
24 |
+
**/
|
25 |
+
class Miniorange_User_Register {
|
26 |
+
|
27 |
+
function __construct() {
|
28 |
+
add_action( 'admin_init', array( $this, 'miniorange_user_save_settings' ) );
|
29 |
+
add_action( 'admin_enqueue_scripts', array( $this, 'plugin_settings_style' ) );
|
30 |
+
}
|
31 |
+
|
32 |
+
function plugin_settings_style() {
|
33 |
+
wp_enqueue_style( 'mo_2_factor_admin_settings_style', plugins_url( 'includes/css/style_settings.css?version=5.1.7', __FILE__ ) );
|
34 |
+
}
|
35 |
+
|
36 |
+
function mo_auth_success_message() {
|
37 |
+
$message = get_option( 'mo2f_message' ); ?>
|
38 |
+
<script>
|
39 |
+
|
40 |
+
jQuery(document).ready(function () {
|
41 |
+
|
42 |
+
var message = "<?php echo $message; ?>";
|
43 |
+
jQuery('#messages').append("<div class='error notice is-dismissible mo2f_error_container'> <p class='mo2f_msgs'>" + message + "</p></div>");
|
44 |
+
});
|
45 |
+
</script>
|
46 |
+
<?php
|
47 |
+
}
|
48 |
+
|
49 |
+
function mo_auth_error_message() {
|
50 |
+
$message = get_option( 'mo2f_message' ); ?>
|
51 |
+
<script>
|
52 |
+
jQuery(document).ready(function () {
|
53 |
+
|
54 |
+
var message = "<?php echo $message; ?>";
|
55 |
+
jQuery('#messages').append("<div class='updated notice is-dismissible mo2f_success_container'> <p class='mo2f_msgs'>" + message + "</p></div>");
|
56 |
+
|
57 |
+
jQuery('a[href=\"#test\"]').click(function () {
|
58 |
+
var currentMethod = jQuery(this).data("method");
|
59 |
+
|
60 |
+
if (currentMethod == 'MOBILE AUTHENTICATION') {
|
61 |
+
jQuery('#mo2f_2factor_test_mobile_form').submit();
|
62 |
+
} else if (currentMethod == 'PUSH NOTIFICATIONS') {
|
63 |
+
jQuery('#mo2f_2factor_test_push_form').submit();
|
64 |
+
} else if (currentMethod == 'SOFT TOKEN') {
|
65 |
+
jQuery('#mo2f_2factor_test_softtoken_form').submit();
|
66 |
+
} else if (currentMethod == 'SMS' || currentMethod == 'PHONE VERIFICATION') {
|
67 |
+
jQuery('#mo2f_test_2factor_method').val(currentMethod);
|
68 |
+
jQuery('#mo2f_2factor_test_smsotp_form').submit();
|
69 |
+
} else if (currentMethod == 'OUT OF BAND EMAIL') {
|
70 |
+
jQuery('#mo2f_2factor_test_out_of_band_email_form').submit();
|
71 |
+
} else if (currentMethod == 'GOOGLE AUTHENTICATOR') {
|
72 |
+
jQuery('#mo2f_2factor_test_google_auth_form').submit();
|
73 |
+
}
|
74 |
+
});
|
75 |
+
|
76 |
+
});
|
77 |
+
</script>
|
78 |
+
<?php
|
79 |
+
}
|
80 |
+
|
81 |
+
public function mo2f_register_user() {
|
82 |
+
global $wpdb;
|
83 |
+
global $Mo2fdbQueries;
|
84 |
+
global $user;
|
85 |
+
$user = wp_get_current_user();
|
86 |
+
if ( mo_2factor_is_curl_installed() == 0 ) { ?>
|
87 |
+
<p style="color:red;"> (<?php echo mo2f_lt( 'Warning: ' ); ?><a
|
88 |
+
href="http://php.net/manual/en/curl.installation.php"
|
89 |
+
target="_blank"> <?php echo mo2f_lt( 'PHP CURL extension' ); ?></a> <?php echo mo2f_lt( 'is not installed or disabled' ); ?>
|
90 |
+
)</p>
|
91 |
+
<?php
|
92 |
+
}
|
93 |
+
|
94 |
+
|
95 |
+
$mo2f_active_tab = isset( $_GET['mo2f_tab'] ) ? $_GET['mo2f_tab'] : '2factor_setup';
|
96 |
+
$mo_2factor_user_registration_status = $Mo2fdbQueries->get_user_detail( 'mo_2factor_user_registration_status', $user->ID );
|
97 |
+
|
98 |
+
?>
|
99 |
+
|
100 |
+
<div class="wrap">
|
101 |
+
<div><img style="float:left;" src="<?php echo plugins_url( 'includes/images/logo.png"', __FILE__ ); ?>"></div>
|
102 |
+
<div style="display:block;font-size:23px;padding:9px 0 10px;line-height:29px; margin-left:3%">
|
103 |
+
<a class="add-new-h2" href="https://faq.miniorange.com/kb/two-factor-authentication"
|
104 |
+
target="_blank"><?php echo mo2f_lt( 'FAQ' ); ?></a>
|
105 |
+
</div>
|
106 |
+
<div id="tab">
|
107 |
+
<h2 class="nav-tab-wrapper">
|
108 |
+
<a href="admin.php?page=miniOrange_2_factor_settings&mo2f_tab=2factor_setup"
|
109 |
+
class="nav-tab <?php echo $mo2f_active_tab == '2factor_setup' ? 'nav-tab-active' : ''; ?>"
|
110 |
+
id="mo2f_tab1"><?php if ( in_array( $mo_2factor_user_registration_status, array(
|
111 |
+
'MO_2_FACTOR_INITIALIZE_TWO_FACTOR',
|
112 |
+
'MO_2_FACTOR_INITIALIZE_MOBILE_REGISTRATION',
|
113 |
+
'MO_2_FACTOR_PLUGIN_SETTINGS'
|
114 |
+
) ) ) { ?><?php echo mo2f_lt( 'User Profile ' ); ?><?php } else { ?><?php echo mo2f_lt( 'Account Setup ' ); ?><?php } ?></a>
|
115 |
+
<a href="admin.php?page=miniOrange_2_factor_settings&mo2f_tab=mobile_configure"
|
116 |
+
class="nav-tab <?php echo $mo2f_active_tab == 'mobile_configure' ? 'nav-tab-active' : ''; ?>"
|
117 |
+
id="mo2f_tab2"><?php echo mo2f_lt( 'Setup Two-Factor' ); ?></a>
|
118 |
+
</h2>
|
119 |
+
</div>
|
120 |
+
|
121 |
+
<div class="mo2f_container">
|
122 |
+
<div id="messages"></div>
|
123 |
+
<table style="width:100%;padding:20px;">
|
124 |
+
<tr>
|
125 |
+
<td style="width:60%;vertical-align:top;">
|
126 |
+
<?php
|
127 |
+
$session_variables = array( 'mo2f_google_auth', 'mo2f_mobile_support' );
|
128 |
+
if ( $mo2f_active_tab == 'mobile_configure' ) {
|
129 |
+
$mo2f_second_factor = mo2f_get_activated_second_factor( $user );
|
130 |
+
|
131 |
+
mo2f_select_2_factor_method( $user, $mo2f_second_factor );
|
132 |
+
?>
|
133 |
+
<script>
|
134 |
+
jQuery(document).ready(function () {
|
135 |
+
jQuery("#mo2f_support_table").hide();
|
136 |
+
});
|
137 |
+
</script>
|
138 |
+
<?php
|
139 |
+
} else if ( get_option( 'mo2f_remember_device' ) && $mo2f_active_tab == 'advance_option' ) {
|
140 |
+
MO2f_Utility::unset_session_variables( $session_variables );
|
141 |
+
show_2_factor_advanced_options( $user ); //Login Settings tab
|
142 |
+
} else {
|
143 |
+
MO2f_Utility::unset_session_variables( $session_variables );
|
144 |
+
if ( in_array( $mo_2factor_user_registration_status, array(
|
145 |
+
'MO_2_FACTOR_OTP_DELIVERED_SUCCESS',
|
146 |
+
'MO_2_FACTOR_OTP_DELIVERED_FAILURE'
|
147 |
+
) ) ) {
|
148 |
+
mo2f_show_user_otp_validation_page();
|
149 |
+
} else if ( $mo_2factor_user_registration_status == 'MO_2_FACTOR_INITIALIZE_MOBILE_REGISTRATION' ) {
|
150 |
+
$mo2f_second_factor = mo2f_get_activated_second_factor( $user );
|
151 |
+
mo2f_show_instruction_to_allusers( $user, $mo2f_second_factor );
|
152 |
+
} else if ( $mo_2factor_user_registration_status == 'MO_2_FACTOR_INITIALIZE_TWO_FACTOR' ) {
|
153 |
+
mo2f_show_instruction_to_allusers( $user, 'NONE' );
|
154 |
+
} else if ( $mo_2factor_user_registration_status == 'MO_2_FACTOR_PLUGIN_SETTINGS' ) {
|
155 |
+
$mo2f_second_factor = mo2f_get_activated_second_factor( $user );
|
156 |
+
mo2f_show_instruction_to_allusers( $user, $mo2f_second_factor );
|
157 |
+
} else {
|
158 |
+
show_user_welcome_page( $user );
|
159 |
+
}
|
160 |
+
}
|
161 |
+
?>
|
162 |
+
</td>
|
163 |
+
<td style="vertical-align:top;padding-left:1%;" id="mo2f_support_table">
|
164 |
+
</td>
|
165 |
+
</tr>
|
166 |
+
</table>
|
167 |
+
</div>
|
168 |
+
<?php
|
169 |
+
}
|
170 |
+
|
171 |
+
function miniorange_user_save_settings() {
|
172 |
+
global $wpdb;
|
173 |
+
global $Mo2fdbQueries;
|
174 |
+
global $user;
|
175 |
+
$user = wp_get_current_user();
|
176 |
+
|
177 |
+
if ( ! current_user_can( 'manage_options' ) ) {
|
178 |
+
if ( isset( $_POST['option'] ) and $_POST['option'] == "mo_2factor_validate_user_otp" ) { //validate OTP
|
179 |
+
//validation and sanitization
|
180 |
+
$otp_token = '';
|
181 |
+
if ( MO2f_Utility::mo2f_check_empty_or_null( $_POST['otp_token'] ) ) {
|
182 |
+
update_option( 'mo2f_message', Mo2fConstants::langTranslate( "INVALID_ENTRY" ) );
|
183 |
+
$this->mo_auth_show_error_message();
|
184 |
+
|
185 |
+
return;
|
186 |
+
} else {
|
187 |
+
$otp_token = sanitize_text_field( $_POST['otp_token'] );
|
188 |
+
}
|
189 |
+
$email = get_user_meta( $user->ID, 'user_email', true );
|
190 |
+
if ( ! MO2f_Utility::check_if_email_is_already_registered( $email ) ) {
|
191 |
+
$customer = new Customer_Setup();
|
192 |
+
$transactionId = get_user_meta( $user->ID, 'mo_2fa_verify_otp_create_account', true );
|
193 |
+
|
194 |
+
$content = json_decode( $customer->validate_otp_token( 'EMAIL', null, $transactionId, $otp_token, get_option( 'mo2f_customerKey' ), get_option( 'mo2f_api_key' ) ), true );
|
195 |
+
if ( $content['status'] == 'ERROR' ) {
|
196 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( $content['message'] ) );
|
197 |
+
delete_user_meta( $user->ID, 'mo_2fa_verify_otp_create_account' );
|
198 |
+
$this->mo_auth_show_error_message();
|
199 |
+
} else {
|
200 |
+
if ( strcasecmp( $content['status'], 'SUCCESS' ) == 0 ) { //OTP validated and generate QRCode
|
201 |
+
$this->mo2f_create_user( $user, get_user_meta( $user->ID, 'user_email', true ) );
|
202 |
+
delete_user_meta( $user->ID, 'mo_2fa_verify_otp_create_account' );
|
203 |
+
} else { // OTP Validation failed.
|
204 |
+
update_option( 'mo2f_message', Mo2fConstants::langTranslate( "INVALID_OTP" ) );
|
205 |
+
$Mo2fdbQueries->update_user_details( $user->ID, array( 'mo_2factor_user_registration_status' => 'MO_2_FACTOR_OTP_DELIVERED_FAILURE' ) );
|
206 |
+
$this->mo_auth_show_error_message();
|
207 |
+
}
|
208 |
+
}
|
209 |
+
|
210 |
+
} else {
|
211 |
+
update_option( 'mo2f_message', Mo2fConstants::langTranslate( "EMAIL_IN_USE" ) );
|
212 |
+
$this->mo_auth_show_error_message();
|
213 |
+
}
|
214 |
+
}
|
215 |
+
}
|
216 |
+
|
217 |
+
}
|
218 |
+
|
219 |
+
private function mo_auth_show_error_message() {
|
220 |
+
remove_action( 'admin_notices', array( $this, 'mo_auth_error_message' ) );
|
221 |
+
add_action( 'admin_notices', array( $this, 'mo_auth_success_message' ) );
|
222 |
+
}
|
223 |
+
|
224 |
+
function mo2f_create_user( $user, $email ) { //creating user in miniOrange of wordpress non-admin
|
225 |
+
global $Mo2fdbQueries;
|
226 |
+
$email = strtolower( $email );
|
227 |
+
$enduser = new Two_Factor_Setup();
|
228 |
+
$check_user = json_decode( $enduser->mo_check_user_already_exist( $email ), true );
|
229 |
+
if ( json_last_error() == JSON_ERROR_NONE ) {
|
230 |
+
if ( $check_user['status'] == 'ERROR' ) {
|
231 |
+
update_option( 'mo2f_message', Mo2fConstants::langTranslate( $check_user['message'] ) );
|
232 |
+
$this->mo_auth_show_error_message();
|
233 |
+
} else {
|
234 |
+
if ( strcasecmp( $check_user['status'], 'USER_FOUND' ) == 0 ) {
|
235 |
+
delete_user_meta( $user->ID, 'user_email' );
|
236 |
+
|
237 |
+
$Mo2fdbQueries->update_user_details( $user->ID, array(
|
238 |
+
'user_registration_with_miniorange' => 'SUCCESS',
|
239 |
+
'mo2f_user_email' => $email,
|
240 |
+
'mo_2factor_user_registration_status' => 'MO_2_FACTOR_INITIALIZE_TWO_FACTOR',
|
241 |
+
) );
|
242 |
+
$enduser->mo2f_update_userinfo( $email, 'OUT OF BAND EMAIL', null, null, null );
|
243 |
+
$message = Mo2fConstants::langTranslate( "REGISTRATION_SUCCESS" ) . ' <a href=\"admin.php?page=miniOrange_2_factor_settings&mo2f_tab=mobile_configure\" >' . Mo2fConstants::langTranslate( "CLICK_HERE" ) . '</a> ' . Mo2fConstants::langTranslate( "CONFIGURE_2FA" );
|
244 |
+
update_option( 'mo2f_message', $message );
|
245 |
+
$this->mo_auth_show_success_message();
|
246 |
+
header( 'Location: admin.php?page=miniOrange_2_factor_settings&mo2f_tab=mobile_configure' );
|
247 |
+
|
248 |
+
} else if ( strcasecmp( $check_user['status'], 'USER_NOT_FOUND' ) == 0 ) {
|
249 |
+
$content = json_decode( $enduser->mo_create_user( $user, $email ), true );
|
250 |
+
if ( json_last_error() == JSON_ERROR_NONE ) {
|
251 |
+
if ( $content['status'] == 'ERROR' ) {
|
252 |
+
update_option( 'mo2f_message', Mo2fConstants::langTranslate( $content['message'] ) );
|
253 |
+
} else {
|
254 |
+
if ( strcasecmp( $content['status'], 'SUCCESS' ) == 0 ) {
|
255 |
+
delete_user_meta( $user->ID, 'user_email' );
|
256 |
+
$Mo2fdbQueries->update_user_details( $user->ID, array(
|
257 |
+
'user_registration_with_miniorange' => 'SUCCESS',
|
258 |
+
'mo2f_user_email' => $email,
|
259 |
+
'mo_2factor_user_registration_status' => 'MO_2_FACTOR_INITIALIZE_TWO_FACTOR',
|
260 |
+
) );
|
261 |
+
$enduser->mo2f_update_userinfo( $email, 'OUT OF BAND EMAIL', null, null, null );
|
262 |
+
$message = Mo2fConstants::langTranslate( "REGISTRATION_SUCCESS" ) . ' <a href=\"admin.php?page=miniOrange_2_factor_settings&mo2f_tab=mobile_configure\" > ' . Mo2fConstants::langTranslate( "CLICK_HERE" ) . '</a> ' . Mo2fConstants::langTranslate( "CONFIGURE_2FA" );
|
263 |
+
update_option( 'mo2f_message', $message );
|
264 |
+
$this->mo_auth_show_success_message();
|
265 |
+
header( 'Location: admin.php?page=miniOrange_2_factor_settings&mo2f_tab=mobile_configure' );
|
266 |
+
|
267 |
+
} else {
|
268 |
+
update_option( 'mo2f_message', Mo2fConstants::langTranslate( "ERROR_DURING_USER_REGISTRATION" ) );
|
269 |
+
$this->mo_auth_show_error_message();
|
270 |
+
}
|
271 |
+
}
|
272 |
+
} else {
|
273 |
+
update_option( 'mo2f_message', Mo2fConstants::langTranslate( "ERROR_DURING_USER_REGISTRATION_ADMIN" ) );
|
274 |
+
$this->mo_auth_show_error_message();
|
275 |
+
}
|
276 |
+
} else {
|
277 |
+
update_option( 'mo2f_message', Mo2fConstants::langTranslate( "ERROR_DURING_USER_REGISTRATION" ) );
|
278 |
+
$this->mo_auth_show_error_message();
|
279 |
+
}
|
280 |
+
}
|
281 |
+
} else {
|
282 |
+
update_option( 'mo2f_message', Mo2fConstants::langTranslate( "ERROR_DURING_USER_REGISTRATION" ) );
|
283 |
+
$this->mo_auth_show_error_message();
|
284 |
+
}
|
285 |
+
}
|
286 |
+
|
287 |
+
private function mo_auth_show_success_message() {
|
288 |
+
remove_action( 'admin_notices', array( $this, 'mo_auth_success_message' ) );
|
289 |
+
add_action( 'admin_notices', array( $this, 'mo_auth_error_message' ) );
|
290 |
+
}
|
291 |
+
|
292 |
+
}
|
class-mo2f-constants.php
ADDED
@@ -0,0 +1,406 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
if ( ! defined( 'ABSPATH' ) ) {
|
3 |
+
exit;
|
4 |
+
}
|
5 |
+
|
6 |
+
class Mo2fConstants {
|
7 |
+
static function langTranslate( $text ) {
|
8 |
+
switch ( $text ) {
|
9 |
+
case 'Successfully validated.':
|
10 |
+
return mo2f_lt( 'Successfully validated.' );
|
11 |
+
break;
|
12 |
+
case 'SCAN_QR_CODE':
|
13 |
+
return mo2f_lt( 'Please scan the QR Code now.' );
|
14 |
+
break;
|
15 |
+
case 'miniOrange QR Code Authentication':
|
16 |
+
return mo2f_lt( 'miniOrange QR Code Authentication' );
|
17 |
+
break;
|
18 |
+
case 'miniOrange Push Notification':
|
19 |
+
return mo2f_lt( 'miniOrange Push Notification' );
|
20 |
+
break;
|
21 |
+
case 'miniOrange Soft Token':
|
22 |
+
return mo2f_lt( 'miniOrange Soft Token' );
|
23 |
+
break;
|
24 |
+
case 'Security Questions':
|
25 |
+
return mo2f_lt( 'Security Questions' );
|
26 |
+
break;
|
27 |
+
case 'Google Authenticator':
|
28 |
+
return mo2f_lt( 'Google Authenticator' );
|
29 |
+
break;
|
30 |
+
case 'Authy Authenticator':
|
31 |
+
return mo2f_lt( 'Authy Authenticator' );
|
32 |
+
break;
|
33 |
+
case 'Email Verification':
|
34 |
+
return mo2f_lt( 'Email Verification' );
|
35 |
+
break;
|
36 |
+
case 'OTP Over SMS':
|
37 |
+
return mo2f_lt( 'OTP Over SMS' );
|
38 |
+
break;
|
39 |
+
case 'OTP Over SMS And Email':
|
40 |
+
return mo2f_lt( 'OTP Over SMS And Email' );
|
41 |
+
break;
|
42 |
+
case 'Your license has expired. Please renew your license to continue using our service.':
|
43 |
+
return mo2f_lt( 'Your license has expired. Please renew your license to continue using our service.' );
|
44 |
+
break;
|
45 |
+
case 'The total transaction limit has been exceeded. Please upgrade your premium plan.':
|
46 |
+
return mo2f_lt( 'The total transaction limit has been exceeded. Please upgrade your premium plan.' );
|
47 |
+
break;
|
48 |
+
case 'The transaction limit has exceeded.':
|
49 |
+
return mo2f_lt( 'The transaction limit has exceeded.' );
|
50 |
+
break;
|
51 |
+
case 'GenerateOtpRequest is null':
|
52 |
+
return mo2f_lt( 'GenerateOtpRequest is null' );
|
53 |
+
break;
|
54 |
+
case 'The sms transaction limit has been exceeded. Please refer to the Licensing Plans tab for purchasing your SMS transactions.':
|
55 |
+
return mo2f_lt( 'The sms transaction limit has been exceeded. Please refer to the Licensing Plans tab for purchasing your SMS transactions.' );
|
56 |
+
break;
|
57 |
+
case 'The email transaction limit has been exceeded. Please refer to the Licensing Plans tab for purchasing your SMS transactions.':
|
58 |
+
return mo2f_lt( 'The email transaction limit has been exceeded. Please refer to the Licensing Plans tab for purchasing your SMS transactions.' );
|
59 |
+
break;
|
60 |
+
case 'Transaction limit exceeded. Please contact your administrator':
|
61 |
+
return mo2f_lt( 'Transaction limit exceeded. Please contact your administrator' );
|
62 |
+
break;
|
63 |
+
case 'Free Trial has already been taken or expired for this plugin. Please upgrade to a premium plan.':
|
64 |
+
return mo2f_lt( 'Free Trial has already been taken or expired for this plugin. Please upgrade to a premium plan.' );
|
65 |
+
break;
|
66 |
+
case 'Invalid format.':
|
67 |
+
return mo2f_lt( 'Invalid format.' );
|
68 |
+
break;
|
69 |
+
case 'Mobile registration failed.':
|
70 |
+
return mo2f_lt( 'Mobile registration failed.' );
|
71 |
+
break;
|
72 |
+
case 'Invalid mobile authentication request.':
|
73 |
+
return mo2f_lt( 'Invalid mobile authentication request.' );
|
74 |
+
break;
|
75 |
+
case 'Exception during SMS sending':
|
76 |
+
return mo2f_lt( 'Exception during SMS sending' );
|
77 |
+
break;
|
78 |
+
case 'There was an error during sending an SMS.':
|
79 |
+
return mo2f_lt( 'There was an error during sending an SMS.' );
|
80 |
+
break;
|
81 |
+
case 'Exception during logUserTransaction':
|
82 |
+
return mo2f_lt( 'Exception during logUserTransaction' );
|
83 |
+
break;
|
84 |
+
case 'There was an error processing the challenge user request.':
|
85 |
+
return mo2f_lt( 'There was an error processing the challenge user request.' );
|
86 |
+
break;
|
87 |
+
case 'What is your first company name?':
|
88 |
+
return mo2f_lt( 'What is your first company name?' );
|
89 |
+
break;
|
90 |
+
case 'What was your childhood nickname?':
|
91 |
+
return mo2f_lt( 'What was your childhood nickname?' );
|
92 |
+
break;
|
93 |
+
case 'In what city did you meet your spouse/significant other?':
|
94 |
+
return mo2f_lt( 'In what city did you meet your spouse/significant other?' );
|
95 |
+
break;
|
96 |
+
case 'What is the name of your favorite childhood friend?':
|
97 |
+
return mo2f_lt( 'What is the name of your favorite childhood friend?' );
|
98 |
+
break;
|
99 |
+
case "What was your first vehicle's registration number?":
|
100 |
+
return mo2f_lt( "What was your first vehicle's registration number?" );
|
101 |
+
break;
|
102 |
+
case "What is your grandmother's maiden name?":
|
103 |
+
return mo2f_lt( "What is your grandmother's maiden name?" );
|
104 |
+
break;
|
105 |
+
case 'Who is your favourite sports player?':
|
106 |
+
return mo2f_lt( 'Who is your favourite sports player?' );
|
107 |
+
break;
|
108 |
+
case 'What is your favourite sport?':
|
109 |
+
return mo2f_lt( 'What is your favourite sport?' );
|
110 |
+
break;
|
111 |
+
case 'In what city or town was your first job':
|
112 |
+
return mo2f_lt( 'In what city or town was your first job' );
|
113 |
+
break;
|
114 |
+
case 'What school did you attend for sixth grade?':
|
115 |
+
return mo2f_lt( 'What school did you attend for sixth grade?' );
|
116 |
+
break;
|
117 |
+
case 'G_AUTH':
|
118 |
+
return mo2f_lt( 'Google Authenticator' );
|
119 |
+
break;
|
120 |
+
case 'AUTHY_2FA':
|
121 |
+
return mo2f_lt( 'Authy 2-Factor Authentication' );
|
122 |
+
break;
|
123 |
+
case 'An unknown error occurred while creating the end user.':
|
124 |
+
return mo2f_lt( 'An unknown error occurred while creating the end user.' );
|
125 |
+
break;
|
126 |
+
case 'An unknown error occurred while challenging the user':
|
127 |
+
return mo2f_lt( 'An unknown error occurred while challenging the user.' );
|
128 |
+
break;
|
129 |
+
case 'An unknown error occurred while generating QR Code for registering mobile.':
|
130 |
+
return mo2f_lt( 'An unknown error occurred while generating QR Code for registering mobile.' );
|
131 |
+
break;
|
132 |
+
case 'An unknown error occurred while validating the user\'s identity.':
|
133 |
+
return mo2f_lt( 'An unknown error occurred while validating the user\'s identity.' );
|
134 |
+
break;
|
135 |
+
case 'Customer not found.':
|
136 |
+
return mo2f_lt( 'Customer not found.' );
|
137 |
+
break;
|
138 |
+
case 'The customer is not valid ':
|
139 |
+
return mo2f_lt( 'The customer is not valid' );
|
140 |
+
break;
|
141 |
+
case 'The user is not valid ':
|
142 |
+
return mo2f_lt( 'The user is not valid ' );
|
143 |
+
break;
|
144 |
+
case 'Customer already exists.':
|
145 |
+
return mo2f_lt( 'Customer already exists.' );
|
146 |
+
break;
|
147 |
+
case 'Customer Name is null':
|
148 |
+
return mo2f_lt( 'Customer Name is null' );
|
149 |
+
break;
|
150 |
+
case 'Customer check request failed.':
|
151 |
+
return mo2f_lt( 'Customer check request failed.' );
|
152 |
+
break;
|
153 |
+
case 'Invalid username or password. Please try again.':
|
154 |
+
return mo2f_lt( 'Invalid username or password. Please try again.' );
|
155 |
+
break;
|
156 |
+
case 'You are not authorized to perform this operation.':
|
157 |
+
return mo2f_lt( 'You are not authorized to perform this operation.' );
|
158 |
+
break;
|
159 |
+
case 'Invalid request. No such challenge request was initiated.':
|
160 |
+
return mo2f_lt( 'Invalid request. No such challenge request was initiated.' );
|
161 |
+
break;
|
162 |
+
case 'No OTP Token for the given request was found.':
|
163 |
+
return mo2f_lt( 'No OTP Token for the given request was found.' );
|
164 |
+
break;
|
165 |
+
case 'Query submitted.':
|
166 |
+
return mo2f_lt( 'Query submitted.' );
|
167 |
+
break;
|
168 |
+
case 'Invalid parameters.':
|
169 |
+
return mo2f_lt( 'Invalid parameters.' );
|
170 |
+
break;
|
171 |
+
case 'Alternate email cannot be same as primary email.':
|
172 |
+
return mo2f_lt( 'Alternate email cannot be same as primary email.' );
|
173 |
+
break;
|
174 |
+
case 'CustomerId is null.':
|
175 |
+
return mo2f_lt( 'CustomerId is null.' );
|
176 |
+
break;
|
177 |
+
case 'You are not authorized to create users. Please upgrade to premium plan. ':
|
178 |
+
return mo2f_lt( 'You are not authorized to create users. Please upgrade to premium plan. ' );
|
179 |
+
break;
|
180 |
+
case 'Your user creation limit has been completed. Please upgrade your license to add more users.':
|
181 |
+
return mo2f_lt( 'Your user creation limit has been completed. Please upgrade your license to add more users.' );
|
182 |
+
break;
|
183 |
+
case 'Username cannot be blank.':
|
184 |
+
return mo2f_lt( 'Username cannot be blank.' );
|
185 |
+
break;
|
186 |
+
case 'End user created successfully.':
|
187 |
+
return mo2f_lt( 'End user created successfully.' );
|
188 |
+
break;
|
189 |
+
case 'There was an exception processing the update user request.':
|
190 |
+
return mo2f_lt( 'There was an exception processing the update user request.' );
|
191 |
+
break;
|
192 |
+
case 'End user found.':
|
193 |
+
return mo2f_lt( 'End user found.' );
|
194 |
+
break;
|
195 |
+
case 'End user found under different customer. ':
|
196 |
+
return mo2f_lt( 'End user found under different customer. ' );
|
197 |
+
break;
|
198 |
+
case 'End user not found.':
|
199 |
+
return mo2f_lt( 'End user not found.' );
|
200 |
+
break;
|
201 |
+
case 'Customer successfully registered.':
|
202 |
+
return mo2f_lt( 'Customer successfully registered.' );
|
203 |
+
break;
|
204 |
+
case 'Customer registration failed.':
|
205 |
+
return mo2f_lt( 'Customer registration failed.' );
|
206 |
+
break;
|
207 |
+
case 'There was an error processing the register mobile request.':
|
208 |
+
return mo2f_lt( 'There was an error processing the register mobile request.' );
|
209 |
+
break;
|
210 |
+
case 'There was an exception processing the get user request.':
|
211 |
+
return mo2f_lt( 'There was an exception processing the get user request.' );
|
212 |
+
break;
|
213 |
+
case 'End User retrieved successfully.':
|
214 |
+
return mo2f_lt( 'End User retrieved successfully.' );
|
215 |
+
break;
|
216 |
+
case 'COMPLETED_TEST':
|
217 |
+
Return mo2f_lt( 'You have successfully completed the test.' );
|
218 |
+
break;
|
219 |
+
case 'INVALID_ENTRY':
|
220 |
+
Return mo2f_lt( 'All the fields are required. Please enter valid entries.' );
|
221 |
+
break;
|
222 |
+
case 'INVALID_PASSWORD':
|
223 |
+
Return mo2f_lt( 'You already have an account with miniOrange. Please enter a valid password.' );
|
224 |
+
break;
|
225 |
+
case 'INVALID_REQ':
|
226 |
+
Return mo2f_lt( 'Invalid request. Please try again' );
|
227 |
+
break;
|
228 |
+
case 'INVALID_OTP':
|
229 |
+
Return mo2f_lt( 'Invalid OTP. Please try again.' );
|
230 |
+
break;
|
231 |
+
case 'INVALID_EMAIL_OR_PASSWORD':
|
232 |
+
Return mo2f_lt( 'Invalid email or password. Please try again.' );
|
233 |
+
break;
|
234 |
+
case 'PASSWORDS_MISMATCH':
|
235 |
+
Return mo2f_lt( 'Password and Confirm password do not match.' );
|
236 |
+
break;
|
237 |
+
case 'ENTER_YOUR_EMAIL_PASSWORD':
|
238 |
+
Return mo2f_lt( 'Please enter your registered email and password.' );
|
239 |
+
break;
|
240 |
+
case 'OTP_SENT':
|
241 |
+
Return mo2f_lt( 'One Time Passcode has been sent for verification to ' );
|
242 |
+
break;
|
243 |
+
case 'ERROR_IN_SENDING_OTP_OVER_EMAIL':
|
244 |
+
Return mo2f_lt( 'There was an error in sending OTP over email. Please click on Resend OTP to try again.' );
|
245 |
+
break;
|
246 |
+
case 'ERROR_DURING_REGISTRATION':
|
247 |
+
Return mo2f_lt( 'Error occured while registration. Please try again.' );
|
248 |
+
break;
|
249 |
+
case 'ERROR_DURING_PROCESS':
|
250 |
+
Return mo2f_lt( 'An error occured while processing your request. Please Try again.' );
|
251 |
+
break;
|
252 |
+
case 'ERROR_WHILE_SENDING_SMS':
|
253 |
+
Return mo2f_lt( 'There was an error in sending sms. Please click on Resend OTP to try again.' );
|
254 |
+
break;
|
255 |
+
case 'ERROR_DURING_USER_REGISTRATION':
|
256 |
+
Return mo2f_lt( 'Error occurred while registering the user. Please try again.' );
|
257 |
+
break;
|
258 |
+
case 'SET_AS_2ND_FACTOR':
|
259 |
+
Return mo2f_lt( 'is set as your 2 factor authentication method.' );
|
260 |
+
break;
|
261 |
+
case 'ERROR_WHILE_SAVING_KBA':
|
262 |
+
Return mo2f_lt( 'Error occured while saving your kba details. Please try again.' );
|
263 |
+
break;
|
264 |
+
case 'ANSWER_SECURITY_QUESTIONS':
|
265 |
+
Return mo2f_lt( 'Please answer the following security questions.' );
|
266 |
+
break;
|
267 |
+
case 'ERROR_FETCHING_QUESTIONS':
|
268 |
+
Return mo2f_lt( 'There was an error fetching security questions. Please try again.' );
|
269 |
+
break;
|
270 |
+
case 'INVALID_ANSWERS':
|
271 |
+
Return mo2f_lt( 'Invalid Answers. Please try again.' );
|
272 |
+
break;
|
273 |
+
case 'MIN_PASS_LENGTH':
|
274 |
+
Return mo2f_lt( 'Choose a password with minimum length 8.' );
|
275 |
+
break;
|
276 |
+
case 'ACCOUNT_RETRIEVED_SUCCESSFULLY':
|
277 |
+
Return mo2f_lt( 'Your account has been retrieved successfully.' );
|
278 |
+
break;
|
279 |
+
case 'DEFAULT_2ND_FACTOR':
|
280 |
+
Return mo2f_lt( 'has been set as your default 2nd factor method' );
|
281 |
+
break;
|
282 |
+
case 'RESENT_OTP':
|
283 |
+
Return mo2f_lt( 'Another One Time Passcode has been sent' );
|
284 |
+
break;
|
285 |
+
case 'VERIFY':
|
286 |
+
Return mo2f_lt( 'for verification to' );
|
287 |
+
break;
|
288 |
+
case 'ERROR_IN_SENDING_EMAIL':
|
289 |
+
Return mo2f_lt( 'There was an error in sending email. Please click on Resend OTP to try again.' );
|
290 |
+
break;
|
291 |
+
case 'EMAIL_IN_USE':
|
292 |
+
Return mo2f_lt( 'The email is already used by other user. Please register with other email.' );
|
293 |
+
break;
|
294 |
+
case 'EMAIL_MANDATORY':
|
295 |
+
Return mo2f_lt( 'Please submit your query with email' );
|
296 |
+
break;
|
297 |
+
case 'ERROR_WHILE_SUBMITTING_QUERY':
|
298 |
+
Return mo2f_lt( 'Your query could not be submitted. Please try again.' );
|
299 |
+
break;
|
300 |
+
case 'QUERY_SUBMITTED_SUCCESSFULLY':
|
301 |
+
Return mo2f_lt( 'Thanks for getting in touch! We shall get back to you shortly.' );
|
302 |
+
break;
|
303 |
+
case 'SETTINGS_SAVED':
|
304 |
+
Return mo2f_lt( 'Your settings are saved successfully.' );
|
305 |
+
break;
|
306 |
+
case 'AUTHENTICATION_FAILED':
|
307 |
+
Return mo2f_lt( 'Authentication failed. Please try again to test the configuration.' );
|
308 |
+
break;
|
309 |
+
case 'REGISTER_WITH_MO':
|
310 |
+
Return mo2f_lt( 'Invalid request. Please register with miniOrange before configuring your mobile.' );
|
311 |
+
break;
|
312 |
+
case 'ENTER_EMAILID':
|
313 |
+
Return mo2f_lt( 'Please enter email-id to register.' );
|
314 |
+
break;
|
315 |
+
case 'ENTER_VALUE':
|
316 |
+
Return mo2f_lt( 'Please enter a value to test your authentication.' );
|
317 |
+
break;
|
318 |
+
case 'ENTER_OTP':
|
319 |
+
Return mo2f_lt( 'Please enter the one time passcode below.' );
|
320 |
+
break;
|
321 |
+
case 'ERROR_IN_SENDING_OTP':
|
322 |
+
Return mo2f_lt( 'There was an error in sending one time passcode. Please click on Resend OTP to try again.' );
|
323 |
+
break;
|
324 |
+
case 'PUSH_NOTIFICATION_SENT':
|
325 |
+
Return mo2f_lt( 'A Push notification has been sent to your miniOrange Authenticator App.' );
|
326 |
+
break;
|
327 |
+
case 'ERROR_WHILE_VALIDATING_OTP':
|
328 |
+
Return mo2f_lt( 'Error occurred while validating the OTP. Please try again.' );
|
329 |
+
break;
|
330 |
+
case 'TEST_GAUTH_METHOD':
|
331 |
+
Return mo2f_lt( 'to test Google Authenticator method.' );
|
332 |
+
break;
|
333 |
+
case 'ERROR_IN_SENDING_OTP_CAUSES':
|
334 |
+
Return mo2f_lt( 'Error occurred while validating the OTP. Please try again. Possible causes:' );
|
335 |
+
break;
|
336 |
+
case 'APP_TIME_SYNC':
|
337 |
+
Return mo2f_lt( 'Your App Time is not in sync.Go to settings and tap on tap on Sync Time now .' );
|
338 |
+
break;
|
339 |
+
case 'ERROR_WHILE_VALIDATING_USER':
|
340 |
+
Return mo2f_lt( 'Error occurred while validating the user. Please try again.' );
|
341 |
+
break;
|
342 |
+
case 'ONLY_DIGITS_ALLOWED':
|
343 |
+
Return mo2f_lt( 'Only digits are allowed. Please enter again.' );
|
344 |
+
break;
|
345 |
+
case 'TEST_AUTHY_2FA':
|
346 |
+
Return mo2f_lt( 'to test Authy 2-Factor Authentication method.' );
|
347 |
+
break;
|
348 |
+
case 'METHOD':
|
349 |
+
Return mo2f_lt( 'method.' );
|
350 |
+
break;
|
351 |
+
case 'TO_TEST':
|
352 |
+
Return mo2f_lt( 'to test' );
|
353 |
+
break;
|
354 |
+
case 'SET_2FA':
|
355 |
+
Return mo2f_lt( 'is set as your Two-Factor method.' );
|
356 |
+
break;
|
357 |
+
case 'VERIFICATION_EMAIL_SENT':
|
358 |
+
Return mo2f_lt( 'A verification email is sent to' );
|
359 |
+
break;
|
360 |
+
case 'ACCEPT_LINK_TO_VERIFY_EMAIL':
|
361 |
+
Return mo2f_lt( 'Please click on accept link to verify your email.' );
|
362 |
+
break;
|
363 |
+
case 'ACCOUNT_CREATED':
|
364 |
+
Return mo2f_lt( 'Your account has been created successfully.' );
|
365 |
+
break;
|
366 |
+
case 'ACCOUNT_REMOVED':
|
367 |
+
Return mo2f_lt( 'Your account has been removed. Please contact your administrator.' );
|
368 |
+
break;
|
369 |
+
case 'REGISTRATION_SUCCESS':
|
370 |
+
Return mo2f_lt( 'You are registered successfully.' );
|
371 |
+
break;
|
372 |
+
case 'DENIED_REQUEST':
|
373 |
+
Return mo2f_lt( 'You have denied the request.' );
|
374 |
+
break;
|
375 |
+
case 'DISABLED_2FA':
|
376 |
+
Return mo2f_lt( 'Two-Factor plugin has been disabled.' );
|
377 |
+
break;
|
378 |
+
case 'ERROR_WHILE_SAVING_SETTINGS':
|
379 |
+
Return mo2f_lt( 'Error occurred while saving the settings.Please try again.' );
|
380 |
+
break;
|
381 |
+
case 'INVALID_REQUEST':
|
382 |
+
Return mo2f_lt( 'Invalid request. Please register with miniOrange and configure 2-Factor to save your login settings.' );
|
383 |
+
break;
|
384 |
+
case 'ACCOUNT_ALREADY_EXISTS':
|
385 |
+
Return mo2f_lt( 'You already have an account with miniOrange, please sign in.' );
|
386 |
+
break;
|
387 |
+
case 'CONFIGURE_2FA':
|
388 |
+
Return mo2f_lt( 'to configure another 2 Factor authentication method.' );
|
389 |
+
break;
|
390 |
+
case 'PHONE_NOT_CONFIGURED':
|
391 |
+
Return mo2f_lt( 'Your phone number is not configured. Please configure it before selecting OTP Over SMS as your 2-factor method.' );
|
392 |
+
break;
|
393 |
+
case 'CLICK_HERE':
|
394 |
+
Return mo2f_lt( 'Click Here' );
|
395 |
+
break;
|
396 |
+
case 'ERROR_CREATE_ACC_OTP':
|
397 |
+
Return mo2f_lt( 'An error occured while creating your account. Please try again by sending OTP again.' );
|
398 |
+
break;
|
399 |
+
default:
|
400 |
+
return $text;
|
401 |
+
}
|
402 |
+
}
|
403 |
+
}
|
404 |
+
|
405 |
+
new Mo2fConstants;
|
406 |
+
?>
|
class-rba-attributes.php
ADDED
@@ -0,0 +1,255 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
/** miniOrange enables user to log in through mobile authentication as an additional layer of security over password.
|
3 |
+
* Copyright (C) 2015 miniOrange
|
4 |
+
*
|
5 |
+
* This program is free software: you can redistribute it and/or modify
|
6 |
+
* it under the terms of the GNU General Public License as published by
|
7 |
+
* the Free Software Foundation, either version 3 of the License, or
|
8 |
+
* (at your option) any later version.
|
9 |
+
*
|
10 |
+
* This program is distributed in the hope that it will be useful,
|
11 |
+
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
12 |
+
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
13 |
+
* GNU General Public License for more details.
|
14 |
+
*
|
15 |
+
* You should have received a copy of the GNU General Public License
|
16 |
+
* along with this program. If not, see <http://www.gnu.org/licenses/>
|
17 |
+
* @package miniOrange OAuth
|
18 |
+
* @license http://www.gnu.org/copyleft/gpl.html GNU/GPL, see LICENSE.php
|
19 |
+
*/
|
20 |
+
|
21 |
+
/**
|
22 |
+
* This library is miniOrange Authentication Service.
|
23 |
+
* Contains Request Calls to Customer service.
|
24 |
+
**/
|
25 |
+
class Miniorange_Rba_Attributes {
|
26 |
+
|
27 |
+
function mo2f_collect_attributes( $useremail, $rba_attributes ) {
|
28 |
+
|
29 |
+
if ( ! MO2f_Utility::is_curl_installed() ) {
|
30 |
+
return $this->get_curl_error_message();
|
31 |
+
}
|
32 |
+
|
33 |
+
$url = get_option( 'mo2f_host_name' ) . '/moas/rest/rba/acs';
|
34 |
+
$customerKey = get_option( 'mo2f_customerKey' );
|
35 |
+
$field_string = "{\"customerKey\":\"" . $customerKey . "\",\"userKey\":\"" . $useremail . "\",\"attributes\":" . $rba_attributes . "}";
|
36 |
+
|
37 |
+
$http_header_array = $this->get_http_header_array();
|
38 |
+
|
39 |
+
return $this->make_curl_call( $url, $field_string, $http_header_array );
|
40 |
+
}
|
41 |
+
|
42 |
+
function get_curl_error_message() {
|
43 |
+
$message = mo2f_lt( 'Please enable curl extension.' ) .
|
44 |
+
' <a href="admin.php?page=miniOrange_2_factor_settings&mo2f_tab=mo2f_help">' .
|
45 |
+
mo2f_lt( 'Click here' ) .
|
46 |
+
' </a> ' .
|
47 |
+
mo2f_lt( 'for the steps to enable curl or check Help & Troubleshooting.' );
|
48 |
+
|
49 |
+
return json_encode( array( "status" => 'ERROR', "message" => $message ) );
|
50 |
+
}
|
51 |
+
|
52 |
+
function get_http_header_array() {
|
53 |
+
|
54 |
+
$customerKey = get_option( 'mo2f_customerKey' );
|
55 |
+
$apiKey = get_option( 'mo2f_api_key' );
|
56 |
+
|
57 |
+
/* Current time in milliseconds since midnight, January 1, 1970 UTC. */
|
58 |
+
$currentTimeInMillis = self::get_timestamp();
|
59 |
+
|
60 |
+
/* Creating the Hash using SHA-512 algorithm */
|
61 |
+
$stringToHash = $customerKey . $currentTimeInMillis . $apiKey;
|
62 |
+
$hashValue = hash( "sha512", $stringToHash );
|
63 |
+
|
64 |
+
$customerKeyHeader = "Customer-Key: " . $customerKey;
|
65 |
+
$timestampHeader = "Timestamp: " . $currentTimeInMillis;
|
66 |
+
$authorizationHeader = "Authorization: " . $hashValue;
|
67 |
+
|
68 |
+
return array( "Content-Type: application/json", $customerKeyHeader, $timestampHeader, $authorizationHeader );
|
69 |
+
}
|
70 |
+
|
71 |
+
function get_timestamp() {
|
72 |
+
$url = get_option( 'mo2f_host_name' ) . '/moas/rest/mobile/get-timestamp';
|
73 |
+
$ch = curl_init( $url );
|
74 |
+
|
75 |
+
curl_setopt( $ch, CURLOPT_FOLLOWLOCATION, true );
|
76 |
+
curl_setopt( $ch, CURLOPT_ENCODING, "" );
|
77 |
+
curl_setopt( $ch, CURLOPT_RETURNTRANSFER, true );
|
78 |
+
curl_setopt( $ch, CURLOPT_AUTOREFERER, true );
|
79 |
+
curl_setopt( $ch, CURLOPT_SSL_VERIFYPEER, false );
|
80 |
+
curl_setopt( $ch, CURLOPT_SSL_VERIFYHOST, false ); // required for https urls
|
81 |
+
|
82 |
+
curl_setopt( $ch, CURLOPT_MAXREDIRS, 10 );
|
83 |
+
|
84 |
+
curl_setopt( $ch, CURLOPT_POST, true );
|
85 |
+
|
86 |
+
$proxy_host = get_option( 'mo2f_proxy_host' );
|
87 |
+
if (! empty( $proxy_host ) ){
|
88 |
+
curl_setopt( $ch, CURLOPT_PROXY, get_option( 'mo2f_proxy_host' ) );
|
89 |
+
curl_setopt( $ch, CURLOPT_PROXYPORT, get_option( 'mo2f_port_number' ) );
|
90 |
+
curl_setopt( $ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC );
|
91 |
+
curl_setopt( $ch, CURLOPT_PROXYUSERPWD, get_option( "mo2f_proxy_username" ) . ':' . get_option( "mo2f_proxy_password" ) );
|
92 |
+
|
93 |
+
}else if ( defined( 'WP_PROXY_HOST' ) && defined( 'WP_PROXY_PORT' ) && defined( 'WP_PROXY_USERNAME' ) && defined( 'WP_PROXY_PASSWORD' ) ) {
|
94 |
+
curl_setopt( $ch, CURLOPT_PROXY, WP_PROXY_HOST );
|
95 |
+
curl_setopt( $ch, CURLOPT_PROXYPORT, WP_PROXY_PORT );
|
96 |
+
curl_setopt( $ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC );
|
97 |
+
curl_setopt( $ch, CURLOPT_PROXYUSERPWD, WP_PROXY_USERNAME . ':' . WP_PROXY_PASSWORD );
|
98 |
+
}
|
99 |
+
|
100 |
+
$content = curl_exec( $ch );
|
101 |
+
|
102 |
+
if ( curl_errno( $ch ) ) {
|
103 |
+
echo 'Error in sending curl Request';
|
104 |
+
exit ();
|
105 |
+
}
|
106 |
+
curl_close( $ch );
|
107 |
+
|
108 |
+
if(empty( $content )){
|
109 |
+
$currentTimeInMillis = round( microtime( true ) * 1000 );
|
110 |
+
$currentTimeInMillis = number_format( $currentTimeInMillis, 0, '', '' );
|
111 |
+
}
|
112 |
+
return empty( $content ) ? $currentTimeInMillis : $content;
|
113 |
+
}
|
114 |
+
|
115 |
+
function make_curl_call( $url, $fields, $http_header_array ) {
|
116 |
+
|
117 |
+
if ( gettype( $fields ) !== 'string' ) {
|
118 |
+
$fields = json_encode( $fields );
|
119 |
+
}
|
120 |
+
|
121 |
+
$ch = curl_init( $url );
|
122 |
+
curl_setopt( $ch, CURLOPT_FOLLOWLOCATION, false );
|
123 |
+
curl_setopt( $ch, CURLOPT_ENCODING, "" );
|
124 |
+
curl_setopt( $ch, CURLOPT_RETURNTRANSFER, true );
|
125 |
+
curl_setopt( $ch, CURLOPT_AUTOREFERER, true );
|
126 |
+
curl_setopt( $ch, CURLOPT_SSL_VERIFYHOST, false );
|
127 |
+
|
128 |
+
curl_setopt( $ch, CURLOPT_SSL_VERIFYPEER, false ); # required for https urls
|
129 |
+
|
130 |
+
curl_setopt( $ch, CURLOPT_MAXREDIRS, 10 );
|
131 |
+
curl_setopt( $ch, CURLOPT_HTTPHEADER, $http_header_array );
|
132 |
+
curl_setopt( $ch, CURLOPT_POST, true );
|
133 |
+
curl_setopt( $ch, CURLOPT_POSTFIELDS, $fields );
|
134 |
+
curl_setopt( $ch, CURLOPT_CONNECTTIMEOUT, 5 );
|
135 |
+
curl_setopt( $ch, CURLOPT_TIMEOUT, 20 );
|
136 |
+
|
137 |
+
$proxy_host = get_option( 'mo2f_proxy_host' );
|
138 |
+
if (! empty( $proxy_host ) ){
|
139 |
+
curl_setopt( $ch, CURLOPT_PROXY, get_option( 'mo2f_proxy_host' ) );
|
140 |
+
curl_setopt( $ch, CURLOPT_PROXYPORT, get_option( 'mo2f_port_number' ) );
|
141 |
+
curl_setopt( $ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC );
|
142 |
+
curl_setopt( $ch, CURLOPT_PROXYUSERPWD, get_option( "mo2f_proxy_username" ) . ':' . get_option( "mo2f_proxy_password" ) );
|
143 |
+
|
144 |
+
}
|
145 |
+
|
146 |
+
$content = curl_exec( $ch );
|
147 |
+
|
148 |
+
if ( curl_errno( $ch ) ) {
|
149 |
+
return null;
|
150 |
+
}
|
151 |
+
|
152 |
+
curl_close( $ch );
|
153 |
+
|
154 |
+
return $content;
|
155 |
+
}
|
156 |
+
|
157 |
+
function mo2f_evaluate_risk( $useremail, $sessionUuid ) {
|
158 |
+
|
159 |
+
if ( ! MO2f_Utility::is_curl_installed() ) {
|
160 |
+
return $this->get_curl_error_message();
|
161 |
+
}
|
162 |
+
|
163 |
+
$url = get_option( 'mo2f_host_name' ) . '/moas/rest/rba/evaluate-risk';
|
164 |
+
$customerKey = get_option( 'mo2f_customerKey' );
|
165 |
+
$field_string = array(
|
166 |
+
'customerKey' => $customerKey,
|
167 |
+
'appSecret' => get_option( 'mo2f_app_secret' ),
|
168 |
+
'userKey' => $useremail,
|
169 |
+
'sessionUuid' => $sessionUuid
|
170 |
+
);
|
171 |
+
|
172 |
+
$http_header_array = $this->get_http_header_array();
|
173 |
+
|
174 |
+
return $this->make_curl_call( $url, $field_string, $http_header_array );
|
175 |
+
}
|
176 |
+
|
177 |
+
function mo2f_register_rba_profile( $useremail, $sessionUuid ) {
|
178 |
+
|
179 |
+
if ( ! MO2f_Utility::is_curl_installed() ) {
|
180 |
+
return $this->get_curl_error_message();
|
181 |
+
}
|
182 |
+
|
183 |
+
$url = get_option( 'mo2f_host_name' ) . '/moas/rest/rba/register-profile';
|
184 |
+
$customerKey = get_option( 'mo2f_customerKey' );
|
185 |
+
$field_string = array(
|
186 |
+
'customerKey' => $customerKey,
|
187 |
+
'userKey' => $useremail,
|
188 |
+
'sessionUuid' => $sessionUuid
|
189 |
+
);
|
190 |
+
|
191 |
+
$http_header_array = $this->get_http_header_array();
|
192 |
+
|
193 |
+
return $this->make_curl_call( $url, $field_string, $http_header_array );
|
194 |
+
}
|
195 |
+
|
196 |
+
function mo2f_get_app_secret() {
|
197 |
+
|
198 |
+
if ( ! MO2f_Utility::is_curl_installed() ) {
|
199 |
+
return $this->get_curl_error_message();
|
200 |
+
}
|
201 |
+
|
202 |
+
$url = get_option( 'mo2f_host_name' ) . '/moas/rest/customer/getapp-secret';
|
203 |
+
$customerKey = get_option( 'mo2f_customerKey' );
|
204 |
+
$field_string = array(
|
205 |
+
'customerId' => $customerKey
|
206 |
+
);
|
207 |
+
|
208 |
+
$http_header_array = $this->get_http_header_array();
|
209 |
+
|
210 |
+
return $this->make_curl_call( $url, $field_string, $http_header_array );
|
211 |
+
}
|
212 |
+
|
213 |
+
function mo2f_google_auth_service( $useremail ) {
|
214 |
+
|
215 |
+
if ( ! MO2f_Utility::is_curl_installed() ) {
|
216 |
+
return $this->get_curl_error_message();
|
217 |
+
}
|
218 |
+
|
219 |
+
$url = get_option( 'mo2f_host_name' ) . '/moas/api/auth/google-auth-secret';
|
220 |
+
$customerKey = get_option( 'mo2f_customerKey' );
|
221 |
+
$field_string = array(
|
222 |
+
'customerKey' => $customerKey,
|
223 |
+
'username' => $useremail
|
224 |
+
);
|
225 |
+
|
226 |
+
$http_header_array = $this->get_http_header_array();
|
227 |
+
|
228 |
+
return $this->make_curl_call( $url, $field_string, $http_header_array );
|
229 |
+
}
|
230 |
+
|
231 |
+
function mo2f_validate_google_auth( $useremail, $otptoken, $secret ) {
|
232 |
+
|
233 |
+
if ( ! MO2f_Utility::is_curl_installed() ) {
|
234 |
+
return $this->get_curl_error_message();
|
235 |
+
}
|
236 |
+
|
237 |
+
|
238 |
+
$url = get_option( 'mo2f_host_name' ) . '/moas/api/auth/validate-google-auth-secret';
|
239 |
+
|
240 |
+
$customerKey = get_option( 'mo2f_customerKey' );
|
241 |
+
$field_string = array(
|
242 |
+
'customerKey' => $customerKey,
|
243 |
+
'username' => $useremail,
|
244 |
+
'secret' => $secret,
|
245 |
+
'otpToken' => $otptoken
|
246 |
+
);
|
247 |
+
|
248 |
+
$http_header_array = $this->get_http_header_array();
|
249 |
+
|
250 |
+
return $this->make_curl_call( $url, $field_string, $http_header_array );
|
251 |
+
}
|
252 |
+
|
253 |
+
}
|
254 |
+
|
255 |
+
?>
|
class-two-factor-setup.php
ADDED
@@ -0,0 +1,272 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
/** miniOrange enables user to log in through mobile authentication as an additional layer of security over password.
|
3 |
+
* Copyright (C) 2015 miniOrange
|
4 |
+
*
|
5 |
+
* This program is free software: you can redistribute it and/or modify
|
6 |
+
* it under the terms of the GNU General Public License as published by
|
7 |
+
* the Free Software Foundation, either version 3 of the License, or
|
8 |
+
* (at your option) any later version.
|
9 |
+
*
|
10 |
+
* This program is distributed in the hope that it will be useful,
|
11 |
+
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
12 |
+
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
13 |
+
* GNU General Public License for more details.
|
14 |
+
*
|
15 |
+
* You should have received a copy of the GNU General Public License
|
16 |
+
* along with this program. If not, see <http://www.gnu.org/licenses/>
|
17 |
+
* @package miniOrange OAuth
|
18 |
+
* @license http://www.gnu.org/copyleft/gpl.html GNU/GPL, see LICENSE.php
|
19 |
+
*/
|
20 |
+
|
21 |
+
/**
|
22 |
+
* This library is miniOrange Authentication Service.
|
23 |
+
* Contains Request Calls to Customer service.
|
24 |
+
**/
|
25 |
+
class Two_Factor_Setup {
|
26 |
+
|
27 |
+
public $email;
|
28 |
+
|
29 |
+
function check_mobile_status( $tId ) {
|
30 |
+
|
31 |
+
if ( ! MO2f_Utility::is_curl_installed() ) {
|
32 |
+
return $this->get_curl_error_message();
|
33 |
+
}
|
34 |
+
|
35 |
+
$url = get_option( 'mo2f_host_name' ) . '/moas/api/auth/auth-status';
|
36 |
+
$fields = array(
|
37 |
+
'txId' => $tId
|
38 |
+
);
|
39 |
+
|
40 |
+
$http_header_array = $this->get_http_header_array();
|
41 |
+
|
42 |
+
return $this->make_curl_call( $url, $fields, $http_header_array );
|
43 |
+
}
|
44 |
+
|
45 |
+
function get_curl_error_message() {
|
46 |
+
$message = mo2f_lt( 'Please enable curl extension.' ) .
|
47 |
+
' <a href="admin.php?page=miniOrange_2_factor_settings&mo2f_tab=mo2f_help">' .
|
48 |
+
mo2f_lt( 'Click here' ) .
|
49 |
+
' </a> ' .
|
50 |
+
mo2f_lt( 'for the steps to enable curl or check Help & Troubleshooting.' );
|
51 |
+
|
52 |
+
return json_encode( array( "status" => 'ERROR', "message" => $message ) );
|
53 |
+
}
|
54 |
+
|
55 |
+
function get_http_header_array() {
|
56 |
+
|
57 |
+
$customerKey = get_option( 'mo2f_customerKey' );
|
58 |
+
$apiKey = get_option( 'mo2f_api_key' );
|
59 |
+
|
60 |
+
/* Current time in milliseconds since midnight, January 1, 1970 UTC. */
|
61 |
+
$currentTimeInMillis = self::get_timestamp();
|
62 |
+
|
63 |
+
/* Creating the Hash using SHA-512 algorithm */
|
64 |
+
$stringToHash = $customerKey . $currentTimeInMillis . $apiKey;;
|
65 |
+
$hashValue = hash( "sha512", $stringToHash );
|
66 |
+
|
67 |
+
$customerKeyHeader = "Customer-Key: " . $customerKey;
|
68 |
+
$timestampHeader = "Timestamp: " . $currentTimeInMillis;
|
69 |
+
$authorizationHeader = "Authorization: " . $hashValue;
|
70 |
+
|
71 |
+
return array( "Content-Type: application/json", $customerKeyHeader, $timestampHeader, $authorizationHeader );
|
72 |
+
}
|
73 |
+
|
74 |
+
function get_timestamp() {
|
75 |
+
$url = get_option( 'mo2f_host_name' ) . '/moas/rest/mobile/get-timestamp';
|
76 |
+
$ch = curl_init( $url );
|
77 |
+
|
78 |
+
curl_setopt( $ch, CURLOPT_FOLLOWLOCATION, true );
|
79 |
+
curl_setopt( $ch, CURLOPT_ENCODING, "" );
|
80 |
+
curl_setopt( $ch, CURLOPT_RETURNTRANSFER, true );
|
81 |
+
curl_setopt( $ch, CURLOPT_AUTOREFERER, true );
|
82 |
+
curl_setopt( $ch, CURLOPT_SSL_VERIFYPEER, false );
|
83 |
+
curl_setopt( $ch, CURLOPT_SSL_VERIFYHOST, false ); // required for https urls
|
84 |
+
|
85 |
+
curl_setopt( $ch, CURLOPT_MAXREDIRS, 10 );
|
86 |
+
|
87 |
+
curl_setopt( $ch, CURLOPT_POST, true );
|
88 |
+
$proxy_host = get_option( 'mo2f_proxy_host' );
|
89 |
+
if (! empty( $proxy_host ) ){
|
90 |
+
curl_setopt( $ch, CURLOPT_PROXY, get_option( 'mo2f_proxy_host' ) );
|
91 |
+
curl_setopt( $ch, CURLOPT_PROXYPORT, get_option( 'mo2f_port_number' ) );
|
92 |
+
curl_setopt( $ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC );
|
93 |
+
curl_setopt( $ch, CURLOPT_PROXYUSERPWD, get_option( "mo2f_proxy_username" ) . ':' . get_option( "mo2f_proxy_password" ) );
|
94 |
+
|
95 |
+
}else if ( defined( 'WP_PROXY_HOST' ) && defined( 'WP_PROXY_PORT' ) && defined( 'WP_PROXY_USERNAME' ) && defined( 'WP_PROXY_PASSWORD' ) ) {
|
96 |
+
curl_setopt( $ch, CURLOPT_PROXY, WP_PROXY_HOST );
|
97 |
+
curl_setopt( $ch, CURLOPT_PROXYPORT, WP_PROXY_PORT );
|
98 |
+
curl_setopt( $ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC );
|
99 |
+
curl_setopt( $ch, CURLOPT_PROXYUSERPWD, WP_PROXY_USERNAME . ':' . WP_PROXY_PASSWORD );
|
100 |
+
}
|
101 |
+
|
102 |
+
$content = curl_exec( $ch );
|
103 |
+
|
104 |
+
if ( curl_errno( $ch ) ) {
|
105 |
+
echo 'Error in sending curl Request';
|
106 |
+
exit ();
|
107 |
+
}
|
108 |
+
curl_close( $ch );
|
109 |
+
|
110 |
+
|
111 |
+
if(empty( $content )){
|
112 |
+
$currentTimeInMillis = round( microtime( true ) * 1000 );
|
113 |
+
$currentTimeInMillis = number_format( $currentTimeInMillis, 0, '', '' );
|
114 |
+
}
|
115 |
+
return empty( $content ) ? $currentTimeInMillis : $content;
|
116 |
+
}
|
117 |
+
|
118 |
+
function make_curl_call( $url, $fields, $http_header_array ) {
|
119 |
+
|
120 |
+
// do not apply this for call from register_kba_details function - have to find out why
|
121 |
+
if ( gettype( $fields ) !== 'string' ) {
|
122 |
+
$fields = json_encode( $fields );
|
123 |
+
}
|
124 |
+
|
125 |
+
$ch = curl_init( $url );
|
126 |
+
curl_setopt( $ch, CURLOPT_FOLLOWLOCATION, false );
|
127 |
+
curl_setopt( $ch, CURLOPT_ENCODING, "" );
|
128 |
+
curl_setopt( $ch, CURLOPT_RETURNTRANSFER, true );
|
129 |
+
curl_setopt( $ch, CURLOPT_AUTOREFERER, true );
|
130 |
+
curl_setopt( $ch, CURLOPT_SSL_VERIFYHOST, false );
|
131 |
+
|
132 |
+
curl_setopt( $ch, CURLOPT_SSL_VERIFYPEER, false ); # required for https urls
|
133 |
+
|
134 |
+
curl_setopt( $ch, CURLOPT_MAXREDIRS, 10 );
|
135 |
+
curl_setopt( $ch, CURLOPT_HTTPHEADER, $http_header_array );
|
136 |
+
curl_setopt( $ch, CURLOPT_POST, true );
|
137 |
+
curl_setopt( $ch, CURLOPT_POSTFIELDS, $fields );
|
138 |
+
curl_setopt( $ch, CURLOPT_CONNECTTIMEOUT, 5 );
|
139 |
+
curl_setopt( $ch, CURLOPT_TIMEOUT, 20 );
|
140 |
+
$proxy_host = get_option( 'mo2f_proxy_host' );
|
141 |
+
if (! empty( $proxy_host ) ){
|
142 |
+
curl_setopt( $ch, CURLOPT_PROXY, get_option( 'mo2f_proxy_host' ) );
|
143 |
+
curl_setopt( $ch, CURLOPT_PROXYPORT, get_option( 'mo2f_port_number' ) );
|
144 |
+
curl_setopt( $ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC );
|
145 |
+
curl_setopt( $ch, CURLOPT_PROXYUSERPWD, get_option( "mo2f_proxy_username" ) . ':' . get_option( "mo2f_proxy_password" ) );
|
146 |
+
|
147 |
+
}
|
148 |
+
$content = curl_exec( $ch );
|
149 |
+
|
150 |
+
if ( curl_errno( $ch ) ) {
|
151 |
+
return null;
|
152 |
+
}
|
153 |
+
|
154 |
+
curl_close( $ch );
|
155 |
+
|
156 |
+
return $content;
|
157 |
+
}
|
158 |
+
|
159 |
+
function register_mobile( $useremail ) {
|
160 |
+
|
161 |
+
if ( ! MO2f_Utility::is_curl_installed() ) {
|
162 |
+
return $this->get_curl_error_message();
|
163 |
+
}
|
164 |
+
|
165 |
+
$url = get_option( 'mo2f_host_name' ) . '/moas/api/auth/register-mobile';
|
166 |
+
$customerKey = get_option( 'mo2f_customerKey' );
|
167 |
+
$fields = array(
|
168 |
+
'customerId' => $customerKey,
|
169 |
+
'username' => $useremail
|
170 |
+
);
|
171 |
+
|
172 |
+
$http_header_array = $this->get_http_header_array();
|
173 |
+
|
174 |
+
return $this->make_curl_call( $url, $fields, $http_header_array );
|
175 |
+
}
|
176 |
+
|
177 |
+
function mo_check_user_already_exist( $email ) {
|
178 |
+
|
179 |
+
if ( ! MO2f_Utility::is_curl_installed() ) {
|
180 |
+
return $this->get_curl_error_message();
|
181 |
+
}
|
182 |
+
|
183 |
+
$url = get_option( 'mo2f_host_name' ) . '/moas/api/admin/users/search';
|
184 |
+
$customerKey = get_option( 'mo2f_customerKey' );
|
185 |
+
$fields = array(
|
186 |
+
'customerKey' => $customerKey,
|
187 |
+
'username' => $email,
|
188 |
+
);
|
189 |
+
|
190 |
+
$http_header_array = $this->get_http_header_array();
|
191 |
+
|
192 |
+
return $this->make_curl_call( $url, $fields, $http_header_array );
|
193 |
+
}
|
194 |
+
|
195 |
+
function mo_create_user( $currentuser, $email ) {
|
196 |
+
|
197 |
+
if ( ! MO2f_Utility::is_curl_installed() ) {
|
198 |
+
return $this->get_curl_error_message();
|
199 |
+
}
|
200 |
+
|
201 |
+
$url = get_option( 'mo2f_host_name' ) . '/moas/api/admin/users/create';
|
202 |
+
$customerKey = get_option( 'mo2f_customerKey' );
|
203 |
+
$fields = array(
|
204 |
+
'customerKey' => $customerKey,
|
205 |
+
'username' => $email,
|
206 |
+
'firstName' => $currentuser->user_firstname,
|
207 |
+
'lastName' => $currentuser->user_lastname
|
208 |
+
);
|
209 |
+
|
210 |
+
$http_header_array = $this->get_http_header_array();
|
211 |
+
|
212 |
+
return $this->make_curl_call( $url, $fields, $http_header_array );
|
213 |
+
}
|
214 |
+
|
215 |
+
function mo2f_get_userinfo( $email ) {
|
216 |
+
|
217 |
+
if ( ! MO2f_Utility::is_curl_installed() ) {
|
218 |
+
return $this->get_curl_error_message();
|
219 |
+
}
|
220 |
+
|
221 |
+
$url = get_option( 'mo2f_host_name' ) . '/moas/api/admin/users/get';
|
222 |
+
$customerKey = get_option( 'mo2f_customerKey' );
|
223 |
+
$fields = array(
|
224 |
+
'customerKey' => $customerKey,
|
225 |
+
'username' => $email,
|
226 |
+
);
|
227 |
+
|
228 |
+
$http_header_array = $this->get_http_header_array();
|
229 |
+
|
230 |
+
return $this->make_curl_call( $url, $fields, $http_header_array );
|
231 |
+
}
|
232 |
+
|
233 |
+
function mo2f_update_userinfo( $email, $authType, $phone, $tname, $enableAdminSecondFactor ) {
|
234 |
+
|
235 |
+
if ( ! MO2f_Utility::is_curl_installed() ) {
|
236 |
+
return $this->get_curl_error_message();
|
237 |
+
}
|
238 |
+
|
239 |
+
$url = get_option( 'mo2f_host_name' ) . '/moas/api/admin/users/update';
|
240 |
+
$customerKey = get_option( 'mo2f_customerKey' );
|
241 |
+
$fields = array(
|
242 |
+
'customerKey' => $customerKey,
|
243 |
+
'username' => $email,
|
244 |
+
'phone' => $phone,
|
245 |
+
'authType' => $authType,
|
246 |
+
'transactionName' => $tname,
|
247 |
+
'adminLoginSecondFactor' => $enableAdminSecondFactor
|
248 |
+
);
|
249 |
+
$http_header_array = $this->get_http_header_array();
|
250 |
+
|
251 |
+
return $this->make_curl_call( $url, $fields, $http_header_array );
|
252 |
+
}
|
253 |
+
|
254 |
+
function register_kba_details( $email, $question1, $answer1, $question2, $answer2, $question3, $answer3 ) {
|
255 |
+
|
256 |
+
if ( ! MO2f_Utility::is_curl_installed() ) {
|
257 |
+
return $this->get_curl_error_message();
|
258 |
+
}
|
259 |
+
|
260 |
+
$url = get_option( 'mo2f_host_name' ) . '/moas/api/auth/register';
|
261 |
+
$customerKey = get_option( 'mo2f_customerKey' );
|
262 |
+
$q_and_a_list = "[{\"question\":\"" . $question1 . "\",\"answer\":\"" . $answer1 . "\" },{\"question\":\"" . $question2 . "\",\"answer\":\"" . $answer2 . "\" },{\"question\":\"" . $question3 . "\",\"answer\":\"" . $answer3 . "\" }]";
|
263 |
+
$field_string = "{\"customerKey\":\"" . $customerKey . "\",\"username\":\"" . $email . "\",\"questionAnswerList\":" . $q_and_a_list . "}";
|
264 |
+
|
265 |
+
$http_header_array = $this->get_http_header_array();
|
266 |
+
|
267 |
+
return $this->make_curl_call( $url, $field_string, $http_header_array );
|
268 |
+
|
269 |
+
}
|
270 |
+
}
|
271 |
+
|
272 |
+
?>
|
class-utility.php
ADDED
@@ -0,0 +1,458 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
/** miniOrange enables user to log in through mobile authentication as an additional layer of security over password.
|
3 |
+
* Copyright (C) 2015 miniOrange
|
4 |
+
*
|
5 |
+
* This program is free software: you can redistribute it and/or modify
|
6 |
+
* it under the terms of the GNU General Public License as published by
|
7 |
+
* the Free Software Foundation, either version 3 of the License, or
|
8 |
+
* (at your option) any later version.
|
9 |
+
*
|
10 |
+
* This program is distributed in the hope that it will be useful,
|
11 |
+
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
12 |
+
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
13 |
+
* GNU General Public License for more details.
|
14 |
+
*
|
15 |
+
* You should have received a copy of the GNU General Public License
|
16 |
+
* along with this program. If not, see <http://www.gnu.org/licenses/>
|
17 |
+
* @package miniOrange OAuth
|
18 |
+
* @license http://www.gnu.org/copyleft/gpl.html GNU/GPL, see LICENSE.php
|
19 |
+
*/
|
20 |
+
|
21 |
+
/**
|
22 |
+
* This library is miniOrange Authentication Service.
|
23 |
+
* Contains Request Calls to Customer service.
|
24 |
+
**/
|
25 |
+
class MO2f_Utility {
|
26 |
+
|
27 |
+
public static function get_hidden_phone( $phone ) {
|
28 |
+
$hidden_phone = 'xxxxxxx' . substr( $phone, strlen( $phone ) - 3 );
|
29 |
+
|
30 |
+
return $hidden_phone;
|
31 |
+
}
|
32 |
+
|
33 |
+
public static function mo2f_check_empty_or_null( $value ) {
|
34 |
+
if ( ! isset( $value ) || $value == '' ) {
|
35 |
+
return true;
|
36 |
+
}
|
37 |
+
|
38 |
+
return false;
|
39 |
+
}
|
40 |
+
|
41 |
+
public static function is_curl_installed() {
|
42 |
+
if ( in_array( 'curl', get_loaded_extensions() ) ) {
|
43 |
+
return 1;
|
44 |
+
} else {
|
45 |
+
return 0;
|
46 |
+
}
|
47 |
+
}
|
48 |
+
|
49 |
+
public static function get_all_plugins_installed() {
|
50 |
+
$all_plugins = get_plugins();
|
51 |
+
$plugins = array();
|
52 |
+
$form = "";
|
53 |
+
$plugins["None"] = "None";
|
54 |
+
|
55 |
+
foreach ($all_plugins as $plugin_name=>$plugin_details){
|
56 |
+
$plugins[$plugin_name] = $plugin_details["Name"];
|
57 |
+
}
|
58 |
+
|
59 |
+
unset($plugins['miniorange-2-factor-authentication/miniorange_2_factor_settings.php']);
|
60 |
+
|
61 |
+
$form .= '<div style="padding:5px;margin-left:4%;font-size:13px;background-color: #a3e8c2">Please select the plugin<br>
|
62 |
+
<select name="plugin_selected">';
|
63 |
+
foreach($plugins as $identifier=>$name) {
|
64 |
+
$form .= '<option value="' . $identifier . '">' . $name . '</option>' ;
|
65 |
+
}
|
66 |
+
$form .= '</select></div>';
|
67 |
+
|
68 |
+
return $form;
|
69 |
+
}
|
70 |
+
|
71 |
+
public static function mo2f_check_number_length( $token ) {
|
72 |
+
if ( is_numeric( $token ) ) {
|
73 |
+
if ( strlen( $token ) >= 4 && strlen( $token ) <= 8 ) {
|
74 |
+
return true;
|
75 |
+
} else {
|
76 |
+
return false;
|
77 |
+
}
|
78 |
+
} else {
|
79 |
+
return false;
|
80 |
+
}
|
81 |
+
}
|
82 |
+
|
83 |
+
public static function mo2f_get_hidden_email( $email ) {
|
84 |
+
if ( ! isset( $email ) || trim( $email ) === '' ) {
|
85 |
+
return "";
|
86 |
+
}
|
87 |
+
$emailsize = strlen( $email );
|
88 |
+
$partialemail = substr( $email, 0, 1 );
|
89 |
+
$temp = strrpos( $email, "@" );
|
90 |
+
$endemail = substr( $email, $temp - 1, $emailsize );
|
91 |
+
for ( $i = 1; $i < $temp; $i ++ ) {
|
92 |
+
$partialemail = $partialemail . 'x';
|
93 |
+
}
|
94 |
+
$hiddenemail = $partialemail . $endemail;
|
95 |
+
|
96 |
+
return $hiddenemail;
|
97 |
+
}
|
98 |
+
|
99 |
+
public static function check_if_email_is_already_registered( $email ) {
|
100 |
+
global $Mo2fdbQueries;
|
101 |
+
$users = get_users( array() );
|
102 |
+
foreach ( $users as $user ) {
|
103 |
+
$user_email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $user->ID );
|
104 |
+
if ( $user_email == $email ) {
|
105 |
+
return true;
|
106 |
+
}
|
107 |
+
}
|
108 |
+
|
109 |
+
return false;
|
110 |
+
}
|
111 |
+
|
112 |
+
public static function check_if_request_is_from_mobile_device( $useragent ) {
|
113 |
+
if ( preg_match( '/(android|bb\d+|meego).+mobile|avantgo|bada\/|blackberry|blazer|compal|elaine|fennec|hiptop|iemobile|ip(hone|od)|iris|kindle|lge |maemo|midp|mmp|mobile.+firefox|netfront|opera m(ob|in)i|palm( os)?|phone|p(ixi|re)\/|plucker|pocket|psp|series(4|6)0|symbian|treo|up\.(browser|link)|vodafone|wap|windows ce|xda|xiino/i', $useragent ) || preg_match( '/1207|6310|6590|3gso|4thp|50[1-6]i|770s|802s|a wa|abac|ac(er|oo|s\-)|ai(ko|rn)|al(av|ca|co)|amoi|an(ex|ny|yw)|aptu|ar(ch|go)|as(te|us)|attw|au(di|\-m|r |s )|avan|be(ck|ll|nq)|bi(lb|rd)|bl(ac|az)|br(e|v)w|bumb|bw\-(n|u)|c55\/|capi|ccwa|cdm\-|cell|chtm|cldc|cmd\-|co(mp|nd)|craw|da(it|ll|ng)|dbte|dc\-s|devi|dica|dmob|do(c|p)o|ds(12|\-d)|el(49|ai)|em(l2|ul)|er(ic|k0)|esl8|ez([4-7]0|os|wa|ze)|fetc|fly(\-|_)|g1 u|g560|gene|gf\-5|g\-mo|go(\.w|od)|gr(ad|un)|haie|hcit|hd\-(m|p|t)|hei\-|hi(pt|ta)|hp( i|ip)|hs\-c|ht(c(\-| |_|a|g|p|s|t)|tp)|hu(aw|tc)|i\-(20|go|ma)|i230|iac( |\-|\/)|ibro|idea|ig01|ikom|im1k|inno|ipaq|iris|ja(t|v)a|jbro|jemu|jigs|kddi|keji|kgt( |\/)|klon|kpt |kwc\-|kyo(c|k)|le(no|xi)|lg( g|\/(k|l|u)|50|54|\-[a-w])|libw|lynx|m1\-w|m3ga|m50\/|ma(te|ui|xo)|mc(01|21|ca)|m\-cr|me(rc|ri)|mi(o8|oa|ts)|mmef|mo(01|02|bi|de|do|t(\-| |o|v)|zz)|mt(50|p1|v )|mwbp|mywa|n10[0-2]|n20[2-3]|n30(0|2)|n50(0|2|5)|n7(0(0|1)|10)|ne((c|m)\-|on|tf|wf|wg|wt)|nok(6|i)|nzph|o2im|op(ti|wv)|oran|owg1|p800|pan(a|d|t)|pdxg|pg(13|\-([1-8]|c))|phil|pire|pl(ay|uc)|pn\-2|po(ck|rt|se)|prox|psio|pt\-g|qa\-a|qc(07|12|21|32|60|\-[2-7]|i\-)|qtek|r380|r600|raks|rim9|ro(ve|zo)|s55\/|sa(ge|ma|mm|ms|ny|va)|sc(01|h\-|oo|p\-)|sdk\/|se(c(\-|0|1)|47|mc|nd|ri)|sgh\-|shar|sie(\-|m)|sk\-0|sl(45|id)|sm(al|ar|b3|it|t5)|so(ft|ny)|sp(01|h\-|v\-|v )|sy(01|mb)|t2(18|50)|t6(00|10|18)|ta(gt|lk)|tcl\-|tdg\-|tel(i|m)|tim\-|t\-mo|to(pl|sh)|ts(70|m\-|m3|m5)|tx\-9|up(\.b|g1|si)|utst|v400|v750|veri|vi(rg|te)|vk(40|5[0-3]|\-v)|vm40|voda|vulc|vx(52|53|60|61|70|80|81|83|85|98)|w3c(\-| )|webc|whit|wi(g |nc|nw)|wmlb|wonu|x700|yas\-|your|zeto|zte\-/i', substr( $useragent, 0, 4 ) ) ) {
|
114 |
+
return true;
|
115 |
+
} else {
|
116 |
+
return false;
|
117 |
+
}
|
118 |
+
}
|
119 |
+
|
120 |
+
|
121 |
+
public static function set_user_values( $user_session_id, $variable, $value){
|
122 |
+
global $Mo2fdbQueries;
|
123 |
+
|
124 |
+
// setting session values
|
125 |
+
$_SESSION[$variable] = $value;
|
126 |
+
$key = get_option( 'mo2f_customer_token' );
|
127 |
+
// setting cookie values
|
128 |
+
if(is_array($value)){
|
129 |
+
if($variable == 'mo_2_factor_kba_questions'){
|
130 |
+
MO2f_Utility::mo2f_set_cookie_values( 'kba_question1', $value[0] );
|
131 |
+
MO2f_Utility::mo2f_set_cookie_values( 'kba_question2', $value[1] );
|
132 |
+
}else if($variable == 'mo2f_rba_status'){
|
133 |
+
MO2f_Utility::mo2f_set_cookie_values( 'mo2f_rba_status_status', $value["status"] );
|
134 |
+
MO2f_Utility::mo2f_set_cookie_values( 'mo2f_rba_status_sessionUuid', $value["sessionUuid"] );
|
135 |
+
MO2f_Utility::mo2f_set_cookie_values( 'mo2f_rba_status_decision_flag', $value["decision_flag"] );
|
136 |
+
}
|
137 |
+
}else{
|
138 |
+
MO2f_Utility::mo2f_set_cookie_values( $variable, $value);
|
139 |
+
}
|
140 |
+
|
141 |
+
|
142 |
+
// setting values in database
|
143 |
+
|
144 |
+
$user_session_id = MO2f_Utility::decrypt_data( $user_session_id, $key );
|
145 |
+
if ( is_array( $value ) ) {
|
146 |
+
$string_value = serialize( $value );
|
147 |
+
$Mo2fdbQueries->save_user_login_details( $user_session_id, array( $variable => $string_value ) );
|
148 |
+
} else {
|
149 |
+
$Mo2fdbQueries->save_user_login_details( $user_session_id, array( $variable => $value ) );
|
150 |
+
}
|
151 |
+
|
152 |
+
|
153 |
+
}
|
154 |
+
|
155 |
+
/*
|
156 |
+
|
157 |
+
Returns Random string with length provided in parameter.
|
158 |
+
|
159 |
+
*/
|
160 |
+
|
161 |
+
/**
|
162 |
+
* @param string $data - crypt response from Sagepay
|
163 |
+
*
|
164 |
+
* @return string
|
165 |
+
*/
|
166 |
+
public static function decrypt_data( $data, $key ) {
|
167 |
+
$strIn = base64_decode( $data );
|
168 |
+
$key = openssl_digest( $key, 'sha256' );
|
169 |
+
$method = 'AES-128-ECB';
|
170 |
+
$ivSize = openssl_cipher_iv_length( $method );
|
171 |
+
$iv = substr( $strIn, 0, $ivSize );
|
172 |
+
$data = substr( $strIn, $ivSize );
|
173 |
+
$clear = openssl_decrypt( $data, $method, $key, OPENSSL_RAW_DATA || OPENSSL_ZERO_PADDING, $iv );
|
174 |
+
|
175 |
+
return $clear;
|
176 |
+
}
|
177 |
+
|
178 |
+
public static function random_str( $length, $keyspace = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ' ) {
|
179 |
+
$randomString = '';
|
180 |
+
$charactersLength = strlen( $keyspace );
|
181 |
+
$keyspace = $keyspace . microtime( true );
|
182 |
+
$keyspace = str_shuffle( $keyspace );
|
183 |
+
for ( $i = 0; $i < $length; $i ++ ) {
|
184 |
+
$randomString .= $keyspace[ rand( 0, $charactersLength - 1 ) ];
|
185 |
+
}
|
186 |
+
|
187 |
+
return $randomString;
|
188 |
+
|
189 |
+
}
|
190 |
+
|
191 |
+
/**
|
192 |
+
* The function returns the session variables, and if not, retrieves the cookie values set in case the right permissions are not aassigned for the sessions folder in the server.
|
193 |
+
*
|
194 |
+
* @param string $variable - the session or cookie variable name
|
195 |
+
* @param string $session_id - the session id of the user
|
196 |
+
*
|
197 |
+
* @return string
|
198 |
+
*/
|
199 |
+
public static function mo2f_retrieve_user_temp_values( $variable, $session_id = null ) {
|
200 |
+
global $Mo2fdbQueries;
|
201 |
+
|
202 |
+
if ( isset( $_SESSION[ $variable ] ) && ! empty( $_SESSION[ $variable ] ) ) {
|
203 |
+
return $_SESSION[ $variable ];
|
204 |
+
} else {
|
205 |
+
$key = get_option( 'mo2f_customer_token' );
|
206 |
+
$cookie_value = false;
|
207 |
+
|
208 |
+
if ( $variable == 'mo2f_rba_status' ) {
|
209 |
+
if ( isset( $_COOKIE['mo2f_rba_status_status'] ) && ! empty( $_COOKIE['mo2f_rba_status_status'] ) ) {
|
210 |
+
$mo2f_rba_status_status = MO2f_Utility::mo2f_get_cookie_values( 'mo2f_rba_status_status' );
|
211 |
+
$mo2f_rba_status_sessionUuid = MO2f_Utility::mo2f_get_cookie_values( 'mo2f_rba_status_sessionUuid' );
|
212 |
+
$mo2f_rba_status_decision_flag = MO2f_Utility::mo2f_get_cookie_values( 'mo2f_rba_status_decision_flag' );
|
213 |
+
|
214 |
+
$cookie_value = array(
|
215 |
+
"status" => $mo2f_rba_status_status,
|
216 |
+
"sessionUuid" => $mo2f_rba_status_sessionUuid,
|
217 |
+
"decision_flag" => $mo2f_rba_status_decision_flag
|
218 |
+
);
|
219 |
+
}
|
220 |
+
|
221 |
+
} else if ( $variable == 'mo_2_factor_kba_questions' ) {
|
222 |
+
|
223 |
+
if ( isset( $_COOKIE['kba_question1'] ) && ! empty( $_COOKIE['kba_question1'] ) ) {
|
224 |
+
$kba_question1 = MO2f_Utility::mo2f_get_cookie_values( 'kba_question1' );
|
225 |
+
$kba_question2 = MO2f_Utility::mo2f_get_cookie_values( 'kba_question2' );
|
226 |
+
|
227 |
+
|
228 |
+
$cookie_value = array( $kba_question1, $kba_question2 );
|
229 |
+
}
|
230 |
+
|
231 |
+
} else {
|
232 |
+
$cookie_value = MO2f_Utility::mo2f_get_cookie_values( $variable );
|
233 |
+
}
|
234 |
+
|
235 |
+
if($cookie_value){
|
236 |
+
return $cookie_value;
|
237 |
+
} else {
|
238 |
+
|
239 |
+
$session_id = MO2f_Utility::decrypt_data( $session_id, $key );
|
240 |
+
|
241 |
+
$db_value = $Mo2fdbQueries->get_user_login_details( $variable, $session_id );
|
242 |
+
|
243 |
+
if ( in_array( $variable, array( "mo2f_rba_status", "mo_2_factor_kba_questions" ) ) ) {
|
244 |
+
$db_value = unserialize( $db_value );
|
245 |
+
}
|
246 |
+
return $db_value;
|
247 |
+
}
|
248 |
+
|
249 |
+
}
|
250 |
+
|
251 |
+
}
|
252 |
+
|
253 |
+
/**
|
254 |
+
* The function gets the cookie value after decoding and decryption.
|
255 |
+
*
|
256 |
+
* @param string $cookiename - the cookie name
|
257 |
+
*
|
258 |
+
* @return string
|
259 |
+
*/
|
260 |
+
public static function mo2f_get_cookie_values( $cookiename ) {
|
261 |
+
$key = get_option( 'mo2f_customer_token' );
|
262 |
+
if ( isset( $_COOKIE[ $cookiename ] ) ) {
|
263 |
+
$decrypted_data = MO2f_Utility::decrypt_data( base64_decode( $_COOKIE[ $cookiename ] ), $key );
|
264 |
+
if ( $decrypted_data ) {
|
265 |
+
$decrypted_data_array = explode( '&', $decrypted_data );
|
266 |
+
|
267 |
+
$cookie_value = $decrypted_data_array[0];
|
268 |
+
$cookie_creation_time = new DateTime( $decrypted_data_array[1] );
|
269 |
+
$current_time = new DateTime( 'now' );
|
270 |
+
|
271 |
+
$interval = $cookie_creation_time->diff( $current_time );
|
272 |
+
$minutes = $interval->format( '%i' );
|
273 |
+
|
274 |
+
$is_cookie_valid = $minutes <= 5 ? true : false;
|
275 |
+
|
276 |
+
return $is_cookie_valid ? $cookie_value : false;
|
277 |
+
|
278 |
+
} else {
|
279 |
+
return false;
|
280 |
+
}
|
281 |
+
} else {
|
282 |
+
return false;
|
283 |
+
}
|
284 |
+
}
|
285 |
+
|
286 |
+
/**
|
287 |
+
* The function sets the cookie value after encryption and encoding.
|
288 |
+
*
|
289 |
+
* @param string $cookiename - the cookie name
|
290 |
+
* @param string $cookievalue - the cookie value to be set
|
291 |
+
*
|
292 |
+
* @return string
|
293 |
+
*/
|
294 |
+
public static function mo2f_set_cookie_values( $cookiename, $cookievalue ) {
|
295 |
+
$key = get_option( 'mo2f_customer_token' );
|
296 |
+
|
297 |
+
$current_time = new DateTime( 'now' );
|
298 |
+
$current_time = $current_time->format( 'Y-m-d H:i:sP' );
|
299 |
+
$cookievalue = $cookievalue . '&' . $current_time;
|
300 |
+
|
301 |
+
$cookievalue_encrypted = MO2f_Utility::encrypt_data( $cookievalue, $key );
|
302 |
+
setcookie( $cookiename, base64_encode( $cookievalue_encrypted ) );
|
303 |
+
|
304 |
+
}
|
305 |
+
|
306 |
+
/**
|
307 |
+
* @param string $data - the key=value pairs separated with &
|
308 |
+
*
|
309 |
+
* @return string
|
310 |
+
*/
|
311 |
+
public static function encrypt_data( $data, $key ) {
|
312 |
+
$key = openssl_digest( $key, 'sha256' );
|
313 |
+
$method = 'AES-128-ECB';
|
314 |
+
$ivSize = openssl_cipher_iv_length( $method );
|
315 |
+
$iv = openssl_random_pseudo_bytes( $ivSize );
|
316 |
+
$strCrypt = openssl_encrypt( $data, $method, $key, OPENSSL_RAW_DATA || OPENSSL_ZERO_PADDING, $iv );
|
317 |
+
|
318 |
+
return base64_encode( $iv . $strCrypt );
|
319 |
+
}
|
320 |
+
|
321 |
+
/**
|
322 |
+
* The function unsets the session variables passed.
|
323 |
+
*
|
324 |
+
* @param array $variables - the array of session variables to be unset
|
325 |
+
*
|
326 |
+
* @return NA
|
327 |
+
*/
|
328 |
+
public static function unset_session_variables( $variables ) {
|
329 |
+
|
330 |
+
if ( gettype( $variables ) == "array" ) {
|
331 |
+
foreach ( $variables as $variable ) {
|
332 |
+
if ( isset( $_SESSION[ $variable ] ) ) {
|
333 |
+
unset( $_SESSION[ $variable ] );
|
334 |
+
}
|
335 |
+
}
|
336 |
+
} else {
|
337 |
+
if ( isset( $_SESSION[ $variables ] ) ) {
|
338 |
+
unset( $_SESSION[ $variables ] );
|
339 |
+
}
|
340 |
+
}
|
341 |
+
}
|
342 |
+
|
343 |
+
/**
|
344 |
+
* The function unsets the cookie variables passed.
|
345 |
+
*
|
346 |
+
* @param array $variables - the array of cookie variables to be unset
|
347 |
+
*
|
348 |
+
* @return NA
|
349 |
+
*/
|
350 |
+
public static function unset_cookie_variables( $variables ) {
|
351 |
+
|
352 |
+
if ( gettype( $variables ) == "array" ) {
|
353 |
+
foreach ( $variables as $variable ) {
|
354 |
+
if ( isset( $_COOKIE[ $variable ] ) ) {
|
355 |
+
setcookie( $variable, '', time() - 3600 );
|
356 |
+
}
|
357 |
+
}
|
358 |
+
} else {
|
359 |
+
if ( isset( $_COOKIE[ $variables ] ) ) {
|
360 |
+
setcookie( $variables, '', time() - 3600 );
|
361 |
+
}
|
362 |
+
}
|
363 |
+
|
364 |
+
}
|
365 |
+
|
366 |
+
/**
|
367 |
+
* The function unsets the temp table variables passed.
|
368 |
+
*
|
369 |
+
* @param array $variables - the array of temporary table variables to be unset
|
370 |
+
* @param string $session_id - the session_id for which it should be destroyed
|
371 |
+
*
|
372 |
+
* @return NA
|
373 |
+
*/
|
374 |
+
public static function unset_temp_user_details_in_table( $variables, $session_id, $command='' ) {
|
375 |
+
|
376 |
+
global $Mo2fdbQueries;
|
377 |
+
|
378 |
+
$key = get_option( 'mo2f_customer_token' );
|
379 |
+
$session_id = MO2f_Utility::decrypt_data( $session_id, $key );
|
380 |
+
|
381 |
+
if($command == "destroy"){
|
382 |
+
$Mo2fdbQueries->delete_user_login_sessions( );
|
383 |
+
}else{
|
384 |
+
$Mo2fdbQueries->save_user_login_details($session_id, array($variables => ''));
|
385 |
+
}
|
386 |
+
|
387 |
+
}
|
388 |
+
|
389 |
+
|
390 |
+
|
391 |
+
/**
|
392 |
+
* The function decodes the twofactor methods
|
393 |
+
*
|
394 |
+
* @param array $variables - the selected 2-factor method and the decode type.
|
395 |
+
*
|
396 |
+
* @return NA
|
397 |
+
*/
|
398 |
+
public static function mo2f_decode_2_factor( $selected_2_factor_method, $decode_type ) {
|
399 |
+
|
400 |
+
if ( $selected_2_factor_method == 'NONE' ) {
|
401 |
+
return $selected_2_factor_method;
|
402 |
+
}
|
403 |
+
|
404 |
+
$wpdb_2fa_methods = array(
|
405 |
+
"miniOrangeQRCodeAuthentication" => "miniOrange QR Code Authentication",
|
406 |
+
"miniOrangeSoftToken" => "miniOrange Soft Token",
|
407 |
+
"miniOrangePushNotification" => "miniOrange Push Notification",
|
408 |
+
"GoogleAuthenticator" => "Google Authenticator",
|
409 |
+
"AuthyAuthenticator" => "Authy Authenticator",
|
410 |
+
"SecurityQuestions" => "Security Questions",
|
411 |
+
"EmailVerification" => "Email Verification",
|
412 |
+
"OTPOverSMS" => "OTP Over SMS"
|
413 |
+
);
|
414 |
+
|
415 |
+
$server_2fa_methods = array(
|
416 |
+
"miniOrange QR Code Authentication" => "MOBILE AUTHENTICATION",
|
417 |
+
"miniOrange Soft Token" => "SOFT TOKEN",
|
418 |
+
"miniOrange Push Notification" => "PUSH NOTIFICATIONS",
|
419 |
+
"Google Authenticator" => "GOOGLE AUTHENTICATOR",
|
420 |
+
"Authy Authenticator" => "GOOGLE AUTHENTICATOR",
|
421 |
+
"Security Questions" => "KBA",
|
422 |
+
"Email Verification" => "OUT OF BAND EMAIL",
|
423 |
+
"OTP Over SMS" => "SMS",
|
424 |
+
"EMAIL" => "OTP Over Email"
|
425 |
+
);
|
426 |
+
|
427 |
+
$server_to_wpdb_2fa_methods = array(
|
428 |
+
"MOBILE AUTHENTICATION" => "miniOrange QR Code Authentication",
|
429 |
+
"SOFT TOKEN" => "miniOrange Soft Token",
|
430 |
+
"PUSH NOTIFICATIONS" => "miniOrange Push Notification",
|
431 |
+
"GOOGLE AUTHENTICATOR" => "Google Authenticator",
|
432 |
+
"KBA" => "Security Questions",
|
433 |
+
"OUT OF BAND EMAIL" => "Email Verification",
|
434 |
+
"SMS" => "OTP Over SMS",
|
435 |
+
"EMAIL" => "OTP Over Email"
|
436 |
+
);
|
437 |
+
|
438 |
+
if ( $decode_type == "wpdb" ) {
|
439 |
+
return $wpdb_2fa_methods[ $selected_2_factor_method ];
|
440 |
+
} else if ( $decode_type == "server" ) {
|
441 |
+
return $server_2fa_methods[ $selected_2_factor_method ];
|
442 |
+
} else {
|
443 |
+
return $server_to_wpdb_2fa_methods[ $selected_2_factor_method ];
|
444 |
+
}
|
445 |
+
|
446 |
+
}
|
447 |
+
|
448 |
+
public static function get_plugin_name_by_identifier( $plugin_identitifier ){
|
449 |
+
$all_plugins = get_plugins();
|
450 |
+
$plugin_details = $all_plugins[$plugin_identitifier];
|
451 |
+
|
452 |
+
return $plugin_details["Name"] ? $plugin_details["Name"] : "No Plugin selected" ;
|
453 |
+
}
|
454 |
+
|
455 |
+
|
456 |
+
}
|
457 |
+
|
458 |
+
?>
|
database/database_functions.php
CHANGED
@@ -4,21 +4,26 @@ require_once( ABSPATH . 'wp-admin/includes/upgrade.php' );
|
|
4 |
|
5 |
class Mo2fDB {
|
6 |
private $userDetailsTable;
|
|
|
7 |
|
8 |
function __construct() {
|
9 |
global $wpdb;
|
10 |
$this->userDetailsTable = $wpdb->prefix . 'mo2f_user_details';
|
|
|
11 |
}
|
12 |
|
13 |
function mo_plugin_activate() {
|
|
|
|
|
14 |
global $wpdb;
|
15 |
if ( ! get_option( 'mo2f_dbversion' ) ) {
|
16 |
-
update_option( 'mo2f_dbversion',
|
17 |
$this->generate_tables();
|
18 |
} else {
|
19 |
$current_db_version = get_option( 'mo2f_dbversion' );
|
20 |
-
if ( $current_db_version <
|
21 |
-
update_option( 'mo2f_dbversion',
|
|
|
22 |
}
|
23 |
//update the tables based on DB_VERSION.
|
24 |
}
|
@@ -28,7 +33,10 @@ class Mo2fDB {
|
|
28 |
global $wpdb;
|
29 |
|
30 |
$tableName = $this->userDetailsTable;
|
31 |
-
|
|
|
|
|
|
|
32 |
`user_id` bigint NOT NULL,
|
33 |
`mo2f_OTPOverSMS_config_status` tinyint,
|
34 |
`mo2f_miniOrangePushNotification_config_status` tinyint,
|
@@ -46,8 +54,36 @@ class Mo2fDB {
|
|
46 |
`user_registration_with_miniorange` mediumtext NOT NULL,
|
47 |
`mo_2factor_user_registration_status` mediumtext NOT NULL,
|
48 |
UNIQUE KEY user_id (user_id) );";
|
49 |
-
dbDelta( $sql );
|
50 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
51 |
|
52 |
}
|
53 |
|
@@ -83,6 +119,7 @@ class Mo2fDB {
|
|
83 |
return;
|
84 |
}
|
85 |
|
|
|
86 |
function check_if_table_exists( ) {
|
87 |
global $wpdb;
|
88 |
$does_table_exist= $wpdb->query(
|
@@ -103,6 +140,20 @@ class Mo2fDB {
|
|
103 |
|
104 |
}
|
105 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
106 |
function update_user_details( $user_id, $update ) {
|
107 |
global $wpdb;
|
108 |
$count = count( $update );
|
@@ -122,5 +173,60 @@ class Mo2fDB {
|
|
122 |
return;
|
123 |
|
124 |
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
125 |
|
126 |
}
|
4 |
|
5 |
class Mo2fDB {
|
6 |
private $userDetailsTable;
|
7 |
+
private $userLoginInfoTable;
|
8 |
|
9 |
function __construct() {
|
10 |
global $wpdb;
|
11 |
$this->userDetailsTable = $wpdb->prefix . 'mo2f_user_details';
|
12 |
+
$this->userLoginInfoTable = $wpdb->prefix . 'mo2f_user_login_info';
|
13 |
}
|
14 |
|
15 |
function mo_plugin_activate() {
|
16 |
+
|
17 |
+
|
18 |
global $wpdb;
|
19 |
if ( ! get_option( 'mo2f_dbversion' ) ) {
|
20 |
+
update_option( 'mo2f_dbversion', 141 );
|
21 |
$this->generate_tables();
|
22 |
} else {
|
23 |
$current_db_version = get_option( 'mo2f_dbversion' );
|
24 |
+
if ( $current_db_version < 141 ) {
|
25 |
+
update_option( 'mo2f_dbversion', 141 );
|
26 |
+
$this->generate_tables();
|
27 |
}
|
28 |
//update the tables based on DB_VERSION.
|
29 |
}
|
33 |
global $wpdb;
|
34 |
|
35 |
$tableName = $this->userDetailsTable;
|
36 |
+
|
37 |
+
if($wpdb->get_var("show tables like '$tableName'") != $tableName) {
|
38 |
+
|
39 |
+
$sql = "CREATE TABLE IF NOT EXISTS " . $tableName . " (
|
40 |
`user_id` bigint NOT NULL,
|
41 |
`mo2f_OTPOverSMS_config_status` tinyint,
|
42 |
`mo2f_miniOrangePushNotification_config_status` tinyint,
|
54 |
`user_registration_with_miniorange` mediumtext NOT NULL,
|
55 |
`mo_2factor_user_registration_status` mediumtext NOT NULL,
|
56 |
UNIQUE KEY user_id (user_id) );";
|
|
|
57 |
|
58 |
+
dbDelta( $sql );
|
59 |
+
}
|
60 |
+
|
61 |
+
$tableName = $this->userLoginInfoTable;
|
62 |
+
|
63 |
+
if($wpdb->get_var("show tables like '$tableName'") != $tableName) {
|
64 |
+
|
65 |
+
$sql = "CREATE TABLE IF NOT EXISTS " . $tableName . " (
|
66 |
+
`session_id` MEDIUMTEXT NOT NULL,
|
67 |
+
`mo2f_login_message` VARCHAR(500) NOT NULL ,
|
68 |
+
`mo2f_current_user_id` INT(50) NOT NULL ,
|
69 |
+
`mo2f_1stfactor_status` VARCHAR(100) NOT NULL ,
|
70 |
+
`mo_2factor_login_status` VARCHAR(100) NOT NULL ,
|
71 |
+
`mo2f_transactionId` VARCHAR(100) NOT NULL ,
|
72 |
+
`mo_2_factor_kba_questions` LONGTEXT NOT NULL ,
|
73 |
+
`mo2f_rba_status` LONGTEXT NOT NULL ,
|
74 |
+
`ts_created` TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
|
75 |
+
PRIMARY KEY (`session_id`(500)));";
|
76 |
+
|
77 |
+
dbDelta( $sql );
|
78 |
+
}
|
79 |
+
|
80 |
+
$check_if_column_exists = $this->check_if_column_exists( "user_login_info_table", "mo_2factor_login_status" );
|
81 |
+
|
82 |
+
if ( ! $check_if_column_exists ) {
|
83 |
+
$query = "ALTER TABLE `$tableName` ADD COLUMN `mo_2factor_login_status` VARCHAR(100) NOT NULL";
|
84 |
+
$this->execute_add_column( $query );
|
85 |
+
|
86 |
+
}
|
87 |
|
88 |
}
|
89 |
|
119 |
return;
|
120 |
}
|
121 |
|
122 |
+
|
123 |
function check_if_table_exists( ) {
|
124 |
global $wpdb;
|
125 |
$does_table_exist= $wpdb->query(
|
140 |
|
141 |
}
|
142 |
|
143 |
+
function check_if_column_exists( $table_type, $column_name ){
|
144 |
+
|
145 |
+
if($table_type == "user_login_info_table")
|
146 |
+
$table = $this->userLoginInfoTable;
|
147 |
+
|
148 |
+
global $wpdb;
|
149 |
+
$sql="SHOW COLUMNS FROM " . $table . "
|
150 |
+
LIKE '" . $column_name . "'";
|
151 |
+
$value = $wpdb->query($sql);
|
152 |
+
|
153 |
+
return $value;
|
154 |
+
|
155 |
+
}
|
156 |
+
|
157 |
function update_user_details( $user_id, $update ) {
|
158 |
global $wpdb;
|
159 |
$count = count( $update );
|
173 |
return;
|
174 |
|
175 |
}
|
176 |
+
|
177 |
+
function insert_user_login_session( $session_id ) {
|
178 |
+
global $wpdb;
|
179 |
+
$sql = "INSERT INTO $this->userLoginInfoTable (session_id) VALUES('$session_id') ON DUPLICATE KEY UPDATE session_id='$session_id'";
|
180 |
+
|
181 |
+
$wpdb->query( $sql );
|
182 |
+
$sql = "DELETE FROM $this->userLoginInfoTable WHERE ts_created < DATE_ADD(NOW(),INTERVAL - 2 MINUTE);";
|
183 |
+
$wpdb->query( $sql );
|
184 |
+
}
|
185 |
+
|
186 |
+
function save_user_login_details( $session_id, $user_values ) {
|
187 |
+
global $wpdb;
|
188 |
+
$count = count( $user_values );
|
189 |
+
$sql = "UPDATE " . $this->userLoginInfoTable . " SET ";
|
190 |
+
$i = 1;
|
191 |
+
foreach ( $user_values as $key => $value ) {
|
192 |
+
|
193 |
+
$sql .= $key . "='" . $value . "'";
|
194 |
+
if ( $i < $count ) {
|
195 |
+
$sql .= ' , ';
|
196 |
+
}
|
197 |
+
$i ++;
|
198 |
+
}
|
199 |
+
$sql .= " WHERE session_id='" . $session_id . "';";
|
200 |
+
$wpdb->query( $sql );
|
201 |
+
|
202 |
+
return;
|
203 |
+
|
204 |
+
}
|
205 |
+
|
206 |
+
function execute_add_column ( $query ){
|
207 |
+
global $wpdb;
|
208 |
+
$wpdb->query( $query );
|
209 |
+
|
210 |
+
return;
|
211 |
+
}
|
212 |
+
|
213 |
+
function get_user_login_details( $column_name, $session_id ) {
|
214 |
+
global $wpdb;
|
215 |
+
$user_column_detail = $wpdb->get_results( "SELECT " . $column_name . " FROM " . $this->userLoginInfoTable . " WHERE session_id = '" . $session_id . "';" );
|
216 |
+
$value = empty( $user_column_detail ) ? '' : get_object_vars( $user_column_detail[0] );
|
217 |
+
|
218 |
+
return $value == '' ? '' : $value[ $column_name ];
|
219 |
+
}
|
220 |
+
|
221 |
+
function delete_user_login_sessions( ) {
|
222 |
+
global $wpdb;
|
223 |
+
$wpdb->query(
|
224 |
+
"DELETE FROM " . $this->userLoginInfoTable . "
|
225 |
+
WHERE 1;"
|
226 |
+
);
|
227 |
+
|
228 |
+
return;
|
229 |
+
}
|
230 |
+
|
231 |
|
232 |
}
|
includes/css/bootstrap.min.css
CHANGED
@@ -427,6 +427,12 @@ button.mo2f_close {
|
|
427 |
}
|
428 |
|
429 |
#smsAlertModal {
|
|
|
|
|
|
|
|
|
|
|
|
|
430 |
background-color: black !important;
|
431 |
opacity: 0.8 !important;
|
432 |
filter: alpha(opacity=50) !important;
|
@@ -441,6 +447,7 @@ button.mo2f_close {
|
|
441 |
.mo2f_modal-title {
|
442 |
margin: 0 !important;
|
443 |
line-height: 1.0 !important;
|
|
|
444 |
}
|
445 |
|
446 |
.mo2f_modal-body {
|
427 |
}
|
428 |
|
429 |
#smsAlertModal {
|
430 |
+
background-color: black !important;
|
431 |
+
opacity: 0.8 !important;
|
432 |
+
font-family: Roboto;
|
433 |
+
}
|
434 |
+
|
435 |
+
#twoFAtestAlertModal {
|
436 |
background-color: black !important;
|
437 |
opacity: 0.8 !important;
|
438 |
filter: alpha(opacity=50) !important;
|
447 |
.mo2f_modal-title {
|
448 |
margin: 0 !important;
|
449 |
line-height: 1.0 !important;
|
450 |
+
font-size: 1rem;
|
451 |
}
|
452 |
|
453 |
.mo2f_modal-body {
|
includes/css/style_settings.css
CHANGED
@@ -49,6 +49,18 @@
|
|
49 |
text-decoration: underline;
|
50 |
}
|
51 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
52 |
.mo2f_table_textbox {
|
53 |
width: 100%;
|
54 |
height: 30px;
|
@@ -458,16 +470,10 @@ a {
|
|
458 |
|
459 |
/* added by gayathri */
|
460 |
|
461 |
-
.mo2f_google_authy_step1 {
|
462 |
-
vertical-align: top;
|
463 |
-
padding-right: 15px;
|
464 |
-
width: 26%;
|
465 |
-
}
|
466 |
-
|
467 |
.mo2f_google_authy_step2 {
|
468 |
vertical-align: top;
|
469 |
padding-right: 15px;
|
470 |
-
width:
|
471 |
}
|
472 |
|
473 |
.mo2f_google_authy_step3 {
|
49 |
text-decoration: underline;
|
50 |
}
|
51 |
|
52 |
+
.mo2f_authy_step1 {
|
53 |
+
vertical-align: top;
|
54 |
+
padding-right: 15px;
|
55 |
+
width: 26%;
|
56 |
+
}
|
57 |
+
|
58 |
+
.mo2f_authy_step2 {
|
59 |
+
vertical-align: top;
|
60 |
+
padding-right: 15px;
|
61 |
+
width: 46%;
|
62 |
+
}
|
63 |
+
|
64 |
.mo2f_table_textbox {
|
65 |
width: 100%;
|
66 |
height: 30px;
|
470 |
|
471 |
/* added by gayathri */
|
472 |
|
|
|
|
|
|
|
|
|
|
|
|
|
473 |
.mo2f_google_authy_step2 {
|
474 |
vertical-align: top;
|
475 |
padding-right: 15px;
|
476 |
+
width: 70%;
|
477 |
}
|
478 |
|
479 |
.mo2f_google_authy_step3 {
|
miniorange_2_factor_common_login.php
ADDED
@@ -0,0 +1,852 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
function mo2f_collect_device_attributes_handler( $redirect_to = null,$session_id_encrypt ) {
|
3 |
+
?>
|
4 |
+
<html>
|
5 |
+
<head>
|
6 |
+
<meta http-equiv="X-UA-Compatible" content="IE=edge">
|
7 |
+
<meta name="viewport" content="width=device-width, initial-scale=1">
|
8 |
+
<?php
|
9 |
+
echo '<script src="https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>';
|
10 |
+
?>
|
11 |
+
</head>
|
12 |
+
<body>
|
13 |
+
<div>
|
14 |
+
<form id="morba_loginform" method="post">
|
15 |
+
<h1><?php echo mo2f_lt( 'Please wait' ); ?>...</h1>
|
16 |
+
<img src="<?php echo plugins_url( 'includes/images/ajax-loader-login.gif', __FILE__ ); ?>"/>
|
17 |
+
<?php
|
18 |
+
if ( get_option( 'mo2f_remember_device' ) ) {
|
19 |
+
?>
|
20 |
+
<p><input type="hidden" id="miniorange_rba_attribures" name="miniorange_rba_attribures" value=""/></p>
|
21 |
+
<?php
|
22 |
+
echo '<script src="' . plugins_url( 'includes/js/rba/js/jquery-1.9.1.js', __FILE__ ) . '" ></script>';
|
23 |
+
echo '<script src="' . plugins_url( 'includes/js/rba/js/jquery.flash.js', __FILE__ ) . '" ></script>';
|
24 |
+
echo '<script src="' . plugins_url( 'includes/js/rba/js/ua-parser.js', __FILE__ ) . '" ></script>';
|
25 |
+
echo '<script src="' . plugins_url( 'includes/js/rba/js/client.js', __FILE__ ) . '" ></script>';
|
26 |
+
echo '<script src="' . plugins_url( 'includes/js/rba/js/device_attributes.js', __FILE__ ) . '" ></script>';
|
27 |
+
echo '<script src="' . plugins_url( 'includes/js/rba/js/swfobject.js', __FILE__ ) . '" ></script>';
|
28 |
+
echo '<script src="' . plugins_url( 'includes/js/rba/js/fontdetect.js', __FILE__ ) . '" ></script>';
|
29 |
+
echo '<script src="' . plugins_url( 'includes/js/rba/js/murmurhash3.js', __FILE__ ) . '" ></script>';
|
30 |
+
echo '<script src="' . plugins_url( 'includes/js/rba/js/miniorange-fp.js', __FILE__ ) . '" ></script>';
|
31 |
+
}
|
32 |
+
?>
|
33 |
+
<input type="hidden" name="miniorange_attribute_collection_nonce"
|
34 |
+
value="<?php echo wp_create_nonce( 'miniorange-2-factor-login-attribute-collection-nonce' ); ?>"/>
|
35 |
+
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
36 |
+
<input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>"/>
|
37 |
+
</form>
|
38 |
+
</div>
|
39 |
+
</body>
|
40 |
+
</html>
|
41 |
+
<?php
|
42 |
+
}
|
43 |
+
|
44 |
+
function miniorange_get_user_role( $user ) {
|
45 |
+
return $user->roles;
|
46 |
+
}
|
47 |
+
|
48 |
+
function miniorange_check_if_2fa_enabled_for_roles( $current_roles ) {
|
49 |
+
if ( empty( $current_roles ) ) {
|
50 |
+
return 0;
|
51 |
+
}
|
52 |
+
|
53 |
+
foreach ( $current_roles as $value ) {
|
54 |
+
if ( get_option( 'mo2fa_' . $value ) ) {
|
55 |
+
return 1;
|
56 |
+
}
|
57 |
+
}
|
58 |
+
|
59 |
+
return 0;
|
60 |
+
}
|
61 |
+
|
62 |
+
function redirect_user_to( $user, $redirect_to ) {
|
63 |
+
$roles = $user->roles;
|
64 |
+
$current_role = array_shift( $roles );
|
65 |
+
$redirectUrl = isset( $redirect_to ) && ! empty( $redirect_to ) ? $redirect_to : null;
|
66 |
+
if ( $current_role == 'administrator' ) {
|
67 |
+
$redirectUrl = empty( $redirectUrl ) ? admin_url() : $redirectUrl;
|
68 |
+
wp_redirect( $redirectUrl );
|
69 |
+
} else {
|
70 |
+
$redirectUrl = empty( $redirectUrl ) ? home_url() : $redirectUrl;
|
71 |
+
wp_redirect( $redirectUrl );
|
72 |
+
}
|
73 |
+
}
|
74 |
+
|
75 |
+
|
76 |
+
function mo2f_register_profile( $email, $deviceKey, $mo2f_rba_status ) {
|
77 |
+
|
78 |
+
if ( isset( $deviceKey ) && $deviceKey == 'true' ) {
|
79 |
+
if ( $mo2f_rba_status['status'] == 'WAIT_FOR_INPUT' && $mo2f_rba_status['decision_flag'] ) {
|
80 |
+
$rba_profile = new Miniorange_Rba_Attributes();
|
81 |
+
//register profile
|
82 |
+
json_decode( $rba_profile->mo2f_register_rba_profile( $email, $mo2f_rba_status['sessionUuid'] ), true );
|
83 |
+
|
84 |
+
return true;
|
85 |
+
} else {
|
86 |
+
return false;
|
87 |
+
}
|
88 |
+
}
|
89 |
+
|
90 |
+
return false;
|
91 |
+
}
|
92 |
+
|
93 |
+
function mo2f_collect_attributes( $email, $attributes ) {
|
94 |
+
$mo2f_rba_status = array();
|
95 |
+
$mo2f_rba_status['decision_flag'] = false;
|
96 |
+
$mo2f_rba_status['sessionUuid'] = '';
|
97 |
+
|
98 |
+
if ( get_option( 'mo2f_remember_device' ) ) {
|
99 |
+
$rba_attributes = new Miniorange_Rba_Attributes();
|
100 |
+
//collect rba attributes
|
101 |
+
$rba_response = json_decode( $rba_attributes->mo2f_collect_attributes( $email, $attributes ), true );
|
102 |
+
if ( json_last_error() == JSON_ERROR_NONE ) {
|
103 |
+
//attributes are collected successfully
|
104 |
+
if ( $rba_response['status'] == 'SUCCESS' ) {
|
105 |
+
$sessionUuid = $rba_response['sessionUuid'];
|
106 |
+
// evaluate the rba risk
|
107 |
+
$rba_risk_response = json_decode( $rba_attributes->mo2f_evaluate_risk( $email, $sessionUuid ), true );
|
108 |
+
|
109 |
+
if ( json_last_error() == JSON_ERROR_NONE ) {
|
110 |
+
if ( $rba_risk_response['status'] == 'SUCCESS' || $rba_risk_response['status'] == 'WAIT_FOR_INPUT' ) {
|
111 |
+
|
112 |
+
$mo2f_rba_status['status'] = $rba_risk_response['status'];
|
113 |
+
$mo2f_rba_status['sessionUuid'] = $sessionUuid;
|
114 |
+
$mo2f_rba_status['decision_flag'] = true;
|
115 |
+
|
116 |
+
} else {
|
117 |
+
$mo2f_rba_status['status'] = $rba_risk_response['status'];
|
118 |
+
$mo2f_rba_status['sessionUuid'] = $sessionUuid;
|
119 |
+
|
120 |
+
}
|
121 |
+
} else {
|
122 |
+
$mo2f_rba_status['status'] = 'JSON_EVALUATE_ERROR';
|
123 |
+
$mo2f_rba_status['sessionUuid'] = $sessionUuid;
|
124 |
+
|
125 |
+
}
|
126 |
+
} else {
|
127 |
+
$mo2f_rba_status['status'] = 'ATTR_NOT_COLLECTED';
|
128 |
+
|
129 |
+
}
|
130 |
+
} else {
|
131 |
+
$mo2f_rba_status['status'] = 'JSON_ATTR_NOT_COLLECTED';
|
132 |
+
|
133 |
+
}
|
134 |
+
} else {
|
135 |
+
$mo2f_rba_status['status'] = 'RBA_NOT_ENABLED';
|
136 |
+
|
137 |
+
}
|
138 |
+
|
139 |
+
return $mo2f_rba_status;
|
140 |
+
}
|
141 |
+
|
142 |
+
function mo2f_get_user_2ndfactor( $user ) {
|
143 |
+
global $Mo2fdbQueries;
|
144 |
+
|
145 |
+
$mo2f_user_email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $user->ID );
|
146 |
+
$enduser = new Two_Factor_Setup();
|
147 |
+
$userinfo = json_decode( $enduser->mo2f_get_userinfo( $mo2f_user_email ), true );
|
148 |
+
if ( json_last_error() == JSON_ERROR_NONE ) {
|
149 |
+
if ( $userinfo['status'] == 'ERROR' ) {
|
150 |
+
$mo2f_second_factor = 'NONE';
|
151 |
+
} else if ( $userinfo['status'] == 'SUCCESS' ) {
|
152 |
+
$mo2f_second_factor = $userinfo['authType'];
|
153 |
+
} else if ( $userinfo['status'] == 'FAILED' ) {
|
154 |
+
$mo2f_second_factor = 'USER_NOT_FOUND';
|
155 |
+
} else {
|
156 |
+
$mo2f_second_factor = 'NONE';
|
157 |
+
}
|
158 |
+
} else {
|
159 |
+
$mo2f_second_factor = 'NONE';
|
160 |
+
}
|
161 |
+
|
162 |
+
return $mo2f_second_factor;
|
163 |
+
}
|
164 |
+
|
165 |
+
function mo2f_get_forgotphone_form( $login_status, $login_message, $redirect_to, $session_id_encrypt ) {
|
166 |
+
$mo2f_forgotphone_enabled = get_option( 'mo2f_enable_forgotphone' );
|
167 |
+
$mo2f_email_as_backup_enabled = get_option( 'mo2f_enable_forgotphone_email' );
|
168 |
+
$mo2f_kba_as_backup_enabled = get_option( 'mo2f_enable_forgotphone_kba' );
|
169 |
+
?>
|
170 |
+
<html>
|
171 |
+
<head>
|
172 |
+
<meta http-equiv="X-UA-Compatible" content="IE=edge">
|
173 |
+
<meta name="viewport" content="width=device-width, initial-scale=1">
|
174 |
+
<?php
|
175 |
+
echo_js_css_files(); ?>
|
176 |
+
</head>
|
177 |
+
<body>
|
178 |
+
<div class="mo2f_modal" tabindex="-1" role="dialog">
|
179 |
+
<div class="mo2f-modal-backdrop"></div>
|
180 |
+
<div class="mo_customer_validation-modal-dialog mo_customer_validation-modal-md">
|
181 |
+
<div class="login mo_customer_validation-modal-content">
|
182 |
+
<div class="mo2f_modal-header">
|
183 |
+
<h4 class="mo2f_modal-title">
|
184 |
+
<button type="button" class="mo2f_close" data-dismiss="modal" aria-label="Close"
|
185 |
+
title="<?php echo mo2f_lt( 'Back to login' ); ?>"
|
186 |
+
onclick="mologinback();"><span aria-hidden="true">×</span></button>
|
187 |
+
<?php echo mo2f_lt( 'How would you like to authenticate yourself?' ); ?>
|
188 |
+
</h4>
|
189 |
+
</div>
|
190 |
+
<div class="mo2f_modal-body">
|
191 |
+
<?php if ( $mo2f_forgotphone_enabled ) {
|
192 |
+
if ( isset( $login_message ) && ! empty( $login_message ) ) { ?>
|
193 |
+
<div id="otpMessage" class="mo2fa_display_message_frontend">
|
194 |
+
<p cclass="mo2fa_display_message_frontend"><?php echo $login_message; ?></p>
|
195 |
+
</div>
|
196 |
+
<?php } ?>
|
197 |
+
<p class="mo2f_backup_options"><?php echo mo2f_lt( 'Please choose the options from below:' ); ?></p>
|
198 |
+
<div class="mo2f_backup_options_div">
|
199 |
+
<?php if ( $mo2f_email_as_backup_enabled ) { ?>
|
200 |
+
<input type="radio" name="mo2f_selected_forgotphone_option"
|
201 |
+
value="One Time Passcode over Email"
|
202 |
+
checked="checked"/><?php echo mo2f_lt( 'Send a one time passcode to my registered email' ); ?>
|
203 |
+
<br><br>
|
204 |
+
<?php }
|
205 |
+
if ( $mo2f_kba_as_backup_enabled ) { ?>
|
206 |
+
<input type="radio" name="mo2f_selected_forgotphone_option"
|
207 |
+
value="KBA"/><?php echo mo2f_lt( 'Answer your Security Questions (KBA)' ); ?>
|
208 |
+
<?php } ?>
|
209 |
+
<br><br>
|
210 |
+
<input type="button" name="miniorange_validate_otp"
|
211 |
+
value=<?php echo mo2f_lt( 'Continue' ); ?> class="miniorange_validate_otp"
|
212 |
+
onclick="mo2fselectforgotphoneoption();"/>
|
213 |
+
</div>
|
214 |
+
<?php mo2f_customize_logo();
|
215 |
+
}
|
216 |
+
?>
|
217 |
+
</div>
|
218 |
+
</div>
|
219 |
+
</div>
|
220 |
+
</div>
|
221 |
+
<form name="f" id="mo2f_backto_mo_loginform" method="post" action="<?php echo wp_login_url(); ?>"
|
222 |
+
class="mo2f_display_none_forms">
|
223 |
+
<input type="hidden" name="miniorange_mobile_validation_failed_nonce"
|
224 |
+
value="<?php echo wp_create_nonce( 'miniorange-2-factor-mobile-validation-failed-nonce' ); ?>"/>
|
225 |
+
<input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>"/>
|
226 |
+
</form>
|
227 |
+
<form name="f" id="mo2f_challenge_forgotphone_form" method="post" class="mo2f_display_none_forms">
|
228 |
+
<input type="hidden" name="mo2f_configured_2FA_method"/>
|
229 |
+
<input type="hidden" name="miniorange_challenge_forgotphone_nonce"
|
230 |
+
value="<?php echo wp_create_nonce( 'miniorange-2-factor-challenge-forgotphone-nonce' ); ?>"/>
|
231 |
+
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
232 |
+
<input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>"/>
|
233 |
+
</form>
|
234 |
+
|
235 |
+
<script>
|
236 |
+
function mologinback() {
|
237 |
+
jQuery('#mo2f_backto_mo_loginform').submit();
|
238 |
+
}
|
239 |
+
|
240 |
+
function mo2fselectforgotphoneoption() {
|
241 |
+
var option = jQuery('input[name=mo2f_selected_forgotphone_option]:checked').val();
|
242 |
+
document.getElementById("mo2f_challenge_forgotphone_form").elements[0].value = option;
|
243 |
+
jQuery('#mo2f_challenge_forgotphone_form').submit();
|
244 |
+
}
|
245 |
+
</script>
|
246 |
+
</body>
|
247 |
+
</html>
|
248 |
+
<?php }
|
249 |
+
|
250 |
+
function mo2f_get_kba_authentication_prompt( $login_message, $redirect_to, $session_id_encrypt ) {
|
251 |
+
$mo2f_login_option = get_option( 'mo2f_login_option' );
|
252 |
+
$mo2f_remember_device_enabled = get_option( 'mo2f_remember_device' );
|
253 |
+
?>
|
254 |
+
<html>
|
255 |
+
<head>
|
256 |
+
<meta http-equiv="X-UA-Compatible" content="IE=edge">
|
257 |
+
<meta name="viewport" content="width=device-width, initial-scale=1">
|
258 |
+
<?php
|
259 |
+
echo_js_css_files(); ?>
|
260 |
+
</head>
|
261 |
+
<body>
|
262 |
+
<div class="mo2f_modal" tabindex="-1" role="dialog">
|
263 |
+
<div class="mo2f-modal-backdrop"></div>
|
264 |
+
<div class="mo_customer_validation-modal-dialog mo_customer_validation-modal-md">
|
265 |
+
<div class="login mo_customer_validation-modal-content">
|
266 |
+
<div class="mo2f_modal-header">
|
267 |
+
<h4 class="mo2f_modal-title">
|
268 |
+
<button type="button" class="mo2f_close" data-dismiss="modal" aria-label="Close"
|
269 |
+
title="<?php echo mo2f_lt( 'Back to login' ); ?>"
|
270 |
+
onclick="mologinback();"><span aria-hidden="true">×</span></button>
|
271 |
+
<?php
|
272 |
+
echo mo2f_lt( 'Validate Security Questions' ); ?>
|
273 |
+
</h4>
|
274 |
+
</div>
|
275 |
+
<div class="mo2f_modal-body">
|
276 |
+
<div id="kbaSection" class="kbaSectiondiv">
|
277 |
+
<div id="otpMessage">
|
278 |
+
<p style="font-size:13px;"
|
279 |
+
class="mo2fa_display_message_frontend"><?php echo ( isset( $login_message ) && ! empty( $login_message ) ) ? $login_message : __( 'Please answer the following questions:' ); ?></p>
|
280 |
+
</div>
|
281 |
+
<form name="f" id="mo2f_submitkba_loginform" method="post">
|
282 |
+
<div id="mo2f_kba_content">
|
283 |
+
<p style="font-size:15px;">
|
284 |
+
<?php $kba_questions = MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo_2_factor_kba_questions',$session_id_encrypt );
|
285 |
+
echo $kba_questions[0]; ?><br>
|
286 |
+
<input class="mo2f-textbox" type="password" name="mo2f_answer_1" id="mo2f_answer_1"
|
287 |
+
required="true" autofocus="true"
|
288 |
+
pattern="(?=\S)[A-Za-z0-9_@.$#&+-\s]{1,100}"
|
289 |
+
title="Only alphanumeric letters with special characters(_@.$#&+-) are allowed."
|
290 |
+
autocomplete="off"><br>
|
291 |
+
<?php echo $kba_questions[1]; ?><br>
|
292 |
+
<input class="mo2f-textbox" type="password" name="mo2f_answer_2" id="mo2f_answer_2"
|
293 |
+
required="true" pattern="(?=\S)[A-Za-z0-9_@.$#&+-\s]{1,100}"
|
294 |
+
title="Only alphanumeric letters with special characters(_@.$#&+-) are allowed."
|
295 |
+
autocomplete="off">
|
296 |
+
|
297 |
+
</p>
|
298 |
+
</div>
|
299 |
+
<?php if ( $mo2f_login_option && $mo2f_remember_device_enabled ) {
|
300 |
+
?>
|
301 |
+
<span class="mo2f_rememberdevice">
|
302 |
+
<input type="checkbox" name="mo2f_trust_device" class="mo2f_trust_device"
|
303 |
+
id="mo2f_trust_device"/><?php echo mo2f_lt( 'Remember this device.' ); ?>
|
304 |
+
</span>
|
305 |
+
<br>
|
306 |
+
<br>
|
307 |
+
<?php
|
308 |
+
}
|
309 |
+
?>
|
310 |
+
<input type="submit" name="miniorange_kba_validate" id="miniorange_kba_validate"
|
311 |
+
class="miniorange_kba_validate" style="float:left;"
|
312 |
+
value="<?php echo mo2f_lt( 'Validate' ); ?>"/>
|
313 |
+
<input type="hidden" name="miniorange_kba_nonce"
|
314 |
+
value="<?php echo wp_create_nonce( 'miniorange-2-factor-kba-nonce' ); ?>"/>
|
315 |
+
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
316 |
+
<input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>"/>
|
317 |
+
</form>
|
318 |
+
<br>
|
319 |
+
</div>
|
320 |
+
<?php mo2f_customize_logo() ?>
|
321 |
+
</div>
|
322 |
+
</div>
|
323 |
+
</div>
|
324 |
+
</div>
|
325 |
+
<form name="f" id="mo2f_backto_mo_loginform" method="post" action="<?php echo wp_login_url(); ?>"
|
326 |
+
class="mo2f_display_none_forms">
|
327 |
+
<input type="hidden" name="miniorange_mobile_validation_failed_nonce"
|
328 |
+
value="<?php echo wp_create_nonce( 'miniorange-2-factor-mobile-validation-failed-nonce' ); ?>"/>
|
329 |
+
<input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>"/>
|
330 |
+
</form>
|
331 |
+
|
332 |
+
<script>
|
333 |
+
function mologinback() {
|
334 |
+
jQuery('#mo2f_backto_mo_loginform').submit();
|
335 |
+
}
|
336 |
+
</script>
|
337 |
+
</body>
|
338 |
+
|
339 |
+
</html>
|
340 |
+
<?php
|
341 |
+
}
|
342 |
+
|
343 |
+
function mo2f_get_push_notification_oobemail_prompt( $id, $login_status, $login_message, $redirect_to, $session_id_encrypt ) {
|
344 |
+
global $Mo2fdbQueries;
|
345 |
+
$mo2f_enable_forgotphone = get_option( 'mo2f_enable_forgotphone' );
|
346 |
+
$mo2f_KBA_config_status = $Mo2fdbQueries->get_user_detail( 'mo2f_SecurityQuestions_config_status', $id );
|
347 |
+
$mo2f_is_new_customer = get_option( 'mo2f_is_NC' );
|
348 |
+
?>
|
349 |
+
<html>
|
350 |
+
<head>
|
351 |
+
<meta http-equiv="X-UA-Compatible" content="IE=edge">
|
352 |
+
<meta name="viewport" content="width=device-width, initial-scale=1">
|
353 |
+
<?php
|
354 |
+
echo_js_css_files(); ?>
|
355 |
+
</head>
|
356 |
+
<body>
|
357 |
+
<div class="mo2f_modal" tabindex="-1" role="dialog">
|
358 |
+
<div class="mo2f-modal-backdrop"></div>
|
359 |
+
<div class="mo_customer_validation-modal-dialog mo_customer_validation-modal-md">
|
360 |
+
<div class="login mo_customer_validation-modal-content">
|
361 |
+
<div class="mo2f_modal-header">
|
362 |
+
<h4 class="mo2f_modal-title">
|
363 |
+
<button type="button" class="mo2f_close" data-dismiss="modal" aria-label="Close"
|
364 |
+
title="<?php echo mo2f_lt( 'Back to login' ); ?>"
|
365 |
+
onclick="mologinback();"><span aria-hidden="true">×</span></button>
|
366 |
+
<?php echo mo2f_lt( 'Accept Your Transaction' ); ?></h4>
|
367 |
+
</div>
|
368 |
+
<div class="mo2f_modal-body">
|
369 |
+
<?php if ( isset( $login_message ) && ! empty( $login_message ) ) { ?>
|
370 |
+
<div id="otpMessage">
|
371 |
+
<p class="mo2fa_display_message_frontend"><?php echo $login_message; ?></p>
|
372 |
+
</div>
|
373 |
+
<?php } ?>
|
374 |
+
<div id="pushSection">
|
375 |
+
|
376 |
+
<div>
|
377 |
+
<center>
|
378 |
+
<p class="mo2f_push_oob_message"><?php echo mo2f_lt( 'Waiting for your approval...' ); ?></p>
|
379 |
+
</center>
|
380 |
+
</div>
|
381 |
+
<div id="showPushImage">
|
382 |
+
<center>
|
383 |
+
<img src="<?php echo plugins_url( 'includes/images/ajax-loader-login.gif', __FILE__ ); ?>"/>
|
384 |
+
</center>
|
385 |
+
</div>
|
386 |
+
|
387 |
+
|
388 |
+
<span style="padding-right:2%;">
|
389 |
+
<?php if ( isset( $login_status ) && $login_status == 'MO_2_FACTOR_CHALLENGE_PUSH_NOTIFICATIONS' ) { ?>
|
390 |
+
<center>
|
391 |
+
<?php if ( $mo2f_enable_forgotphone && ! $mo2f_is_new_customer ) { ?>
|
392 |
+
<input type="button" name="miniorange_login_forgotphone"
|
393 |
+
onclick="mologinforgotphone();" id="miniorange_login_forgotphone"
|
394 |
+
class="miniorange_login_forgotphone"
|
395 |
+
value="<?php echo mo2f_lt( 'Forgot Phone?' ); ?>"/>
|
396 |
+
<?php } ?>
|
397 |
+
  
|
398 |
+
<input type="button" name="miniorange_login_offline" onclick="mologinoffline();"
|
399 |
+
id="miniorange_login_offline" class="miniorange_login_offline"
|
400 |
+
value="<?php echo mo2f_lt( 'Phone is Offline?' ); ?>"/>
|
401 |
+
</center>
|
402 |
+
<?php } else if ( isset( $login_status ) && $login_status == 'MO_2_FACTOR_CHALLENGE_OOB_EMAIL' && $mo2f_enable_forgotphone && $mo2f_KBA_config_status ) { ?>
|
403 |
+
<center>
|
404 |
+
<a href="#mo2f_alternate_login_kba">
|
405 |
+
<p class="mo2f_push_oob_backup"><?php echo mo2f_lt( 'Didn\'t receive mail?' ); ?></p>
|
406 |
+
</a>
|
407 |
+
</center>
|
408 |
+
<?php } ?>
|
409 |
+
</span>
|
410 |
+
</div>
|
411 |
+
|
412 |
+
<?php mo2f_customize_logo() ?>
|
413 |
+
</div>
|
414 |
+
</div>
|
415 |
+
</div>
|
416 |
+
</div>
|
417 |
+
<form name="f" id="mo2f_backto_mo_loginform" method="post" action="<?php echo wp_login_url(); ?>"
|
418 |
+
class="mo2f_display_none_forms">
|
419 |
+
<input type="hidden" name="miniorange_mobile_validation_failed_nonce"
|
420 |
+
value="<?php echo wp_create_nonce( 'miniorange-2-factor-mobile-validation-failed-nonce' ); ?>"/>
|
421 |
+
<input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>"/>
|
422 |
+
</form>
|
423 |
+
<form name="f" id="mo2f_mobile_validation_form" method="post" class="mo2f_display_none_forms">
|
424 |
+
<input type="hidden" name="miniorange_mobile_validation_nonce"
|
425 |
+
value="<?php echo wp_create_nonce( 'miniorange-2-factor-mobile-validation-nonce' ); ?>"/>
|
426 |
+
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
427 |
+
<input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>"/>
|
428 |
+
</form>
|
429 |
+
<form name="f" id="mo2f_show_softtoken_loginform" method="post" class="mo2f_display_none_forms">
|
430 |
+
<input type="hidden" name="miniorange_softtoken"
|
431 |
+
value="<?php echo wp_create_nonce( 'miniorange-2-factor-softtoken' ); ?>"/>
|
432 |
+
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
433 |
+
<input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>"/>
|
434 |
+
</form>
|
435 |
+
<form name="f" id="mo2f_show_forgotphone_loginform" method="post" class="mo2f_display_none_forms">
|
436 |
+
<input type="hidden" name="request_origin_method" value="<?php echo $login_status; ?>"/>
|
437 |
+
<input type="hidden" name="miniorange_forgotphone"
|
438 |
+
value="<?php echo wp_create_nonce( 'miniorange-2-factor-forgotphone' ); ?>"/>
|
439 |
+
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
440 |
+
<input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>"/>
|
441 |
+
</form>
|
442 |
+
<form name="f" id="mo2f_alternate_login_kbaform" method="post" class="mo2f_display_none_forms">
|
443 |
+
<input type="hidden" name="miniorange_alternate_login_kba_nonce"
|
444 |
+
value="<?php echo wp_create_nonce( 'miniorange-2-factor-alternate-login-kba-nonce' ); ?>"/>
|
445 |
+
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
446 |
+
<input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>"/>
|
447 |
+
</form>
|
448 |
+
|
449 |
+
<script>
|
450 |
+
var timeout;
|
451 |
+
pollPushValidation();
|
452 |
+
|
453 |
+
function pollPushValidation() {
|
454 |
+
var transId = "<?php echo MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_transactionId',$session_id_encrypt ); ?>";
|
455 |
+
var jsonString = "{\"txId\":\"" + transId + "\"}";
|
456 |
+
var postUrl = "<?php echo get_option( 'mo2f_host_name' ); ?>" + "/moas/api/auth/auth-status";
|
457 |
+
|
458 |
+
jQuery.ajax({
|
459 |
+
url: postUrl,
|
460 |
+
type: "POST",
|
461 |
+
dataType: "json",
|
462 |
+
data: jsonString,
|
463 |
+
contentType: "application/json; charset=utf-8",
|
464 |
+
success: function (result) {
|
465 |
+
var status = JSON.parse(JSON.stringify(result)).status;
|
466 |
+
if (status == 'SUCCESS') {
|
467 |
+
jQuery('#mo2f_mobile_validation_form').submit();
|
468 |
+
} else if (status == 'ERROR' || status == 'FAILED' || status == 'DENIED') {
|
469 |
+
jQuery('#mo2f_backto_mo_loginform').submit();
|
470 |
+
} else {
|
471 |
+
timeout = setTimeout(pollPushValidation, 3000);
|
472 |
+
}
|
473 |
+
}
|
474 |
+
});
|
475 |
+
}
|
476 |
+
|
477 |
+
function mologinoffline() {
|
478 |
+
jQuery('#mo2f_show_softtoken_loginform').submit();
|
479 |
+
}
|
480 |
+
|
481 |
+
function mologinforgotphone() {
|
482 |
+
jQuery('#mo2f_show_forgotphone_loginform').submit();
|
483 |
+
}
|
484 |
+
|
485 |
+
function mologinback() {
|
486 |
+
jQuery('#mo2f_backto_mo_loginform').submit();
|
487 |
+
}
|
488 |
+
|
489 |
+
jQuery('a[href="#mo2f_alternate_login_kba"]').click(function () {
|
490 |
+
jQuery('#mo2f_alternate_login_kbaform').submit();
|
491 |
+
});
|
492 |
+
|
493 |
+
</script>
|
494 |
+
</body>
|
495 |
+
</html>
|
496 |
+
<?php
|
497 |
+
}
|
498 |
+
|
499 |
+
function mo2f_get_qrcode_authentication_prompt( $login_status, $login_message, $redirect_to, $qrCode, $session_id_encrypt ) {
|
500 |
+
$mo2f_enable_forgotphone = get_option( 'mo2f_enable_forgotphone' );
|
501 |
+
$mo2f_is_new_customer = get_option( 'mo2f_is_NC' );
|
502 |
+
?>
|
503 |
+
<html>
|
504 |
+
<head>
|
505 |
+
<meta http-equiv="X-UA-Compatible" content="IE=edge">
|
506 |
+
<meta name="viewport" content="width=device-width, initial-scale=1">
|
507 |
+
<?php
|
508 |
+
echo_js_css_files(); ?>
|
509 |
+
</head>
|
510 |
+
<body>
|
511 |
+
<div class="mo2f_modal" tabindex="-1" role="dialog">
|
512 |
+
<div class="mo2f-modal-backdrop"></div>
|
513 |
+
<div class="mo_customer_validation-modal-dialog mo_customer_validation-modal-md">
|
514 |
+
<div class="login mo_customer_validation-modal-content">
|
515 |
+
<div class="mo2f_modal-header">
|
516 |
+
<h4 class="mo2f_modal-title">
|
517 |
+
<button type="button" class="mo2f_close" data-dismiss="modal" aria-label="Close"
|
518 |
+
title="<?php echo mo2f_lt( 'Back to login' ); ?>"
|
519 |
+
onclick="mologinback();"><span aria-hidden="true">×</span></button>
|
520 |
+
<?php echo mo2f_lt( 'Scan QR Code' ); ?></h4>
|
521 |
+
</div>
|
522 |
+
<div class="mo2f_modal-body center">
|
523 |
+
<?php if ( isset( $login_message ) && ! empty( $login_message ) ) { ?>
|
524 |
+
<div id="otpMessage">
|
525 |
+
<p class="mo2fa_display_message_frontend"><?php echo $login_message; ?></p>
|
526 |
+
</div>
|
527 |
+
<br>
|
528 |
+
<?php } ?>
|
529 |
+
<div id="scanQRSection">
|
530 |
+
<div style="margin-bottom:10%;">
|
531 |
+
<center>
|
532 |
+
<p class="mo2f_login_prompt_messages"><?php echo mo2f_lt( 'Identify yourself by scanning the QR code with miniOrange Authenticator app.' ); ?></p>
|
533 |
+
</center>
|
534 |
+
</div>
|
535 |
+
<div id="showQrCode" style="margin-bottom:10%;">
|
536 |
+
<center><?php echo '<img src="data:image/jpg;base64,' . $qrCode . '" />'; ?></center>
|
537 |
+
</div>
|
538 |
+
<span style="padding-right:2%;">
|
539 |
+
<center>
|
540 |
+
<?php if ( ! $mo2f_is_new_customer ) { ?>
|
541 |
+
<?php if ( $mo2f_enable_forgotphone ) { ?>
|
542 |
+
<input type="button" name="miniorange_login_forgotphone" onclick="mologinforgotphone();"
|
543 |
+
id="miniorange_login_forgotphone" class="miniorange_login_forgotphone"
|
544 |
+
style="margin-right:5%;"
|
545 |
+
value="<?php echo mo2f_lt( 'Forgot Phone?' ); ?>"/>
|
546 |
+
<?php } ?>
|
547 |
+
  
|
548 |
+
<?php } ?>
|
549 |
+
<input type="button" name="miniorange_login_offline" onclick="mologinoffline();"
|
550 |
+
id="miniorange_login_offline" class="miniorange_login_offline"
|
551 |
+
value="<?php echo mo2f_lt( 'Phone is Offline?' ); ?>"/>
|
552 |
+
</center>
|
553 |
+
</span>
|
554 |
+
</div>
|
555 |
+
<?php mo2f_customize_logo() ?>
|
556 |
+
</div>
|
557 |
+
</div>
|
558 |
+
</div>
|
559 |
+
</div>
|
560 |
+
<form name="f" id="mo2f_backto_mo_loginform" method="post" action="<?php echo wp_login_url(); ?>"
|
561 |
+
class="mo2f_display_none_forms">
|
562 |
+
<input type="hidden" name="miniorange_mobile_validation_failed_nonce"
|
563 |
+
value="<?php echo wp_create_nonce( 'miniorange-2-factor-mobile-validation-failed-nonce' ); ?>"/>
|
564 |
+
<input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>"/>
|
565 |
+
</form>
|
566 |
+
<form name="f" id="mo2f_mobile_validation_form" method="post" class="mo2f_display_none_forms">
|
567 |
+
<input type="hidden" name="miniorange_mobile_validation_nonce"
|
568 |
+
value="<?php echo wp_create_nonce( 'miniorange-2-factor-mobile-validation-nonce' ); ?>"/>
|
569 |
+
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
570 |
+
<input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>"/>
|
571 |
+
</form>
|
572 |
+
<form name="f" id="mo2f_show_softtoken_loginform" method="post" class="mo2f_display_none_forms">
|
573 |
+
<input type="hidden" name="miniorange_softtoken"
|
574 |
+
value="<?php echo wp_create_nonce( 'miniorange-2-factor-softtoken' ); ?>"/>
|
575 |
+
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
576 |
+
<input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>"/>
|
577 |
+
</form>
|
578 |
+
<form name="f" id="mo2f_show_forgotphone_loginform" method="post" class="mo2f_display_none_forms">
|
579 |
+
<input type="hidden" name="request_origin_method" value="<?php echo $login_status; ?>"/>
|
580 |
+
<input type="hidden" name="miniorange_forgotphone"
|
581 |
+
value="<?php echo wp_create_nonce( 'miniorange-2-factor-forgotphone' ); ?>"/>
|
582 |
+
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
583 |
+
<input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>"/>
|
584 |
+
</form>
|
585 |
+
<script>
|
586 |
+
var timeout;
|
587 |
+
pollMobileValidation();
|
588 |
+
|
589 |
+
function pollMobileValidation() {
|
590 |
+
var transId = "<?php echo MO2f_Utility::mo2f_retrieve_user_temp_values( 'mo2f_transactionId',$session_id_encrypt ); ?>";
|
591 |
+
var jsonString = "{\"txId\":\"" + transId + "\"}";
|
592 |
+
var postUrl = "<?php echo get_option( 'mo2f_host_name' ); ?>" + "/moas/api/auth/auth-status";
|
593 |
+
jQuery.ajax({
|
594 |
+
url: postUrl,
|
595 |
+
type: "POST",
|
596 |
+
dataType: "json",
|
597 |
+
data: jsonString,
|
598 |
+
contentType: "application/json; charset=utf-8",
|
599 |
+
success: function (result) {
|
600 |
+
var status = JSON.parse(JSON.stringify(result)).status;
|
601 |
+
if (status == 'SUCCESS') {
|
602 |
+
var content = "<div id='success'><center><img src='" + "<?php echo plugins_url( 'includes/images/right.png', __FILE__ );?>" + "' /></center></div>";
|
603 |
+
jQuery("#showQrCode").empty();
|
604 |
+
jQuery("#showQrCode").append(content);
|
605 |
+
setTimeout(function () {
|
606 |
+
jQuery("#mo2f_mobile_validation_form").submit();
|
607 |
+
}, 100);
|
608 |
+
} else if (status == 'ERROR' || status == 'FAILED') {
|
609 |
+
var content = "<div id='error'><center><img src='" + "<?php echo plugins_url( 'includes/images/wrong.png', __FILE__ );?>" + "' /></center></div>";
|
610 |
+
jQuery("#showQrCode").empty();
|
611 |
+
jQuery("#showQrCode").append(content);
|
612 |
+
setTimeout(function () {
|
613 |
+
jQuery('#mo2f_backto_mo_loginform').submit();
|
614 |
+
}, 1000);
|
615 |
+
} else {
|
616 |
+
timeout = setTimeout(pollMobileValidation, 3000);
|
617 |
+
}
|
618 |
+
}
|
619 |
+
});
|
620 |
+
}
|
621 |
+
|
622 |
+
function mologinoffline() {
|
623 |
+
jQuery('#mo2f_show_softtoken_loginform').submit();
|
624 |
+
}
|
625 |
+
|
626 |
+
function mologinforgotphone() {
|
627 |
+
jQuery('#mo2f_show_forgotphone_loginform').submit();
|
628 |
+
}
|
629 |
+
|
630 |
+
function mologinback() {
|
631 |
+
jQuery('#mo2f_backto_mo_loginform').submit();
|
632 |
+
}
|
633 |
+
|
634 |
+
</script>
|
635 |
+
</body>
|
636 |
+
</html>
|
637 |
+
<?php
|
638 |
+
}
|
639 |
+
|
640 |
+
function mo2f_get_otp_authentication_prompt( $login_status, $login_message, $redirect_to,$session_id_encrypt ) {
|
641 |
+
$mo2f_enable_forgotphone = get_option( 'mo2f_enable_forgotphone' );
|
642 |
+
$mo2f_is_new_customer = get_option( 'mo2f_is_NC' );
|
643 |
+
?>
|
644 |
+
<html>
|
645 |
+
<head>
|
646 |
+
<meta http-equiv="X-UA-Compatible" content="IE=edge">
|
647 |
+
<meta name="viewport" content="width=device-width, initial-scale=1">
|
648 |
+
<?php
|
649 |
+
echo_js_css_files();
|
650 |
+
?>
|
651 |
+
</head>
|
652 |
+
<body>
|
653 |
+
<div class="mo2f_modal" tabindex="-1" role="dialog">
|
654 |
+
<div class="mo2f-modal-backdrop"></div>
|
655 |
+
<div class="mo_customer_validation-modal-dialog mo_customer_validation-modal-md">
|
656 |
+
<div class="login mo_customer_validation-modal-content">
|
657 |
+
<div class="mo2f_modal-header">
|
658 |
+
<h4 class="mo2f_modal-title">
|
659 |
+
<button type="button" class="mo2f_close" data-dismiss="modal" aria-label="Close"
|
660 |
+
title="<?php echo mo2f_lt( 'Back to login' ); ?>"
|
661 |
+
onclick="mologinback();"><span aria-hidden="true">×</span></button>
|
662 |
+
<?php echo mo2f_lt( 'Validate OTP' ); ?>
|
663 |
+
</h4>
|
664 |
+
</div>
|
665 |
+
<div class="mo2f_modal-body center">
|
666 |
+
<?php if ( isset( $login_message ) && ! empty( $login_message ) ) { ?>
|
667 |
+
<div id="otpMessage">
|
668 |
+
<p class="mo2fa_display_message_frontend"><?php echo $login_message; ?></p>
|
669 |
+
</div>
|
670 |
+
<?php } ?>
|
671 |
+
<br>
|
672 |
+
<div id="showOTP">
|
673 |
+
<div class="mo2f-login-container">
|
674 |
+
<form name="f" id="mo2f_submitotp_loginform" method="post">
|
675 |
+
<center>
|
676 |
+
<input type="text" name="mo2fa_softtoken" style="height:28px !important;"
|
677 |
+
placeholder="<?php echo mo2f_lt( 'Enter code' ); ?>"
|
678 |
+
id="mo2fa_softtoken" required="true" class="mo_otp_token" autofocus="true"
|
679 |
+
pattern="[0-9]{4,8}"
|
680 |
+
title="<?php echo mo2f_lt( 'Only digits within range 4-8 are allowed.' ); ?>"/>
|
681 |
+
</center>
|
682 |
+
<br>
|
683 |
+
<input type="submit" name="miniorange_otp_token_submit" id="miniorange_otp_token_submit"
|
684 |
+
class="miniorange_otp_token_submit"
|
685 |
+
value="<?php echo mo2f_lt( 'Validate' ); ?>"/>
|
686 |
+
<input type="hidden" name="request_origin_method" value="<?php echo $login_status; ?>"/>
|
687 |
+
<input type="hidden" name="miniorange_soft_token_nonce"
|
688 |
+
value="<?php echo wp_create_nonce( 'miniorange-2-factor-soft-token-nonce' ); ?>"/>
|
689 |
+
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
690 |
+
<input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>"/>
|
691 |
+
</form>
|
692 |
+
<br>
|
693 |
+
<?php if ( ! $mo2f_is_new_customer ) { ?>
|
694 |
+
<?php if ( $mo2f_enable_forgotphone && isset( $login_status ) && $login_status != 'MO_2_FACTOR_CHALLENGE_OTP_OVER_EMAIL' ) { ?>
|
695 |
+
<a name="miniorange_login_forgotphone" onclick="mologinforgotphone();"
|
696 |
+
id="miniorange_login_forgotphone"
|
697 |
+
class="mo2f-link"><?php echo mo2f_lt( 'Forgot Phone ?' ); ?></a>
|
698 |
+
<?php } ?>
|
699 |
+
|
700 |
+
<br><br>
|
701 |
+
<?php } ?>
|
702 |
+
</div>
|
703 |
+
</div>
|
704 |
+
</center>
|
705 |
+
<?php mo2f_customize_logo() ?>
|
706 |
+
</div>
|
707 |
+
</div>
|
708 |
+
</div>
|
709 |
+
</div>
|
710 |
+
<form name="f" id="mo2f_backto_mo_loginform" method="post" action="<?php echo wp_login_url(); ?>"
|
711 |
+
class="mo2f_display_none_forms">
|
712 |
+
<input type="hidden" name="miniorange_mobile_validation_failed_nonce"
|
713 |
+
value="<?php echo wp_create_nonce( 'miniorange-2-factor-mobile-validation-failed-nonce' ); ?>"/>
|
714 |
+
<input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>"/>
|
715 |
+
</form>
|
716 |
+
<?php if ( get_option( 'mo2f_enable_forgotphone' ) && isset( $login_status ) && $login_status != 'MO_2_FACTOR_CHALLENGE_OTP_OVER_EMAIL' ) { ?>
|
717 |
+
<form name="f" id="mo2f_show_forgotphone_loginform" method="post" action="" class="mo2f_display_none_forms">
|
718 |
+
<input type="hidden" name="request_origin_method" value="<?php echo $login_status; ?>"/>
|
719 |
+
<input type="hidden" name="miniorange_forgotphone"
|
720 |
+
value="<?php echo wp_create_nonce( 'miniorange-2-factor-forgotphone' ); ?>"/>
|
721 |
+
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
722 |
+
<input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>"/>
|
723 |
+
</form>
|
724 |
+
<?php } ?>
|
725 |
+
|
726 |
+
<script>
|
727 |
+
function mologinback() {
|
728 |
+
jQuery('#mo2f_backto_mo_loginform').submit();
|
729 |
+
}
|
730 |
+
|
731 |
+
function mologinforgotphone() {
|
732 |
+
jQuery('#mo2f_show_forgotphone_loginform').submit();
|
733 |
+
}
|
734 |
+
</script>
|
735 |
+
</body>
|
736 |
+
</html>
|
737 |
+
<?php
|
738 |
+
}
|
739 |
+
|
740 |
+
|
741 |
+
function mo2f_get_device_form( $redirect_to, $session_id_encrypt ) {
|
742 |
+
?>
|
743 |
+
<html>
|
744 |
+
<head>
|
745 |
+
<meta http-equiv="X-UA-Compatible" content="IE=edge">
|
746 |
+
<meta name="viewport" content="width=device-width, initial-scale=1">
|
747 |
+
<?php
|
748 |
+
echo_js_css_files();
|
749 |
+
?>
|
750 |
+
</head>
|
751 |
+
<body>
|
752 |
+
<div class="mo2f_modal" tabindex="-1" role="dialog">
|
753 |
+
<div class="mo2f-modal-backdrop"></div>
|
754 |
+
<div class="mo_customer_validation-modal-dialog mo_customer_validation-modal-md">
|
755 |
+
<div class="login mo_customer_validation-modal-content">
|
756 |
+
<div class="mo2f_modal-header">
|
757 |
+
<h4 class="mo2f_modal-title">
|
758 |
+
<button type="button" class="mo2f_close" data-dismiss="modal" aria-label="Close"
|
759 |
+
title="<?php echo mo2f_lt( 'Back to login' ); ?>"
|
760 |
+
onclick="mologinback();"><span aria-hidden="true">×</span></button>
|
761 |
+
|
762 |
+
<?php echo mo2f_lt( 'Remember Device' ); ?>
|
763 |
+
</h4>
|
764 |
+
</div>
|
765 |
+
<div class="mo2f_modal-body center">
|
766 |
+
<div id="mo2f_device_content">
|
767 |
+
<p class="mo2f_login_prompt_messages"><?php echo mo2f_lt( 'Do you want to remember this device?' ); ?></p>
|
768 |
+
<input type="button" name="miniorange_trust_device_yes" onclick="mo_check_device_confirm();"
|
769 |
+
id="miniorange_trust_device_yes" class="mo_green" style="margin-right:5%;"
|
770 |
+
value="<?php echo mo2f_lt( 'Yes' ); ?>"/>
|
771 |
+
<input type="button" name="miniorange_trust_device_no" onclick="mo_check_device_cancel();"
|
772 |
+
id="miniorange_trust_device_no" class="mo_red"
|
773 |
+
value="<?php echo mo2f_lt( 'No' ); ?>"/>
|
774 |
+
</div>
|
775 |
+
<div id="showLoadingBar" hidden>
|
776 |
+
<p class="mo2f_login_prompt_messages"><?php echo mo2f_lt( 'Please wait...We are taking you into your account.' ); ?></p>
|
777 |
+
<img src="<?php echo plugins_url( 'includes/images/ajax-loader-login.gif', __FILE__ ); ?>"/>
|
778 |
+
</div>
|
779 |
+
<br><br>
|
780 |
+
<span>
|
781 |
+
<?php echo mo2f_lt( 'Click on ' ); ?>
|
782 |
+
<i><b><?php echo mo2f_lt( 'Yes' ); ?></b></i><?php echo mo2f_lt( 'if this is your personal device.' ); ?>
|
783 |
+
<br>
|
784 |
+
<?php echo mo2f_lt( 'Click on ' ); ?>
|
785 |
+
<i><b><?php echo mo2f_lt( 'No ' ); ?></b></i> <?php echo mo2f_lt( 'if this is a public device.' ); ?>
|
786 |
+
</span><br><br>
|
787 |
+
<?php mo2f_customize_logo() ?>
|
788 |
+
</div>
|
789 |
+
</div>
|
790 |
+
</div>
|
791 |
+
</div>
|
792 |
+
<form name="f" id="mo2f_backto_mo_loginform" method="post" action="<?php echo wp_login_url(); ?>"
|
793 |
+
class="mo2f_display_none_forms">
|
794 |
+
<input type="hidden" name="miniorange_mobile_validation_failed_nonce"
|
795 |
+
value="<?php echo wp_create_nonce( 'miniorange-2-factor-mobile-validation-failed-nonce' ); ?>"/>
|
796 |
+
<input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>"/>
|
797 |
+
</form>
|
798 |
+
<form name="f" id="mo2f_trust_device_confirm_form" method="post" action="" class="mo2f_display_none_forms">
|
799 |
+
<input type="hidden" name="mo2f_trust_device_confirm_nonce"
|
800 |
+
value="<?php echo wp_create_nonce( 'miniorange-2-factor-trust-device-confirm-nonce' ); ?>"/>
|
801 |
+
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
802 |
+
<input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>"/>
|
803 |
+
</form>
|
804 |
+
<form name="f" id="mo2f_trust_device_cancel_form" method="post" action="" class="mo2f_display_none_forms">
|
805 |
+
<input type="hidden" name="mo2f_trust_device_cancel_nonce"
|
806 |
+
value="<?php echo wp_create_nonce( 'miniorange-2-factor-trust-device-cancel-nonce' ); ?>"/>
|
807 |
+
<input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>"/>
|
808 |
+
<input type="hidden" name="session_id" value="<?php echo $session_id_encrypt; ?>"/>
|
809 |
+
</form>
|
810 |
+
<script>
|
811 |
+
function mologinback() {
|
812 |
+
jQuery('#mo2f_backto_mo_loginform').submit();
|
813 |
+
}
|
814 |
+
|
815 |
+
function mo_check_device_confirm() {
|
816 |
+
jQuery('#mo2f_device_content').hide();
|
817 |
+
jQuery('#showLoadingBar').show();
|
818 |
+
jQuery('#mo2f_trust_device_confirm_form').submit();
|
819 |
+
}
|
820 |
+
|
821 |
+
function mo_check_device_cancel() {
|
822 |
+
jQuery('#mo2f_device_content').hide();
|
823 |
+
jQuery('#showLoadingBar').show();
|
824 |
+
jQuery('#mo2f_trust_device_cancel_form').submit();
|
825 |
+
}
|
826 |
+
</script>
|
827 |
+
</body>
|
828 |
+
</html>
|
829 |
+
<?php }
|
830 |
+
|
831 |
+
function mo2f_customize_logo() { ?>
|
832 |
+
<div style="float:right;"><a target="_blank" href="http://miniorange.com/2-factor-authentication"><img
|
833 |
+
alt="logo"
|
834 |
+
src="<?php echo plugins_url( '/includes/images/miniOrange2.png', __FILE__ ); ?>"/></a></div>
|
835 |
+
|
836 |
+
<?php }
|
837 |
+
|
838 |
+
function echo_js_css_files() {
|
839 |
+
echo '<script src="https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>';
|
840 |
+
echo '<script src="' . plugins_url( 'includes/js/bootstrap.min.js', __FILE__ ) . '" ></script>';
|
841 |
+
echo '<link rel="stylesheet" type="text/css" href="' . plugins_url( 'includes/css/bootstrap.min.css?version=5.1.7', __FILE__ ) . '" />';
|
842 |
+
echo '<link rel="stylesheet" type="text/css" href="' . plugins_url( 'includes/css/front_end_login.css?version=5.1.7', __FILE__ ) . '" />';
|
843 |
+
echo '<link rel="stylesheet" type="text/css" href="' . plugins_url( 'includes/css/style_settings.css?version=5.1.7', __FILE__ ) . '" />';
|
844 |
+
echo '<link rel="stylesheet" type="text/css" href="' . plugins_url( 'includes/css/hide-login.css?version=5.1.7', __FILE__ ) . '" />';
|
845 |
+
|
846 |
+
if ( get_option( 'mo2f_personalization_ui' ) ) {
|
847 |
+
echo '<link rel="stylesheet" type="text/css" href="' . plugins_url( 'includes/css/mo2f_login_popup_ui.css', __FILE__ ) . '" />';
|
848 |
+
}
|
849 |
+
}
|
850 |
+
|
851 |
+
|
852 |
+
?>
|
miniorange_2_factor_configuration.php
ADDED
@@ -0,0 +1,1226 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
function mo_2_factor_register( $user ) {
|
3 |
+
global $Mo2fdbQueries;
|
4 |
+
if ( mo_2factor_is_curl_installed() == 0 ) { ?>
|
5 |
+
<p style="color:red;">(<?php echo mo2f_lt( 'Warning:' ); ?> <a
|
6 |
+
href="http://php.net/manual/en/curl.installation.php"
|
7 |
+
target="_blank"><?php echo mo2f_lt( 'PHP CURL extension' ); ?></a> <?php echo mo2f_lt( 'is not installed or disabled' ); ?>
|
8 |
+
)</p>
|
9 |
+
<?php
|
10 |
+
}
|
11 |
+
|
12 |
+
if ( version_compare( PHP_VERSION, '5.3.0' ) < 0 ) {
|
13 |
+
?>
|
14 |
+
<p style="color:red;"><b><span
|
15 |
+
style="font-size:18px;">(<?php echo mo2f_lt( 'Warning:' ); ?></span></b> <?php echo mo2f_lt( 'Your current PHP version is ' ); ?><?php echo PHP_VERSION; ?>
|
16 |
+
. <?php echo mo2f_lt( 'Some of the functionality of the plugin may not work in this version of PHP. Please upgrade your PHP version to 5.3.0 or above.' ); ?>
|
17 |
+
<br> <?php echo mo2f_lt( 'You can also write us by submitting a query on the right hand side in our ' ); ?>
|
18 |
+
<b><?php echo mo2f_lt( 'Support Section' ); ?></b>. )</p>
|
19 |
+
<?php
|
20 |
+
}
|
21 |
+
$is_customer_admin = true;
|
22 |
+
$is_customer_admin_registered = get_option( 'mo_2factor_admin_registration_status' );
|
23 |
+
if($is_customer_admin_registered)
|
24 |
+
$is_customer_admin = current_user_can( 'manage_options' ) && get_option( 'mo2f_miniorange_admin' ) == $user->ID;
|
25 |
+
$can_display_admin_features = ! $is_customer_admin_registered || $is_customer_admin ? true : false;
|
26 |
+
|
27 |
+
$default_tab = (!$is_customer_admin) ? '2factor_setup' : 'mobile_configure';
|
28 |
+
|
29 |
+
$mo2f_active_tab = isset( $_GET['mo2f_tab'] ) ? $_GET['mo2f_tab'] : $default_tab ;
|
30 |
+
$mo_2factor_user_registration_status = $Mo2fdbQueries->get_user_detail( 'mo_2factor_user_registration_status', $user->ID );
|
31 |
+
$account_tab_name = ( in_array( $mo_2factor_user_registration_status, array('MO_2_FACTOR_INITIALIZE_MOBILE_REGISTRATION','MO_2_FACTOR_PLUGIN_SETTINGS'
|
32 |
+
) ) ) ? mo2f_lt( 'User Profile' ) : mo2f_lt( 'Account Setup' );
|
33 |
+
|
34 |
+
?>
|
35 |
+
<br>
|
36 |
+
<div class="wrap">
|
37 |
+
<div><img style="float:left;" src="<?php echo plugins_url( 'includes/images/logo.png"', __FILE__ ); ?>"></div>
|
38 |
+
<div style="display:block;font-size:23px;padding:9px 0 10px;line-height:29px; margin-left:3%">
|
39 |
+
<a href="admin.php?page=miniOrange_2_factor_settings&mo2f_tab=2factor_setup"
|
40 |
+
class="add-new-h2" <?php echo $mo2f_active_tab == '2factor_setup' ? 'nav-tab-active' : ''; ?>
|
41 |
+
id="mo2f_tab1" >
|
42 |
+
<?php echo $account_tab_name; ?></a>
|
43 |
+
<a class="add-new-h2" href="https://faq.miniorange.com/kb/two-factor-authentication"
|
44 |
+
target="_blank"><?php echo mo2f_lt( 'FAQ' ); ?></a>
|
45 |
+
<?php if ( $can_display_admin_features ) { ?>
|
46 |
+
<a class="twofa-license add-new-h2" id="mo2f_tab6"
|
47 |
+
href="admin.php?page=miniOrange_2_factor_settings&mo2f_tab=mo2f_pricing"
|
48 |
+
><?php echo mo2f_lt( 'Upgrade to Standard/Premium' ); ?></a>
|
49 |
+
<?php } ?>
|
50 |
+
|
51 |
+
</div>
|
52 |
+
|
53 |
+
</div>
|
54 |
+
|
55 |
+
<div id="tab">
|
56 |
+
<h2 class="nav-tab-wrapper">
|
57 |
+
|
58 |
+
<a href="admin.php?page=miniOrange_2_factor_settings&mo2f_tab=mobile_configure"
|
59 |
+
class="nav-tab <?php echo $mo2f_active_tab == 'mobile_configure' ? 'nav-tab-active' : ''; ?>"
|
60 |
+
id="mo2f_tab3"><?php echo mo2f_lt( 'Setup Two-Factor' ); ?></a>
|
61 |
+
<?php if ( $can_display_admin_features ) { ?>
|
62 |
+
<?php if ( get_option( 'mo2f_is_NC' ) ) { ?><a
|
63 |
+
href="admin.php?page=miniOrange_2_factor_settings&mo2f_tab=mo2f_addon&mo2f_sub_tab=mo2f_sub_tab_rba"
|
64 |
+
class="nav-tab <?php echo $mo2f_active_tab == 'mo2f_addon' ? 'nav-tab-active' : ''; ?>"
|
65 |
+
id="mo2f_tab4"><?php echo mo2f_lt( 'Add-ons' ); ?></a><?php } ?>
|
66 |
+
<a href="admin.php?page=miniOrange_2_factor_settings&mo2f_tab=proxy_setup"
|
67 |
+
class="nav-tab <?php echo $mo2f_active_tab == 'proxy_setup' ? 'nav-tab-active' : ''; ?>"
|
68 |
+
id="mo2f_tab5"><?php echo mo2f_lt( 'Proxy Setup' ); ?></a>
|
69 |
+
<a href="admin.php?page=miniOrange_2_factor_settings&mo2f_tab=mo2f_login"
|
70 |
+
class="nav-tab <?php echo $mo2f_active_tab == 'mo2f_login' ? 'nav-tab-active' : ''; ?>"
|
71 |
+
id="mo2f_tab2"><?php echo get_option( 'mo2f_is_NC' ) ? mo2f_lt( 'Standard/Premium Features' ) : mo2f_lt( 'Login Options' ); ?></a>
|
72 |
+
<a href="admin.php?page=miniOrange_2_factor_settings&mo2f_tab=mo2f_support"
|
73 |
+
class="nav-tab <?php echo $mo2f_active_tab == 'mo2f_support' ? 'nav-tab-active' : ''; ?>"
|
74 |
+
id="mo2f_tab7"><?php echo mo2f_lt( 'Support' ) ; ?></a>
|
75 |
+
|
76 |
+
<?php } ?>
|
77 |
+
</h2>
|
78 |
+
</div>
|
79 |
+
|
80 |
+
|
81 |
+
<div class="mo2f_container">
|
82 |
+
<div id="messages"></div>
|
83 |
+
<table style="width:100%;
|
84 |
+
padding:20px;">
|
85 |
+
<tr>
|
86 |
+
<td style="width:60%;vertical-align:top;">
|
87 |
+
|
88 |
+
<?php
|
89 |
+
/* to update the status of existing customers for adding their user registration status */
|
90 |
+
if ( get_option( 'mo_2factor_admin_registration_status' ) == 'MO_2_FACTOR_CUSTOMER_REGISTERED_SUCCESS' && get_option( 'mo2f_miniorange_admin' ) == $user->ID ) {
|
91 |
+
$Mo2fdbQueries->update_user_details( $user->ID, array( 'user_registration_with_miniorange' => 'SUCCESS' ) );
|
92 |
+
}
|
93 |
+
/* ----------------------------------------- */
|
94 |
+
$session_variables = array( 'mo2f_google_auth', 'mo2f_authy_keys', 'mo2f_mobile_support' );
|
95 |
+
|
96 |
+
if ( $mo2f_active_tab == 'mobile_configure' ) {
|
97 |
+
$mo2f_second_factor = mo2f_get_activated_second_factor( $user );
|
98 |
+
mo2f_select_2_factor_method( $user, $mo2f_second_factor );
|
99 |
+
?>
|
100 |
+
<?php
|
101 |
+
} else if ( $can_display_admin_features && $mo2f_active_tab == 'mo2f_support' ) {
|
102 |
+
MO2f_Utility::unset_session_variables( $session_variables );
|
103 |
+
mo2f_support();
|
104 |
+
} else if ( $can_display_admin_features && $mo2f_active_tab == 'proxy_setup' ) {
|
105 |
+
MO2f_Utility::unset_session_variables( $session_variables );
|
106 |
+
show_2_factor_proxy_setup( $user );
|
107 |
+
} else if ( $can_display_admin_features && $mo2f_active_tab == 'mo2f_login' ) {
|
108 |
+
MO2f_Utility::unset_session_variables( $session_variables );
|
109 |
+
show_2_factor_login_settings( $user );
|
110 |
+
} else if ( $can_display_admin_features && $mo2f_active_tab == 'mo2f_addon' ) {
|
111 |
+
MO2f_Utility::unset_session_variables( $session_variables );
|
112 |
+
show_2_factor_addons( $user );
|
113 |
+
do_action( 'mo2f_new_addon' );
|
114 |
+
} else if ( $can_display_admin_features && $mo2f_active_tab == 'mo2f_pricing' ) {
|
115 |
+
MO2f_Utility::unset_session_variables( $session_variables );
|
116 |
+
show_2_factor_pricing_page( $user );
|
117 |
+
} else {
|
118 |
+
|
119 |
+
MO2f_Utility::unset_session_variables( $session_variables );
|
120 |
+
if ( get_option( 'mo_2factor_admin_registration_status' ) == 'MO_2_FACTOR_CUSTOMER_REGISTERED_SUCCESS' && get_option( 'mo2f_miniorange_admin' ) != $user->ID ) {
|
121 |
+
if ( in_array( $mo_2factor_user_registration_status, array(
|
122 |
+
'MO_2_FACTOR_OTP_DELIVERED_SUCCESS',
|
123 |
+
'MO_2_FACTOR_OTP_DELIVERED_FAILURE'
|
124 |
+
) ) ) {
|
125 |
+
mo2f_show_user_otp_validation_page(); // OTP over email validation page
|
126 |
+
} else if ( $mo_2factor_user_registration_status == 'MO_2_FACTOR_INITIALIZE_MOBILE_REGISTRATION' ) { //displaying user profile
|
127 |
+
$mo2f_second_factor = mo2f_get_activated_second_factor( $user );
|
128 |
+
mo2f_show_instruction_to_allusers( $user, $mo2f_second_factor );
|
129 |
+
} else if ( $mo_2factor_user_registration_status == 'MO_2_FACTOR_PLUGIN_SETTINGS' ) {
|
130 |
+
$mo2f_second_factor = mo2f_get_activated_second_factor( $user );
|
131 |
+
mo2f_show_instruction_to_allusers( $user, $mo2f_second_factor ); //displaying user profile
|
132 |
+
} else {
|
133 |
+
show_user_welcome_page( $user ); //Landing page for additional admin for registration
|
134 |
+
}
|
135 |
+
} else {
|
136 |
+
|
137 |
+
if ( in_array( $mo_2factor_user_registration_status, array(
|
138 |
+
'MO_2_FACTOR_OTP_DELIVERED_SUCCESS',
|
139 |
+
'MO_2_FACTOR_OTP_DELIVERED_FAILURE'
|
140 |
+
) ) ) {
|
141 |
+
mo2f_show_otp_validation_page( $user ); // OTP over email validation page for admin
|
142 |
+
} else if ( $mo_2factor_user_registration_status == 'MO_2_FACTOR_INITIALIZE_MOBILE_REGISTRATION' ) { //displaying user profile
|
143 |
+
$mo2f_second_factor = mo2f_get_activated_second_factor( $user );
|
144 |
+
mo2f_show_instruction_to_allusers( $user, $mo2f_second_factor );
|
145 |
+
} else if ( $mo_2factor_user_registration_status == 'MO_2_FACTOR_PLUGIN_SETTINGS' ) {
|
146 |
+
$mo2f_second_factor = mo2f_get_activated_second_factor( $user );
|
147 |
+
mo2f_show_instruction_to_allusers( $user, $mo2f_second_factor ); //displaying user profile
|
148 |
+
|
149 |
+
} else if ( $mo_2factor_user_registration_status == 'MO_2_FACTOR_VERIFY_CUSTOMER' ) {
|
150 |
+
mo2f_show_verify_password_page(); //verify password page
|
151 |
+
} else if ( ! mo2f_is_customer_registered() ) {
|
152 |
+
delete_option( 'password_mismatch' );
|
153 |
+
mo2f_show_registration_page( $user ); //new registration page
|
154 |
+
}
|
155 |
+
}
|
156 |
+
|
157 |
+
}
|
158 |
+
?>
|
159 |
+
</td>
|
160 |
+
<td style="vertical-align:top;padding-left:1%;" id="mo2f_support_table">
|
161 |
+
<?php if ( $can_display_admin_features && ! ( $mo2f_active_tab == 'mobile_configure' || $mo2f_active_tab == 'mo2f_pricing' || $mo2f_active_tab == 'mo2f_login' ) ) {
|
162 |
+
// echo mo2f_support();
|
163 |
+
} ?>
|
164 |
+
</td>
|
165 |
+
</tr>
|
166 |
+
</table>
|
167 |
+
</div>
|
168 |
+
<?php
|
169 |
+
}
|
170 |
+
|
171 |
+
function mo2f_show_registration_page( $user ) {
|
172 |
+
global $Mo2fdbQueries;
|
173 |
+
$mo2f_active_tab = isset( $_GET['mo2f_tab'] ) ? $_GET['mo2f_tab'] : '';
|
174 |
+
$is_registration = ($mo2f_active_tab =='2factor_setup') ? true : false;
|
175 |
+
?>
|
176 |
+
|
177 |
+
<!--Register with miniOrange-->
|
178 |
+
<form name="f" method="post" action="">
|
179 |
+
<input type="hidden" name="option" value="mo_auth_register_customer"/>
|
180 |
+
<div <?php if($is_registration) { ?>class="mo2f_proxy_setup" <?php } ?>>
|
181 |
+
<?php if($is_registration) { ?>
|
182 |
+
<h3><span><?php echo mo2f_lt( 'Register with miniOrange' ); ?></span></h3><hr>
|
183 |
+
<?php } ?>
|
184 |
+
<div id="panel1">
|
185 |
+
<br>
|
186 |
+
<div><?php echo mo2f_lt( 'Already have an account?' ) . ' <a style="font-weight:bold; color:limegreen" href="#mo2f_account_exist">' . mo2f_lt( 'SIGN IN' ) ?></a></div>
|
187 |
+
<br>
|
188 |
+
<table class="mo2f_settings_table" style="border-collapse: separate; border-spacing: 0 1em;">
|
189 |
+
<tr>
|
190 |
+
|
191 |
+
<td style="width:30%"><b><span class="impt">*</span><?php echo mo2f_lt( 'Email :' ); ?></b></td>
|
192 |
+
<td style="width:70%"><input class="mo2f_table_textbox" type="email" name="email" required
|
193 |
+
value="<?php if ( get_option( 'mo2f_email' ) ) {
|
194 |
+
echo get_option( 'mo2f_email' );
|
195 |
+
} else {
|
196 |
+
echo $user->user_email;
|
197 |
+
} ?>"/></td>
|
198 |
+
</tr>
|
199 |
+
<tr>
|
200 |
+
<td><b><span class="impt">*</span><?php echo mo2f_lt( 'Password :' ); ?></b></td>
|
201 |
+
<td><input class="mo2f_table_textbox" type="password" required name="password"/></td>
|
202 |
+
</tr>
|
203 |
+
<tr>
|
204 |
+
<td><b><span class="impt">*</span><?php echo mo2f_lt( 'Confirm Password :' ); ?></b></td>
|
205 |
+
<td><input class="mo2f_table_textbox" type="password" required name="confirmPassword"/></td>
|
206 |
+
</tr>
|
207 |
+
<tr>
|
208 |
+
<td> </td>
|
209 |
+
<td><input type="submit" name="submit" style="float:right;"
|
210 |
+
value="<?php echo mo2f_lt( 'Continue' ); ?>"
|
211 |
+
class="button button-primary button-large"/></td>
|
212 |
+
</tr>
|
213 |
+
</table>
|
214 |
+
<br>
|
215 |
+
|
216 |
+
</div>
|
217 |
+
</div>
|
218 |
+
</form>
|
219 |
+
<form name="f" method="post" action="" id="mo2f_verify_customerform">
|
220 |
+
<input type="hidden" name="option" value="mo2f_goto_verifycustomer">
|
221 |
+
</form>
|
222 |
+
|
223 |
+
<script>
|
224 |
+
jQuery('a[href=\"#mo2f_account_exist\"]').click(function (e) {
|
225 |
+
jQuery('#mo2f_verify_customerform').submit();
|
226 |
+
});
|
227 |
+
</script>
|
228 |
+
<?php
|
229 |
+
}
|
230 |
+
|
231 |
+
function mo2f_show_otp_validation_page( $user ) {
|
232 |
+
global $Mo2fdbQueries;
|
233 |
+
$phone = $Mo2fdbQueries->get_user_detail( 'mo2f_user_phone', $user->ID );
|
234 |
+
?>
|
235 |
+
<!-- Enter otp -->
|
236 |
+
|
237 |
+
<div>
|
238 |
+
<div>
|
239 |
+
<table style="border-collapse: separate; border-spacing: 0 1em;">
|
240 |
+
<form name="f" method="post" id="mo_2f_otp_form" action="">
|
241 |
+
<input type="hidden" name="option" value="mo_2factor_validate_otp"/>
|
242 |
+
<tr>
|
243 |
+
<td><b><font color="#FF0000">*</font><?php echo mo2f_lt( 'Enter OTP:' ); ?></b></td>
|
244 |
+
<td colspan="2"><input class="mo2f_table_textbox" autofocus="true" type="text" name="otp_token"
|
245 |
+
required placeholder="<?php echo mo2f_lt( 'Enter OTP' ); ?>"
|
246 |
+
style="width:95%;"/></td>
|
247 |
+
<td><a href="#resendotplink"><?php echo mo2f_lt( 'Resend OTP ?' ); ?></a></td>
|
248 |
+
</tr>
|
249 |
+
|
250 |
+
<tr>
|
251 |
+
<td> </td>
|
252 |
+
<td style="width:17%">
|
253 |
+
<input type="submit" name="submit" value="<?php echo mo2f_lt( 'Validate' ); ?>"
|
254 |
+
class="button button-primary button-large"/></td>
|
255 |
+
|
256 |
+
</form>
|
257 |
+
<form name="f" method="post" action="">
|
258 |
+
<td>
|
259 |
+
<input type="hidden" name="option" value="mo_2factor_gobackto_registration_page"/>
|
260 |
+
<input type="submit" name="mo2f_goback" id="mo2f_goback"
|
261 |
+
value="<?php echo mo2f_lt( 'Back' ); ?>" class="button button-primary button-large"/>
|
262 |
+
</td>
|
263 |
+
</form>
|
264 |
+
</td>
|
265 |
+
</tr>
|
266 |
+
<form name="f" method="post" action="" id="resend_otp_form">
|
267 |
+
<input type="hidden" name="option" value="mo_2factor_resend_otp"/>
|
268 |
+
</form>
|
269 |
+
|
270 |
+
</table>
|
271 |
+
<br>
|
272 |
+
</div>
|
273 |
+
<div>
|
274 |
+
<script>
|
275 |
+
jQuery("#phone").intlTelInput();
|
276 |
+
jQuery('a[href=\"#resendotplink\"]').click(function (e) {
|
277 |
+
jQuery('#resend_otp_form').submit();
|
278 |
+
});
|
279 |
+
jQuery('a[href=\"#resendsmsotplink\"]').click(function (e) {
|
280 |
+
jQuery('#phone_verification').submit();
|
281 |
+
});
|
282 |
+
</script>
|
283 |
+
|
284 |
+
<br><br>
|
285 |
+
</div>
|
286 |
+
|
287 |
+
|
288 |
+
</div>
|
289 |
+
|
290 |
+
<?php
|
291 |
+
}
|
292 |
+
|
293 |
+
function mo2f_rba_description() {
|
294 |
+
?>
|
295 |
+
<div id="mo2f_rba_addon" style="min-height:850px; class=" mo2f_addon_spacing">
|
296 |
+
<?php if ( get_option( 'mo2f_rba_installed' ) ) { ?>
|
297 |
+
<a href="<?php echo admin_url(); ?>plugins.php" id="mo2f_activate_rba_addon"
|
298 |
+
class="button button-primary button-large"
|
299 |
+
style="float:right; margin-top:2%;"><?php echo __( 'Activate Plugin', 'miniorange-2-factor-authentication' ); ?></a>
|
300 |
+
<?php } ?>
|
301 |
+
<?php if ( ! get_option( 'mo2f_rba_purchased' ) ) { ?> <a
|
302 |
+
<a onclick="mo2f_addonform('wp_2fa_addon_rba')" id="mo2f_purchase_rba_addon"
|
303 |
+
class="button button-primary button-large"
|
304 |
+
style="margin-right:2%;margin-top:2%;float:right;"><?php echo __( 'Purchase', 'miniorange-2-factor-authentication' ); ?></a><?php } ?>
|
305 |
+
<br><br>
|
306 |
+
<div id="mo2f_rba_addon_hide"><h3 id="toggle_rba_description"
|
307 |
+
class="mo2f_pointer"><?php echo __( 'Description', 'miniorange-2-factor-authentication' ); ?> </h3>
|
308 |
+
<p id="rba_description" style="margin:2% 2% 2% 4%">
|
309 |
+
<?php echo __( 'This Add-On helps you in remembering the device, in which case you will not be prompted for the 2-factor authentication
|
310 |
+
if you login from the remembered device again. You can also decide the number of devices that can be remembered. Users can also be restricted access to the site based on the IP address they are logging in from.', 'miniorange-2-factor-authentication' ); ?>
|
311 |
+
</p>
|
312 |
+
<br>
|
313 |
+
<div id="mo2f_hide_rba_content">
|
314 |
+
|
315 |
+
<div class="mo2f_box">
|
316 |
+
<h3><?php echo __( 'Remember Device', 'miniorange-2-factor-authentication' ); ?></h3>
|
317 |
+
<hr>
|
318 |
+
<p id="mo2f_hide_rba_content"><?php echo __( 'With this feature, User would get an option to remember the personal device where Two Factor is not required. Every time the user logs in with the same device it detects the saved device so he will directly login without being prompted for the 2nd factor. If user logs in from new device he will be prompted with 2nd Factor.', 'miniorange-2-factor-authentication' ); ?>
|
319 |
+
|
320 |
+
</p>
|
321 |
+
</div>
|
322 |
+
<br><br>
|
323 |
+
<div class="mo2f_box">
|
324 |
+
<h3><?php echo __( 'Limit Number Of Device', 'miniorange-2-factor-authentication' ); ?></h3>
|
325 |
+
<hr>
|
326 |
+
<p><?php echo __( 'With this feature, the admin can restrict the number of devices from which the user can access the website. If the device limit is exceeded the admin can set three actions where it can allow the users to login, deny the access or challenge the user for authentication.', 'miniorange-2-factor-authentication' ); ?>
|
327 |
+
</p>
|
328 |
+
|
329 |
+
</div>
|
330 |
+
<br><br>
|
331 |
+
<div class="mo2f_box">
|
332 |
+
<h3><?php echo __( 'IP Restriction: Limit users to login from specific IPs', 'miniorange-2-factor-authentication' ); ?></h3>
|
333 |
+
<hr>
|
334 |
+
<p><?php echo __( 'The Admin can enable IP restrictions for the users. It will provide additional security to the accounts and perform different action to the accounts only from the listed IP Ranges. If user tries to access with a restricted IP, Admin can set three action: Allow, challenge or deny. Depending upon the action it will allow the user to login, challenge(prompt) for authentication or deny the access.', 'miniorange-2-factor-authentication' ); ?>
|
335 |
+
|
336 |
+
</div>
|
337 |
+
</div>
|
338 |
+
|
339 |
+
</div>
|
340 |
+
<div id="mo2f_rba_addon_show"><?php show_rba_content(); ?></div>
|
341 |
+
</div>
|
342 |
+
<?php
|
343 |
+
}
|
344 |
+
|
345 |
+
function show_2_factor_addons( $current_user ) {
|
346 |
+
global $Mo2fdbQueries;
|
347 |
+
$mo2f_user_email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $current_user->ID );
|
348 |
+
$mo2f_active_sub_tab = isset( $_GET['mo2f_sub_tab'] ) ? $_GET['mo2f_sub_tab'] : 'rba';
|
349 |
+
?>
|
350 |
+
|
351 |
+
|
352 |
+
<div class="mo2f_table_layout">
|
353 |
+
<div class="mo2f_vertical-submenu" style='text-align:justify'>
|
354 |
+
<a href="admin.php?page=miniOrange_2_factor_settings&mo2f_tab=mo2f_addon&mo2f_sub_tab=mo2f_sub_tab_rba"
|
355 |
+
class="nav-tab show_rba <?php echo $mo2f_active_sub_tab == 'mo2f_sub_tab_rba' ? 'active' : ''; ?>"
|
356 |
+
style='margin-left:5px' "
|
357 |
+
><?php echo __( 'Risk Based Access', 'miniorange-2-factor-authentication' ); ?></a>
|
358 |
+
<a href="admin.php?page=miniOrange_2_factor_settings&mo2f_tab=mo2f_addon&mo2f_sub_tab=mo2f_sub_tab_personalization"
|
359 |
+
class="nav-tab show_personalization <?php echo $mo2f_active_sub_tab == 'mo2f_sub_tab_personalization' ? 'active' : ''; ?>"><?php echo __( 'Personalization', 'miniorange-2-factor-authentication' ); ?></a>
|
360 |
+
<a href="admin.php?page=miniOrange_2_factor_settings&mo2f_tab=mo2f_addon&mo2f_sub_tab=mo2f_sub_tab_shortcode"
|
361 |
+
class="nav-tab show_shortcode <?php echo $mo2f_active_sub_tab == 'mo2f_sub_tab_shortcode' ? 'active' : ''; ?>"
|
362 |
+
style='margin-right:0px' "><?php echo __( 'Shortcode', 'miniorange-2-factor-authentication' ); ?></a>
|
363 |
+
</div>
|
364 |
+
<br><br><br><br>
|
365 |
+
<?php if ( $mo2f_active_sub_tab == "mo2f_sub_tab_rba" ) {
|
366 |
+
mo2f_rba_description(); ?>
|
367 |
+
|
368 |
+
<?php } else if ( $mo2f_active_sub_tab == "mo2f_sub_tab_personalization" ) { ?>
|
369 |
+
<div id="mo2f_custom_addon" style="min-height:850px;">
|
370 |
+
<?php if ( get_option( 'mo2f_personalization_installed' ) ) { ?>
|
371 |
+
|
372 |
+
<a href="<?php echo admin_url(); ?>plugins.php" id="mo2f_activate_custom_addon"
|
373 |
+
class="button button-primary button-large"
|
374 |
+
style="float:right; margin-top:2%;"><?php echo __( 'Activate Plugin', 'miniorange-2-factor-authentication' ); ?></a>
|
375 |
+
<?php } ?>
|
376 |
+
<?php if ( ! get_option( 'mo2f_personalization_purchased' ) ) { ?> <a
|
377 |
+
onclick="mo2f_addonform('wp_2fa_addon_personalization')" id="mo2f_purchase_custom_addon"
|
378 |
+
class="button button-primary button-large"
|
379 |
+
style="margin-right:2%;margin-top:2%;float:right;"><?php echo __( 'Purchase', 'miniorange-2-factor-authentication' ); ?></a>
|
380 |
+
<?php } ?>
|
381 |
+
<br>
|
382 |
+
<div id="mo2f_custom_addon_hide"><br>
|
383 |
+
<h3 id="toggle_personalization_description" class="mo2f_pointer">
|
384 |
+
<?php echo __( 'Description ', 'miniorange-2-factor-authentication' ); ?></h3>
|
385 |
+
<?php mo2f_personalization_description(); ?>
|
386 |
+
</div>
|
387 |
+
<div id="mo2f_custom_addon_show"><?php show_custom_content(); ?></div>
|
388 |
+
</div>
|
389 |
+
|
390 |
+
<?php } else if ( $mo2f_active_sub_tab == "mo2f_sub_tab_shortcode" ) { ?>
|
391 |
+
<div id="mo2f_shortcode_addon" style="min-height:420px;">
|
392 |
+
|
393 |
+
<div id="mo2f_Shortcode_addon_hide">
|
394 |
+
<?php if ( get_option( 'mo2f_shortcode_installed' ) ) { ?>
|
395 |
+
<a href="<?php echo admin_url(); ?>plugins.php" id="mo2f_activate_shortcode_addon"
|
396 |
+
class="button button-primary button-large" style="float:right; margin-top:2%;"><?php echo __( 'Activate
|
397 |
+
Plugin', 'miniorange-2-factor-authentication' ); ?></a>
|
398 |
+
<?php } ?>
|
399 |
+
<?php if ( ! get_option( 'mo2f_shortcode_purchased' ) ) { ?>
|
400 |
+
|
401 |
+
<a onclick="mo2f_addonform('wp_2fa_addon_shortcode')" id="mo2f_purchase_shortcode_addon"
|
402 |
+
class="button button-primary button-large"
|
403 |
+
style="margin-right:2%;margin-top:2%;float:right;"><?php echo __( 'Purchase', 'miniorange-2-factor-authentication' ); ?></a>
|
404 |
+
<?php } ?>
|
405 |
+
<br><br>
|
406 |
+
<h3 id="toggle_shortcode_description"
|
407 |
+
class="mo2f_pointer"><?php echo __( 'Description', 'miniorange-2-factor-authentication' ); ?> </h3>
|
408 |
+
<?php mo2f_shortcode_description(); ?>
|
409 |
+
</div>
|
410 |
+
<div id="mo2f_Shortcode_addon_show"><?php show_shortcode_content(); ?></div>
|
411 |
+
</div>
|
412 |
+
<?php } ?>
|
413 |
+
|
414 |
+
<form style="display:none;" id="mo2fa_loginform"
|
415 |
+
action="<?php echo get_option( 'mo2f_host_name' ) . '/moas/login'; ?>"
|
416 |
+
target="_blank" method="post">
|
417 |
+
<input type="email" name="username" value="<?php echo $mo2f_user_email; ?>"/>
|
418 |
+
<input type="text" name="redirectUrl"
|
419 |
+
value="<?php echo get_option( 'mo2f_host_name' ) . '/moas/initializepayment'; ?>"/>
|
420 |
+
<input type="text" name="requestOrigin" id="requestOrigin"/>
|
421 |
+
</form>
|
422 |
+
<script>
|
423 |
+
function mo2f_addonform(planType) {
|
424 |
+
jQuery('#requestOrigin').val(planType);
|
425 |
+
jQuery('#mo2fa_loginform').submit();
|
426 |
+
}
|
427 |
+
</script>
|
428 |
+
<style>
|
429 |
+
|
430 |
+
</style>
|
431 |
+
</div>
|
432 |
+
</form>
|
433 |
+
<?php
|
434 |
+
|
435 |
+
}
|
436 |
+
|
437 |
+
function mo2f_personalization_description() {
|
438 |
+
?>
|
439 |
+
<p id="custom_description" style="margin:2% 2% 2% 4%">
|
440 |
+
<?php echo __( 'This Add-On helps you modify and redesign the login screen\'s UI, and various customizations in the plugin dashboard.
|
441 |
+
Along with customizing the plugin Icon and name, you can also customize the email and sms templates you and your users receive during authentication.', 'miniorange-2-factor-authentication' ); ?>
|
442 |
+
</p>
|
443 |
+
<br>
|
444 |
+
<div id="mo2f_hide_custom_content">
|
445 |
+
<div class="mo2f_box">
|
446 |
+
<h3><?php echo __( 'Customize Plugin Icon', 'miniorange-2-factor-authentication' ); ?></h3>
|
447 |
+
<hr>
|
448 |
+
<p>
|
449 |
+
<?php echo __( 'With this feature, you can customize the plugin icon in the dashboard which is useful when you want your custom logo to be displayed to the users.', 'miniorange-2-factor-authentication' ); ?>
|
450 |
+
</p>
|
451 |
+
<br>
|
452 |
+
<h3><?php echo __( 'Customize Plugin Name', 'miniorange-2-factor-authentication' ); ?></h3>
|
453 |
+
<hr>
|
454 |
+
<p>
|
455 |
+
<?php echo __( 'With this feature, you can customize the name of the plugin in the dashboard.', 'miniorange-2-factor-authentication' ); ?>
|
456 |
+
</p>
|
457 |
+
|
458 |
+
</div>
|
459 |
+
<br>
|
460 |
+
<div class="mo2f_box">
|
461 |
+
<h3><?php echo __( 'Customize UI of Login Pop up\'s', 'miniorange-2-factor-authentication' ); ?></h3>
|
462 |
+
<hr>
|
463 |
+
<p>
|
464 |
+
<?php echo __( 'With this feature, you can customize the login pop-ups during two factor authentication according to the theme of your website.', 'miniorange-2-factor-authentication' ); ?>
|
465 |
+
</p>
|
466 |
+
</div>
|
467 |
+
|
468 |
+
<br>
|
469 |
+
<div class="mo2f_box">
|
470 |
+
<h3><?php echo __( 'Custom Email and SMS Templates', 'miniorange-2-factor-authentication' ); ?></h3>
|
471 |
+
<hr>
|
472 |
+
|
473 |
+
<p><?php echo __( 'You can change the templates for Email and SMS which user receives during authentication.', 'miniorange-2-factor-authentication' ); ?></p>
|
474 |
+
|
475 |
+
</div>
|
476 |
+
</div>
|
477 |
+
<?php
|
478 |
+
}
|
479 |
+
|
480 |
+
function mo2f_shortcode_description() {
|
481 |
+
?>
|
482 |
+
<p id="shortcode_description" style="margin:2% 2% 2% 4%">
|
483 |
+
<?php echo __( 'A shortcode is a WordPress-specific code that lets you do things with very little effort. Shortcodes can embed
|
484 |
+
ugly code in just one line. You can use these shortcodes on any custom page. Just include the shortcode on your page and boom!', 'miniorange-2-factor-authentication' ); ?>
|
485 |
+
</p>
|
486 |
+
<br>
|
487 |
+
|
488 |
+
<div id="mo2f_hide_shortcode_content" class="mo2f_box">
|
489 |
+
|
490 |
+
<h3><?php echo __( 'List of Shortcodes', 'miniorange-2-factor-authentication' ); ?>:</h3>
|
491 |
+
<hr>
|
492 |
+
|
493 |
+
<ol style="margin-left:2%">
|
494 |
+
<li><b><?php echo __( 'Enable Two Factor: ', 'miniorange-2-factor-authentication' ); ?></b> <?php echo __( 'This shortcode provides
|
495 |
+
an option to turn on/off 2-factor by user.', 'miniorange-2-factor-authentication' ); ?></li>
|
496 |
+
<li>
|
497 |
+
<b><?php echo __( 'Enable Reconfiguration: ', 'miniorange-2-factor-authentication' ); ?></b> <?php echo __( 'This shortcode provides an option to configure the Google Authenticator and Security Questions by user.', 'miniorange-2-factor-authentication' ); ?>
|
498 |
+
</li>
|
499 |
+
<li>
|
500 |
+
<b><?php echo __( 'Enable Remember Device: ', 'miniorange-2-factor-authentication' ); ?></b> <?php echo __( ' This shortcode provides
|
501 |
+
\'Enable Remember Device\' from your custom login form.', 'miniorange-2-factor-authentication' ); ?>
|
502 |
+
</li>
|
503 |
+
</ol>
|
504 |
+
|
505 |
+
</div>
|
506 |
+
<?php
|
507 |
+
}
|
508 |
+
|
509 |
+
function show_rba_content() {
|
510 |
+
|
511 |
+
$paid_rba = 1;
|
512 |
+
$str = "rba";
|
513 |
+
if ( $paid_rba ) {
|
514 |
+
$x = apply_filters( 'mo2f_rba', $str );
|
515 |
+
}
|
516 |
+
?>
|
517 |
+
|
518 |
+
|
519 |
+
<?php
|
520 |
+
}
|
521 |
+
|
522 |
+
function show_shortcode_content() {
|
523 |
+
|
524 |
+
$paid_shortcode = 1;
|
525 |
+
$str = "shortcode";
|
526 |
+
if ( $paid_shortcode ) {
|
527 |
+
$x = apply_filters( 'mo2f_shortcode', $str );
|
528 |
+
}
|
529 |
+
?>
|
530 |
+
<?php
|
531 |
+
}
|
532 |
+
|
533 |
+
function show_custom_content() {
|
534 |
+
|
535 |
+
$paid_custom = 1;
|
536 |
+
$str = "custom";
|
537 |
+
if ( $paid_custom ) {
|
538 |
+
$x = apply_filters( 'mo2f_custom', $str );
|
539 |
+
}
|
540 |
+
?>
|
541 |
+
|
542 |
+
|
543 |
+
<?php
|
544 |
+
}
|
545 |
+
|
546 |
+
function show_2_factor_proxy_setup( $user ) {
|
547 |
+
global $Mo2fdbQueries;
|
548 |
+
?>
|
549 |
+
|
550 |
+
|
551 |
+
<div class="mo2f_proxy_setup">
|
552 |
+
<h3>Proxy Settings</h3>
|
553 |
+
|
554 |
+
|
555 |
+
<hr>
|
556 |
+
<br>
|
557 |
+
<div style="float:right;">
|
558 |
+
<form name="f" method="post" action="" id="mo2f_disable_proxy_setup_form">
|
559 |
+
<input type="hidden" name="option" value="mo2f_disable_proxy_setup_option"/>
|
560 |
+
|
561 |
+
<input type="submit" name="submit" style="float:right"
|
562 |
+
value="<?php echo mo2f_lt( 'Reset Proxy Settings' ); ?>"
|
563 |
+
class="button button-primary button-large"
|
564 |
+
|
565 |
+
<?php if ( $Mo2fdbQueries->get_user_detail( 'mo_2factor_user_registration_status', $user->ID ) != 'MO_2_FACTOR_PLUGIN_SETTINGS' || ! get_option( 'mo2f_proxy_host' ) ) {
|
566 |
+
echo 'disabled';
|
567 |
+
} ?>
|
568 |
+
/>
|
569 |
+
|
570 |
+
</form>
|
571 |
+
</div>
|
572 |
+
<br><br>
|
573 |
+
<form name="f" method="post" action="">
|
574 |
+
<input type="hidden" name="option" value="mo2f_save_proxy_settings"/>
|
575 |
+
<table class="mo2f_settings_table">
|
576 |
+
<tr>
|
577 |
+
|
578 |
+
<td style="width:30%"><b><span class="impt">*</span><?php echo mo2f_lt( 'Proxy Host Name: ' ); ?>
|
579 |
+
</b></td>
|
580 |
+
<td style="width:70%"><input class="mo2f_table_textbox" type="text" name="proxyHost" required
|
581 |
+
value="<?php echo get_option( 'mo2f_proxy_host' ); ?>"/></td>
|
582 |
+
</tr>
|
583 |
+
<tr>
|
584 |
+
|
585 |
+
<td style="width:30%"><b><span class="impt">*</span><?php echo mo2f_lt( 'Port Number: ' ); ?></b>
|
586 |
+
</td>
|
587 |
+
<td style="width:70%"><input class="mo2f_table_textbox" type="number" name="portNumber" required
|
588 |
+
value="<?php echo get_option( 'mo2f_port_number' ); ?>"/></td>
|
589 |
+
</tr>
|
590 |
+
<tr>
|
591 |
+
|
592 |
+
<td style="width:30%"><b><?php echo mo2f_lt( 'Username: ' ); ?></b></td>
|
593 |
+
<td style="width:70%"><input class="mo2f_table_textbox" type="text" name="proxyUsername"
|
594 |
+
value="<?php echo get_option( 'mo2f_proxy_username' ); ?>"/></td>
|
595 |
+
</tr>
|
596 |
+
<tr>
|
597 |
+
|
598 |
+
<td style="width:30%"><b><?php echo mo2f_lt( 'Password: ' ); ?></b></td>
|
599 |
+
<td style="width:70%"><input class="mo2f_table_textbox" type="password" name="proxyPass"
|
600 |
+
value="<?php echo get_option( 'mo2f_proxy_password' ); ?>"/></td>
|
601 |
+
</tr>
|
602 |
+
|
603 |
+
<tr>
|
604 |
+
|
605 |
+
<td> </td>
|
606 |
+
<td><input type="submit" name="submit" style="float:right"
|
607 |
+
value="<?php echo mo2f_lt( 'Save Settings' ); ?>"
|
608 |
+
class="button button-primary button-large"
|
609 |
+
<?php if ( $Mo2fdbQueries->get_user_detail( 'mo_2factor_user_registration_status', $user->ID ) != 'MO_2_FACTOR_PLUGIN_SETTINGS' ) {
|
610 |
+
echo 'disabled';
|
611 |
+
} ?> /></td>
|
612 |
+
</tr>
|
613 |
+
|
614 |
+
</table>
|
615 |
+
</div>
|
616 |
+
</form>
|
617 |
+
<?php }
|
618 |
+
|
619 |
+
function show_2_factor_login_settings( $user ) {
|
620 |
+
global $Mo2fdbQueries;
|
621 |
+
$roles = get_editable_roles();
|
622 |
+
|
623 |
+
$mo_2factor_user_registration_status = $Mo2fdbQueries->get_user_detail( 'mo_2factor_user_registration_status', $user->ID );
|
624 |
+
?>
|
625 |
+
|
626 |
+
|
627 |
+
<?php if ( get_option( 'mo2f_is_NC' ) ) { ?>
|
628 |
+
<div class="mo2f_advanced_options_EC">
|
629 |
+
<?php echo get_standard_premium_options( $user ); ?>
|
630 |
+
</div>
|
631 |
+
<?php } else {
|
632 |
+
|
633 |
+
$mo2f_active_tab = '2factor_setup';
|
634 |
+
?>
|
635 |
+
|
636 |
+
<div class="mo2f_advanced_options_EC">
|
637 |
+
|
638 |
+
<div id="mo2f_login_options">
|
639 |
+
<a href="#standard_premium_options" style="float:right">Show Standard/Premium
|
640 |
+
Features</a></h3>
|
641 |
+
|
642 |
+
<form name="f" id="login_settings_form" method="post" action="">
|
643 |
+
<input type="hidden" name="option" value="mo_auth_login_settings_save"/>
|
644 |
+
|
645 |
+
<div class="row">
|
646 |
+
<h3 style="padding:10px;"><?php echo mo2f_lt( 'Select Login Screen Options' ); ?>
|
647 |
+
|
648 |
+
</div>
|
649 |
+
<hr>
|
650 |
+
<br>
|
651 |
+
|
652 |
+
|
653 |
+
<div style="margin-left: 2%;">
|
654 |
+
<input type="radio" name="mo2f_login_option" value="1"
|
655 |
+
<?php checked( get_option( 'mo2f_login_option' ) );
|
656 |
+
if ( $mo_2factor_user_registration_status == 'MO_2_FACTOR_PLUGIN_SETTINGS' ) {
|
657 |
+
} else {
|
658 |
+
echo 'disabled';
|
659 |
+
} ?> />
|
660 |
+
<?php echo mo2f_lt( 'Login with password + 2nd Factor ' ); ?>
|
661 |
+
<i>(<?php echo mo2f_lt( 'Default & Recommended' ); ?>) </i>
|
662 |
+
|
663 |
+
<br><br>
|
664 |
+
|
665 |
+
<div style="margin-left:6%;">
|
666 |
+
<input type="checkbox" id="mo2f_remember_device" name="mo2f_remember_device"
|
667 |
+
value="1" <?php checked( get_option( 'mo2f_remember_device' ) == 1 );
|
668 |
+
if ( $mo_2factor_user_registration_status == 'MO_2_FACTOR_PLUGIN_SETTINGS' ) {
|
669 |
+
} else {
|
670 |
+
echo 'disabled';
|
671 |
+
} ?> />Enable
|
672 |
+
'<b><?php echo mo2f_lt( 'Remember device' ); ?></b>' <?php echo mo2f_lt( 'option ' ); ?><br>
|
673 |
+
|
674 |
+
<div class="mo2f_advanced_options_note"><p style="padding:5px;">
|
675 |
+
<i><?php echo mo2f_lt( ' Checking this option will display an option ' ); ?>
|
676 |
+
'<b><?php echo mo2f_lt( 'Remember this device' ); ?></b>'<?php echo mo2f_lt( 'on 2nd factor screen. In the next login from the same device, user will bypass 2nd factor, i.e. user will be logged in through username + password only.' ); ?>
|
677 |
+
</i></p></div>
|
678 |
+
</div>
|
679 |
+
|
680 |
+
<br>
|
681 |
+
|
682 |
+
<input type="radio" name="mo2f_login_option" value="0"
|
683 |
+
<?php checked( ! get_option( 'mo2f_login_option' ) );
|
684 |
+
if ( $mo_2factor_user_registration_status == 'MO_2_FACTOR_PLUGIN_SETTINGS' ) {
|
685 |
+
} else {
|
686 |
+
echo 'disabled';
|
687 |
+
} ?> />
|
688 |
+
<?php echo mo2f_lt( 'Login with 2nd Factor only ' ); ?>
|
689 |
+
<i>(<?php echo mo2f_lt( 'No password required.' ); ?>)</i> <a class="btn btn-link"
|
690 |
+
data-toggle="collapse"
|
691 |
+
id="showpreview1"
|
692 |
+
href="#preview9"
|
693 |
+
aria-expanded="false"><?php echo mo2f_lt( 'See preview' ); ?></a>
|
694 |
+
<br>
|
695 |
+
<div class="mo2f_collapse" id="preview9" style="height:300px;">
|
696 |
+
<center><br>
|
697 |
+
<img style="height:300px;"
|
698 |
+
src="https://auth.miniorange.com/moas/images/help/login-help-1.png">
|
699 |
+
</center>
|
700 |
+
</div>
|
701 |
+
<div class="mo2f_advanced_options_note"><p style="padding:5px;">
|
702 |
+
<i><?php echo mo2f_lt( 'Checking this option will add login with your phone button below default login form. Click above link to see the preview.' ); ?></i>
|
703 |
+
</p></div>
|
704 |
+
<div id="loginphonediv" hidden><br>
|
705 |
+
<input type="checkbox" id="mo2f_login_with_username_and_2factor"
|
706 |
+
name="mo2f_login_with_username_and_2factor"
|
707 |
+
value="1" <?php checked( get_option( 'mo2f_enable_login_with_2nd_factor' ) == 1 );
|
708 |
+
if ( $mo_2factor_user_registration_status == 'MO_2_FACTOR_PLUGIN_SETTINGS' ) {
|
709 |
+
} else {
|
710 |
+
echo 'disabled';
|
711 |
+
} ?> />
|
712 |
+
<?php echo mo2f_lt( ' I want to hide default login form.' ); ?> <a
|
713 |
+
class="btn btn-link"
|
714 |
+
data-toggle="collapse"
|
715 |
+
href="#preview8"
|
716 |
+
aria-expanded="false"><?php echo mo2f_lt( 'See preview' ); ?></a>
|
717 |
+
<br>
|
718 |
+
<div class="mo2f_collapse" id="preview8" style="height:300px;">
|
719 |
+
<center><br>
|
720 |
+
<img style="height:300px;"
|
721 |
+
src="https://auth.miniorange.com/moas/images/help/login-help-3.png">
|
722 |
+
</center>
|
723 |
+
</div>
|
724 |
+
<br>
|
725 |
+
<div class="mo2f_advanced_options_note"><p style="padding:5px;">
|
726 |
+
<i><?php echo mo2f_lt( 'Checking this option will hide default login form and just show login with your phone. Click above link to see the preview.' ); ?></i>
|
727 |
+
</p></div>
|
728 |
+
</div>
|
729 |
+
<br>
|
730 |
+
</div>
|
731 |
+
<div>
|
732 |
+
<h3 style="padding:10px;"><?php echo mo2f_lt( 'Backup Methods' ); ?></h3></div>
|
733 |
+
<hr>
|
734 |
+
<br>
|
735 |
+
<div style="margin-left: 2%">
|
736 |
+
<input type="checkbox" id="mo2f_forgotphone" name="mo2f_forgotphone"
|
737 |
+
value="1" <?php checked( get_option( 'mo2f_enable_forgotphone' ) == 1 );
|
738 |
+
if ( $mo_2factor_user_registration_status == 'MO_2_FACTOR_PLUGIN_SETTINGS' ) {
|
739 |
+
} else {
|
740 |
+
echo 'disabled';
|
741 |
+
} ?> />
|
742 |
+
<?php echo mo2f_lt( 'Enable Forgot Phone.' ); ?>
|
743 |
+
|
744 |
+
<div class="mo2f_advanced_options_note"><p style="padding:5px;">
|
745 |
+
<i><?php echo mo2f_lt( 'This option will provide you an alternate way of logging in to your site in case you are unable to login with your primary authentication method.' ); ?></i>
|
746 |
+
</p></div>
|
747 |
+
<br>
|
748 |
+
|
749 |
+
</div>
|
750 |
+
<div>
|
751 |
+
<h3 style="padding:10px;">XML-RPC <?php echo mo2f_lt( 'Settings' ); ?></h3></div>
|
752 |
+
<hr>
|
753 |
+
<br>
|
754 |
+
<div style="margin-left: 2%">
|
755 |
+
<input type="checkbox" id="mo2f_enable_xmlrpc" name="mo2f_enable_xmlrpc"
|
756 |
+
value="1" <?php checked( get_option( 'mo2f_enable_xmlrpc' ) == 1 );
|
757 |
+
if ( $mo_2factor_user_registration_status == 'MO_2_FACTOR_PLUGIN_SETTINGS' ) {
|
758 |
+
} else {
|
759 |
+
echo 'disabled';
|
760 |
+
} ?> />
|
761 |
+
<?php echo mo2f_lt( 'Enable XML-RPC Login.' ); ?>
|
762 |
+
<div class="mo2f_advanced_options_note"><p style="padding:5px;">
|
763 |
+
<i><?php echo mo2f_lt( 'Enabling this option will decrease your overall login security. Users will be able to login through external applications which support XML-RPC without authenticating from miniOrange. ' ); ?>
|
764 |
+
<b><?php echo mo2f_lt( 'Please keep it unchecked.' ); ?></b></i></p></div>
|
765 |
+
|
766 |
+
</div>
|
767 |
+
|
768 |
+
<br><br>
|
769 |
+
<div style="float:right;padding:10px;">
|
770 |
+
<input type="submit" name="submit" value="<?php echo mo2f_lt( 'Save Settings' ); ?>"
|
771 |
+
class="button button-primary button-large" <?php
|
772 |
+
if ( $mo_2factor_user_registration_status == 'MO_2_FACTOR_PLUGIN_SETTINGS' ) {
|
773 |
+
} else {
|
774 |
+
echo 'disabled';
|
775 |
+
} ?> />
|
776 |
+
</div>
|
777 |
+
<br></form>
|
778 |
+
<br>
|
779 |
+
<br>
|
780 |
+
<hr>
|
781 |
+
</div>
|
782 |
+
|
783 |
+
<?php echo get_standard_premium_options( $user ); ?>
|
784 |
+
</div>
|
785 |
+
|
786 |
+
<?php
|
787 |
+
} ?>
|
788 |
+
|
789 |
+
<script>
|
790 |
+
|
791 |
+
if (jQuery("input[name=mo2f_login_option]:radio:checked").val() == 0) {
|
792 |
+
jQuery('#loginphonediv').show();
|
793 |
+
}
|
794 |
+
jQuery("input[name=mo2f_login_option]:radio").change(function () {
|
795 |
+
if (this.value == 1) {
|
796 |
+
jQuery('#loginphonediv').hide();
|
797 |
+
} else {
|
798 |
+
jQuery('#loginphonediv').show();
|
799 |
+
}
|
800 |
+
});
|
801 |
+
|
802 |
+
|
803 |
+
function show_backup_options() {
|
804 |
+
jQuery("#backup_options").slideToggle(700);
|
805 |
+
jQuery("#login_options").hide();
|
806 |
+
jQuery("#customizations").hide();
|
807 |
+
jQuery("#customizations_prem").hide();
|
808 |
+
jQuery("#backup_options_prem").hide();
|
809 |
+
jQuery("#inline_registration_options").hide();
|
810 |
+
}
|
811 |
+
|
812 |
+
function show_customizations() {
|
813 |
+
jQuery("#login_options").hide();
|
814 |
+
jQuery("#inline_registration_options").hide();
|
815 |
+
jQuery("#backup_options").hide();
|
816 |
+
jQuery("#customizations_prem").hide();
|
817 |
+
jQuery("#backup_options_prem").hide();
|
818 |
+
jQuery("#customizations").slideToggle(700);
|
819 |
+
|
820 |
+
}
|
821 |
+
|
822 |
+
jQuery("#backup_options_prem").hide();
|
823 |
+
|
824 |
+
function show_backup_options_prem() {
|
825 |
+
jQuery("#backup_options_prem").slideToggle(700);
|
826 |
+
jQuery("#login_options").hide();
|
827 |
+
jQuery("#customizations").hide();
|
828 |
+
jQuery("#customizations_prem").hide();
|
829 |
+
jQuery("#inline_registration_options").hide();
|
830 |
+
jQuery("#backup_options").hide();
|
831 |
+
}
|
832 |
+
|
833 |
+
jQuery("#login_options").hide();
|
834 |
+
|
835 |
+
function show_login_options() {
|
836 |
+
jQuery("#inline_registration_options").hide();
|
837 |
+
jQuery("#customizations").hide();
|
838 |
+
jQuery("#backup_options").hide();
|
839 |
+
jQuery("#backup_options_prem").hide();
|
840 |
+
jQuery("#customizations_prem").hide();
|
841 |
+
jQuery("#login_options").slideToggle(700);
|
842 |
+
}
|
843 |
+
|
844 |
+
jQuery("#inline_registration_options").hide();
|
845 |
+
|
846 |
+
function show_inline_registration_options() {
|
847 |
+
jQuery("#login_options").hide();
|
848 |
+
jQuery("#customizations").hide();
|
849 |
+
jQuery("#backup_options").hide();
|
850 |
+
jQuery("#backup_options_prem").hide();
|
851 |
+
jQuery("#customizations_prem").hide();
|
852 |
+
jQuery("#inline_registration_options").slideToggle(700);
|
853 |
+
|
854 |
+
}
|
855 |
+
|
856 |
+
jQuery("#customizations_prem").hide();
|
857 |
+
|
858 |
+
function show_customizations_prem() {
|
859 |
+
jQuery("#inline_registration_options").hide();
|
860 |
+
jQuery("#login_options").hide();
|
861 |
+
jQuery("#customizations").hide();
|
862 |
+
jQuery("#backup_options").hide();
|
863 |
+
jQuery("#backup_options_prem").hide();
|
864 |
+
jQuery("#customizations_prem").slideToggle(700);
|
865 |
+
|
866 |
+
}
|
867 |
+
|
868 |
+
function showLoginOptions() {
|
869 |
+
jQuery("#mo2f_login_options").show();
|
870 |
+
}
|
871 |
+
|
872 |
+
function showLoginOptions() {
|
873 |
+
jQuery("#mo2f_login_options").show();
|
874 |
+
}
|
875 |
+
|
876 |
+
|
877 |
+
</script>
|
878 |
+
|
879 |
+
|
880 |
+
<?php
|
881 |
+
}
|
882 |
+
|
883 |
+
function mo2f_show_verify_password_page() {
|
884 |
+
$mo2f_active_tab = isset( $_GET['mo2f_tab'] ) ? $_GET['mo2f_tab'] : '';
|
885 |
+
$is_registration = ($mo2f_active_tab =='2factor_setup') ? true : false;
|
886 |
+
?>
|
887 |
+
<!--Verify password with miniOrange-->
|
888 |
+
<form name="f" method="post" action="">
|
889 |
+
<input type="hidden" name="option" value="mo_auth_verify_customer"/>
|
890 |
+
<div <?php if($is_registration) { ?>class="mo2f_proxy_setup" <?php } ?>>
|
891 |
+
<?php if($is_registration) { ?>
|
892 |
+
<h2><?php echo mo2f_lt( 'Sign In to your miniOrange Account' ); ?></h2><hr>
|
893 |
+
<?php } ?>
|
894 |
+
<div id="panel1">
|
895 |
+
<p><a style="float:right;font-weight:bold; color:orange" target="_blank"
|
896 |
+
href="https://auth.miniorange.com/moas/idp/resetpassword"><?php echo mo2f_lt( 'FORGOT PASSWORD?' ); ?></a>
|
897 |
+
</p>
|
898 |
+
<br>
|
899 |
+
<table class="mo2f_settings_table">
|
900 |
+
<tr>
|
901 |
+
<td><b><font color="#FF0000">*</font><?php echo mo2f_lt( 'Email:' ); ?></b></td>
|
902 |
+
<td><input class="mo2f_table_textbox" type="email" name="email" id="email" required
|
903 |
+
value="<?php echo get_option( 'mo2f_email' ); ?>"/></td>
|
904 |
+
</tr>
|
905 |
+
<tr>
|
906 |
+
<td><b><font color="#FF0000">*</font><?php echo mo2f_lt( 'Password:' ); ?></b></td>
|
907 |
+
<td><input class="mo2f_table_textbox" type="password" name="password" required/></td>
|
908 |
+
</tr>
|
909 |
+
|
910 |
+
<tr>
|
911 |
+
<td colspan="2"> </td>
|
912 |
+
</tr>
|
913 |
+
|
914 |
+
<tr>
|
915 |
+
<td> </td>
|
916 |
+
<td>
|
917 |
+
<input type="button" name="mo2f_goback" id="mo2f_go_back"
|
918 |
+
value="<?php echo mo2f_lt( 'Back' ); ?>" class="button button-primary button-large"/>
|
919 |
+
|
920 |
+
<input type="submit" name="submit" value="<?php echo mo2f_lt( 'Submit' ); ?>"
|
921 |
+
class="button button-primary button-large"/></td>
|
922 |
+
|
923 |
+
</tr>
|
924 |
+
|
925 |
+
</table>
|
926 |
+
|
927 |
+
</div>
|
928 |
+
<br><br>
|
929 |
+
</div>
|
930 |
+
</form>
|
931 |
+
<form name="f" method="post" action="" id="gobackform">
|
932 |
+
<input type="hidden" name="option" value="mo_2factor_gobackto_registration_page"/>
|
933 |
+
</form>
|
934 |
+
<script>
|
935 |
+
jQuery('#mo2f_go_back').click(function () {
|
936 |
+
jQuery('#gobackform').submit();
|
937 |
+
});
|
938 |
+
|
939 |
+
</script>
|
940 |
+
<?php }
|
941 |
+
|
942 |
+
function get_standard_premium_options( $user ) {
|
943 |
+
$is_NC = get_option( 'mo2f_is_NC' );
|
944 |
+
|
945 |
+
?>
|
946 |
+
|
947 |
+
<div id="standard_premium_options" style="text-align: center;">
|
948 |
+
<p style="font-size:22px;color:darkorange;padding:10px;"><?php echo mo2f_lt( 'Features in the Standard Plan' ); ?></p>
|
949 |
+
|
950 |
+
</div>
|
951 |
+
|
952 |
+
<hr>
|
953 |
+
<?php if ( $is_NC ) { ?>
|
954 |
+
<div>
|
955 |
+
<a class="mo2f_view_backup_options" onclick="show_backup_options()">
|
956 |
+
<img src="<?php echo plugins_url( 'includes/images/right-arrow.png"', __FILE__ ); ?>"
|
957 |
+
class="mo2f_advanced_options_images"/>
|
958 |
+
|
959 |
+
<p class="mo2f_heading_style"><?php echo mo2f_lt( 'Backup Options' ); ?></p>
|
960 |
+
</a>
|
961 |
+
|
962 |
+
</div>
|
963 |
+
<div id="backup_options" style="margin-left: 5%;">
|
964 |
+
|
965 |
+
<div class="mo2f_advanced_options_note"><p style="padding:5px;">
|
966 |
+
<i><?php echo mo2f_lt( 'Use these backup options to login to your site in case your
|
967 |
+
phone is lost / not accessible or if you are not able to login using your primary
|
968 |
+
authentication method.' ); ?></i></p></div>
|
969 |
+
|
970 |
+
<ol class="mo2f_ol">
|
971 |
+
<li><?php echo mo2f_lt( 'KBA (Security Questions)' ); ?></li>
|
972 |
+
</ol>
|
973 |
+
|
974 |
+
</div>
|
975 |
+
<?php } ?>
|
976 |
+
|
977 |
+
<div>
|
978 |
+
<a class="mo2f_view_customizations" onclick="show_customizations()">
|
979 |
+
<img src="<?php echo plugins_url( 'includes/images/right-arrow.png"', __FILE__ ); ?>"
|
980 |
+
class="mo2f_advanced_options_images"/>
|
981 |
+
|
982 |
+
<p class="mo2f_heading_style"><?php echo mo2f_lt( 'Customizations' ); ?></p>
|
983 |
+
</a>
|
984 |
+
</div>
|
985 |
+
|
986 |
+
|
987 |
+
<div id="customizations" style="margin-left: 5%;">
|
988 |
+
|
989 |
+
<p style="font-size:15px;font-weight:bold">1. <?php echo mo2f_lt( 'Login Screen Options' ); ?></p>
|
990 |
+
<div>
|
991 |
+
<ul style="margin-left:4%" class="mo2f_ol">
|
992 |
+
<li><?php echo mo2f_lt( 'Login with Wordpress username/password and 2nd Factor' ); ?> <a
|
993 |
+
class="btn btn-link" data-toggle="collapse" id="showpreview1" href="#preview7"
|
994 |
+
aria-expanded="false">[ <?php echo mo2f_lt( 'See Preview' ); ?>
|
995 |
+
]</a>
|
996 |
+
<div class="mo2f_collapse" id="preview7" style="height:300px;">
|
997 |
+
<center><br>
|
998 |
+
<img style="height:300px;"
|
999 |
+
src="https://auth.miniorange.com/moas/images/help/login-help-1.png">
|
1000 |
+
</center>
|
1001 |
+
|
1002 |
+
</div>
|
1003 |
+
</li>
|
1004 |
+
<li><?php echo mo2f_lt( 'Login with Wordpress username and 2nd Factor only' ); ?> <a
|
1005 |
+
class="btn btn-link" data-toggle="collapse" id="showpreview2" href="#preview6"
|
1006 |
+
aria-expanded="false">[ <?php echo mo2f_lt( 'See Preview' ); ?>
|
1007 |
+
]</a>
|
1008 |
+
<br>
|
1009 |
+
<div class="mo2f_collapse" id="preview6" style="height:300px;">
|
1010 |
+
<center><br>
|
1011 |
+
<img style="height:300px;"
|
1012 |
+
src="https://auth.miniorange.com/moas/images/help/login-help-3.png">
|
1013 |
+
</center>
|
1014 |
+
</div>
|
1015 |
+
<br>
|
1016 |
+
</li>
|
1017 |
+
</ul>
|
1018 |
+
|
1019 |
+
|
1020 |
+
</div>
|
1021 |
+
<br>
|
1022 |
+
<p style="font-size:15px;font-weight:bold">2. <?php echo mo2f_lt( 'Custom Redirect URLs' ); ?></p>
|
1023 |
+
<p style="margin-left:4%"><?php echo mo2f_lt( 'Enable Custom Relay state URL\'s (based on user roles in Wordpress) to which the users
|
1024 |
+
will get redirected to, after the 2-factor authentication' ); ?>'.</p>
|
1025 |
+
|
1026 |
+
|
1027 |
+
<br>
|
1028 |
+
<p style="font-size:15px;font-weight:bold">3. <?php echo mo2f_lt( 'Custom Security Questions (KBA)' ); ?></p>
|
1029 |
+
<div id="mo2f_customKBAQuestions1">
|
1030 |
+
<p style="margin-left:4%"><?php echo mo2f_lt( 'Add up to 16 Custom Security Questions for Knowledge based authentication (KBA).
|
1031 |
+
You also have the option to select how many standard and custom questions should be shown to the
|
1032 |
+
users' ); ?>.</p>
|
1033 |
+
|
1034 |
+
</div>
|
1035 |
+
<br>
|
1036 |
+
<p style="font-size:15px;font-weight:bold">
|
1037 |
+
4. <?php echo mo2f_lt( 'Custom account name in Google Authenticator App' ); ?></p>
|
1038 |
+
<div id="mo2f_editGoogleAuthenticatorAccountName1">
|
1039 |
+
|
1040 |
+
<p style="margin-left:4%"><?php echo mo2f_lt( 'Customize the Account name in the Google Authenticator App' ); ?>
|
1041 |
+
.</p>
|
1042 |
+
|
1043 |
+
</div>
|
1044 |
+
<br>
|
1045 |
+
</div>
|
1046 |
+
<div id="standard_premium_options" style="text-align: center;">
|
1047 |
+
<p style="font-size:22px;color:darkorange;padding:10px;"><?php echo mo2f_lt( 'Features in the Premium Plan' ); ?></p>
|
1048 |
+
|
1049 |
+
</div>
|
1050 |
+
<hr>
|
1051 |
+
<div>
|
1052 |
+
<a class="mo2f_view_customizations_prem" onclick="show_customizations_prem()">
|
1053 |
+
<img src="<?php echo plugins_url( 'includes/images/right-arrow.png"', __FILE__ ); ?>"
|
1054 |
+
class="mo2f_advanced_options_images"/>
|
1055 |
+
|
1056 |
+
<p class="mo2f_heading_style"><?php echo mo2f_lt( 'Customizations' ); ?></p>
|
1057 |
+
</a>
|
1058 |
+
</div>
|
1059 |
+
|
1060 |
+
|
1061 |
+
<div id="customizations_prem" style="margin-left: 5%;">
|
1062 |
+
|
1063 |
+
<p style="font-size:15px;font-weight:bold">1. <?php echo mo2f_lt( 'Login Screen Options' ); ?></p>
|
1064 |
+
<div>
|
1065 |
+
<ul style="margin-left:4%" class="mo2f_ol">
|
1066 |
+
<li><?php echo mo2f_lt( 'Login with Wordpress username/password and 2nd Factor' ); ?> <a
|
1067 |
+
class="btn btn-link" data-toggle="collapse" id="showpreview1" href="#preview3"
|
1068 |
+
aria-expanded="false">[ <?php echo mo2f_lt( 'See Preview' ); ?>
|
1069 |
+
]</a>
|
1070 |
+
<div class="mo2f_collapse" id="preview3" style="height:300px;">
|
1071 |
+
<center><br>
|
1072 |
+
<img style="height:300px;"
|
1073 |
+
src="https://auth.miniorange.com/moas/images/help/login-help-1.png">
|
1074 |
+
</center>
|
1075 |
+
|
1076 |
+
</div>
|
1077 |
+
<br></li>
|
1078 |
+
<li><?php echo mo2f_lt( 'Login with Wordpress username and 2nd Factor only' ); ?> <a
|
1079 |
+
class="btn btn-link" data-toggle="collapse" id="showpreview2" href="#preview4"
|
1080 |
+
aria-expanded="false">[ <?php echo mo2f_lt( 'See Preview' ); ?>
|
1081 |
+
]</a>
|
1082 |
+
<br>
|
1083 |
+
<div class="mo2f_collapse" id="preview4" style="height:300px;">
|
1084 |
+
<center><br>
|
1085 |
+
<img style="height:300px;"
|
1086 |
+
src="https://auth.miniorange.com/moas/images/help/login-help-3.png">
|
1087 |
+
</center>
|
1088 |
+
</div>
|
1089 |
+
<br>
|
1090 |
+
</li>
|
1091 |
+
</ul>
|
1092 |
+
|
1093 |
+
|
1094 |
+
</div>
|
1095 |
+
<br>
|
1096 |
+
<p style="font-size:15px;font-weight:bold">2. <?php echo mo2f_lt( 'Custom Redirect URLs' ); ?></p>
|
1097 |
+
<p style="margin-left:4%"><?php echo mo2f_lt( 'Enable Custom Relay state URL\'s (based on user roles in Wordpress) to which the users
|
1098 |
+
will get redirected to, after the 2-factor authentication' ); ?>'.</p>
|
1099 |
+
|
1100 |
+
|
1101 |
+
<br>
|
1102 |
+
<p style="font-size:15px;font-weight:bold">3. <?php echo mo2f_lt( 'Custom Security Questions (KBA)' ); ?></p>
|
1103 |
+
<div id="mo2f_customKBAQuestions1">
|
1104 |
+
<p style="margin-left:4%"><?php echo mo2f_lt( 'Add up to 16 Custom Security Questions for Knowledge based authentication (KBA).
|
1105 |
+
You also have the option to select how many standard and custom questions should be shown to the
|
1106 |
+
users' ); ?>.</p>
|
1107 |
+
|
1108 |
+
</div>
|
1109 |
+
<br>
|
1110 |
+
<p style="font-size:15px;font-weight:bold">
|
1111 |
+
4. <?php echo mo2f_lt( 'Custom account name in Google Authenticator App' ); ?></p>
|
1112 |
+
<div id="mo2f_editGoogleAuthenticatorAccountName1">
|
1113 |
+
|
1114 |
+
<p style="margin-left:4%"><?php echo mo2f_lt( 'Customize the Account name in the Google Authenticator App' ); ?>
|
1115 |
+
.</p>
|
1116 |
+
|
1117 |
+
</div>
|
1118 |
+
<br>
|
1119 |
+
</div>
|
1120 |
+
<div>
|
1121 |
+
<a class="mo2f_view_backup_options_prem" onclick="show_backup_options_prem()">
|
1122 |
+
<img src="<?php echo plugins_url( 'includes/images/right-arrow.png"', __FILE__ ); ?>"
|
1123 |
+
class="mo2f_advanced_options_images"/>
|
1124 |
+
|
1125 |
+
<p class="mo2f_heading_style"><?php echo mo2f_lt( 'Backup Options' ); ?></p>
|
1126 |
+
</a>
|
1127 |
+
|
1128 |
+
</div>
|
1129 |
+
<div id="backup_options_prem" style="margin-left: 5%;">
|
1130 |
+
|
1131 |
+
<div class="mo2f_advanced_options_note"><p style="padding:5px;">
|
1132 |
+
<i><?php echo mo2f_lt( 'Use these backup options to login to your site in case your
|
1133 |
+
phone is lost / not accessible or if you are not able to login using your primary
|
1134 |
+
authentication method.' ); ?></i></p></div>
|
1135 |
+
|
1136 |
+
<ol class="mo2f_ol">
|
1137 |
+
<li><?php echo mo2f_lt( 'KBA (Security Questions)' ); ?></li>
|
1138 |
+
<li><?php echo mo2f_lt( 'OTP Over Email' ); ?></li>
|
1139 |
+
<li><?php echo mo2f_lt( 'Backup Codes' ); ?></li>
|
1140 |
+
</ol>
|
1141 |
+
|
1142 |
+
</div>
|
1143 |
+
|
1144 |
+
|
1145 |
+
<div>
|
1146 |
+
<a class="mo2f_view_inline_registration_options" onclick="show_inline_registration_options()">
|
1147 |
+
<img src="<?php echo plugins_url( 'includes/images/right-arrow.png"', __FILE__ ); ?>"
|
1148 |
+
class="mo2f_advanced_options_images"/>
|
1149 |
+
<p class="mo2f_heading_style"><?php echo mo2f_lt( 'Inline Registration Options' ); ?></p>
|
1150 |
+
</a>
|
1151 |
+
</div>
|
1152 |
+
|
1153 |
+
|
1154 |
+
<div id="inline_registration_options" style="margin-left: 5%;">
|
1155 |
+
|
1156 |
+
<div class="mo2f_advanced_options_note"><p style="padding:5px;">
|
1157 |
+
<i><?php echo mo2f_lt( 'Inline Registration is the registration process the users go through the first time they
|
1158 |
+
setup 2FA.' ); ?><br>
|
1159 |
+
<?php echo mo2f_lt( 'If Inline Registration is enabled by the admin for the users, the next time
|
1160 |
+
the users login to the website, they will be prompted to set up the 2FA of their choice by
|
1161 |
+
creating an account with miniOrange.' ); ?>
|
1162 |
+
|
1163 |
+
|
1164 |
+
</i></p></div>
|
1165 |
+
|
1166 |
+
|
1167 |
+
<p style="font-size:15px;font-weight:bold"><?php echo mo2f_lt( 'Features' ) ?>:</p>
|
1168 |
+
<ol style="margin-left: 5%" class="mo2f_ol">
|
1169 |
+
<li><?php echo mo2f_lt( 'Invoke 2FA Registration & Setup for Users during first-time login (Inline Registration)' ); ?>
|
1170 |
+
</li>
|
1171 |
+
|
1172 |
+
<li><?php echo mo2f_lt( 'Verify Email address of User during Inline Registration' ); ?></li>
|
1173 |
+
<li><?php echo mo2f_lt( 'Remove Knowledge Based Authentication(KBA) setup during inline registration' ); ?></li>
|
1174 |
+
<li><?php echo mo2f_lt( 'Enable 2FA for specific Roles' ); ?></li>
|
1175 |
+
<li><?php echo mo2f_lt( 'Enable specific 2FA methods to Users during Inline Registration' ); ?>:
|
1176 |
+
<ul style="padding-top:10px;">
|
1177 |
+
<li style="margin-left: 5%;">
|
1178 |
+
1. <?php echo mo2f_lt( 'Show specific 2FA methods to All Users' ); ?></li>
|
1179 |
+
<li style="margin-left: 5%;">
|
1180 |
+
2. <?php echo mo2f_lt( 'Show specific 2FA methods to Users based on their roles' ); ?></li>
|
1181 |
+
</ul>
|
1182 |
+
</li>
|
1183 |
+
</ol>
|
1184 |
+
</div>
|
1185 |
+
|
1186 |
+
|
1187 |
+
<div>
|
1188 |
+
<a class="mo2f_view_login_options" onclick="show_login_options()">
|
1189 |
+
<img src="<?php echo plugins_url( 'includes/images/right-arrow.png"', __FILE__ ); ?>"
|
1190 |
+
class="mo2f_advanced_options_images"/>
|
1191 |
+
<p class="mo2f_heading_style"><?php echo mo2f_lt( 'User Login Options' ); ?></p>
|
1192 |
+
</a>
|
1193 |
+
</div>
|
1194 |
+
|
1195 |
+
<div id="login_options" style="margin-left: 5%;">
|
1196 |
+
|
1197 |
+
<div class="mo2f_advanced_options_note"><p style="padding:5px;">
|
1198 |
+
<i><?php echo mo2f_lt( 'These are the options customizable for your users.' ); ?>
|
1199 |
+
|
1200 |
+
|
1201 |
+
</i></p></div>
|
1202 |
+
|
1203 |
+
<ol style="margin-left: 5%" class="mo2f_ol">
|
1204 |
+
<li><?php echo mo2f_lt( 'Enable 2FA during login for specific users on your site' ); ?>.</li>
|
1205 |
+
|
1206 |
+
<li><?php echo mo2f_lt( 'Enable login from external apps that support XML-RPC. (eg. Wordpress App)' ); ?>
|
1207 |
+
<br>
|
1208 |
+
<div class="mo2f_advanced_options_note"><p style="padding:5px;">
|
1209 |
+
<i><?php echo mo2f_lt( 'Use the Password generated in the 2FA plugin to login to your Wordpress Site from
|
1210 |
+
any application that supports XML-RPC.' ); ?>
|
1211 |
+
|
1212 |
+
|
1213 |
+
</i></p></div>
|
1214 |
+
|
1215 |
+
|
1216 |
+
<li><?php echo mo2f_lt( 'Enable KBA (Security Questions) as 2FA for Users logging in to the site from mobile
|
1217 |
+
phones.' ); ?>
|
1218 |
+
</li>
|
1219 |
+
|
1220 |
+
|
1221 |
+
</ol>
|
1222 |
+
</div>
|
1223 |
+
<?php
|
1224 |
+
}
|
1225 |
+
|
1226 |
+
?>
|
miniorange_2_factor_mobile_configuration.php
ADDED
@@ -0,0 +1,1400 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
|
3 |
+
include dirname( __FILE__ ) . '/views/configure_google_authenticator';
|
4 |
+
include dirname( __FILE__ ) . '/views/configure_authy_authenticator';
|
5 |
+
include dirname( __FILE__ ) . '/views/configure_miniorange_authenticator';
|
6 |
+
include dirname( __FILE__ ) . '/views/configure_kba_questions';
|
7 |
+
include dirname( __FILE__ ) . '/views/configure_otp_over_sms';
|
8 |
+
include dirname( __FILE__ ) . '/views/test_miniorange_qr_code_authentication';
|
9 |
+
include dirname( __FILE__ ) . '/views/test_miniorange_soft_token';
|
10 |
+
include dirname( __FILE__ ) . '/views/test_miniorange_push_notification';
|
11 |
+
include dirname( __FILE__ ) . '/views/test_otp_over_sms';
|
12 |
+
include dirname( __FILE__ ) . '/views/test_kba_security_questions';
|
13 |
+
include dirname( __FILE__ ) . '/views/test_email_verification';
|
14 |
+
include dirname( __FILE__ ) . '/views/test_google_authy_authenticator';
|
15 |
+
|
16 |
+
|
17 |
+
function mo2f_update_and_sync_user_two_factor( $user_id, $userinfo ) {
|
18 |
+
global $Mo2fdbQueries;
|
19 |
+
$mo2f_second_factor = isset( $userinfo['authType'] ) && ! empty( $userinfo['authType'] ) ? $userinfo['authType'] : 'NONE';
|
20 |
+
|
21 |
+
if ( $mo2f_second_factor == 'OUT OF BAND EMAIL' ) {
|
22 |
+
$Mo2fdbQueries->update_user_details( $user_id, array( 'mo2f_EmailVerification_config_status' => true ) );
|
23 |
+
} else if ( $mo2f_second_factor == 'SMS' ) {
|
24 |
+
$phone_num = $userinfo['phone'];
|
25 |
+
$Mo2fdbQueries->update_user_details( $user_id, array( 'mo2f_OTPOverSMS_config_status' => true ) );
|
26 |
+
$_SESSION['user_phone'] = $phone_num;
|
27 |
+
} else if ( in_array( $mo2f_second_factor, array(
|
28 |
+
'SOFT TOKEN',
|
29 |
+
'MOBILE AUTHENTICATION',
|
30 |
+
'PUSH NOTIFICATIONS'
|
31 |
+
) ) ) {
|
32 |
+
$Mo2fdbQueries->update_user_details( $user_id, array(
|
33 |
+
'mo2f_miniOrangeSoftToken_config_status' => true,
|
34 |
+
'mo2f_miniOrangeQRCodeAuthentication_config_status' => true,
|
35 |
+
'mo2f_miniOrangePushNotification_config_status' => true
|
36 |
+
) );
|
37 |
+
} else if ( $mo2f_second_factor == 'KBA' ) {
|
38 |
+
$Mo2fdbQueries->update_user_details( $user_id, array( 'mo2f_SecurityQuestions_config_status' => true ) );
|
39 |
+
} else if ( $mo2f_second_factor == 'GOOGLE AUTHENTICATOR' ) {
|
40 |
+
$app_type = get_user_meta( $user_id, 'mo2f_external_app_type', true );
|
41 |
+
|
42 |
+
if ( $app_type == 'Google Authenticator' ) {
|
43 |
+
$Mo2fdbQueries->update_user_details( $user_id, array(
|
44 |
+
'mo2f_GoogleAuthenticator_config_status' => true
|
45 |
+
) );
|
46 |
+
update_user_meta( $user_id, 'mo2f_external_app_type', 'Google Authenticator' );
|
47 |
+
} else if ( $app_type == 'Authy Authenticator' ) {
|
48 |
+
$Mo2fdbQueries->update_user_details( $user_id, array(
|
49 |
+
'mo2f_AuthyAuthenticator_config_status' => true
|
50 |
+
) );
|
51 |
+
update_user_meta( $user_id, 'mo2f_external_app_type', 'Authy Authenticator' );
|
52 |
+
} else {
|
53 |
+
$Mo2fdbQueries->update_user_details( $user_id, array(
|
54 |
+
'mo2f_GoogleAuthenticator_config_status' => true
|
55 |
+
) );
|
56 |
+
|
57 |
+
update_user_meta( $user_id, 'mo2f_external_app_type', 'Google Authenticator' );
|
58 |
+
}
|
59 |
+
}
|
60 |
+
|
61 |
+
return $mo2f_second_factor;
|
62 |
+
}
|
63 |
+
|
64 |
+
function mo2f_get_activated_second_factor( $user ) {
|
65 |
+
global $Mo2fdbQueries;
|
66 |
+
$user_registration_status = $Mo2fdbQueries->get_user_detail( 'mo_2factor_user_registration_status', $user->ID );
|
67 |
+
$is_customer_registered = $Mo2fdbQueries->get_user_detail( 'user_registration_with_miniorange', $user->ID ) == 'SUCCESS' ? true : false;
|
68 |
+
$useremail = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $user->ID );
|
69 |
+
|
70 |
+
if ( $user_registration_status == 'MO_2_FACTOR_SUCCESS' ) {
|
71 |
+
//checking this option for existing users
|
72 |
+
$Mo2fdbQueries->update_user_details( $user->ID, array( 'mobile_registration_status' => true ) );
|
73 |
+
$mo2f_second_factor = 'MOBILE AUTHENTICATION';
|
74 |
+
|
75 |
+
return $mo2f_second_factor;
|
76 |
+
} else if ( $user_registration_status == 'MO_2_FACTOR_INITIALIZE_TWO_FACTOR' ) {
|
77 |
+
return 'NONE';
|
78 |
+
} else {
|
79 |
+
//for new users
|
80 |
+
if ( $user_registration_status == 'MO_2_FACTOR_PLUGIN_SETTINGS' && $is_customer_registered ) {
|
81 |
+
$enduser = new Two_Factor_Setup();
|
82 |
+
$userinfo = json_decode( $enduser->mo2f_get_userinfo( $useremail ), true );
|
83 |
+
|
84 |
+
if ( json_last_error() == JSON_ERROR_NONE ) {
|
85 |
+
if ( $userinfo['status'] == 'ERROR' ) {
|
86 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( $userinfo['message'] ) );
|
87 |
+
$mo2f_second_factor = 'NONE';
|
88 |
+
} else if ( $userinfo['status'] == 'SUCCESS' ) {
|
89 |
+
$mo2f_second_factor = mo2f_update_and_sync_user_two_factor( $user->ID, $userinfo );
|
90 |
+
} else if ( $userinfo['status'] == 'FAILED' ) {
|
91 |
+
$mo2f_second_factor = 'NONE';
|
92 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ACCOUNT_REMOVED" ) );
|
93 |
+
} else {
|
94 |
+
$mo2f_second_factor = 'NONE';
|
95 |
+
}
|
96 |
+
} else {
|
97 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "INVALID_REQ" ) );
|
98 |
+
$mo2f_second_factor = 'NONE';
|
99 |
+
}
|
100 |
+
} else {
|
101 |
+
$mo2f_second_factor = 'NONE';
|
102 |
+
}
|
103 |
+
|
104 |
+
return $mo2f_second_factor;
|
105 |
+
}
|
106 |
+
}
|
107 |
+
|
108 |
+
function mo_2factor_is_curl_installed() {
|
109 |
+
if ( in_array( 'curl', get_loaded_extensions() ) ) {
|
110 |
+
return 1;
|
111 |
+
} else {
|
112 |
+
return 0;
|
113 |
+
}
|
114 |
+
}
|
115 |
+
|
116 |
+
function show_user_welcome_page( $user ) {
|
117 |
+
?>
|
118 |
+
<form name="f" method="post" action="">
|
119 |
+
<div class="mo2f_table_layout">
|
120 |
+
<div>
|
121 |
+
<center>
|
122 |
+
<p style="font-size:17px;"><?php echo mo2f_lt( 'A new security system has been enabled to better protect your account. Please configure your Two-Factor Authentication method by setting up your account.' ); ?></p>
|
123 |
+
</center>
|
124 |
+
</div>
|
125 |
+
<div id="panel1">
|
126 |
+
<table class="mo2f_settings_table">
|
127 |
+
|
128 |
+
<tr>
|
129 |
+
<td>
|
130 |
+
<center>
|
131 |
+
<div class="alert-box"><input type="email" autofocus="true" name="mo_useremail"
|
132 |
+
style="width:48%;text-align: center;height: 40px;font-size:18px;border-radius:5px;"
|
133 |
+
required
|
134 |
+
placeholder="<?php echo mo2f_lt( 'Email' ); ?>"
|
135 |
+
value="<?php echo $user->user_email; ?>"/></div>
|
136 |
+
</center>
|
137 |
+
</td>
|
138 |
+
</tr>
|
139 |
+
<tr>
|
140 |
+
<td>
|
141 |
+
<center>
|
142 |
+
<p><?php echo mo2f_lt( 'Please enter a valid email id that you have access to. You will be able to move forward after verifying an OTP that we will be sending to this email' ); ?>
|
143 |
+
.</p></center>
|
144 |
+
</td>
|
145 |
+
</tr>
|
146 |
+
<tr>
|
147 |
+
<td><input type="hidden" name="miniorange_user_reg_nonce"
|
148 |
+
value="<?php echo wp_create_nonce( 'miniorange-2-factor-user-reg-nonce' ); ?>"/>
|
149 |
+
<center><input type="submit" name="miniorange_get_started" id="miniorange_get_started"
|
150 |
+
class="button button-primary button-large extra-large"
|
151 |
+
value="<?php echo mo2f_lt( 'Get Started' ); ?>"/>
|
152 |
+
</center>
|
153 |
+
</td>
|
154 |
+
</tr>
|
155 |
+
</table>
|
156 |
+
</div>
|
157 |
+
</div>
|
158 |
+
</form>
|
159 |
+
<?php
|
160 |
+
}
|
161 |
+
|
162 |
+
function mo2f_show_user_otp_validation_page() {
|
163 |
+
?>
|
164 |
+
<!-- Enter otp -->
|
165 |
+
|
166 |
+
<div class="mo2f_table_layout">
|
167 |
+
<h3><?php echo mo2f_lt( 'Validate OTP' ); ?></h3>
|
168 |
+
<hr>
|
169 |
+
<div id="panel1">
|
170 |
+
<table class="mo2f_settings_table">
|
171 |
+
<form name="f" method="post" id="mo_2f_otp_form" action="">
|
172 |
+
<input type="hidden" name="option" value="mo_2factor_validate_user_otp"/>
|
173 |
+
<tr>
|
174 |
+
<td>
|
175 |
+
<b><font color="#FF0000">*</font><?php echo mo2f_lt( 'Enter OTP:' ); ?>
|
176 |
+
</b></td>
|
177 |
+
<td colspan="2"><input class="mo2f_table_textbox" autofocus="true" type="text" name="otp_token"
|
178 |
+
required
|
179 |
+
placeholder="<?php echo mo2f_lt( 'Enter OTP' ); ?>"
|
180 |
+
style="width:95%;"/></td>
|
181 |
+
<td>
|
182 |
+
<a href="#resendotplink"><?php echo mo2f_lt( 'Resend OTP ?' ); ?></a>
|
183 |
+
</td>
|
184 |
+
</tr>
|
185 |
+
|
186 |
+
<tr>
|
187 |
+
<td> </td>
|
188 |
+
<td style="width:17%">
|
189 |
+
<input type="submit" name="submit"
|
190 |
+
value="<?php echo mo2f_lt( 'Validate OTP' ); ?>"
|
191 |
+
class="button button-primary button-large"/></td>
|
192 |
+
|
193 |
+
</form>
|
194 |
+
<form name="f" method="post" action="">
|
195 |
+
<td>
|
196 |
+
<input type="hidden" name="option" value="mo_2factor_backto_user_registration"/>
|
197 |
+
<input type="submit" name="mo2f_goback" id="mo2f_goback"
|
198 |
+
value="<?php echo mo2f_lt( 'Back' ); ?>"
|
199 |
+
class="button button-primary button-large"/></td>
|
200 |
+
</form>
|
201 |
+
</td>
|
202 |
+
</tr>
|
203 |
+
<form name="f" method="post" action="" id="resend_otp_form">
|
204 |
+
<input type="hidden" name="option" value="mo_2factor_resend_user_otp"/>
|
205 |
+
</form>
|
206 |
+
|
207 |
+
</table>
|
208 |
+
</div>
|
209 |
+
<div>
|
210 |
+
<script>
|
211 |
+
jQuery('a[href=\"#resendotplink\"]').click(function (e) {
|
212 |
+
jQuery('#resend_otp_form').submit();
|
213 |
+
});
|
214 |
+
</script>
|
215 |
+
|
216 |
+
<br><br>
|
217 |
+
</div>
|
218 |
+
|
219 |
+
|
220 |
+
</div>
|
221 |
+
|
222 |
+
<?php
|
223 |
+
}
|
224 |
+
|
225 |
+
function mo2f_show_instruction_to_allusers( $user, $mo2f_second_factor ) {
|
226 |
+
global $Mo2fdbQueries;
|
227 |
+
|
228 |
+
$user_registration_status = $Mo2fdbQueries->get_user_detail( 'mo_2factor_user_registration_status', $user->ID );
|
229 |
+
$user_email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $user->ID );
|
230 |
+
if ( $mo2f_second_factor == 'GOOGLE AUTHENTICATOR' ) {
|
231 |
+
|
232 |
+
$app_type = get_user_meta( $user->ID, 'mo2f_external_app_type', true );
|
233 |
+
if ( $app_type == 'Google Authenticator' ) {
|
234 |
+
$mo2f_second_factor = 'Google Authenticator';
|
235 |
+
} else if ( $app_type == 'Authy Authenticator' ) {
|
236 |
+
$mo2f_second_factor = 'Authy Authenticator';
|
237 |
+
} else {
|
238 |
+
$mo2f_second_factor = 'Google Authenticator';
|
239 |
+
update_user_meta( $user->ID, 'mo2f_external_app_type', $mo2f_second_factor );
|
240 |
+
|
241 |
+
}
|
242 |
+
} else {
|
243 |
+
$mo2f_second_factor = MO2f_Utility::mo2f_decode_2_factor( $mo2f_second_factor, "servertowpdb" );
|
244 |
+
}
|
245 |
+
?>
|
246 |
+
<?php if ( current_user_can( 'manage_options' ) == false ) { ?>
|
247 |
+
<div><?php } ?>
|
248 |
+
|
249 |
+
<div class="mo2f_table_layout">
|
250 |
+
|
251 |
+
<h3><?php echo mo2f_lt( 'Your Profile' ); ?></h3>
|
252 |
+
<table border="1"
|
253 |
+
style="background-color:#FFFFFF; border:1px solid #CCCCCC; border-collapse: collapse; padding:0px 0px 0px 10px; margin:2px; width:100%">
|
254 |
+
<?php if ( current_user_can( 'manage_options' ) && get_option( 'mo2f_miniorange_admin' ) == $user->ID ) { ?>
|
255 |
+
<tr>
|
256 |
+
<td style="width:45%; padding: 10px;">
|
257 |
+
<b>miniOrange <?php echo mo2f_lt( 'Customer Email' ); ?></b>
|
258 |
+
</td>
|
259 |
+
<td style="width:55%; padding: 10px;"><?php echo get_option( 'mo2f_email' ); ?></td>
|
260 |
+
</tr>
|
261 |
+
<tr>
|
262 |
+
<td style="width:45%; padding: 10px;">
|
263 |
+
<b><?php echo mo2f_lt( 'Customer ID' ); ?></b></td>
|
264 |
+
<td style="width:55%; padding: 10px;"><?php echo get_option( 'mo2f_customerKey' ); ?></td>
|
265 |
+
</tr>
|
266 |
+
|
267 |
+
|
268 |
+
<?php
|
269 |
+
} else {
|
270 |
+
?>
|
271 |
+
<tr>
|
272 |
+
<td style="width:45%; padding: 10px;">
|
273 |
+
<b><?php echo mo2f_lt( 'User Email Registered with miniOrange' ); ?></b></td>
|
274 |
+
|
275 |
+
<td style="width:55%; padding: 10px;"><?php echo $user_email ?></td>
|
276 |
+
</tr>
|
277 |
+
<?php } ?>
|
278 |
+
|
279 |
+
<tr>
|
280 |
+
<td style="width:45%; padding: 10px;">
|
281 |
+
<b><?php echo mo2f_lt( 'Activated 2nd Factor' ); ?></b></td>
|
282 |
+
<td style="width:55%; padding: 10px;"><?php echo $mo2f_second_factor; ?>
|
283 |
+
</td>
|
284 |
+
</tr>
|
285 |
+
|
286 |
+
<tr>
|
287 |
+
<td style="width:45%; padding: 10px;">
|
288 |
+
<b><?php echo mo2f_lt( 'Wordpress user who has 2 factor enabled' ); ?></b>
|
289 |
+
</td>
|
290 |
+
<td style="width:55%; padding: 10px;"><?php echo $user->user_login; ?>
|
291 |
+
</td>
|
292 |
+
</tr>
|
293 |
+
|
294 |
+
<?php if ( current_user_can( 'manage_options' ) && get_option( 'mo2f_miniorange_admin' ) == $user->ID ) { ?>
|
295 |
+
<tr style="height:40px;">
|
296 |
+
<td style="border-right-color:white;" colspan="2"><a
|
297 |
+
target="_blank"
|
298 |
+
href="https://auth.miniorange.com/moas/idp/resetpassword"><b> <?php echo mo2f_lt( 'Click Here' ); ?>
|
299 |
+
</a> <?php echo mo2f_lt( " to reset your miniOrange account's password." ); ?></b>
|
300 |
+
</td>
|
301 |
+
|
302 |
+
</tr>
|
303 |
+
<?php } ?>
|
304 |
+
|
305 |
+
</table>
|
306 |
+
<br>
|
307 |
+
<?php if ( get_option( 'mo2f_is_NC' ) && !get_option( 'mo2f_is_NNC' ) && current_user_can( 'manage_options' ) && get_option( 'mo2f_miniorange_admin' ) == $user->ID ) { ?>
|
308 |
+
<button type="button" class="button button-primary button-large" style="float:right;" data-toggle="modal"
|
309 |
+
data-target="#deactivateAccount"><?php echo mo2f_lt( 'Deactivate plugin' ); ?></button>
|
310 |
+
|
311 |
+
<button type="button" class="button button-primary button-large" style="float:left;" data-toggle="modal"
|
312 |
+
data-target="#deactivateAndRegisterWithAnotherAccount"><?php echo mo2f_lt( 'Register with Another Email Address' ); ?></button>
|
313 |
+
|
314 |
+
<?php } ?>
|
315 |
+
|
316 |
+
</div>
|
317 |
+
<?php if ( current_user_can( 'manage_options' ) == false ) { ?>
|
318 |
+
</div><?php } ?>
|
319 |
+
<br><br>
|
320 |
+
|
321 |
+
|
322 |
+
<div id="deactivateAndRegisterWithAnotherAccount" class="mo2f_modal mo2f_modal_inner fade" role="dialog">
|
323 |
+
<div class="mo2f_modal-dialog">
|
324 |
+
<div class="login mo_customer_validation-modal-content"
|
325 |
+
style="width:660px !important;min-height:390px !important;">
|
326 |
+
<div class="mo2f_modal-header">
|
327 |
+
<button type="button" class="mo2f_close" data-dismiss="modal">×</button>
|
328 |
+
<h2 class="mo2f_modal-title">Please Note!</h2>
|
329 |
+
</div>
|
330 |
+
<div class="mo2f_modal-body">
|
331 |
+
<p style="font-size:15px;font-weight:bold">If you wish to register into the plugin with an different
|
332 |
+
email address,
|
333 |
+
please make a note of the following: </p>
|
334 |
+
<ol>
|
335 |
+
<li>All the users of your Wordpress Site who have setup 2-factor will lose their configurations,
|
336 |
+
and will have to set up 2-factor again after you register with your new email address.
|
337 |
+
</li>
|
338 |
+
<li>In miniOrange, all the users under your current account - <b><?php echo $user_email ?></b>
|
339 |
+
will have to be deleted manually since they will have to register for 2-factor
|
340 |
+
authentication again under your new account.<br>
|
341 |
+
You can do this from the <a href="https://auth.miniorange.com" target="_blank">miniOrange
|
342 |
+
Console</a> >> Users tab by logging in with <b><?php echo $user_email ?></b>.
|
343 |
+
</li>
|
344 |
+
|
345 |
+
</ol>
|
346 |
+
</div>
|
347 |
+
<div class="mo2f_modal-footer">
|
348 |
+
<form name="f" method="post" action="">
|
349 |
+
<input type="submit" style="float:right"
|
350 |
+
value="<?php echo mo2f_lt( 'Continue' ); ?>"
|
351 |
+
class="button button-primary button-large"/>
|
352 |
+
<input type="hidden" name="option" value="mo_auth_remove_account"/>
|
353 |
+
</form>
|
354 |
+
</div>
|
355 |
+
</div>
|
356 |
+
</div>
|
357 |
+
</div>
|
358 |
+
|
359 |
+
<div id="deactivateAccount" class="mo2f_modal mo2f_modal_inner fade" role="dialog">
|
360 |
+
<div class="mo2f_modal-dialog">
|
361 |
+
<div class="login mo_customer_validation-modal-content"
|
362 |
+
style="width:660px !important;min-height:350px !important;">
|
363 |
+
<div class="mo2f_modal-header">
|
364 |
+
<button type="button" class="mo2f_close" data-dismiss="modal">×</button>
|
365 |
+
<h2 class="mo2f_modal-title">Please Note!</h2>
|
366 |
+
</div>
|
367 |
+
<div class="mo2f_modal-body">
|
368 |
+
<p style="font-size:15px;font-weight:bold">Deactivating the plugin will have the following
|
369 |
+
impacts: </p>
|
370 |
+
<ol>
|
371 |
+
<li>The 2-factor configuration setup of the users of your Wordpress Site will be retained, and
|
372 |
+
when you activate the plugin again, they will be prompted for 2-factor.
|
373 |
+
</li>
|
374 |
+
<li>If you wish to register with a different email address upon reactivation, please contact us
|
375 |
+
via the support forum at the right.
|
376 |
+
</li>
|
377 |
+
|
378 |
+
</ol>
|
379 |
+
</div>
|
380 |
+
<div class="mo2f_modal-footer">
|
381 |
+
<form name="f" method="post" action="">
|
382 |
+
<input type="submit" style="float:right"
|
383 |
+
value="<?php echo mo2f_lt( 'Continue' ); ?>"
|
384 |
+
class="button button-primary button-large"/>
|
385 |
+
<input type="hidden" name="option" value="mo_auth_deactivate_account"/>
|
386 |
+
</form>
|
387 |
+
</div>
|
388 |
+
</div>
|
389 |
+
</div>
|
390 |
+
</div>
|
391 |
+
|
392 |
+
<?php
|
393 |
+
}
|
394 |
+
|
395 |
+
function mo2f_show_registration_screen($user){
|
396 |
+
global $Mo2fdbQueries;
|
397 |
+
$mo2f_current_registration_status = $Mo2fdbQueries->get_user_detail( 'mo_2factor_user_registration_status', $user->ID);
|
398 |
+
|
399 |
+
if(in_array($mo2f_current_registration_status, array("MO_2_FACTOR_OTP_DELIVERED_SUCCESS", "MO_2_FACTOR_OTP_DELIVERED_FAILURE"))){
|
400 |
+
mo2f_show_otp_validation_page( $user );
|
401 |
+
}else if($mo2f_current_registration_status == "MO_2_FACTOR_VERIFY_CUSTOMER"){
|
402 |
+
mo2f_show_verify_password_page();
|
403 |
+
}else if($mo2f_current_registration_status == "REGISTRATION_STARTED"){
|
404 |
+
mo2f_show_registration_page( $user );
|
405 |
+
}
|
406 |
+
}
|
407 |
+
|
408 |
+
function mo2f_show_2FA_configuration_screen( $user, $selected2FAmethod ) {
|
409 |
+
|
410 |
+
switch ( $selected2FAmethod ) {
|
411 |
+
case "Google Authenticator":
|
412 |
+
Miniorange_Authentication::mo2f_get_GA_parameters($user);
|
413 |
+
mo2f_configure_google_authenticator( $user );
|
414 |
+
break;
|
415 |
+
case "Authy Authenticator":
|
416 |
+
mo2f_configure_authy_authenticator( $user );
|
417 |
+
break;
|
418 |
+
case "Security Questions":
|
419 |
+
mo2f_configure_for_mobile_suppport_kba( $user );
|
420 |
+
break;
|
421 |
+
case "Email Verification":
|
422 |
+
mo2f_configure_for_mobile_suppport_kba( $user );
|
423 |
+
break;
|
424 |
+
case "OTP Over SMS":
|
425 |
+
mo2f_configure_otp_over_sms( $user );
|
426 |
+
break;
|
427 |
+
case "miniOrange Soft Token":
|
428 |
+
mo2f_configure_miniorange_authenticator( $user );
|
429 |
+
break;
|
430 |
+
case "miniOrange QR Code Authentication":
|
431 |
+
mo2f_configure_miniorange_authenticator( $user );
|
432 |
+
break;
|
433 |
+
case "miniOrange Push Notification":
|
434 |
+
mo2f_configure_miniorange_authenticator( $user );
|
435 |
+
break;
|
436 |
+
}
|
437 |
+
|
438 |
+
}
|
439 |
+
|
440 |
+
function mo2f_show_2FA_test_screen( $user, $selected2FAmethod ) {
|
441 |
+
|
442 |
+
switch ( $selected2FAmethod ) {
|
443 |
+
case "miniOrange QR Code Authentication":
|
444 |
+
mo2f_test_miniorange_qr_code_authentication( $user );
|
445 |
+
break;
|
446 |
+
case "miniOrange Push Notification":
|
447 |
+
mo2f_test_miniorange_push_notification( $user );
|
448 |
+
break;
|
449 |
+
case "miniOrange Soft Token":
|
450 |
+
mo2f_test_miniorange_soft_token( $user );
|
451 |
+
break;
|
452 |
+
case "Email Verification":
|
453 |
+
mo2f_test_email_verification();
|
454 |
+
break;
|
455 |
+
case "OTP Over SMS":
|
456 |
+
mo2f_test_otp_over_sms( $user );
|
457 |
+
break;
|
458 |
+
case "Security Questions":
|
459 |
+
mo2f_test_kba_security_questions( $user );
|
460 |
+
break;
|
461 |
+
default:
|
462 |
+
mo2f_test_google_authy_authenticator( $user, $selected2FAmethod );
|
463 |
+
}
|
464 |
+
|
465 |
+
}
|
466 |
+
|
467 |
+
|
468 |
+
function mo2f_select_2_factor_method( $user, $mo2f_second_factor ) {
|
469 |
+
global $Mo2fdbQueries;
|
470 |
+
|
471 |
+
$is_customer_admin_registered = get_option( 'mo_2factor_admin_registration_status' );
|
472 |
+
$configured_2FA_method = $Mo2fdbQueries->get_user_detail( 'mo2f_configured_2FA_method', $user->ID );
|
473 |
+
|
474 |
+
if ( $mo2f_second_factor == 'GOOGLE AUTHENTICATOR' ) {
|
475 |
+
$app_type = get_user_meta( $user->ID, 'mo2f_external_app_type', true );
|
476 |
+
|
477 |
+
if ( $app_type == 'Google Authenticator' ) {
|
478 |
+
$selectedMethod = 'Google Authenticator';
|
479 |
+
} else if ( $app_type == 'Authy Authenticator' ) {
|
480 |
+
$selectedMethod = 'Authy Authenticator';
|
481 |
+
} else {
|
482 |
+
$selectedMethod = 'Google Authenticator';
|
483 |
+
update_user_meta( $user->ID, 'mo2f_external_app_type', $selectedMethod );
|
484 |
+
}
|
485 |
+
} else {
|
486 |
+
$selectedMethod = MO2f_Utility::mo2f_decode_2_factor( $mo2f_second_factor, "servertowpdb" );
|
487 |
+
}
|
488 |
+
if ( $selectedMethod !== 'NONE' ) {
|
489 |
+
$Mo2fdbQueries->update_user_details( $user->ID, array(
|
490 |
+
'mo2f_configured_2FA_method' => $selectedMethod,
|
491 |
+
'mo2f_' . str_replace( ' ', '', $selectedMethod ) . '_config_status' => true
|
492 |
+
) );
|
493 |
+
update_option('mo2f_configured_2_factor_method', $selectedMethod);
|
494 |
+
}
|
495 |
+
|
496 |
+
if ( $configured_2FA_method == "OTP Over SMS" ) {
|
497 |
+
update_option( 'mo2f_show_sms_transaction_message', 1 );
|
498 |
+
} else {
|
499 |
+
update_option( 'mo2f_show_sms_transaction_message', 0 );
|
500 |
+
} ?>
|
501 |
+
<?php
|
502 |
+
$is_customer_admin = current_user_can( 'manage_options' ) && get_option( 'mo2f_miniorange_admin' ) == $user->ID;
|
503 |
+
$can_display_admin_features = ! $is_customer_admin_registered || $is_customer_admin ? true : false;
|
504 |
+
|
505 |
+
$is_customer_registered = $Mo2fdbQueries->get_user_detail( 'user_registration_with_miniorange', $user->ID ) == 'SUCCESS' ? true : false;
|
506 |
+
if ( get_user_meta( $user->ID, 'configure_2FA', true ) ) {
|
507 |
+
|
508 |
+
$current_selected_method = get_user_meta( $user->ID, 'mo2f_2FA_method_to_configure', true ); ?>
|
509 |
+
<div class="mo2f_setup_2_factor_tab">
|
510 |
+
<?php mo2f_show_2FA_configuration_screen( $user, $current_selected_method ); ?>
|
511 |
+
</div>
|
512 |
+
<?php } else if ( get_user_meta( $user->ID, 'test_2FA', true ) ) {
|
513 |
+
|
514 |
+
$current_selected_method = get_user_meta( $user->ID, 'mo2f_2FA_method_to_test', true ); ?>
|
515 |
+
<div class="mo2f_setup_2_factor_tab">
|
516 |
+
<?php mo2f_show_2FA_test_screen( $user, $current_selected_method ); ?>
|
517 |
+
</div>
|
518 |
+
<?php }else if ( get_user_meta( $user->ID, 'register_account', true ) && $can_display_admin_features ) {
|
519 |
+
display_customer_registration_forms( $user ); ?>
|
520 |
+
|
521 |
+
<?php } else {
|
522 |
+
$is_NC = get_option( 'mo2f_is_NC' );
|
523 |
+
|
524 |
+
?>
|
525 |
+
<div class="mo2f_setup_2_factor_tab">
|
526 |
+
|
527 |
+
<p style="float:right;">If you could not complete the setup process, <a style="font-weight:bold; color:limegreen" href="admin.php?page=miniOrange_2_factor_settings&mo2f_tab=mo2f_support">click here</a> for help.</p>
|
528 |
+
|
529 |
+
<?php if( $selectedMethod == 'NONE' ) { ?>
|
530 |
+
<p style="float:left;" ><span style="color:limegreen;font-weight:bold"><?php echo mo2f_lt( 'HOW DO I CONFIGURE 2FA?' ); ?></span>
|
531 |
+
<br>Just click on <b>Configure</b> of your preferred authentication method below.</p><br>
|
532 |
+
|
533 |
+
<?php } ?>
|
534 |
+
<br><br>
|
535 |
+
|
536 |
+
<div style="text-align: center;">
|
537 |
+
|
538 |
+
<p style="font-size:20px;color:darkorange;padding:10px;"><?php echo mo2f_lt( 'Selected Method - ' ); ?><?php echo $selectedMethod; ?></p>
|
539 |
+
<button class="button button-primary button-large"
|
540 |
+
onclick="testAuthenticationMethod('<?php echo $selectedMethod; ?>');"
|
541 |
+
<?php echo $is_customer_registered && ( $selectedMethod != 'NONE' ) ? "" : " disabled "; ?>>Test
|
542 |
+
Authentication Method
|
543 |
+
</button>
|
544 |
+
</div>
|
545 |
+
<br>
|
546 |
+
<?php if ( ! ( get_option( 'mo2f_is_NC' ) && ! get_option( 'mo2f_is_NNC' ) ) ) {
|
547 |
+
if ( in_array( $selectedMethod, array(
|
548 |
+
"Google Authenticator",
|
549 |
+
"miniOrange Soft Token",
|
550 |
+
"Authy Authenticator"
|
551 |
+
) ) ) { ?>
|
552 |
+
<div style="float:right;">
|
553 |
+
<form name="f" method="post" action="" id="mo2f_enable_2FA_on_login_page_form">
|
554 |
+
<input type="hidden" name="option" value="mo2f_enable_2FA_on_login_page_option"/>
|
555 |
+
|
556 |
+
<input type="checkbox" id="mo2f_enable_2fa_prompt_on_login_page"
|
557 |
+
name="mo2f_enable_2fa_prompt_on_login_page"
|
558 |
+
value="1" <?php checked( get_option( 'mo2f_enable_2fa_prompt_on_login_page' ) == 1 );
|
559 |
+
|
560 |
+
if ( ! in_array( $Mo2fdbQueries->get_user_detail( 'mo_2factor_user_registration_status', $user->ID ), array(
|
561 |
+
'MO_2_FACTOR_PLUGIN_SETTINGS',
|
562 |
+
'MO_2_FACTOR_INITIALIZE_TWO_FACTOR'
|
563 |
+
) ) ) {
|
564 |
+
echo 'disabled';
|
565 |
+
} ?> onChange="this.form.submit()"/>
|
566 |
+
<?php echo mo2f_lt( 'Enable 2FA prompt on the WP Login Page' ); ?>
|
567 |
+
</form>
|
568 |
+
</div>
|
569 |
+
<br>
|
570 |
+
<?php
|
571 |
+
}
|
572 |
+
}
|
573 |
+
$free_plan_existing_user = array(
|
574 |
+
"Email Verification",
|
575 |
+
"OTP Over SMS",
|
576 |
+
"Security Questions",
|
577 |
+
"miniOrange QR Code Authentication",
|
578 |
+
"miniOrange Soft Token",
|
579 |
+
"miniOrange Push Notification",
|
580 |
+
"Google Authenticator",
|
581 |
+
"Authy Authenticator"
|
582 |
+
|
583 |
+
);
|
584 |
+
|
585 |
+
$free_plan_new_user = array(
|
586 |
+
"miniOrange QR Code Authentication",
|
587 |
+
"miniOrange Soft Token",
|
588 |
+
"miniOrange Push Notification",
|
589 |
+
"Google Authenticator",
|
590 |
+
"Security Questions"
|
591 |
+
);
|
592 |
+
|
593 |
+
$standard_plan_existing_user = array(
|
594 |
+
"",
|
595 |
+
"OTP Over Email",
|
596 |
+
"OTP Over SMS and Email"
|
597 |
+
);
|
598 |
+
|
599 |
+
$standard_plan_new_user = array(
|
600 |
+
"",
|
601 |
+
"Email Verification",
|
602 |
+
"OTP Over SMS",
|
603 |
+
"OTP Over Email",
|
604 |
+
"OTP Over SMS and Email",
|
605 |
+
"Authy Authenticator"
|
606 |
+
);
|
607 |
+
|
608 |
+
$premium_plan = array(
|
609 |
+
"Hardware Token"
|
610 |
+
);
|
611 |
+
|
612 |
+
|
613 |
+
$free_plan_methods_existing_user = array_chunk( $free_plan_existing_user, 3 );
|
614 |
+
$free_plan_methods_new_user = array_chunk( $free_plan_new_user, 3 );
|
615 |
+
$standard_plan_methods_existing_user = array_chunk( $standard_plan_existing_user, 3 );
|
616 |
+
$standard_plan_methods_new_user = array_chunk( $standard_plan_new_user, 3 );
|
617 |
+
$premium_plan_methods_existing_user = array_chunk( array_merge( $standard_plan_existing_user, $premium_plan ), 3 );
|
618 |
+
$premium_plan_methods_new_user = array_chunk( array_merge( $standard_plan_new_user, $premium_plan ), 3 );
|
619 |
+
?>
|
620 |
+
<hr>
|
621 |
+
<?php if ( $is_NC && ! get_option( 'mo2f_is_NNC' ) ) {
|
622 |
+
if ( $can_display_admin_features ) { ?>
|
623 |
+
<br>
|
624 |
+
<div style="float:right;">
|
625 |
+
<form name="f" method="post" action="" id="mo2f_enable_2FA_for_users_form">
|
626 |
+
<input type="hidden" name="option" value="mo2f_enable_2FA_for_users_option"/>
|
627 |
+
|
628 |
+
<input type="checkbox" id="mo2f_enable_2fa_for_users" name="mo2f_enable_2fa_for_users"
|
629 |
+
value="1" <?php checked( get_option( 'mo2f_enable_2fa_for_users' ) == 1 );
|
630 |
+
|
631 |
+
if ( $Mo2fdbQueries->get_user_detail( 'mo_2factor_user_registration_status', $user->ID ) != 'MO_2_FACTOR_PLUGIN_SETTINGS' ) {
|
632 |
+
echo 'disabled';
|
633 |
+
} ?> onChange="this.form.submit()"/>
|
634 |
+
<?php echo mo2f_lt( 'Enable 2-factor Authentication for Users' ); ?>
|
635 |
+
</form>
|
636 |
+
</div>
|
637 |
+
<?php } else { ?>
|
638 |
+
<div style="float:right;">
|
639 |
+
<form name="f" method="post" action="" id="mo2f_enable_2FA_form">
|
640 |
+
<input type="hidden" name="option" value="mo2f_enable_2FA_option"/>
|
641 |
+
|
642 |
+
<input type="checkbox" id="mo2f_enable_2fa" name="mo2f_enable_2fa"
|
643 |
+
value="1" <?php checked( get_option( 'mo2f_enable_2fa' ) == 1 );
|
644 |
+
|
645 |
+
if ( ! in_array( $Mo2fdbQueries->get_user_detail( 'mo_2factor_user_registration_status', $user->ID ), array(
|
646 |
+
'MO_2_FACTOR_PLUGIN_SETTINGS',
|
647 |
+
'MO_2_FACTOR_INITIALIZE_TWO_FACTOR'
|
648 |
+
) ) ) {
|
649 |
+
echo 'disabled';
|
650 |
+
} ?> onChange="this.form.submit()"/>
|
651 |
+
<?php echo mo2f_lt( 'Enable 2-factor Authentication' ); ?>
|
652 |
+
</form>
|
653 |
+
</div>
|
654 |
+
<?php }
|
655 |
+
} ?>
|
656 |
+
<div class="mo2f_setup_2factor_tab">
|
657 |
+
|
658 |
+
<div>
|
659 |
+
|
660 |
+
<div>
|
661 |
+
<a class="mo2f_view_free_plan_auth_methods" onclick="show_free_plan_auth_methods()">
|
662 |
+
<img src="<?php echo plugins_url( 'includes/images/right-arrow.png"', __FILE__ ); ?>"
|
663 |
+
class="mo2f_2factor_heading_images"/>
|
664 |
+
<p class="mo2f_heading_style"><?php echo mo2f_lt( 'Authentication methods' ); ?>
|
665 |
+
<?php if ( $can_display_admin_features ) { ?>
|
666 |
+
<span style="color:limegreen">( <?php echo mo2f_lt( 'Current Plan' ); ?> )</span>
|
667 |
+
<?php } ?>
|
668 |
+
</p>
|
669 |
+
</a>
|
670 |
+
|
671 |
+
</div>
|
672 |
+
|
673 |
+
<?php echo mo2f_create_2fa_form( $user, "free_plan", $is_NC ? $free_plan_methods_new_user : $free_plan_methods_existing_user, $can_display_admin_features ); ?>
|
674 |
+
|
675 |
+
</div>
|
676 |
+
<hr>
|
677 |
+
<?php if ( $can_display_admin_features ) { ?>
|
678 |
+
<div>
|
679 |
+
<a class="mo2f_view_standard_plan_auth_methods" onclick="show_standard_plan_auth_methods()">
|
680 |
+
<img src="<?php echo plugins_url( 'includes/images/right-arrow.png"', __FILE__ ); ?>"
|
681 |
+
class="mo2f_2factor_heading_images"/>
|
682 |
+
<p class="mo2f_heading_style"><?php echo mo2f_lt( 'Standard plan - Authentication methods' ); ?>
|
683 |
+
*</p>
|
684 |
+
</a>
|
685 |
+
<?php echo mo2f_create_2fa_form( $user, "standard_plan", $is_NC ? $standard_plan_methods_new_user : $standard_plan_methods_existing_user ); ?>
|
686 |
+
</div>
|
687 |
+
<hr>
|
688 |
+
<div>
|
689 |
+
<a class="mo2f_view_premium_plan_auth_methods" onclick="show_premium_auth_methods()">
|
690 |
+
<img src="<?php echo plugins_url( 'includes/images/right-arrow.png"', __FILE__ ); ?>"
|
691 |
+
class="mo2f_2factor_heading_images"/>
|
692 |
+
<p class="mo2f_heading_style"><?php echo mo2f_lt( 'Premium plan - Authentication methods' ); ?>
|
693 |
+
*</p>
|
694 |
+
</a>
|
695 |
+
<?php echo mo2f_create_2fa_form( $user, "premium_plan", $is_NC ? $premium_plan_methods_new_user : $premium_plan_methods_existing_user ); ?>
|
696 |
+
|
697 |
+
</div>
|
698 |
+
<hr>
|
699 |
+
|
700 |
+
<br>
|
701 |
+
<p>
|
702 |
+
* <?php echo mo2f_lt( 'These authentication methods are available in the STANDARD and PREMIUM plans' ); ?>
|
703 |
+
. <a
|
704 |
+
href="admin.php?page=miniOrange_2_factor_settings&mo2f_tab=mo2f_pricing"><?php echo mo2f_lt( 'Click here' ); ?></a> <?php echo mo2f_lt( 'to learn more' ) ?>
|
705 |
+
.</a></p>
|
706 |
+
<?php } ?>
|
707 |
+
<form name="f" method="post" action="" id="mo2f_2factor_test_authentication_method_form">
|
708 |
+
<input type="hidden" name="option" value="mo_2factor_test_authentication_method"/>
|
709 |
+
<input type="hidden" name="mo2f_configured_2FA_method_test" id="mo2f_configured_2FA_method_test"/>
|
710 |
+
</form>
|
711 |
+
|
712 |
+
<form name="f" method="post" action="" id="mo2f_2factor_resume_flow_driven_setup_form">
|
713 |
+
<input type="hidden" name="option" value="mo_2factor_resume_flow_driven_setup"/>
|
714 |
+
</form>
|
715 |
+
|
716 |
+
</div>
|
717 |
+
</div>
|
718 |
+
<script>
|
719 |
+
|
720 |
+
function configureOrSet2ndFactor_free_plan(authMethod, action) {
|
721 |
+
jQuery('#mo2f_configured_2FA_method_free_plan').val(authMethod);
|
722 |
+
jQuery('#mo2f_selected_action_free_plan').val(action);
|
723 |
+
jQuery('#mo2f_save_free_plan_auth_methods_form').submit();
|
724 |
+
}
|
725 |
+
|
726 |
+
function testAuthenticationMethod(authMethod) {
|
727 |
+
jQuery('#mo2f_configured_2FA_method_test').val(authMethod);
|
728 |
+
jQuery('#loading_image').show();
|
729 |
+
|
730 |
+
jQuery('#mo2f_2factor_test_authentication_method_form').submit();
|
731 |
+
}
|
732 |
+
|
733 |
+
function resumeFlowDrivenSetup() {
|
734 |
+
jQuery('#mo2f_2factor_resume_flow_driven_setup_form').submit();
|
735 |
+
}
|
736 |
+
|
737 |
+
jQuery("#mo2f_standard_plan_auth_methods").hide();
|
738 |
+
|
739 |
+
function show_standard_plan_auth_methods() {
|
740 |
+
jQuery("#mo2f_standard_plan_auth_methods").slideToggle(1000);
|
741 |
+
jQuery("#mo2f_free_plan_auth_methods").hide();
|
742 |
+
jQuery("#mo2f_premium_plan_auth_methods").hide();
|
743 |
+
}
|
744 |
+
|
745 |
+
function show_free_plan_auth_methods() {
|
746 |
+
jQuery("#mo2f_free_plan_auth_methods").slideToggle(1000);
|
747 |
+
jQuery("#mo2f_standard_plan_auth_methods").hide();
|
748 |
+
jQuery("#mo2f_premium_plan_auth_methods").hide();
|
749 |
+
}
|
750 |
+
|
751 |
+
jQuery("#mo2f_premium_plan_auth_methods").hide();
|
752 |
+
|
753 |
+
function show_premium_auth_methods() {
|
754 |
+
jQuery("#mo2f_free_plan_auth_methods").hide();
|
755 |
+
jQuery("#mo2f_standard_plan_auth_methods").hide();
|
756 |
+
jQuery("#mo2f_premium_plan_auth_methods").slideToggle(1000);
|
757 |
+
}
|
758 |
+
|
759 |
+
jQuery("#how_to_configure_2fa").hide();
|
760 |
+
|
761 |
+
function show_how_to_configure_2fa() {
|
762 |
+
jQuery("#how_to_configure_2fa").slideToggle(700);
|
763 |
+
}
|
764 |
+
|
765 |
+
</script>
|
766 |
+
<?php } ?>
|
767 |
+
|
768 |
+
<?php
|
769 |
+
}
|
770 |
+
|
771 |
+
function mo2f_create_2fa_form( $user, $category, $auth_methods, $can_display_admin_features='' ) {
|
772 |
+
global $Mo2fdbQueries;
|
773 |
+
$all_two_factor_methods = array(
|
774 |
+
"miniOrange QR Code Authentication",
|
775 |
+
"miniOrange Soft Token",
|
776 |
+
"miniOrange Push Notification",
|
777 |
+
"Google Authenticator",
|
778 |
+
"Security Questions",
|
779 |
+
"Authy Authenticator",
|
780 |
+
"Email Verification",
|
781 |
+
"OTP Over SMS",
|
782 |
+
"OTP Over Email",
|
783 |
+
"OTP Over SMS and Email",
|
784 |
+
"Hardware Token"
|
785 |
+
);
|
786 |
+
|
787 |
+
$two_factor_methods_descriptions = array(
|
788 |
+
""=>"<b>All methods in the FREE Plan in addition to the following methods.</b>",
|
789 |
+
"miniOrange QR Code Authentication" => "Scan the QR code from the account in your miniOrange Authenticator App to login.",
|
790 |
+
"miniOrange Soft Token" => "Enter the soft token from the account in your miniOrange Authenticator App to login.",
|
791 |
+
"miniOrange Push Notification" => "Accept a push notification in your miniOrange Authenticator App to login.",
|
792 |
+
"Google Authenticator" => "Enter the soft token from the account in your Google Authenticator App to login.",
|
793 |
+
"Security Questions" => "Answer the three security questions you had set, to login.",
|
794 |
+
"Authy Authenticator" => "Enter the soft token from the account in your Authy Authenticator App to login.",
|
795 |
+
"Email Verification" => "Accept the verification link sent to your email to login.",
|
796 |
+
"OTP Over SMS" => "Enter the One Time Passcode sent to your phone to login.",
|
797 |
+
"OTP Over Email" => "Enter the One Time Passcode sent to your email to login.",
|
798 |
+
"OTP Over SMS and Email" => "Enter the One Time Passcode sent to your phone and email to login.",
|
799 |
+
"Hardware Token" => "Enter the One Time Passcode on your Hardware Token to login."
|
800 |
+
);
|
801 |
+
|
802 |
+
$two_factor_methods_EC = array_slice( $all_two_factor_methods, 0, 8 );
|
803 |
+
$two_factor_methods_NC = array_slice( $all_two_factor_methods, 0, 5 );
|
804 |
+
|
805 |
+
$is_customer_registered = $Mo2fdbQueries->get_user_detail( 'user_registration_with_miniorange', $user->ID ) == 'SUCCESS' ? true : false;
|
806 |
+
|
807 |
+
$can_user_configure_2fa_method = $can_display_admin_features || ( !$can_display_admin_features && $is_customer_registered );
|
808 |
+
$is_NC = get_option( 'mo2f_is_NC' );
|
809 |
+
$is_EC = ! $is_NC;
|
810 |
+
|
811 |
+
$form = '';
|
812 |
+
$form .= '<form name="f" method="post" action="" id="mo2f_save_' . $category . '_auth_methods_form">
|
813 |
+
<div id="mo2f_' . $category . '_auth_methods" style="background-color: #f1f1f1;">
|
814 |
+
<br>
|
815 |
+
<table class="mo2f_auth_methods_table">';
|
816 |
+
|
817 |
+
for ( $i = 0; $i < count( $auth_methods ); $i ++ ) {
|
818 |
+
|
819 |
+
$form .= '<tr>';
|
820 |
+
for ( $j = 0; $j < count( $auth_methods[ $i ] ); $j ++ ) {
|
821 |
+
$auth_method = $auth_methods[ $i ][ $j ];
|
822 |
+
$auth_method_abr = str_replace( ' ', '', $auth_method );
|
823 |
+
$configured_auth_method = $Mo2fdbQueries->get_user_detail( 'mo2f_configured_2FA_method', $user->ID );
|
824 |
+
$is_auth_method_selected = ( $configured_auth_method == $auth_method ? true : false );
|
825 |
+
|
826 |
+
$is_auth_method_av = false;
|
827 |
+
if ( ( $is_EC && in_array( $auth_method, $two_factor_methods_EC ) ) ||
|
828 |
+
( $is_NC && in_array( $auth_method, $two_factor_methods_NC ) ) ) {
|
829 |
+
$is_auth_method_av = true;
|
830 |
+
}
|
831 |
+
|
832 |
+
|
833 |
+
$thumbnail_height = $is_auth_method_av && $category == 'free_plan' ? 190 : 160;
|
834 |
+
$is_image = $auth_method == "" ? 0 :1;
|
835 |
+
|
836 |
+
$form .= '<td>
|
837 |
+
<div class="mo2f_thumbnail" style="height:' . $thumbnail_height . 'px;border-color:#ddd;">
|
838 |
+
<div><div>
|
839 |
+
<div style="width: 80px; float:left;">';
|
840 |
+
|
841 |
+
if($is_image){
|
842 |
+
$form .= '<img src="' . plugins_url( "includes/images/authmethods/" . $auth_method_abr . ".png", __FILE__ ) . '" style="width: 50px;height: 50px !important; padding: 20px; line-height: 80px;" />';
|
843 |
+
}
|
844 |
+
|
845 |
+
$form .= '</div>
|
846 |
+
<div style="width:190px; padding:20px;font-size:14px;overflow: hidden;"><b>' . $auth_method .
|
847 |
+
'</b><br>
|
848 |
+
<p style="padding:5px; padding-left:0px;"> ' . $two_factor_methods_descriptions[ $auth_method ] . '</p>
|
849 |
+
|
850 |
+
</div>
|
851 |
+
</div>
|
852 |
+
</div>';
|
853 |
+
|
854 |
+
if ( $is_auth_method_av && $category == 'free_plan' ) {
|
855 |
+
$is_auth_method_configured = $Mo2fdbQueries->get_user_detail( 'mo2f_' . $auth_method_abr . '_config_status', $user->ID );
|
856 |
+
|
857 |
+
$form .= '<div style="height:40px;width:100%;position: absolute;bottom: 0;background-color:';
|
858 |
+
$form .= $is_auth_method_selected ? '#48b74b' : '#8daddc';
|
859 |
+
|
860 |
+
$form .= ';color:white">';
|
861 |
+
if ( $auth_method != "Email Verification" ) {
|
862 |
+
$form .= '<div class="mo2f_configure_2_factor">
|
863 |
+
<button type="button" class="mo2f_configure_set_2_factor" onclick="configureOrSet2ndFactor_' . $category . '(\'' . $auth_method_abr . '\', \'configure2factor\');"';
|
864 |
+
$form .= $can_user_configure_2fa_method ? "" : " disabled ";
|
865 |
+
$form .= '>';
|
866 |
+
$form .= $is_auth_method_configured ? 'Reconfigure' : 'Configure';
|
867 |
+
$form .= '</button></div>';
|
868 |
+
}
|
869 |
+
if ( $is_auth_method_configured && ! $is_auth_method_selected ) {
|
870 |
+
$form .= '<div class="mo2f_set_2_factor">
|
871 |
+
<button type="button" class="mo2f_configure_set_2_factor" onclick="configureOrSet2ndFactor_' . $category . '(\'' . $auth_method_abr . '\', \'select2factor\');"';
|
872 |
+
$form .= $can_user_configure_2fa_method ? "" : " disabled ";
|
873 |
+
$form .= '>Set as 2-factor</button>
|
874 |
+
</div>';
|
875 |
+
}
|
876 |
+
|
877 |
+
$form .= '</div>';
|
878 |
+
|
879 |
+
}
|
880 |
+
$form .= '</div></div></td>';
|
881 |
+
}
|
882 |
+
|
883 |
+
$form .= '</tr>';
|
884 |
+
}
|
885 |
+
|
886 |
+
|
887 |
+
$form .= '</table>';
|
888 |
+
if( $category!="free_plan")
|
889 |
+
$form .= '<div style="background-color: #f1f1f1;padding:10px">
|
890 |
+
<p style="font-size:16px;margin-left: 1%">In addition to these authentication methods, for other features in this plan, <a href="admin.php?page=miniOrange_2_factor_settings&mo2f_tab=mo2f_pricing"><i>Click here.</i></a></p>
|
891 |
+
</div>';
|
892 |
+
|
893 |
+
$form .= '</div>
|
894 |
+
<input type="hidden" name="option" value="mo2f_save_' . $category . '_auth_methods" />
|
895 |
+
<input type="hidden" name="mo2f_configured_2FA_method_' . $category . '" id="mo2f_configured_2FA_method_' . $category . '" />
|
896 |
+
<input type="hidden" name="mo2f_selected_action_' . $category . '" id="mo2f_selected_action_' . $category . '" />
|
897 |
+
</form>';
|
898 |
+
|
899 |
+
return $form;
|
900 |
+
}
|
901 |
+
|
902 |
+
function show_2_factor_pricing_page( $user ) {
|
903 |
+
global $Mo2fdbQueries;
|
904 |
+
|
905 |
+
$is_NC = get_option( 'mo2f_is_NC' );
|
906 |
+
|
907 |
+
$is_customer_registered = $Mo2fdbQueries->get_user_detail( 'user_registration_with_miniorange', $user->ID ) == 'SUCCESS' ? true : false;
|
908 |
+
|
909 |
+
$mo2f_feature_set = array(
|
910 |
+
"Authentication Methods",
|
911 |
+
"No. of Users",
|
912 |
+
"Language Translation Support",
|
913 |
+
"Login with Username + password + 2FA",
|
914 |
+
"Login with Username + 2FA (skip password)",
|
915 |
+
"Backup Methods",
|
916 |
+
"Multi-Site Support",
|
917 |
+
"User role based redirection after Login",
|
918 |
+
"Add custom Security Questions (KBA)",
|
919 |
+
"Customize account name in Google Authenticator app",
|
920 |
+
"Enable 2FA for specific User Roles",
|
921 |
+
"Enable 2FA for specific Users",
|
922 |
+
"Choose specific authentication methods for Users",
|
923 |
+
"Prompt for 2FA Registration for Users at login",
|
924 |
+
"One Time Email Verification for Users during 2FA Registration",
|
925 |
+
"Enable Security Questions as backup for Users during 2FA registration",
|
926 |
+
"App Specific Password to login from mobile Apps",
|
927 |
+
"Support"
|
928 |
+
);
|
929 |
+
|
930 |
+
|
931 |
+
$two_factor_methods = array(
|
932 |
+
"miniOrange QR Code Authentication",
|
933 |
+
"miniOrange Soft Token",
|
934 |
+
"miniOrange Push Notification",
|
935 |
+
"Google Authenticator",
|
936 |
+
"Security Questions",
|
937 |
+
"Authy Authenticator",
|
938 |
+
"Email Verification",
|
939 |
+
"OTP Over SMS",
|
940 |
+
"OTP Over Email",
|
941 |
+
"OTP Over SMS and Email",
|
942 |
+
"Hardware Token"
|
943 |
+
);
|
944 |
+
|
945 |
+
$two_factor_methods_EC = array_slice( $two_factor_methods, 0, 7 );
|
946 |
+
$user_plan = get_option( 'mo2f_is_NC' ) && ! get_option( 'mo2f_is_NNC' ) ? "Unlimited" : "1";
|
947 |
+
$mo2f_feature_set_with_plans_NC = array(
|
948 |
+
"Authentication Methods" => array(
|
949 |
+
array_slice( $two_factor_methods, 0, 5 ),
|
950 |
+
array_slice( $two_factor_methods, 0, 10 ),
|
951 |
+
array_slice( $two_factor_methods, 0, 11 )
|
952 |
+
),
|
953 |
+
"No. of Users" => array(
|
954 |
+
$user_plan,
|
955 |
+
"User Based Pricing",
|
956 |
+
"User Based Pricing"
|
957 |
+
),
|
958 |
+
"Language Translation Support" => array( true, true, true ),
|
959 |
+
"Login with Username + password + 2FA" => array( true, true, true ),
|
960 |
+
"Login with Username + 2FA (skip password)" => array( false, true, true ),
|
961 |
+
"Backup Methods" => array(
|
962 |
+
false,
|
963 |
+
"KBA",
|
964 |
+
array( "KBA", "OTP Over Email", "Backup Codes" )
|
965 |
+
),
|
966 |
+
"Multi-Site Support" => array( false, true, true ),
|
967 |
+
"User role based redirection after Login" => array( false, true, true ),
|
968 |
+
"Add custom Security Questions (KBA)" => array( false, true, true ),
|
969 |
+
"Customize account name in Google Authenticator app" => array( false, true, true ),
|
970 |
+
"Enable 2FA for specific User Roles" => array( false, false, true ),
|
971 |
+
"Enable 2FA for specific Users" => array( false, false, true ),
|
972 |
+
"Choose specific authentication methods for Users" => array( false, false, true ),
|
973 |
+
"Prompt for 2FA Registration for Users at login" => array( false, false, true ),
|
974 |
+
"One Time Email Verification for Users during 2FA Registration" => array( false, false, true ),
|
975 |
+
"Enable Security Questions as backup for Users during 2FA registration" => array( false, false, true ),
|
976 |
+
"App Specific Password to login from mobile Apps" => array( false, false, true ),
|
977 |
+
"Support" => array(
|
978 |
+
"Basic Support by Email",
|
979 |
+
"Priority Support by Email",
|
980 |
+
array( "Priority Support by Email", "Priority Support with GoTo meetings" )
|
981 |
+
),
|
982 |
+
|
983 |
+
);
|
984 |
+
|
985 |
+
$mo2f_feature_set_with_plans_EC = array(
|
986 |
+
"Authentication Methods" => array(
|
987 |
+
array_slice( $two_factor_methods, 0, 8 ),
|
988 |
+
array_slice( $two_factor_methods, 0, 10 ),
|
989 |
+
array_slice( $two_factor_methods, 0, 11 )
|
990 |
+
),
|
991 |
+
"No. of Users" => array(
|
992 |
+
"1",
|
993 |
+
"User Based Pricing",
|
994 |
+
"User Based Pricing"
|
995 |
+
),
|
996 |
+
"Language Translation Support" => array( true, true, true ),
|
997 |
+
"Login with Username + password + 2FA" => array( true, true, true ),
|
998 |
+
"Login with Username + 2FA (skip password)" => array( true, true, true ),
|
999 |
+
"Backup Methods" => array(
|
1000 |
+
"KBA",
|
1001 |
+
"KBA",
|
1002 |
+
array( "KBA", "OTP Over Email", "Backup Codes" )
|
1003 |
+
),
|
1004 |
+
"Multi-Site Support" => array( false, true, true ),
|
1005 |
+
"User role based redirection after Login" => array( false, true, true ),
|
1006 |
+
"Add custom Security Questions (KBA)" => array( false, true, true ),
|
1007 |
+
"Customize account name in Google Authenticator app" => array( false, true, true ),
|
1008 |
+
"Enable 2FA for specific User Roles" => array( false, false, true ),
|
1009 |
+
"Enable 2FA for specific Users" => array( false, false, true ),
|
1010 |
+
"Choose specific authentication methods for Users" => array( false, false, true ),
|
1011 |
+
"Prompt for 2FA Registration for Users at login" => array( false, false, true ),
|
1012 |
+
"One Time Email Verification for Users during 2FA Registration" => array( false, false, true ),
|
1013 |
+
"Enable Security Questions as backup for Users during 2FA registration" => array( false, false, true ),
|
1014 |
+
"App Specific Password to login from mobile Apps" => array( false, false, true ),
|
1015 |
+
"Support" => array(
|
1016 |
+
"Basic Support by Email",
|
1017 |
+
"Priority Support by Email",
|
1018 |
+
array( "Priority Support by Email", "Priority Support with GoTo meetings" )
|
1019 |
+
),
|
1020 |
+
|
1021 |
+
);
|
1022 |
+
|
1023 |
+
$mo2f_addons = array(
|
1024 |
+
"RBA & Trusted Devices Management Add-on",
|
1025 |
+
"Personalization Add-on",
|
1026 |
+
"Short Codes Add-on"
|
1027 |
+
);
|
1028 |
+
$mo2f_addons_plan_name = array(
|
1029 |
+
"RBA & Trusted Devices Management Add-on" => "wp_2fa_addon_rba",
|
1030 |
+
"Personalization Add-on" => "wp_2fa_addon_personalization",
|
1031 |
+
"Short Codes Add-on" => "wp_2fa_addon_shortcode"
|
1032 |
+
);
|
1033 |
+
|
1034 |
+
|
1035 |
+
$mo2f_addons_with_features = array(
|
1036 |
+
"Personalization Add-on" => array(
|
1037 |
+
"Custom UI of 2FA popups",
|
1038 |
+
"Custom Email and SMS Templates",
|
1039 |
+
"Customize 'powered by' Logo",
|
1040 |
+
"Customize Plugin Icon",
|
1041 |
+
"Customize Plugin Name",
|
1042 |
+
"Add Recaptcha on Login Page"
|
1043 |
+
),
|
1044 |
+
"RBA & Trusted Devices Management Add-on" => array(
|
1045 |
+
"Remember Device",
|
1046 |
+
"Set Device Limit for the users to login",
|
1047 |
+
"IP Restriction: Limit users to login from specific IPs"
|
1048 |
+
),
|
1049 |
+
"Short Codes Add-on" => array(
|
1050 |
+
"Option to turn on/off 2-factor by user",
|
1051 |
+
"Option to configure the Google Authenticator and Security Questions by user",
|
1052 |
+
"Option to 'Enable Remember Device' from a custom login form",
|
1053 |
+
"On-Demand ShortCodes for specific fuctionalities ( like for enabling 2FA for specific pages)"
|
1054 |
+
)
|
1055 |
+
);
|
1056 |
+
?>
|
1057 |
+
<div class="mo2f_licensing_plans">
|
1058 |
+
|
1059 |
+
<table class="table mo_table-bordered mo_table-striped">
|
1060 |
+
<thead>
|
1061 |
+
<tr class="mo2f_licensing_plans_tr">
|
1062 |
+
<th width="25%">
|
1063 |
+
<h3>Features \ Plans</h3></th>
|
1064 |
+
<th class="text-center" width="25%"><h3>Free</h3>
|
1065 |
+
|
1066 |
+
<p class="mo2f_licensing_plans_plan_desc">Basic 2FA for Small Scale Web Businesses</p><br></th>
|
1067 |
+
<th class="text-center" width="25%"><h3>Standard</h3>
|
1068 |
+
|
1069 |
+
<p class="mo2f_licensing_plans_plan_desc">Intermediate 2FA for Medium Scale Web Businesses with
|
1070 |
+
basic support</p><span><br>
|
1071 |
+
<?php echo mo2f_yearly_standard_pricing(); ?>
|
1072 |
+
|
1073 |
+
<?php echo mo2f_sms_cost();
|
1074 |
+
if( $is_customer_registered) {
|
1075 |
+
?>
|
1076 |
+
<h4 class="mo2f_pricing_sub_header" style="padding-bottom:8px !important;"><button
|
1077 |
+
class="button button-primary button-large"
|
1078 |
+
onclick="mo2f_upgradeform('wp_2fa_basic_plan')" >Upgrade</button></h4>
|
1079 |
+
<?php }else{ ?>
|
1080 |
+
|
1081 |
+
<h4 class="mo2f_pricing_sub_header" style="padding-bottom:8px !important;"><button
|
1082 |
+
class="button button-primary button-large"
|
1083 |
+
onclick="mo2f_register_and_upgradeform('wp_2fa_basic_plan')" >Upgrade</button></h4>
|
1084 |
+
<?php } ?>
|
1085 |
+
<br>
|
1086 |
+
</span></h3>
|
1087 |
+
</th>
|
1088 |
+
|
1089 |
+
<th class="text-center" width="25%"><h3>Premium</h3>
|
1090 |
+
|
1091 |
+
<p class="mo2f_licensing_plans_plan_desc" style="margin:16px 0 26px 0 ">Advanced and Intuitive
|
1092 |
+
2FA for Large Scale Web businesses with enterprise-grade support</p><span>
|
1093 |
+
<?php echo mo2f_yearly_premium_pricing(); ?>
|
1094 |
+
<?php echo mo2f_sms_cost();
|
1095 |
+
if( $is_customer_registered) {
|
1096 |
+
?>
|
1097 |
+
<h4 class="mo2f_pricing_sub_header" style="padding-bottom:8px !important;"><button
|
1098 |
+
class="button button-primary button-large"
|
1099 |
+
onclick="mo2f_upgradeform('wp_2fa_premium_plan')" >Upgrade</button></h4>
|
1100 |
+
<?php }else{ ?>
|
1101 |
+
|
1102 |
+
<h4 class="mo2f_pricing_sub_header" style="padding-bottom:8px !important;"><button
|
1103 |
+
class="button button-primary button-large"
|
1104 |
+
onclick="mo2f_register_and_upgradeform('wp_2fa_premium_plan')" >Upgrade</button></h4>
|
1105 |
+
<?php } ?>
|
1106 |
+
<br>
|
1107 |
+
</span></h3>
|
1108 |
+
</th>
|
1109 |
+
|
1110 |
+
</tr>
|
1111 |
+
</thead>
|
1112 |
+
<tbody class="mo_align-center mo-fa-icon">
|
1113 |
+
<?php for ( $i = 0; $i < count( $mo2f_feature_set ); $i ++ ) { ?>
|
1114 |
+
<tr>
|
1115 |
+
<td><?php
|
1116 |
+
$feature_set = $mo2f_feature_set[ $i ];
|
1117 |
+
|
1118 |
+
echo $feature_set;
|
1119 |
+
?></td>
|
1120 |
+
|
1121 |
+
|
1122 |
+
<?php if ( $is_NC ) {
|
1123 |
+
$f_feature_set_with_plan = $mo2f_feature_set_with_plans_NC[ $feature_set ];
|
1124 |
+
} else {
|
1125 |
+
$f_feature_set_with_plan = $mo2f_feature_set_with_plans_EC[ $feature_set ];
|
1126 |
+
}
|
1127 |
+
?>
|
1128 |
+
<td><?php
|
1129 |
+
if ( is_array( $f_feature_set_with_plan[0] ) ) {
|
1130 |
+
echo mo2f_create_li( $f_feature_set_with_plan[0] );
|
1131 |
+
} else {
|
1132 |
+
if ( gettype( $f_feature_set_with_plan[0] ) == "boolean" ) {
|
1133 |
+
echo mo2f_get_binary_equivalent( $f_feature_set_with_plan[0] );
|
1134 |
+
} else {
|
1135 |
+
echo $f_feature_set_with_plan[0];
|
1136 |
+
}
|
1137 |
+
} ?>
|
1138 |
+
</td>
|
1139 |
+
<td><?php
|
1140 |
+
if ( is_array( $f_feature_set_with_plan[1] ) ) {
|
1141 |
+
echo mo2f_create_li( $f_feature_set_with_plan[1] );
|
1142 |
+
} else {
|
1143 |
+
if ( gettype( $f_feature_set_with_plan[1] ) == "boolean" ) {
|
1144 |
+
echo mo2f_get_binary_equivalent( $f_feature_set_with_plan[1] );
|
1145 |
+
} else {
|
1146 |
+
echo $f_feature_set_with_plan[1];
|
1147 |
+
}
|
1148 |
+
} ?>
|
1149 |
+
</td>
|
1150 |
+
<td><?php
|
1151 |
+
if ( is_array( $f_feature_set_with_plan[2] ) ) {
|
1152 |
+
echo mo2f_create_li( $f_feature_set_with_plan[2] );
|
1153 |
+
} else {
|
1154 |
+
if ( gettype( $f_feature_set_with_plan[2] ) == "boolean" ) {
|
1155 |
+
echo mo2f_get_binary_equivalent( $f_feature_set_with_plan[2] );
|
1156 |
+
} else {
|
1157 |
+
echo $f_feature_set_with_plan[2];
|
1158 |
+
}
|
1159 |
+
} ?>
|
1160 |
+
</td>
|
1161 |
+
</tr>
|
1162 |
+
<?php } ?>
|
1163 |
+
|
1164 |
+
<tr>
|
1165 |
+
<td><b>Add-Ons</b></td>
|
1166 |
+
<?php if ( $is_NC ) { ?>
|
1167 |
+
<td><b>Purchase Separately</b></td>
|
1168 |
+
<?php } else { ?>
|
1169 |
+
<td><b>NA</b></td>
|
1170 |
+
<?php } ?>
|
1171 |
+
<td><b>Purchase Separately</b></td>
|
1172 |
+
<td><b>Included</b></td>
|
1173 |
+
</tr>
|
1174 |
+
<?php for ( $i = 0; $i < count( $mo2f_addons ); $i ++ ) { ?>
|
1175 |
+
<tr>
|
1176 |
+
<td><?php echo $mo2f_addons[ $i ]; ?> <?php for ( $j = 0; $j < $i + 1; $j ++ ) { ?>*<?php } ?>
|
1177 |
+
</td>
|
1178 |
+
<?php if ( $is_NC ) { ?>
|
1179 |
+
<td>
|
1180 |
+
<button class="button button-primary button-small" style="cursor:pointer"
|
1181 |
+
onclick="mo2f_upgradeform('<?php echo $mo2f_addons_plan_name[ $mo2f_addons[ $i ] ]; ?>')" <?php echo $is_customer_registered ? "" : " disabled " ?> >
|
1182 |
+
Purchase
|
1183 |
+
</
|
1184 |
+
>
|
1185 |
+
</td>
|
1186 |
+
<?php } else { ?>
|
1187 |
+
<td><b>NA</b></td>
|
1188 |
+
<?php } ?>
|
1189 |
+
<td>
|
1190 |
+
<button class="button button-primary button-small" style="cursor:pointer"
|
1191 |
+
onclick="mo2f_upgradeform('<?php echo $mo2f_addons_plan_name[ $mo2f_addons[ $i ] ]; ?>')" <?php echo $is_customer_registered ? "" : " disabled " ?> >
|
1192 |
+
Purchase
|
1193 |
+
</button>
|
1194 |
+
</td>
|
1195 |
+
<td><i class='fa fa-check'></i></td>
|
1196 |
+
</tr>
|
1197 |
+
<?php } ?>
|
1198 |
+
|
1199 |
+
</tbody>
|
1200 |
+
</table>
|
1201 |
+
<br>
|
1202 |
+
<div style="padding:10px;">
|
1203 |
+
<?php for ( $i = 0; $i < count( $mo2f_addons ); $i ++ ) {
|
1204 |
+
$f_feature_set_of_addons = $mo2f_addons_with_features[ $mo2f_addons[ $i ] ];
|
1205 |
+
for ( $j = 0; $j < $i + 1; $j ++ ) { ?>*<?php } ?>
|
1206 |
+
<b><?php echo $mo2f_addons[ $i ]; ?> Features</b>
|
1207 |
+
<br>
|
1208 |
+
<ol>
|
1209 |
+
<?php for ( $k = 0; $k < count( $f_feature_set_of_addons ); $k ++ ) { ?>
|
1210 |
+
<li><?php echo $f_feature_set_of_addons[ $k ]; ?></li>
|
1211 |
+
<?php } ?>
|
1212 |
+
</ol>
|
1213 |
+
|
1214 |
+
<hr><br>
|
1215 |
+
<?php } ?>
|
1216 |
+
<b>**** SMS Charges</b>
|
1217 |
+
<p><?php echo mo2f_lt( 'If you wish to choose OTP Over SMS / OTP Over SMS and Email as your authentication method,
|
1218 |
+
SMS transaction prices & SMS delivery charges apply and they depend on country. SMS validity is for lifetime.' ); ?></p>
|
1219 |
+
<hr>
|
1220 |
+
<br>
|
1221 |
+
<div>
|
1222 |
+
<h2>Note</h2>
|
1223 |
+
<ol class="mo2f_licensing_plans_ol">
|
1224 |
+
<li><?php echo mo2f_lt( 'The plugin works with many of the default custom login forms (like Woocommerce / Theme My Login), however if you face any issues with your custom login form, contact us and we will help you with it.' ); ?></li>
|
1225 |
+
</ol>
|
1226 |
+
</div>
|
1227 |
+
|
1228 |
+
<br>
|
1229 |
+
<hr>
|
1230 |
+
<br>
|
1231 |
+
<div>
|
1232 |
+
<h2>Steps to upgrade to the Premium Plan</h2>
|
1233 |
+
<ol class="mo2f_licensing_plans_ol">
|
1234 |
+
<li><?php echo mo2f_lt( 'Click on \'Upgrade\' button of your preferred plan above.' ); ?></li>
|
1235 |
+
<li><?php echo mo2f_lt( ' You will be redirected to the miniOrange Console. Enter your miniOrange username and password, after which you will be redirected to the payment page.' ); ?></li>
|
1236 |
+
|
1237 |
+
<li><?php echo mo2f_lt( 'Select the number of users you wish to upgrade for, and any add-ons if you wish to purchase, and make the payment.' ); ?></li>
|
1238 |
+
<li><?php echo mo2f_lt( 'After making the payment, you can find the Standard/Premium plugin to download from the \'License\' tab in the left navigation bar of the miniOrange Console.' ); ?></li>
|
1239 |
+
<li><?php echo mo2f_lt( 'Download the premium plugin from the miniOrange Console.' ); ?></li>
|
1240 |
+
<li><?php echo mo2f_lt( 'In the Wordpress dashboard, uninstall the free plugin and install the premium plugin downloaded.' ); ?></li>
|
1241 |
+
<li><?php echo mo2f_lt( 'Login to the premium plugin with the miniOrange account you used to make the payment, after this your users will be able to set up 2FA.' ); ?></li>
|
1242 |
+
</ol>
|
1243 |
+
</div>
|
1244 |
+
<div>
|
1245 |
+
<h2>Note</h2>
|
1246 |
+
<ul class="mo2f_licensing_plans_ol">
|
1247 |
+
<li><?php echo mo2f_lt( 'There is no license key required to activate the Standard/Premium Plugins. You will have to just login with the miniOrange Account you used to make the purchase.' ); ?></li>
|
1248 |
+
</ul>
|
1249 |
+
</div>
|
1250 |
+
|
1251 |
+
<br>
|
1252 |
+
<hr>
|
1253 |
+
<br>
|
1254 |
+
<div>
|
1255 |
+
<h2>Refund Policy</h2>
|
1256 |
+
<p class="mo2f_licensing_plans_ol"><?php echo mo2f_lt( 'At miniOrange, we want to ensure you are 100% happy with your purchase. If the premium plugin you purchased is not working as advertised and you\'ve attempted to resolve any issues with our support team, which couldn\'t get resolved then we will refund the whole amount within 10 days of the purchase.' ); ?>
|
1257 |
+
</p>
|
1258 |
+
</div>
|
1259 |
+
<br>
|
1260 |
+
<hr>
|
1261 |
+
<br>
|
1262 |
+
<div>
|
1263 |
+
<h2>Privacy Policy</h2>
|
1264 |
+
<p class="mo2f_licensing_plans_ol"><a
|
1265 |
+
href="https://www.miniorange.com/2-factor-authentication-for-wordpress-gdpr">Click Here</a>
|
1266 |
+
to read our Privacy Policy.
|
1267 |
+
</p>
|
1268 |
+
</div>
|
1269 |
+
<br>
|
1270 |
+
<hr>
|
1271 |
+
<br>
|
1272 |
+
<div>
|
1273 |
+
<h2>Contact Us</h2>
|
1274 |
+
<p class="mo2f_licensing_plans_ol"><?php echo mo2f_lt( 'If you have any doubts regarding the licensing plans, you can mail us at' ); ?>
|
1275 |
+
<a href="mailto:info@miniorange.com"><i>info@miniorange.com</i></a> <?php echo mo2f_lt( 'or submit a query using the support form.' ); ?>
|
1276 |
+
</p>
|
1277 |
+
</div>
|
1278 |
+
<br>
|
1279 |
+
<hr>
|
1280 |
+
<br>
|
1281 |
+
|
1282 |
+
<form class="mo2f_display_none_forms" id="mo2fa_loginform"
|
1283 |
+
action="<?php echo get_option( 'mo2f_host_name' ) . '/moas/login'; ?>"
|
1284 |
+
target="_blank" method="post">
|
1285 |
+
<input type="email" name="username" value="<?php echo get_option( 'mo2f_email' ); ?>"/>
|
1286 |
+
<input type="text" name="redirectUrl"
|
1287 |
+
value="<?php echo get_option( 'mo2f_host_name' ) . '/moas/initializepayment'; ?>"/>
|
1288 |
+
<input type="text" name="requestOrigin" id="requestOrigin"/>
|
1289 |
+
</form>
|
1290 |
+
|
1291 |
+
<form class="mo2f_display_none_forms" id="mo2fa_register_to_upgrade_form"
|
1292 |
+
method="post">
|
1293 |
+
<input type="hidden" name="requestOrigin" />
|
1294 |
+
<input type="hidden" name="mo2fa_register_to_upgrade_nonce"
|
1295 |
+
value="<?php echo wp_create_nonce( 'miniorange-2-factor-user-reg-to-upgrade-nonce' ); ?>"/>
|
1296 |
+
</form>
|
1297 |
+
|
1298 |
+
<script>
|
1299 |
+
|
1300 |
+
function mo2f_upgradeform(planType) {
|
1301 |
+
jQuery('#requestOrigin').val(planType);
|
1302 |
+
jQuery('#mo2fa_loginform').submit();
|
1303 |
+
}
|
1304 |
+
|
1305 |
+
function mo2f_register_and_upgradeform(planType) {
|
1306 |
+
jQuery('#requestOrigin').val(planType);
|
1307 |
+
jQuery('input[name="requestOrigin"]').val(planType);
|
1308 |
+
jQuery('#mo2fa_register_to_upgrade_form').submit();
|
1309 |
+
}
|
1310 |
+
</script>
|
1311 |
+
|
1312 |
+
<style>#mo2f_support_table {
|
1313 |
+
display: none;
|
1314 |
+
}
|
1315 |
+
|
1316 |
+
</style>
|
1317 |
+
</div>
|
1318 |
+
</div>
|
1319 |
+
|
1320 |
+
<?php }
|
1321 |
+
|
1322 |
+
function mo2f_create_li( $mo2f_array ) {
|
1323 |
+
$html_ol = '<ul>';
|
1324 |
+
foreach ( $mo2f_array as $element ) {
|
1325 |
+
$html_ol .= "<li>" . $element . "</li>";
|
1326 |
+
}
|
1327 |
+
$html_ol .= '</ul>';
|
1328 |
+
|
1329 |
+
return $html_ol;
|
1330 |
+
}
|
1331 |
+
|
1332 |
+
function mo2f_sms_cost() {
|
1333 |
+
?>
|
1334 |
+
<p class="mo2f_pricing_text" id="mo2f_sms_cost"
|
1335 |
+
title="<?php echo mo2f_lt( '(Only applicable if OTP over SMS is your preferred authentication method.)' ); ?>"><?php echo mo2f_lt( 'SMS Cost' ); ?>
|
1336 |
+
****<br/>
|
1337 |
+
<select id="mo2f_sms" class="form-control" style="border-radius:5px;width:200px;">
|
1338 |
+
<option><?php echo mo2f_lt( '$5 per 100 OTP + SMS delivery charges' ); ?></option>
|
1339 |
+
<option><?php echo mo2f_lt( '$15 per 500 OTP + SMS delivery charges' ); ?></option>
|
1340 |
+
<option><?php echo mo2f_lt( '$22 per 1k OTP + SMS delivery charges' ); ?></option>
|
1341 |
+
<option><?php echo mo2f_lt( '$30 per 5k OTP + SMS delivery charges' ); ?></option>
|
1342 |
+
<option><?php echo mo2f_lt( '$40 per 10k OTP + SMS delivery charges' ); ?></option>
|
1343 |
+
<option><?php echo mo2f_lt( '$90 per 50k OTP + SMS delivery charges' ); ?></option>
|
1344 |
+
</select>
|
1345 |
+
</p>
|
1346 |
+
<?php
|
1347 |
+
}
|
1348 |
+
|
1349 |
+
function mo2f_yearly_standard_pricing() {
|
1350 |
+
?>
|
1351 |
+
|
1352 |
+
<p class="mo2f_pricing_text"
|
1353 |
+
id="mo2f_yearly_sub"><?php echo __( 'Yearly Subscription Fees', 'miniorange-2-factor-authentication' ); ?>
|
1354 |
+
|
1355 |
+
<select id="mo2f_yearly" class="form-control" style="border-radius:5px;width:200px;">
|
1356 |
+
<option> <?php echo mo2f_lt( '1 - 2 users - $5 per year' ); ?> </option>
|
1357 |
+
<option> <?php echo mo2f_lt( '3 - 5 users - $20 per year' ); ?> </option>
|
1358 |
+
<option> <?php echo mo2f_lt( '6 - 50 users - $30 per year' ); ?> </option>
|
1359 |
+
<option> <?php echo mo2f_lt( '51 - 100 users - $49 per year' ); ?> </option>
|
1360 |
+
<option> <?php echo mo2f_lt( '101 - 500 users - $99 per year' ); ?> </option>
|
1361 |
+
<option> <?php echo mo2f_lt( '501 - 1000 users - $199 per year' ); ?> </option>
|
1362 |
+
<option> <?php echo mo2f_lt( '1001 - 5000 users - $299 per year' ); ?> </option>
|
1363 |
+
<option> <?php echo mo2f_lt( '5001 - 10000 users - $499 per year' ); ?></option>
|
1364 |
+
<option> <?php echo mo2f_lt( '10001 - 20000 users - $799 per year' ); ?> </option>
|
1365 |
+
</select>
|
1366 |
+
</p>
|
1367 |
+
<?php
|
1368 |
+
}
|
1369 |
+
|
1370 |
+
function mo2f_yearly_premium_pricing() {
|
1371 |
+
?>
|
1372 |
+
|
1373 |
+
<p class="mo2f_pricing_text"
|
1374 |
+
id="mo2f_yearly_sub"><?php echo __( 'Yearly Subscription Fees', 'miniorange-2-factor-authentication' ); ?>
|
1375 |
+
|
1376 |
+
<select id="mo2f_yearly" class="form-control" style="border-radius:5px;width:200px;">
|
1377 |
+
<option> <?php echo mo2f_lt( '1 - 5 users - $30 per year' ); ?> </option>
|
1378 |
+
<option> <?php echo mo2f_lt( '6 - 50 users - $99 per year' ); ?> </option>
|
1379 |
+
<option> <?php echo mo2f_lt( '51 - 100 users - $199 per year' ); ?> </option>
|
1380 |
+
<option> <?php echo mo2f_lt( '101 - 500 users - $349 per year' ); ?> </option>
|
1381 |
+
<option> <?php echo mo2f_lt( '501 - 1000 users - $499 per year' ); ?> </option>
|
1382 |
+
<option> <?php echo mo2f_lt( '1001 - 5000 users - $799 per year' ); ?> </option>
|
1383 |
+
<option> <?php echo mo2f_lt( '5001 - 10000 users - $999 per year ' ); ?></option>
|
1384 |
+
<option> <?php echo mo2f_lt( '10001 - 20000 users - $1449 per year' ); ?> </option>
|
1385 |
+
</select>
|
1386 |
+
</p>
|
1387 |
+
<?php
|
1388 |
+
}
|
1389 |
+
|
1390 |
+
function mo2f_get_binary_equivalent( $mo2f_var ) {
|
1391 |
+
|
1392 |
+
switch ( $mo2f_var ) {
|
1393 |
+
case 1:
|
1394 |
+
return "<i class='fa fa-check'></i>";
|
1395 |
+
case 0:
|
1396 |
+
return "";
|
1397 |
+
default:
|
1398 |
+
return $mo2f_var;
|
1399 |
+
}
|
1400 |
+
} ?>
|
miniorange_2_factor_settings.php
ADDED
@@ -0,0 +1,2411 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
/**
|
3 |
+
* Plugin Name: miniOrange 2 Factor Authentication
|
4 |
+
* Plugin URI: https://miniorange.com
|
5 |
+
* Description: This plugin provides various two-factor authentication methods as an additional layer of security after the default wordpress login. We Support Google Authenticator, QR Code, Push Notification, Soft Token and Security Questions(KBA) for 1 User in the free version of the plugin.
|
6 |
+
* Version: 5.1.7
|
7 |
+
* Author: miniOrange
|
8 |
+
* Author URI: https://miniorange.com
|
9 |
+
* License: GPL2
|
10 |
+
*/
|
11 |
+
include_once dirname( __FILE__ ) . '/miniorange_2_factor_configuration.php';
|
12 |
+
include_once dirname( __FILE__ ) . '/miniorange_2_factor_mobile_configuration.php';
|
13 |
+
include_once dirname( __FILE__ ) . '/class-rba-attributes.php';
|
14 |
+
include_once dirname( __FILE__ ) . '/class-two-factor-setup.php';
|
15 |
+
include_once dirname( __FILE__ ) . '/class-customer-setup.php';
|
16 |
+
include_once dirname( __FILE__ ) . '/database/database_functions.php';
|
17 |
+
include dirname( __FILE__ ) . '/views/feedback_form.php';
|
18 |
+
include dirname( __FILE__ ) . '/views/test_2fa_notification.php';
|
19 |
+
include dirname( __FILE__ ) . '/views/customer_registration.php';
|
20 |
+
require( 'class-utility.php' );
|
21 |
+
require( 'class-mo2f-constants.php' );
|
22 |
+
require( 'class-miniorange-2-factor-login.php' );
|
23 |
+
require( 'miniorange_2_factor_support.php' );
|
24 |
+
require( 'class-miniorange-2-factor-user-registration.php' );
|
25 |
+
require( 'class-miniorange-2-factor-pass2fa-login.php' );
|
26 |
+
define( 'MOAUTH_PATH', plugins_url( __FILE__ ) );
|
27 |
+
|
28 |
+
|
29 |
+
class Miniorange_Authentication {
|
30 |
+
|
31 |
+
private $defaultCustomerKey = "16555";
|
32 |
+
private $defaultApiKey = "fFd2XcvTGDemZvbw1bcUesNJWEqKbbUq";
|
33 |
+
|
34 |
+
function __construct() {
|
35 |
+
|
36 |
+
add_option( 'mo2f_inline_registration', 0 );
|
37 |
+
add_option( 'mo2f_activate_plugin', 1 );
|
38 |
+
add_option( 'mo2f_login_option', 1 );
|
39 |
+
add_option( 'mo2f_number_of_transactions', 1 );
|
40 |
+
add_option( 'mo2f_set_transactions', 0 );
|
41 |
+
add_option( 'mo2f_enable_forgotphone', 1 );
|
42 |
+
add_option( 'mo2f_enable_2fa_for_users', 1 );
|
43 |
+
add_option( 'mo2f_enable_2fa_prompt_on_login_page', 0 );
|
44 |
+
add_option( 'mo2f_enable_xmlrpc', 0 );
|
45 |
+
add_option( 'mo2f_show_sms_transaction_message', 0 );
|
46 |
+
add_option( 'mo2f_custom_plugin_name', 'miniOrange 2-Factor' );
|
47 |
+
add_action( 'admin_menu', array( $this, 'miniorange_auth_menu' ) );
|
48 |
+
add_action( 'admin_init', array( $this, 'miniorange_auth_save_settings' ) );
|
49 |
+
add_action( 'admin_enqueue_scripts', array( $this, 'plugin_settings_style' ) );
|
50 |
+
add_action( 'admin_enqueue_scripts', array( $this, 'plugin_settings_script' ) );
|
51 |
+
add_action( 'admin_notices', array( $this, 'get_customer_SMS_transactions' ) );
|
52 |
+
add_action( 'admin_notices', array( $this, 'prompt_user_to_setup_two_factor' ) );
|
53 |
+
add_action( 'plugins_loaded', array( $this, 'mo2fa_load_textdomain' ) );
|
54 |
+
add_action( 'plugins_loaded', array( $this, 'mo2f_update_db_check' ) );
|
55 |
+
add_action( 'admin_footer', array( $this, 'feedback_request' ) );
|
56 |
+
|
57 |
+
remove_action( 'admin_notices', array( $this, 'mo_auth_success_message' ) );
|
58 |
+
remove_action( 'admin_notices', array( $this, 'mo_auth_error_message' ) );
|
59 |
+
|
60 |
+
register_activation_hook( __FILE__, array( $this, 'mo_auth_activate' ) );
|
61 |
+
register_deactivation_hook( __FILE__, array( $this, 'mo_auth_deactivate' ) );
|
62 |
+
$this->define_global();
|
63 |
+
|
64 |
+
global $wp_roles;
|
65 |
+
|
66 |
+
if ( ! isset( $wp_roles ) ) {
|
67 |
+
$wp_roles = new WP_Roles();
|
68 |
+
}
|
69 |
+
|
70 |
+
if ( get_option( 'mo2f_admin_disabled_status' ) == 1 || get_option( 'mo2f_admin_disabled_status' ) == 0 ) {
|
71 |
+
if ( get_option( 'mo2f_admin_disabled_status' ) == 1 ) {
|
72 |
+
add_option( 'mo2fa_administrator', 1 );
|
73 |
+
} else {
|
74 |
+
foreach ( $wp_roles->role_names as $id => $name ) {
|
75 |
+
add_option( 'mo2fa_' . $id, 1 );
|
76 |
+
}
|
77 |
+
}
|
78 |
+
delete_option( 'mo2f_admin_disabled_status' );
|
79 |
+
} else {
|
80 |
+
foreach ( $wp_roles->role_names as $id => $name ) {
|
81 |
+
add_option( 'mo2fa_' . $id, 1 );
|
82 |
+
}
|
83 |
+
}
|
84 |
+
|
85 |
+
if ( get_option( 'mo2f_activate_plugin' ) == 1 ) {
|
86 |
+
|
87 |
+
$mo2f_rba_attributes = new Miniorange_Rba_Attributes();
|
88 |
+
$pass2fa_login = new Miniorange_Password_2Factor_Login();
|
89 |
+
$mo2f_2factor_setup = new Two_Factor_Setup();
|
90 |
+
add_action( 'init', array( $pass2fa_login, 'miniorange_pass2login_redirect' ) );
|
91 |
+
//for shortcode addon
|
92 |
+
add_filter( 'mo2f_shortcode_rba_gauth', array( $mo2f_rba_attributes, 'mo2f_validate_google_auth' ), 10, 3 );
|
93 |
+
add_filter( 'mo2f_shortcode_kba', array( $mo2f_2factor_setup, 'register_kba_details' ), 10, 7 );
|
94 |
+
add_filter( 'mo2f_update_info', array( $mo2f_2factor_setup, 'mo2f_update_userinfo' ), 10, 5 );
|
95 |
+
add_action( 'mo2f_shortcode_form_fields', array(
|
96 |
+
$pass2fa_login,
|
97 |
+
'miniorange_pass2login_form_fields'
|
98 |
+
), 10, 4 );
|
99 |
+
add_filter( 'mo2f_gauth_service', array( $mo2f_rba_attributes, 'mo2f_google_auth_service' ), 10, 1 );
|
100 |
+
|
101 |
+
|
102 |
+
if ( get_option( 'mo2f_login_option' ) ) { //password + 2nd factor enabled
|
103 |
+
if ( get_option( 'mo_2factor_admin_registration_status' ) == 'MO_2_FACTOR_CUSTOMER_REGISTERED_SUCCESS' ) {
|
104 |
+
|
105 |
+
remove_filter( 'authenticate', 'wp_authenticate_username_password', 20 );
|
106 |
+
add_filter( 'authenticate', array( $pass2fa_login, 'mo2f_check_username_password' ), 99999, 4 );
|
107 |
+
add_action( 'init', array( $pass2fa_login, 'miniorange_pass2login_redirect' ) );
|
108 |
+
add_action( 'login_form', array(
|
109 |
+
$pass2fa_login,
|
110 |
+
'mo_2_factor_pass2login_show_wp_login_form'
|
111 |
+
), 10 );
|
112 |
+
|
113 |
+
if ( get_option( 'mo2f_remember_device' ) ) {
|
114 |
+
add_action( 'login_footer', array( $pass2fa_login, 'miniorange_pass2login_footer_form' ) );
|
115 |
+
add_action( 'woocommerce_before_customer_login_form', array(
|
116 |
+
$pass2fa_login,
|
117 |
+
'miniorange_pass2login_footer_form'
|
118 |
+
) );
|
119 |
+
}
|
120 |
+
add_action( 'login_enqueue_scripts', array(
|
121 |
+
$pass2fa_login,
|
122 |
+
'mo_2_factor_enable_jquery_default_login'
|
123 |
+
) );
|
124 |
+
|
125 |
+
add_action( 'woocommerce_login_form_end', array(
|
126 |
+
$pass2fa_login,
|
127 |
+
'mo_2_factor_pass2login_show_wp_login_form'
|
128 |
+
) );
|
129 |
+
add_action( 'wp_enqueue_scripts', array(
|
130 |
+
$pass2fa_login,
|
131 |
+
'mo_2_factor_enable_jquery_default_login'
|
132 |
+
) );
|
133 |
+
|
134 |
+
//Actions for other plugins to use miniOrange 2FA plugin
|
135 |
+
add_action( 'miniorange_pre_authenticate_user_login', array(
|
136 |
+
$pass2fa_login,
|
137 |
+
'mo2f_check_username_password'
|
138 |
+
), 1, 4 );
|
139 |
+
add_action( 'miniorange_post_authenticate_user_login', array(
|
140 |
+
$pass2fa_login,
|
141 |
+
'miniorange_initiate_2nd_factor'
|
142 |
+
), 1, 3 );
|
143 |
+
add_action( 'miniorange_collect_attributes_for_authenticated_user', array(
|
144 |
+
$pass2fa_login,
|
145 |
+
'mo2f_collect_device_attributes_for_authenticated_user'
|
146 |
+
), 1, 2 );
|
147 |
+
|
148 |
+
}
|
149 |
+
|
150 |
+
} else { //login with phone enabled
|
151 |
+
|
152 |
+
if ( get_option( 'mo_2factor_admin_registration_status' ) == 'MO_2_FACTOR_CUSTOMER_REGISTERED_SUCCESS' ) {
|
153 |
+
|
154 |
+
$mobile_login = new Miniorange_Mobile_Login();
|
155 |
+
add_action( 'login_form', array( $mobile_login, 'miniorange_login_form_fields' ), 10 );
|
156 |
+
add_action( 'login_footer', array( $mobile_login, 'miniorange_login_footer_form' ) );
|
157 |
+
|
158 |
+
remove_filter( 'authenticate', 'wp_authenticate_username_password', 20 );
|
159 |
+
add_filter( 'authenticate', array( $mobile_login, 'mo2fa_default_login' ), 99999, 3 );
|
160 |
+
add_action( 'login_enqueue_scripts', array( $mobile_login, 'custom_login_enqueue_scripts' ) );
|
161 |
+
}
|
162 |
+
|
163 |
+
|
164 |
+
}
|
165 |
+
}
|
166 |
+
}
|
167 |
+
|
168 |
+
function define_global() {
|
169 |
+
global $Mo2fdbQueries;
|
170 |
+
$Mo2fdbQueries = new Mo2fDB();
|
171 |
+
}
|
172 |
+
|
173 |
+
function mo2f_update_db_check() {
|
174 |
+
|
175 |
+
global $Mo2fdbQueries;
|
176 |
+
$user_id = get_option( 'mo2f_miniorange_admin' );
|
177 |
+
$current_db_version = get_option( 'mo2f_dbversion' );
|
178 |
+
|
179 |
+
if ( $current_db_version < 141 ) {
|
180 |
+
update_option( 'mo2f_dbversion', 141 );
|
181 |
+
$Mo2fdbQueries->generate_tables();
|
182 |
+
|
183 |
+
}
|
184 |
+
if ( ! get_option( 'mo2f_existing_user_values_updated' ) ) {
|
185 |
+
|
186 |
+
if ( get_option( 'mo2f_customerKey' ) && ! get_option( 'mo2f_is_NC' ) ) {
|
187 |
+
update_option( 'mo2f_is_NC', 0 );
|
188 |
+
}
|
189 |
+
|
190 |
+
$check_if_user_column_exists = false;
|
191 |
+
|
192 |
+
if ( $user_id && ! get_option( 'mo2f_is_NC' ) ) {
|
193 |
+
$does_table_exist = $Mo2fdbQueries->check_if_table_exists();
|
194 |
+
if ( $does_table_exist ) {
|
195 |
+
$check_if_user_column_exists = $Mo2fdbQueries->check_if_user_column_exists( $user_id );
|
196 |
+
}
|
197 |
+
if ( ! $check_if_user_column_exists ) {
|
198 |
+
$Mo2fdbQueries->generate_tables();
|
199 |
+
$Mo2fdbQueries->insert_user( $user_id, array( 'user_id' => $user_id ) );
|
200 |
+
|
201 |
+
add_option( 'mo2f_phone', get_option( 'user_phone' ) );
|
202 |
+
add_option( 'mo2f_enable_login_with_2nd_factor', get_option( 'mo2f_show_loginwith_phone' ) );
|
203 |
+
add_option( 'mo2f_remember_device', get_option( 'mo2f_deviceid_enabled' ) );
|
204 |
+
add_option( 'mo2f_transactionId', get_option( 'mo2f-login-transactionId' ) );
|
205 |
+
add_option( 'mo2f_is_NC', 0 );
|
206 |
+
$phone = get_user_meta( $user_id, 'mo2f_user_phone', true );
|
207 |
+
$user_phone = $phone ? $phone : get_user_meta( $user_id, 'mo2f_phone', true );
|
208 |
+
|
209 |
+
$Mo2fdbQueries->update_user_details( $user_id,
|
210 |
+
array(
|
211 |
+
'mo2f_GoogleAuthenticator_config_status' => get_user_meta( $user_id, 'mo2f_google_authentication_status', true ),
|
212 |
+
'mo2f_SecurityQuestions_config_status' => get_user_meta( $user_id, 'mo2f_kba_registration_status', true ),
|
213 |
+
'mo2f_EmailVerification_config_status' => true,
|
214 |
+
'mo2f_AuthyAuthenticator_config_status' => get_user_meta( $user_id, 'mo2f_authy_authentication_status', true ),
|
215 |
+
'mo2f_user_email' => get_user_meta( $user_id, 'mo_2factor_map_id_with_email', true ),
|
216 |
+
'mo2f_user_phone' => $user_phone,
|
217 |
+
'user_registration_with_miniorange' => get_user_meta( $user_id, 'mo_2factor_user_registration_with_miniorange', true ),
|
218 |
+
'mobile_registration_status' => get_user_meta( $user_id, 'mo2f_mobile_registration_status', true ),
|
219 |
+
'mo2f_configured_2FA_method' => get_user_meta( $user_id, 'mo2f_selected_2factor_method', true ),
|
220 |
+
'mo_2factor_user_registration_status' => get_user_meta( $user_id, 'mo_2factor_user_registration_status', true )
|
221 |
+
) );
|
222 |
+
|
223 |
+
if ( get_user_meta( $user_id, 'mo2f_mobile_registration_status', true ) ) {
|
224 |
+
$Mo2fdbQueries->update_user_details( $user_id,
|
225 |
+
array(
|
226 |
+
'mo2f_miniOrangeSoftToken_config_status' => true,
|
227 |
+
'mo2f_miniOrangeQRCodeAuthentication_config_status' => true,
|
228 |
+
'mo2f_miniOrangePushNotification_config_status' => true
|
229 |
+
) );
|
230 |
+
}
|
231 |
+
|
232 |
+
if ( get_user_meta( $user_id, 'mo2f_otp_registration_status', true ) ) {
|
233 |
+
$Mo2fdbQueries->update_user_details( $user_id,
|
234 |
+
array(
|
235 |
+
'mo2f_OTPOverSMS_config_status' => true
|
236 |
+
) );
|
237 |
+
}
|
238 |
+
|
239 |
+
$mo2f_external_app_type = get_user_meta( $user_id, 'mo2f_external_app_type', true ) == 'AUTHY 2-FACTOR AUTHENTICATION' ?
|
240 |
+
'Authy Authenticator' : 'Google Authenticator';
|
241 |
+
|
242 |
+
update_user_meta( $user_id, 'mo2f_external_app_type', $mo2f_external_app_type );
|
243 |
+
|
244 |
+
delete_option( 'mo2f_show_loginwith_phone' );
|
245 |
+
delete_option( 'mo2f_deviceid_enabled' );
|
246 |
+
delete_option( 'mo2f-login-transactionId' );
|
247 |
+
delete_user_meta( $user_id, 'mo2f_google_authentication_status' );
|
248 |
+
delete_user_meta( $user_id, 'mo2f_kba_registration_status' );
|
249 |
+
delete_user_meta( $user_id, 'mo2f_email_verification_status' );
|
250 |
+
delete_user_meta( $user_id, 'mo2f_authy_authentication_status' );
|
251 |
+
delete_user_meta( $user_id, 'mo_2factor_map_id_with_email' );
|
252 |
+
delete_user_meta( $user_id, 'mo_2factor_user_registration_with_miniorange' );
|
253 |
+
delete_user_meta( $user_id, 'mo2f_mobile_registration_status' );
|
254 |
+
delete_user_meta( $user_id, 'mo2f_otp_registration_status' );
|
255 |
+
delete_user_meta( $user_id, 'mo2f_selected_2factor_method' );
|
256 |
+
delete_user_meta( $user_id, 'mo2f_configure_test_option' );
|
257 |
+
delete_user_meta( $user_id, 'mo_2factor_user_registration_status' );
|
258 |
+
|
259 |
+
update_option( 'mo2f_existing_user_values_updated', 1 );
|
260 |
+
|
261 |
+
}
|
262 |
+
}
|
263 |
+
}
|
264 |
+
|
265 |
+
if ( $user_id && ! get_option( 'mo2f_login_option_updated' ) ) {
|
266 |
+
|
267 |
+
$does_table_exist = $Mo2fdbQueries->check_if_table_exists();
|
268 |
+
if ( $does_table_exist ) {
|
269 |
+
$check_if_user_column_exists = $Mo2fdbQueries->check_if_user_column_exists( $user_id );
|
270 |
+
if ( $check_if_user_column_exists ) {
|
271 |
+
$selected_2FA_method = $Mo2fdbQueries->get_user_detail( 'mo2f_configured_2FA_method', $user_id );
|
272 |
+
$is_nc_with_unlimited_users = get_option( 'mo2f_is_NC' ) && ! get_option( 'mo2f_is_NNC' );
|
273 |
+
|
274 |
+
if ( ! $is_nc_with_unlimited_users && in_array( $selected_2FA_method, array(
|
275 |
+
"Google Authenticator",
|
276 |
+
"miniOrange Soft Token",
|
277 |
+
"Authy Authenticator"
|
278 |
+
) ) ) {
|
279 |
+
update_option( 'mo2f_enable_2fa_prompt_on_login_page', 1 );
|
280 |
+
}
|
281 |
+
update_option( 'mo2f_login_option_updated', 1 );
|
282 |
+
}
|
283 |
+
}
|
284 |
+
|
285 |
+
}
|
286 |
+
|
287 |
+
|
288 |
+
}
|
289 |
+
|
290 |
+
|
291 |
+
/**
|
292 |
+
* Function tells where to look for translations.
|
293 |
+
*/
|
294 |
+
function mo2fa_load_textdomain() {
|
295 |
+
load_plugin_textdomain( 'miniorange-2-factor-authentication', false, dirname( plugin_basename( __FILE__ ) ) . '/lang/' );
|
296 |
+
}
|
297 |
+
|
298 |
+
function feedback_request() {
|
299 |
+
display_feedback_form();
|
300 |
+
}
|
301 |
+
|
302 |
+
function get_customer_SMS_transactions() {
|
303 |
+
|
304 |
+
if ( get_option( 'mo_2factor_admin_registration_status' ) == 'MO_2_FACTOR_CUSTOMER_REGISTERED_SUCCESS' && get_option( 'mo2f_show_sms_transaction_message' ) ) {
|
305 |
+
if ( ! get_option( 'mo2f_set_transactions' ) ) {
|
306 |
+
$customer = new Customer_Setup();
|
307 |
+
|
308 |
+
$content = json_decode( $customer->get_customer_transactions( get_option( 'mo2f_customerKey' ), get_option( 'mo2f_api_key' ) ), true );
|
309 |
+
|
310 |
+
update_option( 'mo2f_set_transactions', 1 );
|
311 |
+
if ( ! array_key_exists( 'smsRemaining', $content ) ) {
|
312 |
+
$smsRemaining = 0;
|
313 |
+
} else {
|
314 |
+
$smsRemaining = $content['smsRemaining'];
|
315 |
+
|
316 |
+
if ( $smsRemaining == null ) {
|
317 |
+
$smsRemaining = 0;
|
318 |
+
}
|
319 |
+
}
|
320 |
+
update_option( 'mo2f_number_of_transactions', $smsRemaining );
|
321 |
+
} else {
|
322 |
+
$smsRemaining = get_option( 'mo2f_number_of_transactions' );
|
323 |
+
}
|
324 |
+
|
325 |
+
$this->display_customer_transactions( $smsRemaining );
|
326 |
+
}
|
327 |
+
}
|
328 |
+
|
329 |
+
function display_customer_transactions( $content ) {
|
330 |
+
echo '<div class="is-dismissible notice notice-warning"> <form name="f" method="post" action=""><input type="hidden" name="option" value="mo_auth_sync_sms_transactions" /><p><b>' . mo2f_lt( 'miniOrange 2-Factor Plugin:' ) . '</b> ' . mo2f_lt( 'You have' ) . ' <b style="color:red">' . $content . ' ' . mo2f_lt( 'SMS transactions' ) . ' </b>' . mo2f_lt( 'remaining' ) . '<input type="submit" name="submit" value="' . mo2f_lt( 'Check Transactions' ) . ' " class="button button-primary button-large" /></form><button type="button" class="notice-dismiss"><span class="screen-reader-text">' . mo2f_lt( 'Dismiss this notice.' ) . '</span></button></div>';
|
331 |
+
}
|
332 |
+
|
333 |
+
function prompt_user_to_setup_two_factor() {
|
334 |
+
global $Mo2fdbQueries;
|
335 |
+
$user = wp_get_current_user();
|
336 |
+
$selected_2_Factor_method = $Mo2fdbQueries->get_user_detail( 'mo2f_configured_2FA_method', $user->ID );
|
337 |
+
if ( $selected_2_Factor_method == 'NONE' ) {
|
338 |
+
if ( get_option( 'mo2f_enable_2fa_for_users' ) || ( current_user_can( 'manage_options' ) && get_option( 'mo2f_miniorange_admin' ) == $user->ID ) ) {
|
339 |
+
echo '<div class="is-dismissible notice notice-warning"><p><b>' . mo2f_lt( "miniOrange 2-Factor Plugin: " ) . '</b>' . mo2f_lt( 'You have not configured your 2-factor authentication method yet.' ) .
|
340 |
+
'<a href="admin.php?page=miniOrange_2_factor_settings&mo2f_tab=mobile_configure">' . mo2f_lt( ' Click here' ) . '</a>' . mo2f_lt( ' to set it up.' ) .
|
341 |
+
'<button type="button" class="notice-dismiss"><span class="screen-reader-text">' . mo2f_lt( 'Dismiss this notice.' ) . '</span></button></div>';
|
342 |
+
}
|
343 |
+
}
|
344 |
+
}
|
345 |
+
|
346 |
+
|
347 |
+
function mo_auth_success_message() {
|
348 |
+
$message = get_option( 'mo2f_message' ); ?>
|
349 |
+
<script>
|
350 |
+
jQuery(document).ready(function () {
|
351 |
+
var message = "<?php echo $message; ?>";
|
352 |
+
jQuery('#messages').append("<div style='padding:5px;'><div class='error notice is-dismissible mo2f_error_container'> <p class='mo2f_msgs'>" + message + "</p></div></div>");
|
353 |
+
});
|
354 |
+
</script>
|
355 |
+
<?php
|
356 |
+
}
|
357 |
+
|
358 |
+
function mo_auth_error_message() {
|
359 |
+
$message = get_option( 'mo2f_message' ); ?>
|
360 |
+
<script>
|
361 |
+
jQuery(document).ready(function () {
|
362 |
+
var message = "<?php echo $message; ?>";
|
363 |
+
jQuery('#messages').append("<div style='padding:5px;'><div class='updated notice is-dismissible mo2f_success_container'> <p class='mo2f_msgs'>" + message + "</p></div></div>");
|
364 |
+
});
|
365 |
+
</script>
|
366 |
+
<?php
|
367 |
+
}
|
368 |
+
|
369 |
+
function miniorange_auth_menu() {
|
370 |
+
global $user;
|
371 |
+
$user = wp_get_current_user();
|
372 |
+
if ( get_option( 'mo2f_enable_custom_icon' ) != 1 ) {
|
373 |
+
$iconurl = plugin_dir_url( __FILE__ ) . 'includes/images/miniorange_icon.png';
|
374 |
+
} else {
|
375 |
+
$icon = apply_filters( 'mo2f_icon', 'icon' );
|
376 |
+
if ( isset( $icon ) ) {
|
377 |
+
$iconurl = $icon;
|
378 |
+
} else {
|
379 |
+
$iconurl = site_url() . '/wp-content/uploads/plugin_icon.png';
|
380 |
+
}
|
381 |
+
}
|
382 |
+
$roles = $user->roles;
|
383 |
+
$miniorange_role = array_shift( $roles );
|
384 |
+
|
385 |
+
$is_plugin_activated = get_option( 'mo2f_activate_plugin' );
|
386 |
+
$is_customer_admin = get_option( 'mo2f_miniorange_admin' ) == $user->ID ? true : false;
|
387 |
+
$is_2fa_enabled_for_users = get_option( 'mo2f_enable_2fa_for_users' );
|
388 |
+
$can_current_user_manage_options = current_user_can( 'manage_options' );
|
389 |
+
$admin_registration_status = get_option( 'mo_2factor_admin_registration_status' ) == 'MO_2_FACTOR_CUSTOMER_REGISTERED_SUCCESS'
|
390 |
+
? true : false;
|
391 |
+
|
392 |
+
|
393 |
+
if ( get_option( 'mo2f_is_NC' ) && ! get_option( 'mo2f_is_NNC' ) ) {
|
394 |
+
if ( ! $can_current_user_manage_options && get_option( 'mo2fa_' . $miniorange_role ) &&
|
395 |
+
$admin_registration_status && ! $is_customer_admin && $is_plugin_activated && $is_2fa_enabled_for_users ) {
|
396 |
+
$user_register = new Miniorange_User_Register();
|
397 |
+
$mo2fa_hook_page = add_menu_page( 'miniOrange 2 Factor Auth', get_option( 'mo2f_custom_plugin_name' ), 'read', 'miniOrange_2_factor_settings', array(
|
398 |
+
$user_register,
|
399 |
+
'mo2f_register_user'
|
400 |
+
), $iconurl );
|
401 |
+
} else if ( $can_current_user_manage_options ) {
|
402 |
+
if ( $is_customer_admin || ( ! $is_customer_admin && $is_2fa_enabled_for_users ) ) {
|
403 |
+
$mo2fa_hook_page = add_menu_page( 'miniOrange 2 Factor Auth', get_option( 'mo2f_custom_plugin_name' ), 'manage_options', 'miniOrange_2_factor_settings', array(
|
404 |
+
$this,
|
405 |
+
'mo_auth_login_options'
|
406 |
+
), $iconurl );
|
407 |
+
}
|
408 |
+
|
409 |
+
}
|
410 |
+
} else {
|
411 |
+
if ( $admin_registration_status ) {
|
412 |
+
if ( $can_current_user_manage_options && $is_customer_admin ) {
|
413 |
+
$mo2fa_hook_page = add_menu_page( 'miniOrange 2 Factor Auth', get_option( 'mo2f_custom_plugin_name' ), 'manage_options', 'miniOrange_2_factor_settings', array(
|
414 |
+
$this,
|
415 |
+
'mo_auth_login_options'
|
416 |
+
), $iconurl );
|
417 |
+
}
|
418 |
+
} else if ( $can_current_user_manage_options ) {
|
419 |
+
$mo2fa_hook_page = add_menu_page( 'miniOrange 2 Factor Auth', get_option( 'mo2f_custom_plugin_name' ), 'manage_options', 'miniOrange_2_factor_settings', array(
|
420 |
+
$this,
|
421 |
+
'mo_auth_login_options'
|
422 |
+
), $iconurl );
|
423 |
+
}
|
424 |
+
}
|
425 |
+
|
426 |
+
|
427 |
+
}
|
428 |
+
|
429 |
+
function mo_auth_login_options() {
|
430 |
+
global $user;
|
431 |
+
$user = wp_get_current_user();
|
432 |
+
update_option( 'mo2f_host_name', 'https://auth.miniorange.com' );
|
433 |
+
mo_2_factor_register( $user );
|
434 |
+
}
|
435 |
+
|
436 |
+
function mo_2_factor_enable_frontend_style() {
|
437 |
+
wp_enqueue_style( 'mo2f_frontend_login_style', plugins_url( 'includes/css/front_end_login.css?version=5.1.7', __FILE__ ) );
|
438 |
+
wp_enqueue_style( 'bootstrap_style', plugins_url( 'includes/css/bootstrap.min.css?version=5.1.7', __FILE__ ) );
|
439 |
+
wp_enqueue_style( 'mo_2_factor_admin_settings_phone_style', plugins_url( 'includes/css/phone.css?version=5.1.7', __FILE__ ) );
|
440 |
+
wp_enqueue_style( 'mo_2_factor_wpb-fa', plugins_url( 'includes/css/font-awesome.min.css', __FILE__ ) );
|
441 |
+
wp_enqueue_style( 'mo2f_login_popup_style', plugins_url( 'includes/css/mo2f_login_popup_ui.css?version=5.1.7', __FILE__ ) );
|
442 |
+
}
|
443 |
+
|
444 |
+
function plugin_settings_style( $mo2fa_hook_page ) {
|
445 |
+
if ( 'toplevel_page_miniOrange_2_factor_settings' != $mo2fa_hook_page ) {
|
446 |
+
return;
|
447 |
+
}
|
448 |
+
wp_enqueue_style( 'mo_2_factor_admin_settings_style', plugins_url( 'includes/css/style_settings.css?version=5.1.7', __FILE__ ) );
|
449 |
+
wp_enqueue_style( 'mo_2_factor_admin_settings_phone_style', plugins_url( 'includes/css/phone.css?version=5.1.7', __FILE__ ) );
|
450 |
+
wp_enqueue_style( 'bootstrap_style', plugins_url( 'includes/css/bootstrap.min.css?version=5.1.7', __FILE__ ) );
|
451 |
+
wp_enqueue_style( 'mo_2_factor_wpb-fa', plugins_url( 'includes/css/font-awesome.min.css', __FILE__ ) );
|
452 |
+
}
|
453 |
+
|
454 |
+
function plugin_settings_script( $mo2fa_hook_page ) {
|
455 |
+
if ( 'toplevel_page_miniOrange_2_factor_settings' != $mo2fa_hook_page ) {
|
456 |
+
return;
|
457 |
+
}
|
458 |
+
wp_enqueue_script( 'jquery' );
|
459 |
+
wp_enqueue_script( 'mo_2_factor_admin_settings_phone_script', plugins_url( 'includes/js/phone.js', __FILE__ ) );
|
460 |
+
wp_enqueue_script( 'bootstrap_script', plugins_url( 'includes/js/bootstrap.min.js', __FILE__ ) );
|
461 |
+
}
|
462 |
+
|
463 |
+
function miniorange_auth_save_settings() {
|
464 |
+
|
465 |
+
if ( array_key_exists( 'page', $_REQUEST ) && $_REQUEST['page'] == 'miniOrange_2_factor_settings' ) {
|
466 |
+
if ( ! session_id() || session_id() == '' || ! isset( $_SESSION ) ) {
|
467 |
+
session_start();
|
468 |
+
}
|
469 |
+
}
|
470 |
+
|
471 |
+
global $user;
|
472 |
+
global $Mo2fdbQueries;
|
473 |
+
$defaultCustomerKey = $this->defaultCustomerKey;
|
474 |
+
$defaultApiKey = $this->defaultApiKey;
|
475 |
+
|
476 |
+
$user = wp_get_current_user();
|
477 |
+
$user_id = $user->ID;
|
478 |
+
|
479 |
+
if ( current_user_can( 'manage_options' ) ) {
|
480 |
+
|
481 |
+
if ( isset( $_POST['option'] ) and $_POST['option'] == "mo_auth_deactivate_account" ) {
|
482 |
+
$url = admin_url( 'plugins.php' );
|
483 |
+
wp_redirect( $url );
|
484 |
+
}
|
485 |
+
|
486 |
+
if ( isset( $_POST['option'] ) and $_POST['option'] == "mo_auth_remove_account" ) {
|
487 |
+
update_option( 'mo2f_register_with_another_email', 1 );
|
488 |
+
$this->mo_auth_deactivate();
|
489 |
+
}
|
490 |
+
|
491 |
+
|
492 |
+
if ( isset( $_POST['option'] ) and $_POST['option'] == "mo2f_save_proxy_settings" ) {
|
493 |
+
$proxyHost = $_POST['proxyHost'];
|
494 |
+
$portNumber = $_POST['portNumber'];
|
495 |
+
$proxyUsername = $_POST['proxyUsername'];
|
496 |
+
$proxyPassword = $_POST['proxyPass'];
|
497 |
+
|
498 |
+
update_option( 'mo2f_proxy_host', $proxyHost );
|
499 |
+
update_option( 'mo2f_port_number', $portNumber );
|
500 |
+
update_option( 'mo2f_proxy_username', $proxyUsername );
|
501 |
+
update_option( 'mo2f_proxy_password', $proxyPassword );
|
502 |
+
update_option( 'mo2f_message', 'Proxy settings saved successfully.' );
|
503 |
+
$this->mo_auth_show_success_message();
|
504 |
+
|
505 |
+
}
|
506 |
+
if ( isset( $_POST['option'] ) and $_POST['option'] == "mo_auth_register_customer" ) { //register the admin to miniOrange
|
507 |
+
|
508 |
+
//validate and sanitize
|
509 |
+
$email = '';
|
510 |
+
$password = '';
|
511 |
+
$confirmPassword = '';
|
512 |
+
$is_registration = get_user_meta( $user->ID, 'mo2f_email_otp_count', true );
|
513 |
+
|
514 |
+
if ( MO2f_Utility::mo2f_check_empty_or_null( $_POST['email'] ) || MO2f_Utility::mo2f_check_empty_or_null( $_POST['password'] ) || MO2f_Utility::mo2f_check_empty_or_null( $_POST['confirmPassword'] ) ) {
|
515 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "INVALID_ENTRY" ) );
|
516 |
+
|
517 |
+
return;
|
518 |
+
} else if ( strlen( $_POST['password'] ) < 6 || strlen( $_POST['confirmPassword'] ) < 6 ) {
|
519 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "MIN_PASS_LENGTH" ) );
|
520 |
+
|
521 |
+
} else {
|
522 |
+
$email = sanitize_email( $_POST['email'] );
|
523 |
+
$password = sanitize_text_field( $_POST['password'] );
|
524 |
+
$confirmPassword = sanitize_text_field( $_POST['confirmPassword'] );
|
525 |
+
}
|
526 |
+
$email = strtolower( $email );
|
527 |
+
update_option( 'mo2f_email', $email );
|
528 |
+
|
529 |
+
$Mo2fdbQueries->insert_user( $user_id, array( 'user_id' => $user_id ) );
|
530 |
+
|
531 |
+
if ( strcmp( $password, $confirmPassword ) == 0 ) {
|
532 |
+
update_option( 'mo2f_password', stripslashes( $password ) );
|
533 |
+
$customer = new Customer_Setup();
|
534 |
+
$customerKey = json_decode( $customer->check_customer(), true );
|
535 |
+
|
536 |
+
if ( strcasecmp( $customerKey['status'], 'CUSTOMER_NOT_FOUND' ) == 0 ) {
|
537 |
+
if ( $customerKey['status'] == 'ERROR' ) {
|
538 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( $customerKey['message'] ) );
|
539 |
+
} else {
|
540 |
+
$this->mo2f_create_customer( $user );
|
541 |
+
delete_user_meta( $user->ID, 'mo_2fa_verify_otp_create_account' );
|
542 |
+
delete_user_meta( $user->ID, 'register_account' );
|
543 |
+
if(get_user_meta( $user->ID, 'mo2f_2FA_method_to_configure'))
|
544 |
+
update_user_meta( $user->ID, 'configure_2FA', 1 );
|
545 |
+
|
546 |
+
}
|
547 |
+
} else { //customer already exists, redirect him to login page
|
548 |
+
|
549 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ACCOUNT_ALREADY_EXISTS" ) );
|
550 |
+
$Mo2fdbQueries->update_user_details( $user->ID, array( 'mo_2factor_user_registration_status' => 'MO_2_FACTOR_VERIFY_CUSTOMER' ) );
|
551 |
+
|
552 |
+
}
|
553 |
+
|
554 |
+
} else {
|
555 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "PASSWORDS_MISMATCH" ) );
|
556 |
+
$this->mo_auth_show_error_message();
|
557 |
+
}
|
558 |
+
}
|
559 |
+
|
560 |
+
if ( isset( $_POST['option'] ) and $_POST['option'] == "mo2f_goto_verifycustomer" ) {
|
561 |
+
$Mo2fdbQueries->insert_user( $user_id, array( 'user_id' => $user_id ) );
|
562 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ENTER_YOUR_EMAIL_PASSWORD" ) );
|
563 |
+
$Mo2fdbQueries->update_user_details( $user->ID, array( 'mo_2factor_user_registration_status' => 'MO_2_FACTOR_VERIFY_CUSTOMER' ) );
|
564 |
+
|
565 |
+
}
|
566 |
+
|
567 |
+
|
568 |
+
if ( isset( $_POST['option'] ) and $_POST['option'] == 'mo_2factor_gobackto_registration_page' ) { //back to registration page for admin
|
569 |
+
delete_option( 'mo2f_email' );
|
570 |
+
delete_option( 'mo2f_password' );
|
571 |
+
update_option( 'mo2f_message', "" );
|
572 |
+
|
573 |
+
MO2f_Utility::unset_session_variables( 'mo2f_transactionId' );
|
574 |
+
delete_option( 'mo2f_transactionId' );
|
575 |
+
delete_user_meta( $user->ID, 'mo2f_sms_otp_count' );
|
576 |
+
delete_user_meta( $user->ID, 'mo2f_email_otp_count' );
|
577 |
+
delete_user_meta( $user->ID, 'mo2f_email_otp_count' );
|
578 |
+
$Mo2fdbQueries->update_user_details( $user->ID, array( 'mo_2factor_user_registration_status' => 'REGISTRATION_STARTED' ) );
|
579 |
+
|
580 |
+
}
|
581 |
+
|
582 |
+
if ( isset( $_POST['option'] ) and $_POST['option'] == 'mo2f_registration_closed' ) {
|
583 |
+
$Mo2fdbQueries->update_user_details( $user->ID, array( 'mo_2factor_user_registration_status' => '' ) );
|
584 |
+
delete_user_meta( $user->ID, 'register_account' );
|
585 |
+
}
|
586 |
+
if ( isset( $_POST['option'] ) and $_POST['option'] == "mo_auth_verify_customer" ) { //register the admin to miniOrange if already exist
|
587 |
+
|
588 |
+
//validation and sanitization
|
589 |
+
$email = '';
|
590 |
+
$password = '';
|
591 |
+
$Mo2fdbQueries->insert_user( $user_id, array( 'user_id' => $user_id ) );
|
592 |
+
|
593 |
+
|
594 |
+
if ( MO2f_Utility::mo2f_check_empty_or_null( $_POST['email'] ) || MO2f_Utility::mo2f_check_empty_or_null( $_POST['password'] ) ) {
|
595 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "INVALID_ENTRY" ) );
|
596 |
+
$this->mo_auth_show_error_message();
|
597 |
+
|
598 |
+
return;
|
599 |
+
} else {
|
600 |
+
$email = sanitize_email( $_POST['email'] );
|
601 |
+
$password = sanitize_text_field( $_POST['password'] );
|
602 |
+
}
|
603 |
+
|
604 |
+
update_option( 'mo2f_email', $email );
|
605 |
+
update_option( 'mo2f_password', stripslashes( $password ) );
|
606 |
+
$customer = new Customer_Setup();
|
607 |
+
$content = $customer->get_customer_key();
|
608 |
+
$customerKey = json_decode( $content, true );
|
609 |
+
if ( json_last_error() == JSON_ERROR_NONE ) {
|
610 |
+
if ( is_array( $customerKey ) && array_key_exists( "status", $customerKey ) && $customerKey['status'] == 'ERROR' ) {
|
611 |
+
update_option( 'mo2f_message', Mo2fConstants::langTranslate( $customerKey['message'] ) );
|
612 |
+
$this->mo_auth_show_error_message();
|
613 |
+
} else if ( is_array( $customerKey ) ) {
|
614 |
+
if ( isset( $customerKey['id'] ) && ! empty( $customerKey['id'] ) ) {
|
615 |
+
update_option( 'mo2f_customerKey', $customerKey['id'] );
|
616 |
+
update_option( 'mo2f_api_key', $customerKey['apiKey'] );
|
617 |
+
update_option( 'mo2f_customer_token', $customerKey['token'] );
|
618 |
+
update_option( 'mo2f_app_secret', $customerKey['appSecret'] );
|
619 |
+
$Mo2fdbQueries->update_user_details( $user->ID, array( 'mo2f_user_phone' => $customerKey['phone'] ) );
|
620 |
+
update_option( 'mo2f_miniorange_admin', $user->ID );
|
621 |
+
|
622 |
+
$mo2f_emailVerification_config_status = get_option( 'mo2f_is_NC' ) == 0 ? true : false;
|
623 |
+
|
624 |
+
delete_option( 'mo2f_password' );
|
625 |
+
update_option( 'mo_2factor_admin_registration_status', 'MO_2_FACTOR_CUSTOMER_REGISTERED_SUCCESS' );
|
626 |
+
|
627 |
+
$Mo2fdbQueries->update_user_details( $user->ID, array(
|
628 |
+
'mo2f_EmailVerification_config_status' => $mo2f_emailVerification_config_status,
|
629 |
+
'mo2f_user_email' => get_option( 'mo2f_email' ),
|
630 |
+
'user_registration_with_miniorange' => 'SUCCESS',
|
631 |
+
'mo2f_2factor_enable_2fa_byusers' => 1,
|
632 |
+
) );
|
633 |
+
$mo_2factor_user_registration_status = 'MO_2_FACTOR_PLUGIN_SETTINGS';
|
634 |
+
$Mo2fdbQueries->update_user_details( $user->ID, array( 'mo_2factor_user_registration_status' => $mo_2factor_user_registration_status ) );
|
635 |
+
$configured_2FA_method = 'NONE';
|
636 |
+
$user_email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $user->ID );
|
637 |
+
$enduser = new Two_Factor_Setup();
|
638 |
+
$userinfo = json_decode( $enduser->mo2f_get_userinfo( $user_email ), true );
|
639 |
+
|
640 |
+
$mo2f_second_factor = 'NONE';
|
641 |
+
if ( json_last_error() == JSON_ERROR_NONE ) {
|
642 |
+
if ( $userinfo['status'] == 'SUCCESS' ) {
|
643 |
+
$mo2f_second_factor = mo2f_update_and_sync_user_two_factor( $user->ID, $userinfo );
|
644 |
+
|
645 |
+
}
|
646 |
+
}
|
647 |
+
if ( $mo2f_second_factor != 'NONE' ) {
|
648 |
+
$configured_2FA_method = MO2f_Utility::mo2f_decode_2_factor( $mo2f_second_factor, "servertowpdb" );
|
649 |
+
|
650 |
+
if ( get_option( 'mo2f_is_NC' ) == 0 ) {
|
651 |
+
|
652 |
+
$auth_method_abr = str_replace( ' ', '', $configured_2FA_method );
|
653 |
+
$Mo2fdbQueries->update_user_details( $user->ID, array(
|
654 |
+
'mo2f_configured_2FA_method' => $configured_2FA_method,
|
655 |
+
'mo2f_' . $auth_method_abr . '_config_status' => true
|
656 |
+
) );
|
657 |
+
|
658 |
+
} else {
|
659 |
+
if ( in_array( $configured_2FA_method, array(
|
660 |
+
'Email Verification',
|
661 |
+
'Authy Authenticator',
|
662 |
+
'OTP over SMS'
|
663 |
+
) ) ) {
|
664 |
+
$enduser->mo2f_update_userinfo( $user_email, 'NONE', null, '', true );
|
665 |
+
}
|
666 |
+
}
|
667 |
+
|
668 |
+
|
669 |
+
}
|
670 |
+
|
671 |
+
$mo2f_message = Mo2fConstants:: langTranslate( "ACCOUNT_RETRIEVED_SUCCESSFULLY" );
|
672 |
+
if ( $configured_2FA_method != 'NONE' && get_option( 'mo2f_is_NC' ) == 0 ) {
|
673 |
+
$mo2f_message .= ' <b>' . $configured_2FA_method . '</b> ' . Mo2fConstants:: langTranslate( "DEFAULT_2ND_FACTOR" ) . '.';
|
674 |
+
}
|
675 |
+
$mo2f_message .= ' ' . '<a href=\"admin.php?page=miniOrange_2_factor_settings&mo2f_tab=mobile_configure\" >' . Mo2fConstants:: langTranslate( "CLICK_HERE" ) . '</a> ' . Mo2fConstants:: langTranslate( "CONFIGURE_2FA" );
|
676 |
+
|
677 |
+
delete_user_meta( $user->ID, 'register_account' );
|
678 |
+
|
679 |
+
$mo2f_customer_selected_plan = get_option( 'mo2f_customer_selected_plan' );
|
680 |
+
if ( ! empty( $mo2f_customer_selected_plan ) ) {
|
681 |
+
delete_option( 'mo2f_customer_selected_plan' );
|
682 |
+
header( 'Location: admin.php?page=miniOrange_2_factor_settings&mo2f_tab=mo2f_pricing' );
|
683 |
+
} else if ( $mo2f_second_factor == 'NONE' ) {
|
684 |
+
update_user_meta( $user->ID, 'configure_2FA', 1 );
|
685 |
+
}
|
686 |
+
|
687 |
+
|
688 |
+
update_option( 'mo2f_message', $mo2f_message );
|
689 |
+
} else {
|
690 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "INVALID_EMAIL_OR_PASSWORD" ) );
|
691 |
+
$mo_2factor_user_registration_status = 'MO_2_FACTOR_VERIFY_CUSTOMER';
|
692 |
+
$Mo2fdbQueries->update_user_details( $user->ID, array( 'mo_2factor_user_registration_status' => $mo_2factor_user_registration_status ) );
|
693 |
+
|
694 |
+
}
|
695 |
+
|
696 |
+
}
|
697 |
+
} else {
|
698 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "INVALID_EMAIL_OR_PASSWORD" ) );
|
699 |
+
$mo_2factor_user_registration_status = 'MO_2_FACTOR_VERIFY_CUSTOMER';
|
700 |
+
$Mo2fdbQueries->update_user_details( $user->ID, array( 'mo_2factor_user_registration_status' => $mo_2factor_user_registration_status ) );
|
701 |
+
|
702 |
+
}
|
703 |
+
|
704 |
+
delete_option( 'mo2f_password' );
|
705 |
+
}
|
706 |
+
|
707 |
+
if ( isset( $_POST['option'] ) and $_POST['option'] == 'mo_2factor_phone_verification' ) { //at registration time
|
708 |
+
$phone = sanitize_text_field( $_POST['phone_number'] );
|
709 |
+
$Mo2fdbQueries->update_user_details( $user->ID, array( 'mo2f_user_phone' => $phone ) );
|
710 |
+
|
711 |
+
$phone = str_replace( ' ', '', $phone );
|
712 |
+
$auth_type = 'SMS';
|
713 |
+
$customer = new Customer_Setup();
|
714 |
+
|
715 |
+
$send_otp_response = json_decode( $customer->send_otp_token( $phone, $auth_type, $defaultCustomerKey, $defaultApiKey ), true );
|
716 |
+
|
717 |
+
if ( strcasecmp( $send_otp_response['status'], 'SUCCESS' ) == 0 ) {
|
718 |
+
$mo_2factor_user_registration_status = 'MO_2_FACTOR_OTP_DELIVERED_SUCCESS';
|
719 |
+
$Mo2fdbQueries->update_user_details( $user->ID, array( 'mo_2factor_user_registration_status' => $mo_2factor_user_registration_status ) );
|
720 |
+
update_user_meta( $user->ID, 'mo_2fa_verify_otp_create_account', $send_otp_response['txId'] );
|
721 |
+
|
722 |
+
if ( get_user_meta( $user->ID, 'mo2f_sms_otp_count', true ) ) {
|
723 |
+
update_option( 'mo2f_message', 'Another One Time Passcode has been sent <b>( ' . get_user_meta( $user->ID, 'mo2f_sms_otp_count', true ) . ' )</b> for verification to ' . $phone );
|
724 |
+
update_user_meta( $user->ID, 'mo2f_sms_otp_count', get_user_meta( $user->ID, 'mo2f_sms_otp_count', true ) + 1 );
|
725 |
+
} else {
|
726 |
+
update_option( 'mo2f_message', 'One Time Passcode has been sent for verification to ' . $phone );
|
727 |
+
update_user_meta( $user->ID, 'mo2f_sms_otp_count', 1 );
|
728 |
+
}
|
729 |
+
|
730 |
+
$this->mo_auth_show_success_message();
|
731 |
+
} else {
|
732 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_WHILE_SENDING_SMS" ) );
|
733 |
+
$mo_2factor_user_registration_status = 'MO_2_FACTOR_OTP_DELIVERED_FAILURE';
|
734 |
+
$Mo2fdbQueries->update_user_details( $user->ID, array( 'mo_2factor_user_registration_status' => $mo_2factor_user_registration_status ) );
|
735 |
+
$this->mo_auth_show_error_message();
|
736 |
+
}
|
737 |
+
|
738 |
+
}
|
739 |
+
|
740 |
+
if ( isset( $_POST['option'] ) and $_POST['option'] == "mo_2factor_resend_otp" ) { //resend OTP over email for admin
|
741 |
+
$customer = new Customer_Setup();
|
742 |
+
$content = json_decode( $customer->send_otp_token( get_option( 'mo2f_email' ), 'EMAIL', $defaultCustomerKey, $defaultApiKey ), true );
|
743 |
+
if ( strcasecmp( $content['status'], 'SUCCESS' ) == 0 ) {
|
744 |
+
if ( get_user_meta( $user->ID, 'mo2f_email_otp_count', true ) ) {
|
745 |
+
update_user_meta( $user->ID, 'mo2f_email_otp_count', get_user_meta( $user->ID, 'mo2f_email_otp_count', true ) + 1 );
|
746 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "RESENT_OTP" ) . ' <b>( ' . get_user_meta( $user->ID, 'mo2f_email_otp_count', true ) . ' )</b> to <b>' . ( get_option( 'mo2f_email' ) ) . '</b> ' . Mo2fConstants:: langTranslate( "ENTER_OTP" ) );
|
747 |
+
} else {
|
748 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "OTP_SENT" ) . '<b> ' . ( get_option( 'mo2f_email' ) ) . ' </b>' . Mo2fConstants:: langTranslate( "ENTER_OTP" ) );
|
749 |
+
update_user_meta( $user->ID, 'mo2f_email_otp_count', 1 );
|
750 |
+
}
|
751 |
+
$mo_2factor_user_registration_status = 'MO_2_FACTOR_OTP_DELIVERED_SUCCESS';
|
752 |
+
$Mo2fdbQueries->update_user_details( $user->ID, array( 'mo_2factor_user_registration_status' => $mo_2factor_user_registration_status ) );
|
753 |
+
update_user_meta( $user->ID, 'mo_2fa_verify_otp_create_account', $content['txId'] );
|
754 |
+
$this->mo_auth_show_success_message();
|
755 |
+
} else {
|
756 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_IN_SENDING_EMAIL" ) );
|
757 |
+
$mo_2factor_user_registration_status = 'MO_2_FACTOR_OTP_DELIVERED_FAILURE';
|
758 |
+
$Mo2fdbQueries->update_user_details( $user->ID, array( 'mo_2factor_user_registration_status' => $mo_2factor_user_registration_status ) );
|
759 |
+
$this->mo_auth_show_error_message();
|
760 |
+
}
|
761 |
+
|
762 |
+
|
763 |
+
}
|
764 |
+
|
765 |
+
|
766 |
+
if ( isset( $_POST['option'] ) and $_POST['option'] == "mo2f_dismiss_notice_option" ) {
|
767 |
+
update_option( 'mo2f_bug_fix_done', 1 );
|
768 |
+
}
|
769 |
+
|
770 |
+
|
771 |
+
if ( isset( $_POST['option'] ) and $_POST['option'] == "mo_2factor_validate_otp" ) { //validate OTP over email for admin
|
772 |
+
|
773 |
+
//validation and sanitization
|
774 |
+
$otp_token = '';
|
775 |
+
if ( MO2f_Utility::mo2f_check_empty_or_null( $_POST['otp_token'] ) ) {
|
776 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "INVALID_ENTRY" ) );
|
777 |
+
$this->mo_auth_show_error_message();
|
778 |
+
|
779 |
+
return;
|
780 |
+
} else {
|
781 |
+
$otp_token = sanitize_text_field( $_POST['otp_token'] );
|
782 |
+
}
|
783 |
+
|
784 |
+
$customer = new Customer_Setup();
|
785 |
+
|
786 |
+
$transactionId = get_user_meta( $user->ID, 'mo_2fa_verify_otp_create_account', true );
|
787 |
+
|
788 |
+
$content = json_decode( $customer->validate_otp_token( 'EMAIL', null, $transactionId, $otp_token, $defaultCustomerKey, $defaultApiKey ), true );
|
789 |
+
|
790 |
+
if ( $content['status'] == 'ERROR' ) {
|
791 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( $content['message'] ) );
|
792 |
+
|
793 |
+
} else {
|
794 |
+
|
795 |
+
if ( strcasecmp( $content['status'], 'SUCCESS' ) == 0 ) { //OTP validated
|
796 |
+
$this->mo2f_create_customer( $user );
|
797 |
+
delete_user_meta( $user->ID, 'mo_2fa_verify_otp_create_account' );
|
798 |
+
delete_user_meta( $user->ID, 'register_account' );
|
799 |
+
update_user_meta( $user->ID, 'configure_2FA', 1 );
|
800 |
+
} else { // OTP Validation failed.
|
801 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "INVALID_OTP" ) );
|
802 |
+
$Mo2fdbQueries->update_user_details( $user->ID, array( 'mo_2factor_user_registration_status' => 'MO_2_FACTOR_OTP_DELIVERED_FAILURE' ) );
|
803 |
+
|
804 |
+
}
|
805 |
+
}
|
806 |
+
}
|
807 |
+
|
808 |
+
if ( isset( $_POST['option'] ) and $_POST['option'] == "mo_2factor_validate_user_otp" ) { //validate OTP over email for additional admin
|
809 |
+
|
810 |
+
//validation and sanitization
|
811 |
+
$otp_token = '';
|
812 |
+
if ( MO2f_Utility::mo2f_check_empty_or_null( $_POST['otp_token'] ) ) {
|
813 |
+
update_option( 'mo2f_message', 'All the fields are required. Please enter valid entries.' );
|
814 |
+
$this->mo_auth_show_error_message();
|
815 |
+
|
816 |
+
return;
|
817 |
+
} else {
|
818 |
+
$otp_token = sanitize_text_field( $_POST['otp_token'] );
|
819 |
+
}
|
820 |
+
|
821 |
+
$user_email = get_user_meta( $user->ID, 'user_email', true );
|
822 |
+
|
823 |
+
//if(!MO2f_Utility::check_if_email_is_already_registered($user_email)){
|
824 |
+
$customer = new Customer_Setup();
|
825 |
+
$mo2f_transactionId = isset( $_SESSION['mo2f_transactionId'] ) && ! empty( $_SESSION['mo2f_transactionId'] ) ? $_SESSION['mo2f_transactionId'] : get_option( 'mo2f_transactionId' );
|
826 |
+
|
827 |
+
$content = json_decode( $customer->validate_otp_token( 'EMAIL', '', $mo2f_transactionId, $otp_token, get_option( 'mo2f_customerKey' ), get_option( 'mo2f_api_key' ) ), true );
|
828 |
+
|
829 |
+
if ( $content['status'] == 'ERROR' ) {
|
830 |
+
update_option( 'mo2f_message', $content['message'] );
|
831 |
+
$this->mo_auth_show_error_message();
|
832 |
+
} else {
|
833 |
+
if ( strcasecmp( $content['status'], 'SUCCESS' ) == 0 ) { //OTP validated and generate QRCode
|
834 |
+
$this->mo2f_create_user( $user, $user_email );
|
835 |
+
delete_user_meta( $user->ID, 'mo_2fa_verify_otp_create_account' );
|
836 |
+
} else {
|
837 |
+
update_option( 'mo2f_message', 'Invalid OTP. Please try again.' );
|
838 |
+
$Mo2fdbQueries->update_user_details( $user->ID, array( 'mo_2factor_user_registration_status' => 'MO_2_FACTOR_OTP_DELIVERED_FAILURE' ) );
|
839 |
+
$this->mo_auth_show_error_message();
|
840 |
+
}
|
841 |
+
}
|
842 |
+
/*}else{
|
843 |
+
update_option('mo2f_message','The email is already used by other user. Please register with other email by clicking on Back button.');
|
844 |
+
$this->mo_auth_show_error_message();
|
845 |
+
}*/
|
846 |
+
}
|
847 |
+
|
848 |
+
if ( isset( $_POST['option'] ) and $_POST['option'] == "mo_2factor_send_query" ) { //Help me or support
|
849 |
+
$query = '';
|
850 |
+
if ( MO2f_Utility::mo2f_check_empty_or_null( $_POST['EMAIL_MANDATORY'] ) || MO2f_Utility::mo2f_check_empty_or_null( $_POST['query'] ) ) {
|
851 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "EMAIL_MANDATORY" ) );
|
852 |
+
$this->mo_auth_show_error_message();
|
853 |
+
|
854 |
+
return;
|
855 |
+
} else {
|
856 |
+
$query = sanitize_text_field( $_POST['query'] );
|
857 |
+
$email = sanitize_text_field( $_POST['EMAIL_MANDATORY'] );
|
858 |
+
$phone = sanitize_text_field( $_POST['query_phone'] );
|
859 |
+
$contact_us = new Customer_Setup();
|
860 |
+
$submited = json_decode( $contact_us->submit_contact_us( $email, $phone, $query ), true );
|
861 |
+
if ( json_last_error() == JSON_ERROR_NONE ) {
|
862 |
+
if ( is_array( $submited ) && array_key_exists( 'status', $submited ) && $submited['status'] == 'ERROR' ) {
|
863 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( $submited['message'] ) );
|
864 |
+
$this->mo_auth_show_error_message();
|
865 |
+
} else {
|
866 |
+
if ( $submited == false ) {
|
867 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_WHILE_SUBMITTING_QUERY" ) );
|
868 |
+
$this->mo_auth_show_error_message();
|
869 |
+
} else {
|
870 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "QUERY_SUBMITTED_SUCCESSFULLY" ) );
|
871 |
+
$this->mo_auth_show_success_message();
|
872 |
+
}
|
873 |
+
}
|
874 |
+
}
|
875 |
+
|
876 |
+
}
|
877 |
+
}
|
878 |
+
|
879 |
+
if ( isset( $_POST['option'] ) and $_POST['option'] == 'mo_auth_advanced_options_save' ) {
|
880 |
+
update_option( 'mo2f_enable_2fa_for_woocommerce', isset( $_POST['mo2f_enable_2fa_for_woocommerce'] ) ? $_POST['mo2f_enable_2fa_for_woocommerce'] : 0 );
|
881 |
+
update_option( 'mo2f_enable_custom_icon', isset( $_POST['mo2f_enable_custom_icon'] ) ? $_POST['mo2f_enable_custom_icon'] : 0 );
|
882 |
+
update_option( 'mo2f_custom_plugin_name', isset( $_POST['mo2f_custom_plugin_name'] ) ? $_POST['mo2f_custom_plugin_name'] : 'miniOrange 2-Factor' );
|
883 |
+
update_option( 'mo2f_message', 'Your settings are saved successfully.' );
|
884 |
+
$this->mo_auth_show_success_message();
|
885 |
+
}
|
886 |
+
|
887 |
+
if ( isset( $_POST['option'] ) and $_POST['option'] == 'mo_auth_login_settings_save' ) {
|
888 |
+
$mo_2factor_user_registration_status = $Mo2fdbQueries->get_user_detail( 'mo_2factor_user_registration_status', $user->ID );
|
889 |
+
if ( $mo_2factor_user_registration_status == 'MO_2_FACTOR_PLUGIN_SETTINGS' ) {
|
890 |
+
|
891 |
+
update_option( 'mo2f_login_option', isset( $_POST['mo2f_login_option'] ) ? $_POST['mo2f_login_option'] : 0 );
|
892 |
+
update_option( 'mo2f_remember_device', isset( $_POST['mo2f_remember_device'] ) ? $_POST['mo2f_remember_device'] : 0 );
|
893 |
+
if ( get_option( 'mo2f_login_option' ) == 0 ) {
|
894 |
+
|
895 |
+
update_option( 'mo2f_remember_device', 0 );
|
896 |
+
}
|
897 |
+
update_option( 'mo2f_enable_forgotphone', isset( $_POST['mo2f_forgotphone'] ) ? $_POST['mo2f_forgotphone'] : 0 );
|
898 |
+
update_option( 'mo2f_enable_login_with_2nd_factor', isset( $_POST['mo2f_login_with_username_and_2factor'] ) ? $_POST['mo2f_login_with_username_and_2factor'] : 0 );
|
899 |
+
update_option( 'mo2f_enable_xmlrpc', isset( $_POST['mo2f_enable_xmlrpc'] ) ? $_POST['mo2f_enable_xmlrpc'] : 0 );
|
900 |
+
|
901 |
+
|
902 |
+
if ( get_option( 'mo2f_remember_device' ) && ! get_option( 'mo2f_app_secret' ) ) {
|
903 |
+
$get_app_secret = new Miniorange_Rba_Attributes();
|
904 |
+
$rba_response = json_decode( $get_app_secret->mo2f_get_app_secret(), true ); //fetch app secret
|
905 |
+
if ( json_last_error() == JSON_ERROR_NONE ) {
|
906 |
+
if ( $rba_response['status'] == 'SUCCESS' ) {
|
907 |
+
update_option( 'mo2f_app_secret', $rba_response['appSecret'] );
|
908 |
+
} else {
|
909 |
+
update_option( 'mo2f_remember_device', 0 );
|
910 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_WHILE_SAVING_SETTINGS" ) );
|
911 |
+
$this->mo_auth_show_error_message();
|
912 |
+
}
|
913 |
+
} else {
|
914 |
+
update_option( 'mo2f_remember_device', 0 );
|
915 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_WHILE_SAVING_SETTINGS" ) );
|
916 |
+
$this->mo_auth_show_error_message();
|
917 |
+
}
|
918 |
+
}
|
919 |
+
|
920 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "SETTINGS_SAVED" ) );
|
921 |
+
$this->mo_auth_show_success_message();
|
922 |
+
|
923 |
+
} else {
|
924 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "INVALID_REQUEST" ) );
|
925 |
+
$this->mo_auth_show_error_message();
|
926 |
+
}
|
927 |
+
}
|
928 |
+
|
929 |
+
|
930 |
+
if ( isset( $_POST['option'] ) and $_POST['option'] == "mo_auth_sync_sms_transactions" ) {
|
931 |
+
$customer = new Customer_Setup();
|
932 |
+
$content = json_decode( $customer->get_customer_transactions( get_option( 'mo2f_customerKey' ), get_option( 'mo2f_api_key' ) ), true );
|
933 |
+
if ( ! array_key_exists( 'smsRemaining', $content ) ) {
|
934 |
+
$smsRemaining = 0;
|
935 |
+
} else {
|
936 |
+
$smsRemaining = $content['smsRemaining'];
|
937 |
+
|
938 |
+
if ( $smsRemaining == null ) {
|
939 |
+
$smsRemaining = 0;
|
940 |
+
}
|
941 |
+
}
|
942 |
+
|
943 |
+
update_option( 'mo2f_number_of_transactions', $smsRemaining );
|
944 |
+
}
|
945 |
+
|
946 |
+
|
947 |
+
}
|
948 |
+
|
949 |
+
if ( isset( $_POST['option'] ) and $_POST['option'] == 'mo2f_skip_feedback' ) {
|
950 |
+
|
951 |
+
//update_option( 'mo2f_feedback_form', 1 );
|
952 |
+
deactivate_plugins( '/miniorange-2-factor-authentication/miniorange_2_factor_settings.php' );
|
953 |
+
|
954 |
+
}
|
955 |
+
if ( isset( $_POST['mo2f_feedback'] ) and $_POST['mo2f_feedback'] == 'mo2f_feedback' ) {
|
956 |
+
|
957 |
+
$reasons_not_to_worry_about = array( "Upgrading to Premium", "Temporary deactivation - Testing" );
|
958 |
+
|
959 |
+
$message = 'Plugin Deactivated:';
|
960 |
+
|
961 |
+
if ( isset( $_POST['deactivate_plugin'] ) ) {
|
962 |
+
if ( $_POST['query_feedback'] == '' and $_POST['deactivate_plugin'] == 'Other Reasons:' ) {
|
963 |
+
// feedback add
|
964 |
+
update_option( 'mo2f_message', 'Please let us know the reason for deactivation so that we improve the user experience.' );
|
965 |
+
} else {
|
966 |
+
|
967 |
+
if ( ! in_array( $_POST['deactivate_plugin'], $reasons_not_to_worry_about ) ) {
|
968 |
+
|
969 |
+
$message .= $_POST['deactivate_plugin'];
|
970 |
+
|
971 |
+
if ( $_POST['query_feedback'] != '' ) {
|
972 |
+
$message .= ':' . $_POST['query_feedback'];
|
973 |
+
}
|
974 |
+
|
975 |
+
|
976 |
+
if($_POST['deactivate_plugin'] == "Conflicts with other plugins"){
|
977 |
+
$plugin_selected = $_POST['plugin_selected'];
|
978 |
+
$plugin = MO2f_Utility::get_plugin_name_by_identifier($plugin_selected);
|
979 |
+
|
980 |
+
$message .= ", Plugin selected - " . $plugin . ".";
|
981 |
+
}
|
982 |
+
|
983 |
+
$email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $user->ID );
|
984 |
+
if ( $email == '' ) {
|
985 |
+
$email = $user->user_email;
|
986 |
+
}
|
987 |
+
|
988 |
+
$phone = $Mo2fdbQueries->get_user_detail( 'mo2f_user_phone', $user->ID );;
|
989 |
+
|
990 |
+
$contact_us = new Customer_Setup();
|
991 |
+
$submited = json_decode( $contact_us->send_email_alert( $email, $phone, $message ), true );
|
992 |
+
|
993 |
+
if ( json_last_error() == JSON_ERROR_NONE ) {
|
994 |
+
if ( is_array( $submited ) && array_key_exists( 'status', $submited ) && $submited['status'] == 'ERROR' ) {
|
995 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( $submited['message'] ) );
|
996 |
+
$this->mo_auth_show_error_message();
|
997 |
+
} else {
|
998 |
+
if ( $submited == false ) {
|
999 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_WHILE_SUBMITTING_QUERY" ) );
|
1000 |
+
$this->mo_auth_show_error_message();
|
1001 |
+
} else {
|
1002 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "QUERY_SUBMITTED_SUCCESSFULLY" ) );
|
1003 |
+
$this->mo_auth_show_success_message();
|
1004 |
+
//update_option( 'mo2f_feedback_form', 1 );
|
1005 |
+
}
|
1006 |
+
}
|
1007 |
+
}
|
1008 |
+
}
|
1009 |
+
|
1010 |
+
//update_option( 'mo2f_feedback_form', 1 );
|
1011 |
+
deactivate_plugins( '/miniorange-2-factor-authentication/miniorange_2_factor_settings.php' );
|
1012 |
+
|
1013 |
+
}
|
1014 |
+
|
1015 |
+
} else {
|
1016 |
+
update_option( 'mo2f_message', 'Please Select one of the reasons if your reason isnot mention please select Other Reasons' );
|
1017 |
+
|
1018 |
+
}
|
1019 |
+
|
1020 |
+
}
|
1021 |
+
|
1022 |
+
if ( isset( $_POST['option'] ) and $_POST['option'] == "mo_2factor_resend_user_otp" ) { //resend OTP over email for additional admin and non-admin user
|
1023 |
+
$customer = new Customer_Setup();
|
1024 |
+
$content = json_decode( $customer->send_otp_token( get_user_meta( $user->ID, 'user_email', true ), 'EMAIL', get_option( 'mo2f_customerKey' ), get_option( 'mo2f_api_key' ) ), true );
|
1025 |
+
if ( strcasecmp( $content['status'], 'SUCCESS' ) == 0 ) {
|
1026 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "OTP_SENT" ) . ' <b>' . ( get_user_meta( $user->ID, 'user_email', true ) ) . '</b>. ' . Mo2fConstants:: langTranslate( "ENTER_OTP" ) );
|
1027 |
+
update_user_meta( $user->ID, 'mo_2fa_verify_otp_create_account', $content['txId'] );
|
1028 |
+
$mo_2factor_user_registration_status = 'MO_2_FACTOR_OTP_DELIVERED_SUCCESS';
|
1029 |
+
$Mo2fdbQueries->update_user_details( $user->ID, array( 'mo_2factor_user_registration_status' => $mo_2factor_user_registration_status ) );
|
1030 |
+
$this->mo_auth_show_success_message();
|
1031 |
+
} else {
|
1032 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_IN_SENDING_EMAIL" ) );
|
1033 |
+
$mo_2factor_user_registration_status = 'MO_2_FACTOR_OTP_DELIVERED_FAILURE';
|
1034 |
+
$Mo2fdbQueries->update_user_details( $user->ID, array( 'mo_2factor_user_registration_status' => $mo_2factor_user_registration_status ) );
|
1035 |
+
$this->mo_auth_show_error_message();
|
1036 |
+
|
1037 |
+
}
|
1038 |
+
|
1039 |
+
}
|
1040 |
+
|
1041 |
+
if ( isset( $_POST['option'] ) and ( $_POST['option'] == "mo2f_configure_miniorange_authenticator_validate" || $_POST['option'] == 'mo_auth_mobile_reconfiguration_complete' ) ) { //mobile registration successfully complete for all users
|
1042 |
+
|
1043 |
+
delete_option( 'mo2f_transactionId' );
|
1044 |
+
$session_variables = array( 'mo2f_qrCode', 'mo2f_transactionId', 'mo2f_show_qr_code' );
|
1045 |
+
MO2f_Utility::unset_session_variables( $session_variables );
|
1046 |
+
|
1047 |
+
$email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $user->ID );
|
1048 |
+
$TwoFA_method_to_configure = get_user_meta( $user->ID, 'mo2f_2FA_method_to_configure', true );
|
1049 |
+
$enduser = new Two_Factor_Setup();
|
1050 |
+
$current_method = MO2f_Utility::mo2f_decode_2_factor( $TwoFA_method_to_configure, "server" );
|
1051 |
+
|
1052 |
+
$response = json_decode( $enduser->mo2f_update_userinfo( $email, $current_method, null, null, null ), true );
|
1053 |
+
|
1054 |
+
if ( json_last_error() == JSON_ERROR_NONE ) { /* Generate Qr code */
|
1055 |
+
if ( $response['status'] == 'ERROR' ) {
|
1056 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( $response['message'] ) );
|
1057 |
+
|
1058 |
+
$this->mo_auth_show_error_message();
|
1059 |
+
|
1060 |
+
|
1061 |
+
} else if ( $response['status'] == 'SUCCESS' ) {
|
1062 |
+
|
1063 |
+
$selectedMethod = $TwoFA_method_to_configure;
|
1064 |
+
|
1065 |
+
delete_user_meta( $user->ID, 'mo2f_2FA_method_to_configure' );
|
1066 |
+
|
1067 |
+
|
1068 |
+
$Mo2fdbQueries->update_user_details( $user->ID, array(
|
1069 |
+
'mo2f_configured_2FA_method' => $selectedMethod,
|
1070 |
+
'mobile_registration_status' => true,
|
1071 |
+
'mo2f_miniOrangeQRCodeAuthentication_config_status' => true,
|
1072 |
+
'mo2f_miniOrangeSoftToken_config_status' => true,
|
1073 |
+
'mo2f_miniOrangePushNotification_config_status' => true,
|
1074 |
+
'user_registration_with_miniorange' => 'SUCCESS',
|
1075 |
+
'mo_2factor_user_registration_status' => 'MO_2_FACTOR_PLUGIN_SETTINGS'
|
1076 |
+
) );
|
1077 |
+
|
1078 |
+
$is_nc_with_unlimited_users = get_option( 'mo2f_is_NC' ) && ! get_option( 'mo2f_is_NNC' );
|
1079 |
+
|
1080 |
+
if ( ! $is_nc_with_unlimited_users && $selectedMethod == 'miniOrange Soft Token' ) {
|
1081 |
+
update_option( 'mo2f_enable_2fa_prompt_on_login_page', 1 );
|
1082 |
+
}
|
1083 |
+
|
1084 |
+
delete_user_meta( $user->ID, 'configure_2FA' );
|
1085 |
+
mo2f_display_test_2fa_notification($user);
|
1086 |
+
|
1087 |
+
} else {
|
1088 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_DURING_PROCESS" ) );
|
1089 |
+
$this->mo_auth_show_error_message();
|
1090 |
+
|
1091 |
+
}
|
1092 |
+
|
1093 |
+
} else {
|
1094 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "INVALID_REQ" ) );
|
1095 |
+
$this->mo_auth_show_error_message();
|
1096 |
+
}
|
1097 |
+
|
1098 |
+
}
|
1099 |
+
|
1100 |
+
if ( isset( $_POST['option'] ) and $_POST['option'] == 'mo2f_mobile_authenticate_success' ) { // mobile registration for all users(common)
|
1101 |
+
if ( current_user_can( 'manage_options' ) ) {
|
1102 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "COMPLETED_TEST" ) );
|
1103 |
+
} else {
|
1104 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "COMPLETED_TEST" ) );
|
1105 |
+
}
|
1106 |
+
|
1107 |
+
$session_variables = array( 'mo2f_qrCode', 'mo2f_transactionId', 'mo2f_show_qr_code' );
|
1108 |
+
MO2f_Utility::unset_session_variables( $session_variables );
|
1109 |
+
|
1110 |
+
delete_user_meta( $user->ID, 'test_2FA' );
|
1111 |
+
$this->mo_auth_show_success_message();
|
1112 |
+
|
1113 |
+
}
|
1114 |
+
|
1115 |
+
if ( isset( $_POST['option'] ) and $_POST['option'] == 'mo2f_mobile_authenticate_error' ) { //mobile registration failed for all users(common)
|
1116 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "AUTHENTICATION_FAILED" ) );
|
1117 |
+
MO2f_Utility::unset_session_variables( 'mo2f_show_qr_code' );
|
1118 |
+
$this->mo_auth_show_error_message();
|
1119 |
+
|
1120 |
+
}
|
1121 |
+
|
1122 |
+
if ( isset( $_POST['option'] ) and $_POST['option'] == "mo_auth_setting_configuration" ) // redirect to setings page
|
1123 |
+
{
|
1124 |
+
$Mo2fdbQueries->update_user_details( $user->ID, array( 'mo_2factor_user_registration_status' => 'MO_2_FACTOR_PLUGIN_SETTINGS' ) );
|
1125 |
+
|
1126 |
+
}
|
1127 |
+
|
1128 |
+
if ( isset( $_POST['option'] ) and $_POST['option'] == "mo_auth_refresh_mobile_qrcode" ) { // refrsh Qrcode for all users
|
1129 |
+
|
1130 |
+
$mo_2factor_user_registration_status = $Mo2fdbQueries->get_user_detail( 'mo_2factor_user_registration_status', $user->ID );
|
1131 |
+
if ( in_array( $mo_2factor_user_registration_status, array(
|
1132 |
+
'MO_2_FACTOR_INITIALIZE_TWO_FACTOR',
|
1133 |
+
'MO_2_FACTOR_INITIALIZE_MOBILE_REGISTRATION',
|
1134 |
+
'MO_2_FACTOR_PLUGIN_SETTINGS'
|
1135 |
+
) ) ) {
|
1136 |
+
$email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $user->ID );
|
1137 |
+
$this->mo2f_get_qr_code_for_mobile( $email, $user->ID );
|
1138 |
+
} else {
|
1139 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "REGISTER_WITH_MO" ) );
|
1140 |
+
$this->mo_auth_show_error_message();
|
1141 |
+
|
1142 |
+
}
|
1143 |
+
}
|
1144 |
+
|
1145 |
+
if ( isset( $_POST['mo2fa_register_to_upgrade_nonce'] ) ) { //registration with miniOrange for upgrading
|
1146 |
+
$nonce = $_POST['mo2fa_register_to_upgrade_nonce'];
|
1147 |
+
if ( ! wp_verify_nonce( $nonce, 'miniorange-2-factor-user-reg-to-upgrade-nonce' ) ) {
|
1148 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "INVALID_REQ" ) );
|
1149 |
+
} else {
|
1150 |
+
$requestOrigin = $_POST['requestOrigin'];
|
1151 |
+
update_option( 'mo2f_customer_selected_plan', $requestOrigin );
|
1152 |
+
header( 'Location: admin.php?page=miniOrange_2_factor_settings&mo2f_tab=2factor_setup' );
|
1153 |
+
|
1154 |
+
}
|
1155 |
+
}
|
1156 |
+
|
1157 |
+
if ( isset( $_POST['miniorange_get_started'] ) && isset( $_POST['miniorange_user_reg_nonce'] ) ) { //registration with miniOrange for additional admin and non-admin
|
1158 |
+
$nonce = $_POST['miniorange_user_reg_nonce'];
|
1159 |
+
$Mo2fdbQueries->insert_user( $user_id, array( 'user_id' => $user_id ) );
|
1160 |
+
if ( ! wp_verify_nonce( $nonce, 'miniorange-2-factor-user-reg-nonce' ) ) {
|
1161 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "INVALID_REQ" ) );
|
1162 |
+
} else {
|
1163 |
+
$email = '';
|
1164 |
+
if ( MO2f_Utility::mo2f_check_empty_or_null( $_POST['mo_useremail'] ) ) {
|
1165 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ENTER_EMAILID" ) );
|
1166 |
+
|
1167 |
+
return;
|
1168 |
+
} else {
|
1169 |
+
$email = sanitize_email( $_POST['mo_useremail'] );
|
1170 |
+
}
|
1171 |
+
|
1172 |
+
if ( ! MO2f_Utility::check_if_email_is_already_registered( $email ) ) {
|
1173 |
+
update_user_meta( $user->ID, 'user_email', $email );
|
1174 |
+
|
1175 |
+
$enduser = new Two_Factor_Setup();
|
1176 |
+
$check_user = json_decode( $enduser->mo_check_user_already_exist( $email ), true );
|
1177 |
+
|
1178 |
+
if ( json_last_error() == JSON_ERROR_NONE ) {
|
1179 |
+
if ( $check_user['status'] == 'ERROR' ) {
|
1180 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( $check_user['message'] ) );
|
1181 |
+
$this->mo_auth_show_error_message();
|
1182 |
+
|
1183 |
+
return;
|
1184 |
+
} else if ( strcasecmp( $check_user['status'], 'USER_FOUND_UNDER_DIFFERENT_CUSTOMER' ) == 0 ) {
|
1185 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "EMAIL_IN_USE" ) );
|
1186 |
+
$this->mo_auth_show_error_message();
|
1187 |
+
|
1188 |
+
return;
|
1189 |
+
} else if ( strcasecmp( $check_user['status'], 'USER_FOUND' ) == 0 || strcasecmp( $check_user['status'], 'USER_NOT_FOUND' ) == 0 ) {
|
1190 |
+
|
1191 |
+
|
1192 |
+
$enduser = new Customer_Setup();
|
1193 |
+
$content = json_decode( $enduser->send_otp_token( $email, 'EMAIL', get_option( 'mo2f_customerKey' ), get_option( 'mo2f_api_key' ) ), true );
|
1194 |
+
if ( strcasecmp( $content['status'], 'SUCCESS' ) == 0 ) {
|
1195 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "OTP_SENT" ) . ' <b>' . ( $email ) . '</b>. ' . Mo2fConstants:: langTranslate( "ENTER_OTP" ) );
|
1196 |
+
$_SESSION['mo2f_transactionId'] = $content['txId'];
|
1197 |
+
update_option( 'mo2f_transactionId', $content['txId'] );
|
1198 |
+
$mo_2factor_user_registration_status = 'MO_2_FACTOR_OTP_DELIVERED_SUCCESS';
|
1199 |
+
$Mo2fdbQueries->update_user_details( $user->ID, array( 'mo_2factor_user_registration_status' => $mo_2factor_user_registration_status ) );
|
1200 |
+
update_user_meta( $user->ID, 'mo_2fa_verify_otp_create_account', $content['txId'] );
|
1201 |
+
$this->mo_auth_show_success_message();
|
1202 |
+
} else {
|
1203 |
+
$mo_2factor_user_registration_status = 'MO_2_FACTOR_OTP_DELIVERED_FAILURE';
|
1204 |
+
$Mo2fdbQueries->update_user_details( $user->ID, array( 'mo_2factor_user_registration_status' => $mo_2factor_user_registration_status ) );
|
1205 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_IN_SENDING_OTP_OVER_EMAIL" ) );
|
1206 |
+
$this->mo_auth_show_error_message();
|
1207 |
+
}
|
1208 |
+
|
1209 |
+
|
1210 |
+
}
|
1211 |
+
}
|
1212 |
+
} else {
|
1213 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "EMAIL_IN_USE" ) );
|
1214 |
+
$this->mo_auth_show_error_message();
|
1215 |
+
}
|
1216 |
+
}
|
1217 |
+
}
|
1218 |
+
|
1219 |
+
|
1220 |
+
if ( isset( $_POST['option'] ) and $_POST['option'] == 'mo_2factor_backto_user_registration' ) { //back to registration page for additional admin and non-admin
|
1221 |
+
delete_user_meta( $user->ID, 'user_email' );
|
1222 |
+
$Mo2fdbQueries->delete_user_details( $user->ID );
|
1223 |
+
MO2f_Utility::unset_session_variables( 'mo2f_transactionId' );
|
1224 |
+
delete_option( 'mo2f_transactionId' );
|
1225 |
+
|
1226 |
+
|
1227 |
+
}
|
1228 |
+
|
1229 |
+
if ( isset( $_POST['option'] ) && $_POST['option'] == 'mo2f_validate_soft_token' ) { // validate Soft Token during test for all users
|
1230 |
+
$otp_token = '';
|
1231 |
+
if ( MO2f_Utility::mo2f_check_empty_or_null( $_POST['otp_token'] ) ) {
|
1232 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ENTER_VALUE" ) );
|
1233 |
+
$this->mo_auth_show_error_message();
|
1234 |
+
|
1235 |
+
return;
|
1236 |
+
} else {
|
1237 |
+
$otp_token = sanitize_text_field( $_POST['otp_token'] );
|
1238 |
+
}
|
1239 |
+
$email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $user->ID );
|
1240 |
+
$customer = new Customer_Setup();
|
1241 |
+
$content = json_decode( $customer->validate_otp_token( 'SOFT TOKEN', $email, null, $otp_token, get_option( 'mo2f_customerKey' ), get_option( 'mo2f_api_key' ) ), true );
|
1242 |
+
if ( $content['status'] == 'ERROR' ) {
|
1243 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( $content['message'] ) );
|
1244 |
+
$this->mo_auth_show_error_message();
|
1245 |
+
} else {
|
1246 |
+
if ( strcasecmp( $content['status'], 'SUCCESS' ) == 0 ) { //OTP validated and generate QRCode
|
1247 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "COMPLETED_TEST" ) );
|
1248 |
+
|
1249 |
+
delete_user_meta( $user->ID, 'test_2FA' );
|
1250 |
+
$this->mo_auth_show_success_message();
|
1251 |
+
|
1252 |
+
|
1253 |
+
} else { // OTP Validation failed.
|
1254 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "INVALID_OTP" ) );
|
1255 |
+
$this->mo_auth_show_error_message();
|
1256 |
+
|
1257 |
+
}
|
1258 |
+
}
|
1259 |
+
}
|
1260 |
+
|
1261 |
+
if ( isset( $_POST['option'] ) && $_POST['option'] == 'mo2f_validate_otp_over_sms' ) { //validate otp over sms and phone call during test for all users
|
1262 |
+
$otp_token = '';
|
1263 |
+
if ( MO2f_Utility::mo2f_check_empty_or_null( $_POST['otp_token'] ) ) {
|
1264 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ENTER_VALUE" ) );
|
1265 |
+
$this->mo_auth_show_error_message();
|
1266 |
+
|
1267 |
+
return;
|
1268 |
+
} else {
|
1269 |
+
$otp_token = sanitize_text_field( $_POST['otp_token'] );
|
1270 |
+
}
|
1271 |
+
|
1272 |
+
//if the php session folder has insufficient permissions, temporary options to be used
|
1273 |
+
$mo2f_transactionId = isset( $_SESSION['mo2f_transactionId'] ) && ! empty( $_SESSION['mo2f_transactionId'] ) ? $_SESSION['mo2f_transactionId'] : get_option( 'mo2f_transactionId' );
|
1274 |
+
$email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $user->ID );
|
1275 |
+
$selected_2_2factor_method = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $user->ID );
|
1276 |
+
$customer = new Customer_Setup();
|
1277 |
+
$content = json_decode( $customer->validate_otp_token( get_user_meta( $user->ID, 'mo2f_2FA_method_to_configure', true ), $email, $mo2f_transactionId, $otp_token, get_option( 'mo2f_customerKey' ), get_option( 'mo2f_api_key' ) ), true );
|
1278 |
+
|
1279 |
+
if ( $content['status'] == 'ERROR' ) {
|
1280 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( $content['message'] ) );
|
1281 |
+
$this->mo_auth_show_error_message();
|
1282 |
+
} else {
|
1283 |
+
if ( strcasecmp( $content['status'], 'SUCCESS' ) == 0 ) { //OTP validated
|
1284 |
+
if ( current_user_can( 'manage_options' ) ) {
|
1285 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "COMPLETED_TEST" ) );
|
1286 |
+
} else {
|
1287 |
+
update_option( 'mo2f_message', Mo2fConstants::langTranslate( "COMPLETED_TEST" ) );
|
1288 |
+
}
|
1289 |
+
|
1290 |
+
delete_user_meta( $user->ID, 'test_2FA' );
|
1291 |
+
$this->mo_auth_show_success_message();
|
1292 |
+
|
1293 |
+
} else {
|
1294 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "INVALID_OTP" ) );
|
1295 |
+
$this->mo_auth_show_error_message();
|
1296 |
+
}
|
1297 |
+
|
1298 |
+
}
|
1299 |
+
}
|
1300 |
+
|
1301 |
+
if ( isset( $_POST['option'] ) && $_POST['option'] == 'mo2f_out_of_band_success' ) {
|
1302 |
+
|
1303 |
+
$mo2f_configured_2FA_method = $Mo2fdbQueries->get_user_detail( 'mo2f_configured_2FA_method', $user->ID );
|
1304 |
+
$mo2f_EmailVerification_config_status = $Mo2fdbQueries->get_user_detail( 'mo2f_EmailVerification_config_status', $user->ID );
|
1305 |
+
if ( ! current_user_can( 'manage_options' ) && $mo2f_configured_2FA_method == 'OUT OF BAND EMAIL' ) {
|
1306 |
+
if ( $mo2f_EmailVerification_config_status ) {
|
1307 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "COMPLETED_TEST" ) );
|
1308 |
+
} else {
|
1309 |
+
$email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $user->ID );
|
1310 |
+
$enduser = new Two_Factor_Setup();
|
1311 |
+
$response = json_decode( $enduser->mo2f_update_userinfo( $email, $mo2f_configured_2FA_method, null, null, null ), true );
|
1312 |
+
update_option( 'mo2f_message', '<b> ' . Mo2fConstants:: langTranslate( "EMAIL_VERFI" ) . '</b> ' . Mo2fConstants:: langTranslate( "SET_AS_2ND_FACTOR" ) );
|
1313 |
+
}
|
1314 |
+
} else {
|
1315 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "COMPLETED_TEST" ) );
|
1316 |
+
}
|
1317 |
+
delete_user_meta( $user->ID, 'test_2FA' );
|
1318 |
+
$Mo2fdbQueries->update_user_details( $user->ID, array(
|
1319 |
+
'mo_2factor_user_registration_status' => 'MO_2_FACTOR_PLUGIN_SETTINGS',
|
1320 |
+
'mo2f_EmailVerification_config_status' => true
|
1321 |
+
) );
|
1322 |
+
|
1323 |
+
$this->mo_auth_show_success_message();
|
1324 |
+
|
1325 |
+
|
1326 |
+
}
|
1327 |
+
|
1328 |
+
if ( isset( $_POST['option'] ) and $_POST['option'] == 'mo2f_out_of_band_error' ) { //push and out of band email denied
|
1329 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "DENIED_REQUEST" ) );
|
1330 |
+
delete_user_meta( $user->ID, 'test_2FA' );
|
1331 |
+
$Mo2fdbQueries->update_user_details( $user->ID, array(
|
1332 |
+
'mo_2factor_user_registration_status' => 'MO_2_FACTOR_PLUGIN_SETTINGS',
|
1333 |
+
'mo2f_EmailVerification_config_status' => true
|
1334 |
+
) );
|
1335 |
+
$this->mo_auth_show_error_message();
|
1336 |
+
|
1337 |
+
}
|
1338 |
+
|
1339 |
+
if ( isset( $_POST['option'] ) && $_POST['option'] == 'mo2f_validate_google_authy_test' ) {
|
1340 |
+
|
1341 |
+
$otp_token = '';
|
1342 |
+
if ( MO2f_Utility::mo2f_check_empty_or_null( $_POST['otp_token'] ) ) {
|
1343 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ENTER_VALUE" ) );
|
1344 |
+
$this->mo_auth_show_error_message();
|
1345 |
+
|
1346 |
+
return;
|
1347 |
+
} else {
|
1348 |
+
$otp_token = sanitize_text_field( $_POST['otp_token'] );
|
1349 |
+
}
|
1350 |
+
$email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $user->ID );
|
1351 |
+
$customer = new Customer_Setup();
|
1352 |
+
$content = json_decode( $customer->validate_otp_token( 'GOOGLE AUTHENTICATOR', $email, null, $otp_token, get_option( 'mo2f_customerKey' ), get_option( 'mo2f_api_key' ) ), true );
|
1353 |
+
if ( json_last_error() == JSON_ERROR_NONE ) {
|
1354 |
+
|
1355 |
+
if ( strcasecmp( $content['status'], 'SUCCESS' ) == 0 ) { //Google OTP validated
|
1356 |
+
|
1357 |
+
if ( current_user_can( 'manage_options' ) ) {
|
1358 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "COMPLETED_TEST" ) );
|
1359 |
+
} else {
|
1360 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "COMPLETED_TEST" ) );
|
1361 |
+
}
|
1362 |
+
|
1363 |
+
delete_user_meta( $user->ID, 'test_2FA' );
|
1364 |
+
$this->mo_auth_show_success_message();
|
1365 |
+
|
1366 |
+
|
1367 |
+
} else { // OTP Validation failed.
|
1368 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "INVALID_OTP" ) );
|
1369 |
+
$this->mo_auth_show_error_message();
|
1370 |
+
|
1371 |
+
}
|
1372 |
+
} else {
|
1373 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_WHILE_VALIDATING_OTP" ) );
|
1374 |
+
$this->mo_auth_show_error_message();
|
1375 |
+
|
1376 |
+
}
|
1377 |
+
}
|
1378 |
+
|
1379 |
+
if ( isset( $_POST['option'] ) && $_POST['option'] == 'mo2f_configure_google_authenticator_validate' ) {
|
1380 |
+
$otpToken = $_POST['google_token'];
|
1381 |
+
$ga_secret = isset( $_POST['google_auth_secret'] ) ? $_POST['google_auth_secret'] : null;
|
1382 |
+
if ( MO2f_Utility::mo2f_check_number_length( $otpToken ) ) {
|
1383 |
+
$email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $user->ID );
|
1384 |
+
$google_auth = new Miniorange_Rba_Attributes();
|
1385 |
+
$google_response = json_decode( $google_auth->mo2f_validate_google_auth( $email, $otpToken, $ga_secret ), true );
|
1386 |
+
if ( json_last_error() == JSON_ERROR_NONE ) {
|
1387 |
+
if ( $google_response['status'] == 'SUCCESS' ) {
|
1388 |
+
$enduser = new Two_Factor_Setup();
|
1389 |
+
$response = json_decode( $enduser->mo2f_update_userinfo( $email, "GOOGLE AUTHENTICATOR", null, null, null ), true );
|
1390 |
+
|
1391 |
+
|
1392 |
+
if ( json_last_error() == JSON_ERROR_NONE ) {
|
1393 |
+
|
1394 |
+
if ( $response['status'] == 'SUCCESS' ) {
|
1395 |
+
|
1396 |
+
delete_user_meta( $user->ID, 'mo2f_2FA_method_to_configure' );
|
1397 |
+
|
1398 |
+
delete_user_meta( $user->ID, 'configure_2FA' );
|
1399 |
+
|
1400 |
+
$Mo2fdbQueries->update_user_details( $user->ID, array(
|
1401 |
+
'mo2f_GoogleAuthenticator_config_status' => true,
|
1402 |
+
'mo2f_AuthyAuthenticator_config_status' => false,
|
1403 |
+
'mo2f_configured_2FA_method' => "Google Authenticator",
|
1404 |
+
'user_registration_with_miniorange' => 'SUCCESS',
|
1405 |
+
'mo_2factor_user_registration_status' => 'MO_2_FACTOR_PLUGIN_SETTINGS'
|
1406 |
+
) );
|
1407 |
+
|
1408 |
+
update_user_meta( $user->ID, 'mo2f_external_app_type', "Google Authenticator" );
|
1409 |
+
mo2f_display_test_2fa_notification($user);
|
1410 |
+
|
1411 |
+
} else {
|
1412 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_DURING_PROCESS" ) );
|
1413 |
+
$this->mo_auth_show_error_message();
|
1414 |
+
|
1415 |
+
}
|
1416 |
+
} else {
|
1417 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_DURING_PROCESS" ) );
|
1418 |
+
$this->mo_auth_show_error_message();
|
1419 |
+
|
1420 |
+
}
|
1421 |
+
} else {
|
1422 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_IN_SENDING_OTP_CAUSES" ) . '<br>1. ' . Mo2fConstants:: langTranslate( "INVALID_OTP" ) . '<br>2. ' . Mo2fConstants:: langTranslate( "APP_TIME_SYNC" ) );
|
1423 |
+
$this->mo_auth_show_error_message();
|
1424 |
+
|
1425 |
+
}
|
1426 |
+
} else {
|
1427 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_WHILE_VALIDATING_USER" ) );
|
1428 |
+
$this->mo_auth_show_error_message();
|
1429 |
+
|
1430 |
+
}
|
1431 |
+
} else {
|
1432 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ONLY_DIGITS_ALLOWED" ) );
|
1433 |
+
$this->mo_auth_show_error_message();
|
1434 |
+
|
1435 |
+
}
|
1436 |
+
}
|
1437 |
+
|
1438 |
+
|
1439 |
+
if ( isset( $_POST['option'] ) && $_POST['option'] == 'mo2f_configure_authy_authenticator' ) {
|
1440 |
+
$authy = new Miniorange_Rba_Attributes();
|
1441 |
+
$user_email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $user->ID );
|
1442 |
+
$authy_response = json_decode( $authy->mo2f_google_auth_service( $user_email ), true );
|
1443 |
+
if ( json_last_error() == JSON_ERROR_NONE ) {
|
1444 |
+
if ( $authy_response['status'] == 'SUCCESS' ) {
|
1445 |
+
$mo2f_authy_keys = array();
|
1446 |
+
$mo2f_authy_keys['authy_qrCode'] = $authy_response['qrCodeData'];
|
1447 |
+
$mo2f_authy_keys['mo2f_authy_secret'] = $authy_response['secret'];
|
1448 |
+
$_SESSION['mo2f_authy_keys'] = $mo2f_authy_keys;
|
1449 |
+
} else {
|
1450 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_DURING_USER_REGISTRATION" ) );
|
1451 |
+
$this->mo_auth_show_error_message();
|
1452 |
+
}
|
1453 |
+
} else {
|
1454 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_DURING_USER_REGISTRATION" ) );
|
1455 |
+
$this->mo_auth_show_error_message();
|
1456 |
+
}
|
1457 |
+
}
|
1458 |
+
|
1459 |
+
if ( isset( $_POST['option'] ) && $_POST['option'] == 'mo2f_configure_authy_authenticator_validate' ) {
|
1460 |
+
$otpToken = $_POST['mo2f_authy_token'];
|
1461 |
+
$authy_secret = isset( $_POST['mo2f_authy_secret'] ) ? $_POST['mo2f_authy_secret'] : null;
|
1462 |
+
if ( MO2f_Utility::mo2f_check_number_length( $otpToken ) ) {
|
1463 |
+
$email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $user->ID );
|
1464 |
+
$authy_auth = new Miniorange_Rba_Attributes();
|
1465 |
+
$authy_response = json_decode( $authy_auth->mo2f_validate_google_auth( $email, $otpToken, $authy_secret ), true );
|
1466 |
+
if ( json_last_error() == JSON_ERROR_NONE ) {
|
1467 |
+
if ( $authy_response['status'] == 'SUCCESS' ) {
|
1468 |
+
$enduser = new Two_Factor_Setup();
|
1469 |
+
$response = json_decode( $enduser->mo2f_update_userinfo( $email, 'GOOGLE AUTHENTICATOR', null, null, null ), true );
|
1470 |
+
if ( json_last_error() == JSON_ERROR_NONE ) {
|
1471 |
+
|
1472 |
+
if ( $response['status'] == 'SUCCESS' ) {
|
1473 |
+
$Mo2fdbQueries->update_user_details( $user->ID, array(
|
1474 |
+
'mo2f_GoogleAuthenticator_config_status' => false,
|
1475 |
+
'mo2f_AuthyAuthenticator_config_status' => true,
|
1476 |
+
'mo2f_configured_2FA_method' => "Authy Authenticator",
|
1477 |
+
'user_registration_with_miniorange' => 'SUCCESS',
|
1478 |
+
'mo_2factor_user_registration_status' => 'MO_2_FACTOR_PLUGIN_SETTINGS'
|
1479 |
+
) );
|
1480 |
+
update_user_meta( $user->ID, 'mo2f_external_app_type', "Authy Authenticator" );
|
1481 |
+
delete_user_meta( $user->ID, 'mo2f_2FA_method_to_configure' );
|
1482 |
+
delete_user_meta( $user->ID, 'configure_2FA' );
|
1483 |
+
update_option( 'mo2f_enable_2fa_prompt_on_login_page', 1 );
|
1484 |
+
mo2f_display_test_2fa_notification($user);
|
1485 |
+
|
1486 |
+
} else {
|
1487 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_DURING_PROCESS" ) );
|
1488 |
+
$this->mo_auth_show_error_message();
|
1489 |
+
}
|
1490 |
+
} else {
|
1491 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_DURING_PROCESS" ) );
|
1492 |
+
$this->mo_auth_show_error_message();
|
1493 |
+
}
|
1494 |
+
} else {
|
1495 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_IN_SENDING_OTP_CAUSES" ) . '<br>1. ' . Mo2fConstants:: langTranslate( "INVALID_OTP" ) . '<br>2. ' . Mo2fConstants:: langTranslate( "APP_TIME_SYNC" ) );
|
1496 |
+
$this->mo_auth_show_error_message();
|
1497 |
+
}
|
1498 |
+
} else {
|
1499 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_WHILE_VALIDATING_USER" ) );
|
1500 |
+
$this->mo_auth_show_error_message();
|
1501 |
+
}
|
1502 |
+
} else {
|
1503 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ONLY_DIGITS_ALLOWED" ) );
|
1504 |
+
$this->mo_auth_show_error_message();
|
1505 |
+
}
|
1506 |
+
}
|
1507 |
+
|
1508 |
+
if ( isset( $_POST['option'] ) && $_POST['option'] == 'mo2f_save_kba' ) {
|
1509 |
+
|
1510 |
+
if ( MO2f_Utility::mo2f_check_empty_or_null( $_POST['mo2f_kbaquestion_1'] ) || MO2f_Utility::mo2f_check_empty_or_null( $_POST['mo2f_kba_ans1'] ) || MO2f_Utility::mo2f_check_empty_or_null( $_POST['mo2f_kbaquestion_2'] ) || MO2f_Utility::mo2f_check_empty_or_null( $_POST['mo2f_kba_ans2'] ) || MO2f_Utility::mo2f_check_empty_or_null( $_POST['mo2f_kbaquestion_3'] ) || MO2f_Utility::mo2f_check_empty_or_null( $_POST['mo2f_kba_ans3'] ) ) {
|
1511 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "INVALID_ENTRY" ) );
|
1512 |
+
$this->mo_auth_show_error_message();
|
1513 |
+
|
1514 |
+
|
1515 |
+
return;
|
1516 |
+
}
|
1517 |
+
|
1518 |
+
$kba_q1 = $_POST['mo2f_kbaquestion_1'];
|
1519 |
+
$kba_a1 = sanitize_text_field( $_POST['mo2f_kba_ans1'] );
|
1520 |
+
$kba_q2 = $_POST['mo2f_kbaquestion_2'];
|
1521 |
+
$kba_a2 = sanitize_text_field( $_POST['mo2f_kba_ans2'] );
|
1522 |
+
$kba_q3 = sanitize_text_field( $_POST['mo2f_kbaquestion_3'] );
|
1523 |
+
$kba_a3 = sanitize_text_field( $_POST['mo2f_kba_ans3'] );
|
1524 |
+
|
1525 |
+
|
1526 |
+
if ( strcasecmp( $kba_q1, $kba_q2 ) == 0 || strcasecmp( $kba_q2, $kba_q3 ) == 0 || strcasecmp( $kba_q3, $kba_q1 ) == 0 ) {
|
1527 |
+
update_option( 'mo2f_message', 'The questions you select must be unique.' );
|
1528 |
+
$this->mo_auth_show_error_message();
|
1529 |
+
|
1530 |
+
|
1531 |
+
return;
|
1532 |
+
}
|
1533 |
+
$kba_q1 = addcslashes( stripslashes( $kba_q1 ), '"\\' );
|
1534 |
+
$kba_a1 = addcslashes( stripslashes( $kba_a1 ), '"\\' );
|
1535 |
+
$kba_q2 = addcslashes( stripslashes( $kba_q2 ), '"\\' );
|
1536 |
+
$kba_a2 = addcslashes( stripslashes( $kba_a2 ), '"\\' );
|
1537 |
+
$kba_q3 = addcslashes( stripslashes( $kba_q3 ), '"\\' );
|
1538 |
+
$kba_a3 = addcslashes( stripslashes( $kba_a3 ), '"\\' );
|
1539 |
+
|
1540 |
+
$email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $user->ID );
|
1541 |
+
$kba_registration = new Two_Factor_Setup();
|
1542 |
+
$kba_reg_reponse = json_decode( $kba_registration->register_kba_details( $email, $kba_q1, $kba_a1, $kba_q2, $kba_a2, $kba_q3, $kba_a3 ), true );
|
1543 |
+
if ( json_last_error() == JSON_ERROR_NONE ) {
|
1544 |
+
if ( $kba_reg_reponse['status'] == 'SUCCESS' ) {
|
1545 |
+
if ( isset( $_POST['mobile_kba_option'] ) && $_POST['mobile_kba_option'] == 'mo2f_request_for_kba_as_emailbackup' ) {
|
1546 |
+
MO2f_Utility::unset_session_variables( 'mo2f_mobile_support' );
|
1547 |
+
|
1548 |
+
delete_user_meta( $user->ID, 'configure_2FA' );
|
1549 |
+
delete_user_meta( $user->ID, 'mo2f_2FA_method_to_configure' );
|
1550 |
+
|
1551 |
+
$message = mo2f_lt( 'Your KBA as alternate 2 factor is configured successfully.' );
|
1552 |
+
update_option( 'mo2f_message', $message );
|
1553 |
+
$this->mo_auth_show_success_message();
|
1554 |
+
|
1555 |
+
} else {
|
1556 |
+
$enduser = new Two_Factor_Setup();
|
1557 |
+
$response = json_decode( $enduser->mo2f_update_userinfo( $email, 'KBA', null, null, null ), true );
|
1558 |
+
if ( json_last_error() == JSON_ERROR_NONE ) {
|
1559 |
+
if ( $response['status'] == 'ERROR' ) {
|
1560 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( $response['message'] ) );
|
1561 |
+
$this->mo_auth_show_error_message();
|
1562 |
+
|
1563 |
+
} else if ( $response['status'] == 'SUCCESS' ) {
|
1564 |
+
delete_user_meta( $user->ID, 'configure_2FA' );
|
1565 |
+
|
1566 |
+
$Mo2fdbQueries->update_user_details( $user->ID, array(
|
1567 |
+
'mo2f_SecurityQuestions_config_status' => true,
|
1568 |
+
'mo2f_configured_2FA_method' => "Security Questions",
|
1569 |
+
'mo_2factor_user_registration_status' => "MO_2_FACTOR_PLUGIN_SETTINGS"
|
1570 |
+
) );
|
1571 |
+
|
1572 |
+
mo2f_display_test_2fa_notification($user);
|
1573 |
+
|
1574 |
+
} else {
|
1575 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_DURING_PROCESS" ) );
|
1576 |
+
$this->mo_auth_show_error_message();
|
1577 |
+
|
1578 |
+
}
|
1579 |
+
} else {
|
1580 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "INVALID_REQ" ) );
|
1581 |
+
$this->mo_auth_show_error_message();
|
1582 |
+
|
1583 |
+
}
|
1584 |
+
}
|
1585 |
+
} else {
|
1586 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_WHILE_SAVING_KBA" ) );
|
1587 |
+
$this->mo_auth_show_error_message();
|
1588 |
+
|
1589 |
+
|
1590 |
+
return;
|
1591 |
+
}
|
1592 |
+
} else {
|
1593 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_WHILE_SAVING_KBA" ) );
|
1594 |
+
$this->mo_auth_show_error_message();
|
1595 |
+
|
1596 |
+
|
1597 |
+
return;
|
1598 |
+
}
|
1599 |
+
|
1600 |
+
}
|
1601 |
+
|
1602 |
+
|
1603 |
+
if ( isset( $_POST['option'] ) && $_POST['option'] == 'mo2f_validate_kba_details' ) {
|
1604 |
+
|
1605 |
+
$kba_ans_1 = '';
|
1606 |
+
$kba_ans_2 = '';
|
1607 |
+
if ( MO2f_Utility::mo2f_check_empty_or_null( $_POST['mo2f_answer_1'] ) || MO2f_Utility::mo2f_check_empty_or_null( $_POST['mo2f_answer_1'] ) ) {
|
1608 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "INVALID_ENTRY" ) );
|
1609 |
+
$this->mo_auth_show_error_message();
|
1610 |
+
|
1611 |
+
return;
|
1612 |
+
} else {
|
1613 |
+
$kba_ans_1 = sanitize_text_field( $_POST['mo2f_answer_1'] );
|
1614 |
+
$kba_ans_2 = sanitize_text_field( $_POST['mo2f_answer_2'] );
|
1615 |
+
}
|
1616 |
+
|
1617 |
+
//if the php session folder has insufficient permissions, temporary options to be used
|
1618 |
+
$kba_questions = isset( $_SESSION['mo_2_factor_kba_questions'] ) && ! empty( $_SESSION['mo_2_factor_kba_questions'] ) ? $_SESSION['mo_2_factor_kba_questions'] : get_option( 'kba_questions' );
|
1619 |
+
|
1620 |
+
$kbaAns = array();
|
1621 |
+
$kbaAns[0] = $kba_questions[0];
|
1622 |
+
$kbaAns[1] = $kba_ans_1;
|
1623 |
+
$kbaAns[2] = $kba_questions[1];
|
1624 |
+
$kbaAns[3] = $kba_ans_2;
|
1625 |
+
|
1626 |
+
//if the php session folder has insufficient permissions, temporary options to be used
|
1627 |
+
$mo2f_transactionId = isset( $_SESSION['mo2f_transactionId'] ) && ! empty( $_SESSION['mo2f_transactionId'] ) ? $_SESSION['mo2f_transactionId'] : get_option( 'mo2f_transactionId' );
|
1628 |
+
|
1629 |
+
$kba_validate = new Customer_Setup();
|
1630 |
+
$kba_validate_response = json_decode( $kba_validate->validate_otp_token( 'KBA', null, $mo2f_transactionId, $kbaAns, get_option( 'mo2f_customerKey' ), get_option( 'mo2f_api_key' ) ), true );
|
1631 |
+
|
1632 |
+
if ( json_last_error() == JSON_ERROR_NONE ) {
|
1633 |
+
if ( strcasecmp( $kba_validate_response['status'], 'SUCCESS' ) == 0 ) {
|
1634 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "COMPLETED_TEST" ) );
|
1635 |
+
delete_user_meta( $user->ID, 'test_2FA' );
|
1636 |
+
$this->mo_auth_show_success_message();
|
1637 |
+
|
1638 |
+
} else { // KBA Validation failed.
|
1639 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "INVALID_ANSWERS" ) );
|
1640 |
+
$this->mo_auth_show_error_message();
|
1641 |
+
|
1642 |
+
}
|
1643 |
+
}
|
1644 |
+
}
|
1645 |
+
|
1646 |
+
|
1647 |
+
if ( isset( $_POST['option'] ) && $_POST['option'] == 'mo2f_configure_otp_over_sms_send_otp' ) { // sendin otp for configuring OTP over SMS
|
1648 |
+
$phone = sanitize_text_field( $_POST['verify_phone'] );
|
1649 |
+
|
1650 |
+
if ( MO2f_Utility::mo2f_check_empty_or_null( $phone ) ) {
|
1651 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "INVALID_ENTRY" ) );
|
1652 |
+
$this->mo_auth_show_error_message();
|
1653 |
+
|
1654 |
+
return;
|
1655 |
+
}
|
1656 |
+
|
1657 |
+
$phone = str_replace( ' ', '', $phone );
|
1658 |
+
$_SESSION['user_phone'] = $phone;
|
1659 |
+
update_option( 'user_phone_temp', $phone );
|
1660 |
+
$customer = new Customer_Setup();
|
1661 |
+
$currentMethod = "SMS";
|
1662 |
+
|
1663 |
+
$content = json_decode( $customer->send_otp_token( $phone, $currentMethod, get_option( 'mo2f_customerKey' ), get_option( 'mo2f_api_key' ) ), true );
|
1664 |
+
|
1665 |
+
if ( json_last_error() == JSON_ERROR_NONE ) { /* Generate otp token */
|
1666 |
+
if ( $content['status'] == 'ERROR' ) {
|
1667 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( $response['message'] ) );
|
1668 |
+
$this->mo_auth_show_error_message();
|
1669 |
+
} else if ( $content['status'] == 'SUCCESS' ) {
|
1670 |
+
$_SESSION['mo2f_transactionId'] = $content['txId'];
|
1671 |
+
update_option( 'mo2f_transactionId', $content['txId'] );
|
1672 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "OTP_SENT" ) . ' ' . $phone . ' .' . Mo2fConstants:: langTranslate( "ENTER_OTP" ) );
|
1673 |
+
update_option( 'mo2f_number_of_transactions', get_option( 'mo2f_number_of_transactions' ) - 1 );
|
1674 |
+
$this->mo_auth_show_success_message();
|
1675 |
+
} else {
|
1676 |
+
update_option( 'mo2f_message', Mo2fConstants::langTranslate( $content['message'] ) );
|
1677 |
+
$this->mo_auth_show_error_message();
|
1678 |
+
}
|
1679 |
+
|
1680 |
+
} else {
|
1681 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "INVALID_REQ" ) );
|
1682 |
+
$this->mo_auth_show_error_message();
|
1683 |
+
}
|
1684 |
+
}
|
1685 |
+
|
1686 |
+
if ( isset( $_POST['option'] ) && $_POST['option'] == 'mo2f_configure_otp_over_sms_validate' ) {
|
1687 |
+
$otp_token = '';
|
1688 |
+
if ( MO2f_Utility::mo2f_check_empty_or_null( $_POST['otp_token'] ) ) {
|
1689 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "INVALID_ENTRY" ) );
|
1690 |
+
$this->mo_auth_show_error_message();
|
1691 |
+
|
1692 |
+
return;
|
1693 |
+
} else {
|
1694 |
+
$otp_token = sanitize_text_field( $_POST['otp_token'] );
|
1695 |
+
}
|
1696 |
+
|
1697 |
+
//if the php session folder has insufficient permissions, temporary options to be used
|
1698 |
+
$mo2f_transactionId = isset( $_SESSION['mo2f_transactionId'] ) && ! empty( $_SESSION['mo2f_transactionId'] ) ? $_SESSION['mo2f_transactionId'] : get_option( 'mo2f_transactionId' );
|
1699 |
+
$user_phone = isset( $_SESSION['user_phone'] ) && $_SESSION['user_phone'] != 'false' ? $_SESSION['user_phone'] : get_option( 'user_phone_temp' );
|
1700 |
+
$mo2f_configured_2FA_method = $Mo2fdbQueries->get_user_detail( 'mo2f_configured_2FA_method', $user->ID );
|
1701 |
+
$phone = $Mo2fdbQueries->get_user_detail( 'mo2f_user_phone', $user->ID );
|
1702 |
+
$customer = new Customer_Setup();
|
1703 |
+
$content = json_decode( $customer->validate_otp_token( $mo2f_configured_2FA_method, null, $mo2f_transactionId, $otp_token, get_option( 'mo2f_customerKey' ), get_option( 'mo2f_api_key' ) ), true );
|
1704 |
+
|
1705 |
+
if ( $content['status'] == 'ERROR' ) {
|
1706 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( $content['message'] ) );
|
1707 |
+
|
1708 |
+
} else if ( strcasecmp( $content['status'], 'SUCCESS' ) == 0 ) { //OTP validated
|
1709 |
+
if ( $phone && strlen( $phone ) >= 4 ) {
|
1710 |
+
if ( $user_phone != $phone ) {
|
1711 |
+
$Mo2fdbQueries->update_user_details( $user->ID, array( 'mobile_registration_status' => false ) );
|
1712 |
+
|
1713 |
+
}
|
1714 |
+
}
|
1715 |
+
$email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $user->ID );
|
1716 |
+
|
1717 |
+
$enduser = new Two_Factor_Setup();
|
1718 |
+
$TwoFA_method_to_configure = get_user_meta( $user->ID, 'mo2f_2FA_method_to_configure', true );
|
1719 |
+
$current_method = MO2f_Utility::mo2f_decode_2_factor( $TwoFA_method_to_configure, "server" );
|
1720 |
+
$response = json_decode( $enduser->mo2f_update_userinfo( $email, $current_method, $user_phone, null, null ), true );
|
1721 |
+
|
1722 |
+
if ( json_last_error() == JSON_ERROR_NONE ) {
|
1723 |
+
|
1724 |
+
if ( $response['status'] == 'ERROR' ) {
|
1725 |
+
MO2f_Utility::unset_session_variables( 'user_phone' );
|
1726 |
+
delete_option( 'user_phone_temp' );
|
1727 |
+
|
1728 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( $response['message'] ) );
|
1729 |
+
$this->mo_auth_show_error_message();
|
1730 |
+
} else if ( $response['status'] == 'SUCCESS' ) {
|
1731 |
+
|
1732 |
+
$Mo2fdbQueries->update_user_details( $user->ID, array(
|
1733 |
+
'mo2f_configured_2FA_method' => 'OTP Over SMS',
|
1734 |
+
'mo2f_OTPOverSMS_config_status' => true,
|
1735 |
+
'user_registration_with_miniorange' => 'SUCCESS',
|
1736 |
+
'mo_2factor_user_registration_status' => 'MO_2_FACTOR_PLUGIN_SETTINGS',
|
1737 |
+
'mo2f_user_phone' => $user_phone
|
1738 |
+
) );
|
1739 |
+
|
1740 |
+
delete_user_meta( $user->ID, 'configure_2FA' );
|
1741 |
+
delete_user_meta( $user->ID, 'mo2f_2FA_method_to_configure' );
|
1742 |
+
|
1743 |
+
unset( $_SESSION['user_phone'] );
|
1744 |
+
MO2f_Utility::unset_session_variables( 'user_phone' );
|
1745 |
+
delete_option( 'user_phone_temp' );
|
1746 |
+
|
1747 |
+
mo2f_display_test_2fa_notification($user);
|
1748 |
+
} else {
|
1749 |
+
MO2f_Utility::unset_session_variables( 'user_phone' );
|
1750 |
+
delete_option( 'user_phone_temp' );
|
1751 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_DURING_PROCESS" ) );
|
1752 |
+
$this->mo_auth_show_error_message();
|
1753 |
+
}
|
1754 |
+
} else {
|
1755 |
+
MO2f_Utility::unset_session_variables( 'user_phone' );
|
1756 |
+
delete_option( 'user_phone_temp' );
|
1757 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "INVALID_REQ" ) );
|
1758 |
+
$this->mo_auth_show_error_message();
|
1759 |
+
}
|
1760 |
+
|
1761 |
+
} else { // OTP Validation failed.
|
1762 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "INVALID_OTP" ) );
|
1763 |
+
$this->mo_auth_show_error_message();
|
1764 |
+
}
|
1765 |
+
|
1766 |
+
}
|
1767 |
+
|
1768 |
+
// user clicks on Set 2-Factor method
|
1769 |
+
if ( ( isset( $_POST['option'] ) && $_POST['option'] == 'mo2f_save_free_plan_auth_methods' ) ||
|
1770 |
+
( isset( $_POST['option'] ) && $_POST['option'] == 'mo2f_save_standard_plan_auth_methods' ) ) {
|
1771 |
+
$is_customer_registered = $Mo2fdbQueries->get_user_detail( 'user_registration_with_miniorange', $user->ID ) == 'SUCCESS' ? true : false;
|
1772 |
+
|
1773 |
+
$selected_2FA_method = MO2f_Utility::mo2f_decode_2_factor( isset( $_POST['mo2f_configured_2FA_method_free_plan'] ) ? $_POST['mo2f_configured_2FA_method_free_plan'] : $_POST['mo2f_selected_action_standard_plan'], "wpdb" );
|
1774 |
+
update_user_meta( $user->ID, 'mo2f_2FA_method_to_configure', $selected_2FA_method );
|
1775 |
+
|
1776 |
+
if ( $is_customer_registered ) {
|
1777 |
+
$selected_2FA_method = MO2f_Utility::mo2f_decode_2_factor( isset( $_POST['mo2f_configured_2FA_method_free_plan'] ) ? $_POST['mo2f_configured_2FA_method_free_plan'] : $_POST['mo2f_selected_action_standard_plan'], "wpdb" );
|
1778 |
+
$selected_action = isset( $_POST['mo2f_selected_action_free_plan'] ) ? $_POST['mo2f_selected_action_free_plan'] : $_POST['mo2f_selected_action_standard_plan'];
|
1779 |
+
$is_nc_with_unlimited_users = get_option( 'mo2f_is_NC' ) && ! get_option( 'mo2f_is_NNC' );
|
1780 |
+
$user_phone = '';
|
1781 |
+
|
1782 |
+
if ( isset( $_SESSION['user_phone'] ) ) {
|
1783 |
+
$user_phone = $_SESSION['user_phone'] != 'false' ? $_SESSION['user_phone'] : $Mo2fdbQueries->get_user_detail( 'mo2f_user_phone', $user->ID );
|
1784 |
+
}
|
1785 |
+
|
1786 |
+
// set it as his 2-factor in the WP database and server
|
1787 |
+
if ( $selected_action == "select2factor" ) {
|
1788 |
+
|
1789 |
+
if ( $selected_2FA_method == 'OTP Over SMS' && $user_phone == 'false' ) {
|
1790 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "PHONE_NOT_CONFIGURED" ) );
|
1791 |
+
$this->mo_auth_show_error_message();
|
1792 |
+
} else {
|
1793 |
+
// update in the Wordpress DB
|
1794 |
+
$Mo2fdbQueries->update_user_details( $user->ID, array( 'mo2f_configured_2FA_method' => $selected_2FA_method ) );
|
1795 |
+
|
1796 |
+
// update the server
|
1797 |
+
$this->mo2f_save_2_factor_method( $user, $selected_2FA_method );
|
1798 |
+
|
1799 |
+
if ( ! $is_nc_with_unlimited_users && in_array( $selected_2FA_method, array(
|
1800 |
+
"Google Authenticator",
|
1801 |
+
"miniOrange Soft Token",
|
1802 |
+
"Authy Authenticator"
|
1803 |
+
) ) ) {
|
1804 |
+
update_option( 'mo2f_enable_2fa_prompt_on_login_page', 1 );
|
1805 |
+
} else {
|
1806 |
+
update_option( 'mo2f_enable_2fa_prompt_on_login_page', 0 );
|
1807 |
+
}
|
1808 |
+
|
1809 |
+
}
|
1810 |
+
|
1811 |
+
} else if ( $selected_action == "configure2factor" ) {
|
1812 |
+
|
1813 |
+
//show configuration form of respective Two Factor method
|
1814 |
+
update_user_meta( $user->ID, 'configure_2FA', 1 );
|
1815 |
+
update_user_meta( $user->ID, 'mo2f_2FA_method_to_configure', $selected_2FA_method );
|
1816 |
+
|
1817 |
+
}
|
1818 |
+
|
1819 |
+
} else {
|
1820 |
+
$Mo2fdbQueries->insert_user( $user->ID );
|
1821 |
+
$Mo2fdbQueries->update_user_details( $user->ID, array( 'mo_2factor_user_registration_status' => "REGISTRATION_STARTED" ) );
|
1822 |
+
update_user_meta( $user->ID, 'register_account', 1 );
|
1823 |
+
update_option( 'mo2f_message', "" );
|
1824 |
+
|
1825 |
+
display_customer_registration_forms( $user );
|
1826 |
+
}
|
1827 |
+
}
|
1828 |
+
|
1829 |
+
if ( isset( $_POST['option'] ) && $_POST['option'] == 'mo2f_enable_2FA_for_users_option' ) {
|
1830 |
+
update_option( 'mo2f_enable_2fa_for_users', isset( $_POST['mo2f_enable_2fa_for_users'] ) ? $_POST['mo2f_enable_2fa_for_users'] : 0 );
|
1831 |
+
}
|
1832 |
+
|
1833 |
+
if ( isset( $_POST['option'] ) && $_POST['option'] == 'mo2f_disable_proxy_setup_option' ) {
|
1834 |
+
|
1835 |
+
delete_option( 'mo2f_proxy_host' );
|
1836 |
+
delete_option( 'mo2f_port_number' );
|
1837 |
+
delete_option( 'mo2f_proxy_username' );
|
1838 |
+
delete_option( 'mo2f_proxy_password' );
|
1839 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "Proxy Configurations Reset." ) );
|
1840 |
+
$this->mo_auth_show_success_message();
|
1841 |
+
}
|
1842 |
+
|
1843 |
+
if ( isset( $_POST['option'] ) && $_POST['option'] == 'mo2f_enable_2FA_option' ) {
|
1844 |
+
update_option( 'mo2f_enable_2fa', isset( $_POST['mo2f_enable_2fa'] ) ? $_POST['mo2f_enable_2fa'] : 0 );
|
1845 |
+
}
|
1846 |
+
|
1847 |
+
if ( isset( $_POST['option'] ) && $_POST['option'] == 'mo2f_enable_2FA_on_login_page_option' ) {
|
1848 |
+
update_option( 'mo2f_enable_2fa_prompt_on_login_page', isset( $_POST['mo2f_enable_2fa_prompt_on_login_page'] ) ? $_POST['mo2f_enable_2fa_prompt_on_login_page'] : 0 );
|
1849 |
+
}
|
1850 |
+
|
1851 |
+
|
1852 |
+
if ( isset( $_POST['option'] ) && $_POST['option'] == 'mo_2factor_test_authentication_method' ) {
|
1853 |
+
|
1854 |
+
update_user_meta( $user->ID, 'test_2FA', 1 );
|
1855 |
+
|
1856 |
+
|
1857 |
+
$selected_2FA_method = $_POST['mo2f_configured_2FA_method_test'];
|
1858 |
+
$selected_2FA_method_server = MO2f_Utility::mo2f_decode_2_factor( $selected_2FA_method, "server" );
|
1859 |
+
$customer = new Customer_Setup();
|
1860 |
+
$email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $user->ID );
|
1861 |
+
$customer_key = get_option( 'mo2f_customerKey' );
|
1862 |
+
$api_key = get_option( 'mo2f_api_key' );
|
1863 |
+
|
1864 |
+
if ( $selected_2FA_method == 'Security Questions' ) {
|
1865 |
+
$response = json_decode( $customer->send_otp_token( $email, $selected_2FA_method_server, $customer_key, $api_key ), true );
|
1866 |
+
|
1867 |
+
if ( json_last_error() == JSON_ERROR_NONE ) { /* Generate KBA Questions*/
|
1868 |
+
if ( $response['status'] == 'SUCCESS' ) {
|
1869 |
+
$_SESSION['mo2f_transactionId'] = $response['txId'];
|
1870 |
+
update_option( 'mo2f_transactionId', $response['txId'] );
|
1871 |
+
$questions = array();
|
1872 |
+
$questions[0] = $response['questions'][0]['question'];
|
1873 |
+
$questions[1] = $response['questions'][1]['question'];
|
1874 |
+
$_SESSION['mo_2_factor_kba_questions'] = $questions;
|
1875 |
+
update_option( 'kba_questions', $questions );
|
1876 |
+
|
1877 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ANSWER_SECURITY_QUESTIONS" ) );
|
1878 |
+
$this->mo_auth_show_success_message();
|
1879 |
+
|
1880 |
+
} else if ( $response['status'] == 'ERROR' ) {
|
1881 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_FETCHING_QUESTIONS" ) );
|
1882 |
+
$this->mo_auth_show_error_message();
|
1883 |
+
|
1884 |
+
}
|
1885 |
+
} else {
|
1886 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_FETCHING_QUESTIONS" ) );
|
1887 |
+
$this->mo_auth_show_error_message();
|
1888 |
+
|
1889 |
+
}
|
1890 |
+
|
1891 |
+
} else if ( $selected_2FA_method == 'miniOrange Push Notification' ) {
|
1892 |
+
$response = json_decode( $customer->send_otp_token( $email, $selected_2FA_method_server, $customer_key, $api_key ), true );
|
1893 |
+
if ( json_last_error() == JSON_ERROR_NONE ) { /* Generate Qr code */
|
1894 |
+
if ( $response['status'] == 'ERROR' ) {
|
1895 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( $response['message'] ) );
|
1896 |
+
$this->mo_auth_show_error_message();
|
1897 |
+
|
1898 |
+
} else {
|
1899 |
+
if ( $response['status'] == 'SUCCESS' ) {
|
1900 |
+
$_SESSION['mo2f_transactionId'] = $response['txId'];
|
1901 |
+
update_option( 'mo2f_transactionId', $response['txId'] );
|
1902 |
+
$_SESSION['mo2f_show_qr_code'] = 'MO_2_FACTOR_SHOW_QR_CODE';
|
1903 |
+
update_option( 'mo2f_transactionId', $response['txId'] );
|
1904 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "PUSH_NOTIFICATION_SENT" ) );
|
1905 |
+
$this->mo_auth_show_success_message();
|
1906 |
+
|
1907 |
+
} else {
|
1908 |
+
$session_variables = array( 'mo2f_qrCode', 'mo2f_transactionId', 'mo2f_show_qr_code' );
|
1909 |
+
MO2f_Utility::unset_session_variables( $session_variables );
|
1910 |
+
|
1911 |
+
delete_option( 'mo2f_transactionId' );
|
1912 |
+
update_option( 'mo2f_message', 'An error occurred while processing your request. Please Try again.' );
|
1913 |
+
$this->mo_auth_show_error_message();
|
1914 |
+
|
1915 |
+
}
|
1916 |
+
}
|
1917 |
+
} else {
|
1918 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "INVALID_REQ" ) );
|
1919 |
+
$this->mo_auth_show_error_message();
|
1920 |
+
|
1921 |
+
}
|
1922 |
+
} else if ( $selected_2FA_method == 'OTP Over SMS' ) {
|
1923 |
+
$phone = $Mo2fdbQueries->get_user_detail( 'mo2f_user_phone', $user->ID );
|
1924 |
+
$response = json_decode( $customer->send_otp_token( $phone, $selected_2FA_method_server, $customer_key, $api_key ), true );
|
1925 |
+
if ( strcasecmp( $response['status'], 'SUCCESS' ) == 0 ) {
|
1926 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "OTP_SENT" ) . ' <b>' . ( $phone ) . '</b>. ' . Mo2fConstants:: langTranslate( "ENTER_OTP" ) );
|
1927 |
+
update_option( 'mo2f_number_of_transactions', get_option( 'mo2f_number_of_transactions' ) - 1 );
|
1928 |
+
|
1929 |
+
$_SESSION['mo2f_transactionId'] = $response['txId'];
|
1930 |
+
update_option( 'mo2f_transactionId', $response['txId'] );
|
1931 |
+
$this->mo_auth_show_success_message();
|
1932 |
+
|
1933 |
+
} else {
|
1934 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_IN_SENDING_OTP" ) );
|
1935 |
+
$this->mo_auth_show_error_message();
|
1936 |
+
|
1937 |
+
}
|
1938 |
+
} else if ( $selected_2FA_method == 'miniOrange QR Code Authentication' ) {
|
1939 |
+
$response = json_decode( $customer->send_otp_token( $email, $selected_2FA_method_server, $customer_key, $api_key ), true );
|
1940 |
+
|
1941 |
+
if ( json_last_error() == JSON_ERROR_NONE ) { /* Generate Qr code */
|
1942 |
+
|
1943 |
+
if ( $response['status'] == 'ERROR' ) {
|
1944 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( $response['message'] ) );
|
1945 |
+
$this->mo_auth_show_error_message();
|
1946 |
+
|
1947 |
+
} else {
|
1948 |
+
if ( $response['status'] == 'SUCCESS' ) {
|
1949 |
+
$_SESSION['mo2f_qrCode'] = $response['qrCode'];
|
1950 |
+
$_SESSION['mo2f_transactionId'] = $response['txId'];
|
1951 |
+
$_SESSION['mo2f_show_qr_code'] = 'MO_2_FACTOR_SHOW_QR_CODE';
|
1952 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "SCAN_QR_CODE" ) );
|
1953 |
+
$this->mo_auth_show_success_message();
|
1954 |
+
|
1955 |
+
} else {
|
1956 |
+
unset( $_SESSION['mo2f_qrCode'] );
|
1957 |
+
unset( $_SESSION['mo2f_transactionId'] );
|
1958 |
+
unset( $_SESSION['mo2f_show_qr_code'] );
|
1959 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_DURING_PROCESS" ) );
|
1960 |
+
$this->mo_auth_show_error_message();
|
1961 |
+
|
1962 |
+
}
|
1963 |
+
}
|
1964 |
+
} else {
|
1965 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "INVALID_REQ" ) );
|
1966 |
+
$this->mo_auth_show_error_message();
|
1967 |
+
|
1968 |
+
}
|
1969 |
+
} else if ( $selected_2FA_method == 'Email Verification' ) {
|
1970 |
+
$this->miniorange_email_verification_call( $user );
|
1971 |
+
}
|
1972 |
+
|
1973 |
+
|
1974 |
+
update_user_meta( $user->ID, 'mo2f_2FA_method_to_test', $selected_2FA_method );
|
1975 |
+
|
1976 |
+
}
|
1977 |
+
|
1978 |
+
if ( isset( $_POST['option'] ) && $_POST['option'] == 'mo2f_go_back' ) {
|
1979 |
+
$session_variables = array(
|
1980 |
+
'mo2f_qrCode',
|
1981 |
+
'mo2f_transactionId',
|
1982 |
+
'mo2f_show_qr_code',
|
1983 |
+
'user_phone',
|
1984 |
+
'mo2f_google_auth',
|
1985 |
+
'mo2f_mobile_support',
|
1986 |
+
'mo2f_authy_keys'
|
1987 |
+
);
|
1988 |
+
MO2f_Utility::unset_session_variables( $session_variables );
|
1989 |
+
delete_option( 'mo2f_transactionId' );
|
1990 |
+
delete_option( 'user_phone_temp' );
|
1991 |
+
|
1992 |
+
delete_user_meta( $user->ID, 'test_2FA' );
|
1993 |
+
delete_user_meta( $user->ID, 'configure_2FA' );
|
1994 |
+
}
|
1995 |
+
|
1996 |
+
}
|
1997 |
+
|
1998 |
+
function mo_auth_deactivate() {
|
1999 |
+
global $Mo2fdbQueries;
|
2000 |
+
$mo2f_register_with_another_email = get_option( 'mo2f_register_with_another_email' );
|
2001 |
+
$is_EC = ! get_option( 'mo2f_is_NC' ) ? 1 : 0;
|
2002 |
+
$is_NNC = get_option( 'mo2f_is_NC' ) && get_option( 'mo2f_is_NNC' ) ? 1 : 0;
|
2003 |
+
|
2004 |
+
if ( $mo2f_register_with_another_email || $is_EC || $is_NNC ) {
|
2005 |
+
update_option( 'mo2f_register_with_another_email', 0 );
|
2006 |
+
$users = get_users( array() );
|
2007 |
+
$this->mo2f_delete_user_details( $users );
|
2008 |
+
$this->mo2f_delete_mo_options();
|
2009 |
+
$url = admin_url( 'plugins.php' );
|
2010 |
+
wp_redirect( $url );
|
2011 |
+
}
|
2012 |
+
|
2013 |
+
}
|
2014 |
+
|
2015 |
+
function mo2f_delete_user_details( $users ) {
|
2016 |
+
global $Mo2fdbQueries;
|
2017 |
+
foreach ( $users as $user ) {
|
2018 |
+
$Mo2fdbQueries->delete_user_details( $user->ID );
|
2019 |
+
delete_user_meta( $user->ID, 'phone_verification_status' );
|
2020 |
+
delete_user_meta( $user->ID, 'test_2FA' );
|
2021 |
+
delete_user_meta( $user->ID, 'mo2f_2FA_method_to_configure' );
|
2022 |
+
delete_user_meta( $user->ID, 'configure_2FA' );
|
2023 |
+
delete_user_meta( $user->ID, 'mo2f_2FA_method_to_test' );
|
2024 |
+
delete_user_meta( $user->ID, 'mo2f_phone' );
|
2025 |
+
delete_user_meta( $user->ID, 'register_account' );
|
2026 |
+
}
|
2027 |
+
|
2028 |
+
}
|
2029 |
+
|
2030 |
+
function mo2f_delete_mo_options() {
|
2031 |
+
delete_option( 'mo2f_email' );
|
2032 |
+
delete_option( 'mo2f_dbversion' );
|
2033 |
+
delete_option( 'mo2f_host_name' );
|
2034 |
+
delete_option( 'user_phone' );
|
2035 |
+
//delete_option( 'mo2f_customerKey' );
|
2036 |
+
delete_option( 'mo2f_api_key' );
|
2037 |
+
delete_option( 'mo2f_customer_token' );
|
2038 |
+
delete_option( 'mo_2factor_admin_registration_status' );
|
2039 |
+
delete_option( 'mo2f_number_of_transactions' );
|
2040 |
+
delete_option( 'mo2f_set_transactions' );
|
2041 |
+
delete_option( 'mo2f_show_sms_transaction_message' );
|
2042 |
+
delete_option( 'mo_app_password' );
|
2043 |
+
delete_option( 'mo2f_login_option' );
|
2044 |
+
delete_option( 'mo2f_remember_device' );
|
2045 |
+
delete_option( 'mo2f_enable_forgotphone' );
|
2046 |
+
delete_option( 'mo2f_enable_login_with_2nd_factor' );
|
2047 |
+
delete_option( 'mo2f_enable_xmlrpc' );
|
2048 |
+
delete_option( 'mo2f_register_with_another_email' );
|
2049 |
+
delete_option( 'mo2f_proxy_host' );
|
2050 |
+
delete_option( 'mo2f_port_number' );
|
2051 |
+
delete_option( 'mo2f_proxy_username' );
|
2052 |
+
delete_option( 'mo2f_proxy_password' );
|
2053 |
+
delete_option( 'mo2f_customer_selected_plan' );
|
2054 |
+
}
|
2055 |
+
|
2056 |
+
function mo_auth_show_success_message() {
|
2057 |
+
remove_action( 'admin_notices', array( $this, 'mo_auth_success_message' ) );
|
2058 |
+
add_action( 'admin_notices', array( $this, 'mo_auth_error_message' ) );
|
2059 |
+
}
|
2060 |
+
|
2061 |
+
function mo2f_create_customer( $user ) {
|
2062 |
+
global $Mo2fdbQueries;
|
2063 |
+
delete_user_meta( $user->ID, 'mo2f_sms_otp_count' );
|
2064 |
+
delete_user_meta( $user->ID, 'mo2f_email_otp_count' );
|
2065 |
+
$customer = new Customer_Setup();
|
2066 |
+
$customerKey = json_decode( $customer->create_customer(), true );
|
2067 |
+
|
2068 |
+
if ( $customerKey['status'] == 'ERROR' ) {
|
2069 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( $customerKey['message'] ) );
|
2070 |
+
$this->mo_auth_show_error_message();
|
2071 |
+
} else {
|
2072 |
+
if ( strcasecmp( $customerKey['status'], 'CUSTOMER_USERNAME_ALREADY_EXISTS' ) == 0 ) { //admin already exists in miniOrange
|
2073 |
+
$content = $customer->get_customer_key();
|
2074 |
+
$customerKey = json_decode( $content, true );
|
2075 |
+
|
2076 |
+
if ( json_last_error() == JSON_ERROR_NONE ) {
|
2077 |
+
if ( array_key_exists( "status", $customerKey ) && $customerKey['status'] == 'ERROR' ) {
|
2078 |
+
update_option( 'mo2f_message', Mo2fConstants::langTranslate( $customerKey['message'] ) );
|
2079 |
+
$this->mo_auth_show_error_message();
|
2080 |
+
} else {
|
2081 |
+
if ( isset( $customerKey['id'] ) && ! empty( $customerKey['id'] ) ) {
|
2082 |
+
update_option( 'mo2f_customerKey', $customerKey['id'] );
|
2083 |
+
update_option( 'mo2f_api_key', $customerKey['apiKey'] );
|
2084 |
+
update_option( 'mo2f_customer_token', $customerKey['token'] );
|
2085 |
+
update_option( 'mo2f_app_secret', $customerKey['appSecret'] );
|
2086 |
+
update_option( 'mo2f_miniorange_admin', $user->ID );
|
2087 |
+
delete_option( 'mo2f_password' );
|
2088 |
+
$email = get_option( 'mo2f_email' );
|
2089 |
+
$Mo2fdbQueries->update_user_details( $user->ID, array(
|
2090 |
+
'mo2f_EmailVerification_config_status' => true,
|
2091 |
+
'user_registration_with_miniorange' => 'SUCCESS',
|
2092 |
+
'mo2f_user_email' => $email
|
2093 |
+
) );
|
2094 |
+
$mo_2factor_user_registration_status = 'MO_2_FACTOR_PLUGIN_SETTINGS';
|
2095 |
+
|
2096 |
+
|
2097 |
+
$Mo2fdbQueries->update_user_details( $user->ID, array( 'mo_2factor_user_registration_status' => $mo_2factor_user_registration_status ) );
|
2098 |
+
|
2099 |
+
update_option( 'mo_2factor_admin_registration_status', 'MO_2_FACTOR_CUSTOMER_REGISTERED_SUCCESS' );
|
2100 |
+
$enduser = new Two_Factor_Setup();
|
2101 |
+
$enduser->mo2f_update_userinfo( $email, 'OUT OF BAND EMAIL', null, 'API_2FA', true );
|
2102 |
+
|
2103 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ACCOUNT_RETRIEVED_SUCCESSFULLY" ) . ' <b>' . Mo2fConstants:: langTranslate( "EMAIL_VERFI" ) . '</b> ' . Mo2fConstants:: langTranslate( "DEFAULT_2ND_FACTOR" ) . ' <a href=\"admin.php?page=miniOrange_2_factor_settings&mo2f_tab=mobile_configure\" >' . Mo2fConstants:: langTranslate( "CLICK_HERE" ) . '</a> ' . Mo2fConstants:: langTranslate( "CONFIGURE_2FA" ) );
|
2104 |
+
$this->mo_auth_show_success_message();
|
2105 |
+
} else {
|
2106 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_CREATE_ACC_OTP" ) );
|
2107 |
+
$mo_2factor_user_registration_status = 'MO_2_FACTOR_OTP_DELIVERED_FAILURE';
|
2108 |
+
$Mo2fdbQueries->update_user_details( $user->ID, array( 'mo_2factor_user_registration_status' => $mo_2factor_user_registration_status ) );
|
2109 |
+
$this->mo_auth_show_error_message();
|
2110 |
+
}
|
2111 |
+
|
2112 |
+
}
|
2113 |
+
|
2114 |
+
} else {
|
2115 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "INVALID_EMAIL_OR_PASSWORD" ) );
|
2116 |
+
$mo_2factor_user_registration_status = 'MO_2_FACTOR_VERIFY_CUSTOMER';
|
2117 |
+
$Mo2fdbQueries->update_user_details( $user->ID, array( 'mo_2factor_user_registration_status' => $mo_2factor_user_registration_status ) );
|
2118 |
+
|
2119 |
+
$this->mo_auth_show_error_message();
|
2120 |
+
}
|
2121 |
+
|
2122 |
+
|
2123 |
+
} else {
|
2124 |
+
if ( isset( $customerKey['id'] ) && ! empty( $customerKey['id'] ) ) {
|
2125 |
+
update_option( 'mo2f_customerKey', $customerKey['id'] );
|
2126 |
+
update_option( 'mo2f_api_key', $customerKey['apiKey'] );
|
2127 |
+
update_option( 'mo2f_customer_token', $customerKey['token'] );
|
2128 |
+
update_option( 'mo2f_app_secret', $customerKey['appSecret'] );
|
2129 |
+
update_option( 'mo2f_miniorange_admin', $user->ID );
|
2130 |
+
delete_option( 'mo2f_password' );
|
2131 |
+
|
2132 |
+
$email = get_option( 'mo2f_email' );
|
2133 |
+
|
2134 |
+
update_option( 'mo2f_is_NC', 1 );
|
2135 |
+
update_option( 'mo2f_is_NNC', 1 );
|
2136 |
+
|
2137 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ACCOUNT_CREATED" ) );
|
2138 |
+
$mo_2factor_user_registration_status = 'MO_2_FACTOR_PLUGIN_SETTINGS';
|
2139 |
+
$Mo2fdbQueries->update_user_details( $user->ID, array(
|
2140 |
+
'mo2f_2factor_enable_2fa_byusers' => 1,
|
2141 |
+
'user_registration_with_miniorange' => 'SUCCESS',
|
2142 |
+
'mo2f_configured_2FA_method' => 'NONE',
|
2143 |
+
'mo2f_user_email' => $email,
|
2144 |
+
'mo_2factor_user_registration_status' => $mo_2factor_user_registration_status
|
2145 |
+
) );
|
2146 |
+
|
2147 |
+
update_option( 'mo_2factor_admin_registration_status', 'MO_2_FACTOR_CUSTOMER_REGISTERED_SUCCESS' );
|
2148 |
+
|
2149 |
+
$enduser = new Two_Factor_Setup();
|
2150 |
+
$enduser->mo2f_update_userinfo( $email, 'NONE', null, 'API_2FA', true );
|
2151 |
+
|
2152 |
+
$this->mo_auth_show_success_message();
|
2153 |
+
|
2154 |
+
$mo2f_customer_selected_plan = get_option( 'mo2f_customer_selected_plan' );
|
2155 |
+
if ( ! empty( $mo2f_customer_selected_plan ) ) {
|
2156 |
+
delete_option( 'mo2f_customer_selected_plan' );
|
2157 |
+
header( 'Location: admin.php?page=miniOrange_2_factor_settings&mo2f_tab=mo2f_pricing' );
|
2158 |
+
} else {
|
2159 |
+
header( 'Location: admin.php?page=miniOrange_2_factor_settings&mo2f_tab=mobile_configure' );
|
2160 |
+
}
|
2161 |
+
|
2162 |
+
} else {
|
2163 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_CREATE_ACC_OTP" ) );
|
2164 |
+
$mo_2factor_user_registration_status = 'MO_2_FACTOR_OTP_DELIVERED_FAILURE';
|
2165 |
+
$Mo2fdbQueries->update_user_details( $user->ID, array( 'mo_2factor_user_registration_status' => $mo_2factor_user_registration_status ) );
|
2166 |
+
$this->mo_auth_show_error_message();
|
2167 |
+
}
|
2168 |
+
|
2169 |
+
|
2170 |
+
}
|
2171 |
+
}
|
2172 |
+
}
|
2173 |
+
|
2174 |
+
public static function mo2f_get_GA_parameters($user){
|
2175 |
+
global $Mo2fdbQueries;
|
2176 |
+
$email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $user->ID );
|
2177 |
+
$google_auth = new Miniorange_Rba_Attributes();
|
2178 |
+
$google_response = json_decode( $google_auth->mo2f_google_auth_service( $email ), true );
|
2179 |
+
if ( json_last_error() == JSON_ERROR_NONE ) {
|
2180 |
+
if ( $google_response['status'] == 'SUCCESS' ) {
|
2181 |
+
$mo2f_google_auth = array();
|
2182 |
+
$mo2f_google_auth['ga_qrCode'] = $google_response['qrCodeData'];
|
2183 |
+
$mo2f_google_auth['ga_secret'] = $google_response['secret'];
|
2184 |
+
$_SESSION['mo2f_google_auth'] = $mo2f_google_auth;
|
2185 |
+
}else {
|
2186 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_DURING_USER_REGISTRATION" ) );
|
2187 |
+
self::mo_auth_show_error_message();
|
2188 |
+
}
|
2189 |
+
}else {
|
2190 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_DURING_USER_REGISTRATION" ) );
|
2191 |
+
self::mo_auth_show_error_message();
|
2192 |
+
|
2193 |
+
}
|
2194 |
+
}
|
2195 |
+
|
2196 |
+
function mo_auth_show_error_message() {
|
2197 |
+
remove_action( 'admin_notices', array( $this, 'mo_auth_error_message' ) );
|
2198 |
+
add_action( 'admin_notices', array( $this, 'mo_auth_success_message' ) );
|
2199 |
+
}
|
2200 |
+
|
2201 |
+
function mo2f_create_user( $user, $email ) {
|
2202 |
+
global $Mo2fdbQueries;
|
2203 |
+
$email = strtolower( $email );
|
2204 |
+
$enduser = new Two_Factor_Setup();
|
2205 |
+
$check_user = json_decode( $enduser->mo_check_user_already_exist( $email ), true );
|
2206 |
+
|
2207 |
+
if ( json_last_error() == JSON_ERROR_NONE ) {
|
2208 |
+
if ( $check_user['status'] == 'ERROR' ) {
|
2209 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( $check_user['message'] ) );
|
2210 |
+
$this->mo_auth_show_error_message();
|
2211 |
+
} else {
|
2212 |
+
if ( strcasecmp( $check_user['status'], 'USER_FOUND' ) == 0 ) {
|
2213 |
+
|
2214 |
+
$Mo2fdbQueries->update_user_details( $user->ID, array(
|
2215 |
+
'user_registration_with_miniorange' => 'SUCCESS',
|
2216 |
+
'mo2f_user_email' => $email,
|
2217 |
+
'mo2f_configured_2FA_method' => 'NONE',
|
2218 |
+
'mo_2factor_user_registration_status' => 'MO_2_FACTOR_PLUGIN_SETTINGS'
|
2219 |
+
) );
|
2220 |
+
|
2221 |
+
|
2222 |
+
delete_user_meta( $user->ID, 'user_email' );
|
2223 |
+
$enduser->mo2f_update_userinfo( $email, 'NONE', null, 'API_2FA', true );
|
2224 |
+
$message = Mo2fConstants:: langTranslate( "REGISTRATION_SUCCESS" );
|
2225 |
+
update_option( 'mo2f_message', $message );
|
2226 |
+
$this->mo_auth_show_success_message();
|
2227 |
+
header( 'Location: admin.php?page=miniOrange_2_factor_settings&mo2f_tab=mobile_configure' );
|
2228 |
+
|
2229 |
+
} else if ( strcasecmp( $check_user['status'], 'USER_NOT_FOUND' ) == 0 ) {
|
2230 |
+
$content = json_decode( $enduser->mo_create_user( $user, $email ), true );
|
2231 |
+
if ( json_last_error() == JSON_ERROR_NONE ) {
|
2232 |
+
if ( $content['status'] == 'ERROR' ) {
|
2233 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( $content['message'] ) );
|
2234 |
+
$this->mo_auth_show_error_message();
|
2235 |
+
} else {
|
2236 |
+
if ( strcasecmp( $content['status'], 'SUCCESS' ) == 0 ) {
|
2237 |
+
delete_user_meta( $user->ID, 'user_email' );
|
2238 |
+
$Mo2fdbQueries->update_user_details( $user->ID, array(
|
2239 |
+
'user_registration_with_miniorange' => 'SUCCESS',
|
2240 |
+
'mo2f_user_email' => $email,
|
2241 |
+
'mo2f_configured_2FA_method' => 'NONE',
|
2242 |
+
'mo_2factor_user_registration_status' => 'MO_2_FACTOR_PLUGIN_SETTINGS'
|
2243 |
+
) );
|
2244 |
+
$enduser->mo2f_update_userinfo( $email, 'NONE', null, 'API_2FA', true );
|
2245 |
+
$message = Mo2fConstants:: langTranslate( "REGISTRATION_SUCCESS" );
|
2246 |
+
update_option( 'mo2f_message', $message );
|
2247 |
+
$this->mo_auth_show_success_message();
|
2248 |
+
header( 'Location: admin.php?page=miniOrange_2_factor_settings&mo2f_tab=mobile_configure' );
|
2249 |
+
|
2250 |
+
} else {
|
2251 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_DURING_USER_REGISTRATION" ) );
|
2252 |
+
$this->mo_auth_show_error_message();
|
2253 |
+
}
|
2254 |
+
}
|
2255 |
+
} else {
|
2256 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_DURING_USER_REGISTRATION" ) );
|
2257 |
+
$this->mo_auth_show_error_message();
|
2258 |
+
}
|
2259 |
+
} else {
|
2260 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_DURING_USER_REGISTRATION" ) );
|
2261 |
+
$this->mo_auth_show_error_message();
|
2262 |
+
}
|
2263 |
+
}
|
2264 |
+
} else {
|
2265 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_DURING_USER_REGISTRATION" ) );
|
2266 |
+
$this->mo_auth_show_error_message();
|
2267 |
+
}
|
2268 |
+
}
|
2269 |
+
|
2270 |
+
function mo2f_get_qr_code_for_mobile( $email, $id ) {
|
2271 |
+
|
2272 |
+
$registerMobile = new Two_Factor_Setup();
|
2273 |
+
$content = $registerMobile->register_mobile( $email );
|
2274 |
+
$response = json_decode( $content, true );
|
2275 |
+
if ( json_last_error() == JSON_ERROR_NONE ) {
|
2276 |
+
if ( $response['status'] == 'ERROR' ) {
|
2277 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( $response['message'] ) );
|
2278 |
+
$session_variables = array( 'mo2f_qrCode', 'mo2f_transactionId', 'mo2f_show_qr_code' );
|
2279 |
+
MO2f_Utility::unset_session_variables( $session_variables );
|
2280 |
+
delete_option( 'mo2f_transactionId' );
|
2281 |
+
$this->mo_auth_show_error_message();
|
2282 |
+
|
2283 |
+
} else {
|
2284 |
+
if ( $response['status'] == 'IN_PROGRESS' ) {
|
2285 |
+
update_option( 'mo2f_message', Mo2fConstants::langTranslate( "SCAN_QR_CODE" ) );
|
2286 |
+
$_SESSION['mo2f_qrCode'] = $response['qrCode'];
|
2287 |
+
$_SESSION['mo2f_transactionId'] = $response['txId'];
|
2288 |
+
update_option( 'mo2f_transactionId', $response['txId'] );
|
2289 |
+
$_SESSION['mo2f_show_qr_code'] = 'MO_2_FACTOR_SHOW_QR_CODE';
|
2290 |
+
$this->mo_auth_show_success_message();
|
2291 |
+
} else {
|
2292 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_DURING_PROCESS" ) );
|
2293 |
+
$session_variables = array( 'mo2f_qrCode', 'mo2f_transactionId', 'mo2f_show_qr_code' );
|
2294 |
+
MO2f_Utility::unset_session_variables( $session_variables );
|
2295 |
+
delete_option( 'mo2f_transactionId' );
|
2296 |
+
$this->mo_auth_show_error_message();
|
2297 |
+
}
|
2298 |
+
}
|
2299 |
+
}
|
2300 |
+
}
|
2301 |
+
|
2302 |
+
function mo2f_save_2_factor_method( $user, $mo2f_configured_2FA_method ) {
|
2303 |
+
global $Mo2fdbQueries;
|
2304 |
+
$email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $user->ID );
|
2305 |
+
$enduser = new Two_Factor_Setup();
|
2306 |
+
$phone = $Mo2fdbQueries->get_user_detail( 'mo2f_user_phone', $user->ID );
|
2307 |
+
$current_method = MO2f_Utility::mo2f_decode_2_factor( $mo2f_configured_2FA_method, "server" );
|
2308 |
+
|
2309 |
+
$response = json_decode( $enduser->mo2f_update_userinfo( $email, $current_method, $phone, null, null ), true );
|
2310 |
+
|
2311 |
+
if ( json_last_error() == JSON_ERROR_NONE ) {
|
2312 |
+
if ( $response['status'] == 'ERROR' ) {
|
2313 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( $response['message'] ) );
|
2314 |
+
$this->mo_auth_show_error_message();
|
2315 |
+
} else if ( $response['status'] == 'SUCCESS' ) {
|
2316 |
+
$configured_2fa_method = $Mo2fdbQueries->get_user_detail( 'mo2f_configured_2FA_method', $user->ID );
|
2317 |
+
|
2318 |
+
if ( in_array( $configured_2fa_method, array( "Google Authenticator", "Authy Authenticator" ) ) ) {
|
2319 |
+
update_user_meta( $user->ID, 'mo2f_external_app_type', $configured_2fa_method );
|
2320 |
+
}
|
2321 |
+
|
2322 |
+
$Mo2fdbQueries->update_user_details( $user->ID, array(
|
2323 |
+
'mo_2factor_user_registration_status' => 'MO_2_FACTOR_PLUGIN_SETTINGS'
|
2324 |
+
) );
|
2325 |
+
delete_user_meta( $user->ID, 'configure_2FA' );
|
2326 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( $configured_2fa_method ) . ' ' . Mo2fConstants:: langTranslate( "SET_2FA" ) );
|
2327 |
+
|
2328 |
+
$this->mo_auth_show_success_message();
|
2329 |
+
} else {
|
2330 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_DURING_PROCESS" ) );
|
2331 |
+
$this->mo_auth_show_error_message();
|
2332 |
+
}
|
2333 |
+
} else {
|
2334 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "INVALID_REQ" ) );
|
2335 |
+
$this->mo_auth_show_error_message();
|
2336 |
+
}
|
2337 |
+
}
|
2338 |
+
|
2339 |
+
function miniorange_email_verification_call( $user ) {
|
2340 |
+
global $Mo2fdbQueries;
|
2341 |
+
$challengeMobile = new Customer_Setup();
|
2342 |
+
$email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $user->ID );
|
2343 |
+
$content = $challengeMobile->send_otp_token( $email, 'OUT OF BAND EMAIL', $this->defaultCustomerKey, $this->defaultApiKey );
|
2344 |
+
$response = json_decode( $content, true );
|
2345 |
+
if ( json_last_error() == JSON_ERROR_NONE ) { /* Generate out of band email */
|
2346 |
+
if ( $response['status'] == 'ERROR' ) {
|
2347 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( $response['message'] ) );
|
2348 |
+
$this->mo_auth_show_error_message();
|
2349 |
+
} else {
|
2350 |
+
if ( $response['status'] == 'SUCCESS' ) {
|
2351 |
+
$_SESSION['mo2f_transactionId'] = $response['txId'];
|
2352 |
+
update_option( 'mo2f_transactionId', $response['txId'] );
|
2353 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "VERIFICATION_EMAIL_SENT" ) . '<b> ' . $email . '</b>. ' . Mo2fConstants:: langTranslate( "ACCEPT_LINK_TO_VERIFY_EMAIL" ) );
|
2354 |
+
$this->mo_auth_show_success_message();
|
2355 |
+
} else {
|
2356 |
+
unset( $_SESSION['mo2f_transactionId'] );
|
2357 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "ERROR_DURING_PROCESS" ) );
|
2358 |
+
$this->mo_auth_show_error_message();
|
2359 |
+
}
|
2360 |
+
}
|
2361 |
+
} else {
|
2362 |
+
update_option( 'mo2f_message', Mo2fConstants:: langTranslate( "INVALID_REQ" ) );
|
2363 |
+
$this->mo_auth_show_error_message();
|
2364 |
+
}
|
2365 |
+
}
|
2366 |
+
|
2367 |
+
function mo_auth_activate() {
|
2368 |
+
if ( get_option( 'mo2f_customerKey' ) && ! get_option( 'mo2f_is_NC' ) ) {
|
2369 |
+
update_option( 'mo2f_is_NC', 0 );
|
2370 |
+
} else {
|
2371 |
+
update_option( 'mo2f_is_NC', 1 );
|
2372 |
+
update_option( 'mo2f_is_NNC', 1 );
|
2373 |
+
}
|
2374 |
+
|
2375 |
+
update_option( 'mo2f_host_name', 'https://auth.miniorange.com' );
|
2376 |
+
global $Mo2fdbQueries;
|
2377 |
+
$Mo2fdbQueries->mo_plugin_activate();
|
2378 |
+
}
|
2379 |
+
|
2380 |
+
function mo_get_2fa_shorcode( $atts ) {
|
2381 |
+
if ( ! is_user_logged_in() && mo2f_is_customer_registered() ) {
|
2382 |
+
$mo2f_shorcode = new MO2F_ShortCode();
|
2383 |
+
$html = $mo2f_shorcode->mo2FAFormShortCode( $atts );
|
2384 |
+
|
2385 |
+
return $html;
|
2386 |
+
}
|
2387 |
+
}
|
2388 |
+
|
2389 |
+
function mo_get_login_form_shortcode( $atts ) {
|
2390 |
+
if ( ! is_user_logged_in() && mo2f_is_customer_registered() ) {
|
2391 |
+
$mo2f_shorcode = new MO2F_ShortCode();
|
2392 |
+
$html = $mo2f_shorcode->mo2FALoginFormShortCode( $atts );
|
2393 |
+
|
2394 |
+
return $html;
|
2395 |
+
}
|
2396 |
+
}
|
2397 |
+
}
|
2398 |
+
|
2399 |
+
function mo2f_is_customer_registered() {
|
2400 |
+
$email = get_option( 'mo2f_email' );
|
2401 |
+
$customerKey = get_option( 'mo2f_customerKey' );
|
2402 |
+
if ( ! $email || ! $customerKey || ! is_numeric( trim( $customerKey ) ) ) {
|
2403 |
+
return 0;
|
2404 |
+
} else {
|
2405 |
+
return 1;
|
2406 |
+
}
|
2407 |
+
}
|
2408 |
+
|
2409 |
+
|
2410 |
+
new Miniorange_Authentication;
|
2411 |
+
?>
|
miniorange_2_factor_support.php
ADDED
@@ -0,0 +1,74 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
|
3 |
+
function mo2f_support() {
|
4 |
+
global $user;
|
5 |
+
global $Mo2fdbQueries;
|
6 |
+
$user = wp_get_current_user();
|
7 |
+
$email = $Mo2fdbQueries->get_user_detail( 'mo2f_user_email', $user->ID );
|
8 |
+
$phone = $Mo2fdbQueries->get_user_detail( 'mo2f_user_phone', $user->ID );
|
9 |
+
$user_email = $email ? $email : $user->user_email;
|
10 |
+
$user_phone = $phone != 'false' ? $phone : '';
|
11 |
+
?>
|
12 |
+
<div class="mo2f_support_layout">
|
13 |
+
<h3><?php echo mo2f_lt( 'Support' ); ?></h3>
|
14 |
+
<hr width="100%">
|
15 |
+
<br>
|
16 |
+
<form name="f" method="post" action="">
|
17 |
+
<div><?php echo mo2f_lt( 'Shoot us a query and we will get back to you.' ); ?> </div>
|
18 |
+
<br>
|
19 |
+
<div><?php echo mo2f_lt( 'Have a look at these FAQ\'s to see if your question has been answered already! ' ); ?>
|
20 |
+
<a href="https://faq.miniorange.com/kb/two-factor-authentication" target="_blank"><b>Frequently Asked
|
21 |
+
Questions.</b></a>
|
22 |
+
</div>
|
23 |
+
|
24 |
+
<br>
|
25 |
+
<div>
|
26 |
+
<table style="width:95%;">
|
27 |
+
<tr>
|
28 |
+
<td>
|
29 |
+
<input type="email" class="mo2f_table_textbox" id="EMAIL_MANDATORY" name="EMAIL_MANDATORY"
|
30 |
+
value="<?php echo $user_email ?>"
|
31 |
+
placeholder="Enter your email" required="true"/>
|
32 |
+
</td>
|
33 |
+
</tr>
|
34 |
+
<tr>
|
35 |
+
<td>
|
36 |
+
<input type="text" class="mo2f_table_textbox" style="width:100% !important;"
|
37 |
+
name="query_phone" id="query_phone"
|
38 |
+
value="<?php echo $user_phone; ?>"
|
39 |
+
placeholder="Enter your phone"/>
|
40 |
+
</td>
|
41 |
+
|
42 |
+
</tr>
|
43 |
+
<tr>
|
44 |
+
<td>
|
45 |
+
<textarea id="query" name="query"
|
46 |
+
style="resize: vertical;width:100%;height:143px;"
|
47 |
+
onkeyup="mo2f_valid(this)" onblur="mo2f_valid(this)" onkeypress="mo2f_valid(this)"
|
48 |
+
placeholder="<?php echo mo2f_lt( 'Your query here...' ); ?>"></textarea>
|
49 |
+
</td>
|
50 |
+
</tr>
|
51 |
+
</table>
|
52 |
+
</div>
|
53 |
+
<br>
|
54 |
+
<input type="hidden" name="option" value="mo_2factor_send_query"/>
|
55 |
+
<input type="submit" name="send_query" id="send_query"
|
56 |
+
value="<?php echo mo2f_lt( 'Submit Query' ); ?>"
|
57 |
+
style="float:right;" class="button button-primary button-large"/>
|
58 |
+
<br><br>
|
59 |
+
</form>
|
60 |
+
<br>
|
61 |
+
</div>
|
62 |
+
<br>
|
63 |
+
|
64 |
+
<script>
|
65 |
+
jQuery("#query_phone").intlTelInput();
|
66 |
+
|
67 |
+
function mo2f_valid(f) {
|
68 |
+
!(/^[a-zA-Z?,.\(\)\/@ 0-9]*$/).test(f.value) ? f.value = f.value.replace(/[^a-zA-Z?,.\(\)\/@ 0-9]/, '') : null;
|
69 |
+
}
|
70 |
+
</script>
|
71 |
+
<?php
|
72 |
+
}
|
73 |
+
|
74 |
+
?>
|
readme.txt
ADDED
@@ -0,0 +1,846 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
=== Google Authenticator - WordPress Two Factor Authentication (2FA) ===
|
2 |
+
Contributors: cyberlord92, twofactor
|
3 |
+
Tags: google authenticator, two factor authentication, two factor, 2FA, TFA, 2 factor authentication, two step verification, 1 google authenticator, login, authy, authy two factor, Clef, 2 Factor, yubico, Two-Factor Authentication, Mobile Authentication, otp, strong authentication, 2 step authentication, smartphone authentication, Multifactor authentication, multi factor authentication, multi factor, no password, passwordless login, security, website security, one time passcode, password, soft token, woocommerce, authenticate, two factor auth, two-factor, duo, QR Code, QR Code Authentication, scan QR Code, wordfence, login security, google authenticator, google , email verification, trusted device, device Id , KBA , knowledge based authentication
|
4 |
+
Donate link: https://miniorange.com/
|
5 |
+
Requires at least: 3.0.1
|
6 |
+
Tested up to: 4.9.4
|
7 |
+
Requires PHP: 5.3.0
|
8 |
+
Stable tag: 5.1.7
|
9 |
+
License: GPLv2 or later
|
10 |
+
License URI: http://www.gnu.org/licenses/gpl-2.0.html
|
11 |
+
|
12 |
+
Google Authenticator and Best Enterprise Grade Two Factor Authentication (2FA). Supports Google Authenticator, QR Code, Push Notification, Soft Token and Security Questions(KBA) for Unlimited Users in the free version of the plugin.
|
13 |
+
|
14 |
+
== Description ==
|
15 |
+
|
16 |
+
|
17 |
+
**Note: The miniOrange 2-factor authentication plugin for Wordpress is GDPR Compliant now**
|
18 |
+
|
19 |
+
Secure your WordPress login with an additional layer of security from us! The setup takes minutes, yet protects your site forever.
|
20 |
+
This plugin provides two factor authentication (TFA) during login. If you are looking for OTP Verification of users during <b>Registration</b> then we have a separate plugin for this. <a href="https://wordpress.org/plugins/miniorange-otp-verification/"> Click Here </a> to learn more.
|
21 |
+
|
22 |
+
<h4>Free Plugin Features</h4>
|
23 |
+
|
24 |
+
* Two Factor Authentication (2FA) for **1 User** forever
|
25 |
+
* **Available Authentication Methods:** Google Authenticator, QR Code, Push Notification, Soft Token and Security Questions(KBA)
|
26 |
+
* Language Translation Support
|
27 |
+
* Two Factor Authentication (2FA) allows authentication on login page itself for Google Authenticator & miniOrange Soft Token.
|
28 |
+
|
29 |
+
<h4>Standard Plugin Features</h4>
|
30 |
+
|
31 |
+
* Two Factor Authentication (2FA) for Users as per the upgrade *( User-based pricing )*
|
32 |
+
* **Available Authentication Methods:** Google Authenticator, QR Code, Push Notification, Soft Token, Security Questions(KBA), Authy Authenticator, OTP Over Email, OTP Over SMS, OTP Over SMS and Email, Email Verification. *( SMS and Email credits need to be purchased as per the need)*
|
33 |
+
* Language Translation Support
|
34 |
+
* **Multiple Login Options:** Username + password + two-factor (or) Username + two-factor
|
35 |
+
* **Backup Method:** KBA(Security Questions)
|
36 |
+
* Multi-Site Support
|
37 |
+
* User role based redirection after Login, Custom Security Questions (KBA), Customize account name in Google Authenticator app
|
38 |
+
|
39 |
+
<h4>Premium Plugin Features</h4>
|
40 |
+
|
41 |
+
* Two Factor Authentication (2FA) for Users as per the upgrade *( User-based pricing )*
|
42 |
+
* **Available Authentication Methods:** Google Authenticator, QR Code, Push Notification, Soft Token, Security Questions(KBA), Authy Authenticator, OTP Over Email, OTP Over SMS, OTP Over SMS and Email, Email Verification, Hardware Token. *( SMS and Email credits need to be purchased as per the need)*
|
43 |
+
* Language Translation Support
|
44 |
+
* **Multiple Login Options:** Username + password + two-factor (or) Username + two-factor
|
45 |
+
* **Backup Methods:** KBA(Security Questions), OTP Over Email, Backup Codes
|
46 |
+
* Multi-Site Support
|
47 |
+
* Email notification to users asking them to set up Two Factor Authentication (2FA).
|
48 |
+
* User role based redirection after Login, Custom Security Questions (KBA), Customize account name in Google Authenticator app.
|
49 |
+
* Enable Two Factor Authentication (2FA) for specific Users/User Roles
|
50 |
+
* Choose specific authentication methods for Users
|
51 |
+
* App Specific Password to login from mobile Apps
|
52 |
+
* **Add-Ons Included:** RBA & Trusted Devices Management Add-on, Personalization Add-on and Short Codes Add-on
|
53 |
+
|
54 |
+
<h4>Add Ons [Free and Standard Plans, Inclusive in the Premium Plan]</h4>
|
55 |
+
|
56 |
+
* RBA & Trusted Devices Management Add-on Features
|
57 |
+
* Remember Device
|
58 |
+
* Set Device Limit for the users to login
|
59 |
+
* IP Restriction: Limit users to login from specific IPs
|
60 |
+
* Personalization Add-on Features
|
61 |
+
* Custom UI of Two Factor Authentication (2FA) popups
|
62 |
+
* Custom Email and SMS Templates
|
63 |
+
* Customize 'powered by' Logo
|
64 |
+
* Customize Plugin Icon
|
65 |
+
* Customize Plugin Name
|
66 |
+
* Add Recaptcha on Login Page
|
67 |
+
* Short Codes Add-on Features
|
68 |
+
* Option to turn on/off 2-factor by user
|
69 |
+
* Option to configure the Google Authenticator and Security Questions by user
|
70 |
+
* Option to 'Enable Remember Device' from a custom login form
|
71 |
+
* On-Demand ShortCodes for specific functionalities ( like for enabling 2FA for specific pages)
|
72 |
+
|
73 |
+
<h4>Apps Supported by the plugin:</h4>
|
74 |
+
* miniOrange Authenticator App.
|
75 |
+
* Google Authenticator App.
|
76 |
+
* Authy 2-Factor Authentication App [STANDARD / PREMIUM FEATURE]
|
77 |
+
|
78 |
+
Customized solutions and Active support is available. Email us at info@miniorange.com or call us at +1 9786589387.
|
79 |
+
|
80 |
+
== Installation ==
|
81 |
+
|
82 |
+
= From your WordPress dashboard =
|
83 |
+
1. Navigate to `Plugins > Add New` from your WP Admin dashboard.
|
84 |
+
2. Search for `miniOrange 2 Factor Authentication`.
|
85 |
+
3. Install `miniOrange 2 Factor Authentication` and Activate the plugin.
|
86 |
+
|
87 |
+
= From WordPress.org =
|
88 |
+
1. Search for `miniOrange 2 Factor Authentication` and download it.
|
89 |
+
2. Unzip and upload the `miniorange-2-factor-authentication` directory to your `/wp-content/plugins/` directory.
|
90 |
+
3. Activate miniOrange 2 Factor Authentication from the Plugins tab of your admin dashboard.
|
91 |
+
|
92 |
+
= Once Activated =
|
93 |
+
1. Select miniOrange 2-Factor from the left menu and follow the instructions.
|
94 |
+
2. Once, you complete your setup. Click on Log Out button.
|
95 |
+
3. Enter the username and password. After the initial validation, you will be prompted for the 2-factor method you had set up.
|
96 |
+
4. Validate yourself with the 2-factor authentication method you configured.
|
97 |
+
|
98 |
+
== Frequently Asked Questions ==
|
99 |
+
|
100 |
+
= How do I gain access to my website if I get locked out? =
|
101 |
+
|
102 |
+
You can obtain access to your website by one of the below options:
|
103 |
+
|
104 |
+
1. If you have an additional administrator account whose Two Factor is not enabled yet, you can login with it.
|
105 |
+
2. If you had setup KBA questions earlier, you can use them as an alternate method to login to your website.
|
106 |
+
3. Rename the plugin from FTP - this disables the Two-Factor (2FA) plugin and you will be able to login with your Wordpress username and password.
|
107 |
+
4. Go to WordPress Database. Select wp_options, search for mo2f_activate_plugin key and update its value to 0. Two Factor will get disabled.
|
108 |
+
|
109 |
+
= I want to enable Two-Factor Authentication (2FA) role wise ? =
|
110 |
+
|
111 |
+
You can select the roles under Login Settings tab to enable the plugin role wise. [PREMIUM FEATURE]
|
112 |
+
|
113 |
+
= I have enabled Two-Factor Authentication (2FA) for all users, what happens if an end user tries to login but has not yet registered ? =
|
114 |
+
|
115 |
+
If a user has not setup Two-Factor yet, user has to register by inline registration that will be invoked during the login.
|
116 |
+
|
117 |
+
= I want to enable only one authentication method for my users. What shloud I do? =
|
118 |
+
|
119 |
+
You can select the authentication methods under Login Settings tab. The selected authentication methods will be shown to the user during inline registration. [PREMIUM FEATURE]
|
120 |
+
|
121 |
+
= I am getting the fatal error of call to undefined function json_last_error(). What should I do? =
|
122 |
+
|
123 |
+
Please check your php version. The plugin is supported in php version 5.3.0 or above. You need to upgrade your php version to 5.3.0 or above to use the plugin.
|
124 |
+
|
125 |
+
= I did not recieve OTP while trying to register with miniOrange. What should I do? =
|
126 |
+
|
127 |
+
The OTP is sent to your email address with which you have registered with miniOrange. If you can't see the email from miniOrange in your mails, please make sure to check your SPAM folder. If you don't see an email even in SPAM folder, please submit a query in our Support Section in the plugin or you can contact us at info@miniorange.com.
|
128 |
+
|
129 |
+
= I want to configure 2nd factor by Google Authenticator. =
|
130 |
+
|
131 |
+
Select the radio button next to Google Authenticator/Authy App and select the phone type and then scan the QR Code by Google Authenticator App. Enter the 6 digit code in the textbox and click on Save and verify buuton.
|
132 |
+
|
133 |
+
= I want to configure 2nd factor by Authy 2-Factor Authentication App. =
|
134 |
+
|
135 |
+
Select the radio button next to Google Authenticator/Authy App and select the phone type and then scan the QR Code by Authy 2-Factor Authentication App. Enter the 6 digit code from the Authy App into the textbox available and click on Save and Verifiy button.
|
136 |
+
|
137 |
+
= I forgot the password of my miniOrange account. How can I reset it? =
|
138 |
+
|
139 |
+
There are two cases according to the page you see -<br>
|
140 |
+
1. Login with miniOrange screen: You should click on forgot password link. You will get a new password on your email address with which you have registered with miniOrange . Now you can login with the new password.
|
141 |
+
|
142 |
+
2. Register with miniOrange screen: Enter your email ID and any random password in password and confirm password input box. This will redirect you to Login with miniOrange screen. Now follow first step.
|
143 |
+
|
144 |
+
= I have a custom / front-end login page on my site and I want the look and feel to remain the same when I add 2 factor ? =
|
145 |
+
|
146 |
+
If you have a custom login form other than wp-login.php then we will provide you the shortcode. Shortcode will work only for the customized login page created from wordpress plugins. We are not claiming that it will work with all the customized login page. In such case, custom work is needed to integrate two factor with your customized login page. You can submit a query in our <b>Support Section</b> in the plugin or you can contact us at info@miniorange.com for more details.
|
147 |
+
|
148 |
+
= I have Woocommerce theme login page on my site. How can I enable Two Factor ? =
|
149 |
+
|
150 |
+
If you have Woocommerce theme login then go to Advanced Options Tab and check Enable Two-Factor for Woocommerce Front End Login. If you need any help setting up 2-Factor for your Woocommerce theme login form, please submit a query in our Support Section in the plugin or you can contact us at info@miniorange.com.
|
151 |
+
|
152 |
+
= I have installed plugins which limit the login attempts like Limit Login Attempt, Loginizer, Wordfence etc. Is there any incompatibilities with these kind of plugins? =
|
153 |
+
|
154 |
+
The limit login attempt kind of plugins limit the number of login attempts and block the IP temporarily. So if you are using 2 factor along with these kind of plugins then you should increase the login attempts (minimum 5) so that you dont get locked out yourself.
|
155 |
+
|
156 |
+
= If you are using any Security Plugin in WordPress like Simple Security Firewall, All in One WP Security Plugin and you are not able to login with Two-Factor. =
|
157 |
+
|
158 |
+
Our Two-Factor plugin is compatible with most of the security plugins, but if it is not working for you. Please submit a query in our Support Section in the plugin or you can contact us at info@miniorange.com.
|
159 |
+
|
160 |
+
= If you are using any render blocking javascript and css plugin like Async JS and CSS Plugin and you are not able to login with Two-Factor or your screen got blank. =
|
161 |
+
|
162 |
+
If you are using Async JS and CSS Plugin. Please go to its settings and add jquery in the list of exceptions and save settings. It will work. If you are still not able to get it right, Please submit a query in our Support Section in the plugin or you can contact us at info@miniorange.com.
|
163 |
+
|
164 |
+
= My users have different types of phones. What phones are supported? =
|
165 |
+
|
166 |
+
We support all types of phones. Smart Phones, Basic Phones, Landlines, etc. Go to Setup Two-Factor Tab and select Two-Factor method of your choice from a range of 8 different options.
|
167 |
+
|
168 |
+
= What if a user does not have a smart phone? =
|
169 |
+
|
170 |
+
You can select OTP over SMS, Phone Call Verification or Email Verification as your Two-Factor method. All these methods are supported on basic phones.
|
171 |
+
|
172 |
+
= What if a user does not have any phone? =
|
173 |
+
|
174 |
+
You can select Email Verification or Security Questions (KBA) as your Two-Factor method.
|
175 |
+
|
176 |
+
= What if I am trying to login from my phone ? =
|
177 |
+
|
178 |
+
If your Security Questions (KBA) are configured then you will be asked to answer them when you are logging in from your phone.
|
179 |
+
|
180 |
+
= I want to hide default login form and just want to show login with phone? =
|
181 |
+
|
182 |
+
You should go to <b>Login Settings Tab</b> and check <b>Login with Phone Only</b> checkbox to hide the default login form.
|
183 |
+
|
184 |
+
|
185 |
+
= My phone has no internet connectivity and configured 2nd factor with miniOrange App, how can I login? =
|
186 |
+
|
187 |
+
You can login using our alternate login method. Please follow below steps to login:
|
188 |
+
|
189 |
+
* Enter your username and click on login with your phone.
|
190 |
+
* Click on <b>Phone is Offline?</b> button below QR Code.
|
191 |
+
* You will see a textbox to enter one time passcode.
|
192 |
+
* Open miniOrange Authenticator App and Go to Soft Token Tab.
|
193 |
+
* Enter the one time passcode shown in miniOrange Authenticator App in textbox, just like Google authenticator.
|
194 |
+
* Click on submit button to validate the otp.
|
195 |
+
* Once you are authenticated, you will be logged in.
|
196 |
+
|
197 |
+
= My phone is lost, stolen or discharged. How can I login? =
|
198 |
+
|
199 |
+
You can login using our alternate login method. Click on the Forgot Phone link and you will get 2 alternate methods to login. Select "Send a one time passcode to my registered email" to authenticate by OTP over EMAIL or Select "Answer your Security Questions (KBA)" to authenticate by knowledge based authenticaion.
|
200 |
+
|
201 |
+
= My phone has no internet connectivity and i am entering the one time passcode from miniOrange Authenticator App, it says Invalid OTP? =
|
202 |
+
|
203 |
+
Click on the <b>Settings Icon</b> on top right corner in <b>miniOrange Authenticator App</b> and then press <b>Sync button</b> under 'Time correction for codes' to sync your time with miniOrange Servers. If you still can't logged in then please email us at info@miniorange.com or <a href="https://miniorange.com/contact" target="_blank">Contact us</a>.Soft Token method is just like google authenticator method.
|
204 |
+
|
205 |
+
= I want to go back to default login with password? =
|
206 |
+
|
207 |
+
You should go to <b>Login Settings Tab</b> and uncheck <b>Enable Two-Factor plugin</b> checkbox. This will disable 2-Factor and you can login using wordpress default login.
|
208 |
+
|
209 |
+
= I am upgrading my phone. =
|
210 |
+
|
211 |
+
You should go to <b>Setup Two Factor</b> Tab and click on <b>Reconfigure</b> to reconfigure 2-Factor with your new phone.
|
212 |
+
|
213 |
+
= What If I want to use any other second factor like OTP Over SMS, Security Questions, Device Id, etc ? =
|
214 |
+
|
215 |
+
miniOrange authentication service has 15+ authentication methods.One time passcodes (OTP) over SMS, OTP over Email, OTP over SMS and Email, Out of Band SMS, Out of Band Email, Soft Token, Push Notification, USB based Hardware token (yubico), Security Questions, Mobile Authentication (QR Code Authentication), Voice Authentication (Biometrics), Phone Verification, Device Identification, Location, Time of Access User Behavior. To know more about authentication methods, please visit <a href="https://miniorange.com/strong_auth" target="_blank">https://miniorange.com/strong_auth </a>. If you want to have any other 2-factor for your WordPress site, please email us at info@miniorange.com or <a href="https://miniorange.com/contact" target="_blank">Contact us</a>.
|
216 |
+
|
217 |
+
== Screenshots ==
|
218 |
+
|
219 |
+
1. Setup different 2-Factor methods.
|
220 |
+
2. Enable or Disable 2-factor for Users.
|
221 |
+
3. 2 Factor Authentication prompt during Login.
|
222 |
+
|
223 |
+
== Changelog ==
|
224 |
+
|
225 |
+
=5.1.7=
|
226 |
+
* Google Authenticator-Two Factor Authentication (2FA) : Bug fix for DB error after Update.
|
227 |
+
|
228 |
+
= 5.1.6 =
|
229 |
+
* Google Authenticator-Two Factor Authentication (2FA) : Bug fix for DB error.
|
230 |
+
|
231 |
+
= 5.1.5 =
|
232 |
+
* Google Authenticator-Two Factor Authentication (2FA) : UI changes.
|
233 |
+
|
234 |
+
= 5.1.4 =
|
235 |
+
* Google Authenticator-Two Factor Authentication (2FA) : Bug fixes for redirect to login page issues.
|
236 |
+
|
237 |
+
= 5.1.3 =
|
238 |
+
* Google Authenticator-Two Factor Authentication (2FA) : Minor bug fixes.
|
239 |
+
|
240 |
+
= 5.1.2 =
|
241 |
+
* Google Authenticator-Two Factor Authentication (2FA) : Changes in registration flow.
|
242 |
+
|
243 |
+
= 5.1.1 =
|
244 |
+
* Google Authenticator-Two Factor Authentication (2FA) : Minor changes.
|
245 |
+
|
246 |
+
= 5.1.0 =
|
247 |
+
* Google Authenticator-Two Factor Authentication (2FA) : Added new user plans.
|
248 |
+
|
249 |
+
= 5.0.17 =
|
250 |
+
* Google Authenticator-Two Factor Authentication (2FA) : Minor Bug fix.
|
251 |
+
|
252 |
+
= 5.0.16 =
|
253 |
+
* Google Authenticator-Two Factor Authentication (2FA) : Bug fixes.
|
254 |
+
|
255 |
+
= 5.0.15 =
|
256 |
+
* Google Authenticator-Two Factor Authentication (2FA) : Added Google Authenticator option in the WP login page itself.
|
257 |
+
|
258 |
+
= 5.0.14 =
|
259 |
+
* Google Authenticator-Two Factor Authentication (2FA) : Bug Fixs.
|
260 |
+
|
261 |
+
= 5.0.13 =
|
262 |
+
* Google Authenticator-Two Factor Authentication (2FA) : Bug Fix and code optimization.
|
263 |
+
|
264 |
+
= 5.0.12 =
|
265 |
+
* Google Authenticator-Two Factor Authentication (2FA) : Added GDPR Compliance.
|
266 |
+
|
267 |
+
= 5.0.11 =
|
268 |
+
* Google Authenticator-Two Factor Authentication (2FA) : Readme Update.
|
269 |
+
|
270 |
+
= 5.0.10 =
|
271 |
+
* Google Authenticator-Two Factor Authentication (2FA) : Added Proxy Setup feature.
|
272 |
+
|
273 |
+
= 5.0.9 =
|
274 |
+
* Google Authenticator-Two Factor Authentication (2FA) : Bug Fix for "The loopback request to your site failed." error.
|
275 |
+
|
276 |
+
= 5.0.8 =
|
277 |
+
* Google Authenticator-Two Factor Authentication (2FA) : Changes for 2FA Free plugin for 1 user forever.
|
278 |
+
|
279 |
+
= 5.0.7 =
|
280 |
+
* Google Authenticator-Two Factor Authentication (2FA) : Bug Fix for User Registration and other plugin conflicts in Dashboard.
|
281 |
+
|
282 |
+
= 5.0.6 =
|
283 |
+
* Google Authenticator-Two Factor Authentication (2FA) : Bug Fix for existing customers who upgraded from 4.5.x version to versions between 5.0.0 and 5.0.4 and are facing issues with the Account Setup Tab.
|
284 |
+
|
285 |
+
= 5.0.5 =
|
286 |
+
* Google Authenticator-Two Factor Authentication (2FA) : Bug fix for user entry during plugin update.
|
287 |
+
|
288 |
+
= 5.0.4 =
|
289 |
+
* Google Authenticator-Two Factor Authentication (2FA) : Workaround for errors during sending of OTP during registration.
|
290 |
+
|
291 |
+
= 5.0.3 =
|
292 |
+
* Google Authenticator-Two Factor Authentication (2FA) : Minor fix for removing warings.
|
293 |
+
|
294 |
+
= 5.0.2 =
|
295 |
+
* Google Authenticator-Two Factor Authentication (2FA) : Bug fix.
|
296 |
+
|
297 |
+
= 5.0.1 =
|
298 |
+
* Google Authenticator-Two Factor Authentication (2FA) : Bug fix.
|
299 |
+
|
300 |
+
= 5.0.0 =
|
301 |
+
* Google Authenticator-Two Factor Authentication (2FA) : New UI Interface, 2-factor authentication for Unlimited Users.
|
302 |
+
* This is a major release.
|
303 |
+
|
304 |
+
= 4.6.2 =
|
305 |
+
* Google Authenticator-Two Factor Authentication (2FA) : Plugin registration fixes and minor warning fixes.
|
306 |
+
|
307 |
+
= 4.6.1 =
|
308 |
+
* Google Authenticator-Two Factor Authentication (2FA) : Login error fix. Please skip version 4.5.9 and update to version 4.6.1
|
309 |
+
|
310 |
+
= 4.5.9 =
|
311 |
+
* Google Authenticator-Two Factor Authentication (2FA) : Bug fixes for customers who were getting redirected to the login page after the two factor authentication.
|
312 |
+
|
313 |
+
= 4.5.8 =
|
314 |
+
* Google Authenticator-Two Factor Authentication (2FA) : Tested upto 4.9.4 and Removed External links.
|
315 |
+
|
316 |
+
= 4.5.7 =
|
317 |
+
* Google Authenticator-Two Factor Authentication (2FA) : Minor bug fixes.
|
318 |
+
|
319 |
+
= 4.5.6 =
|
320 |
+
* Google Authenticator-Two Factor Authentication (2FA) : Tested upto Wordpress 4.9.
|
321 |
+
|
322 |
+
= 4.5.5 =
|
323 |
+
* Google Authenticator-Two Factor Authentication (2FA) : 404 bug fixes.
|
324 |
+
|
325 |
+
= 4.5.4 =
|
326 |
+
* Google Authenticator-Two Factor Authentication (2FA) : Better UI of Login Pages, Fixed Redirection issue. Fixed the error in the last version (4.5.3) for the customers who were getting undefined action error.
|
327 |
+
|
328 |
+
= 4.5.3 =
|
329 |
+
* Google Authenticator-Two Factor Authentication (2FA) : Changed UI of the Login Pages, Redirect to Login Page bug fixes.
|
330 |
+
|
331 |
+
= 4.5.2 =
|
332 |
+
* Google Authenticator-Two Factor Authentication (2FA) : Readme Update: Description Update
|
333 |
+
|
334 |
+
= 4.5.1 =
|
335 |
+
* Google Authenticator-Two Factor Authentication (2FA) : Updated the new Authenticator App's link and the 'How to Setup Tab' tab.
|
336 |
+
|
337 |
+
= 4.5.0 =
|
338 |
+
* Google Authenticator-Two Factor Authentication (2FA) : Fix Google Authenticator configuration issue.
|
339 |
+
|
340 |
+
= 4.4.9 =
|
341 |
+
* Google Authenticator-Two Factor Authentication (2FA) : Added Alert Message for SMS Transactions only when authentication method is OTP over SMS.
|
342 |
+
|
343 |
+
= 4.4.8 =
|
344 |
+
* Google Authenticator-Two Factor Authentication (2FA) : Added Alert Message for SMS Transactions. Fixed Remember Device flow and confliction with themes. Added support for multiple instances of wordpress.
|
345 |
+
|
346 |
+
= 4.4.7 =
|
347 |
+
* Google Authenticator-Two Factor Authentication (2FA) : Updated the error message for 2-factor configuration.
|
348 |
+
|
349 |
+
= 4.4.6 =
|
350 |
+
* Google Authenticator-Two Factor Authentication (2FA) : Instructions for login in case user get locked out.
|
351 |
+
|
352 |
+
|
353 |
+
= 4.4.5 =
|
354 |
+
* Google Authenticator-Two Factor Authentication (2FA) : Fixed the issue of session variable on the login with username page.
|
355 |
+
|
356 |
+
= 4.4.4 =
|
357 |
+
* Google Authenticator-Two Factor Authentication (2FA) : Added alert messages for OTP over SMS usages.
|
358 |
+
|
359 |
+
= 4.4.3 =
|
360 |
+
* Google Authenticator-Two Factor Authentication (2FA) : Fixed the login flow for third party Apps that supports XML-RPC.
|
361 |
+
|
362 |
+
= 4.4 =
|
363 |
+
* Google Authenticator-Two Factor Authentication (2FA):
|
364 |
+
* Compatibility with Limit Login Attempts.
|
365 |
+
* New User Interface for login.
|
366 |
+
|
367 |
+
= 4.3.1 =
|
368 |
+
* Google Authenticator-Two Factor Authentication (TFA): Compatible upto 4.7
|
369 |
+
|
370 |
+
= 4.3.0 =
|
371 |
+
* Google Authenticator-Two Factor Authentication (TFA): Updated miniOrange APIs.
|
372 |
+
|
373 |
+
= 4.2.9 =
|
374 |
+
* Google Authenticator-Two Factor Authentication (TFA): Tested upto WordPress 4.6.
|
375 |
+
|
376 |
+
= 4.2.7 =
|
377 |
+
* Google Authenticator-Two Factor Authentication (TFA): Session Warnig fix in the last version for some of the users.
|
378 |
+
|
379 |
+
= 4.2.6 =
|
380 |
+
* Google Authenticator-Two Factor Authentication (TFA): Compatible with wordpress caching.
|
381 |
+
|
382 |
+
= 4.2.5 =
|
383 |
+
* Google Authenticator-Two Factor Authentication (TFA): Improved the session handler.
|
384 |
+
|
385 |
+
= 4.2.4 =
|
386 |
+
* Google Authenticator-Two Factor Authentication (TFA): Updated faq for limit login attempt type of plugins.
|
387 |
+
|
388 |
+
= 4.2.3 =
|
389 |
+
* Google Authenticator-Two Factor Authentication ( 2FA ):
|
390 |
+
* Improved Error handling during Account Creation.
|
391 |
+
|
392 |
+
= 4.2.2 =
|
393 |
+
* Google Authenticator-Two Factor Authentication ( 2FA ):
|
394 |
+
* Registration Flow fixes
|
395 |
+
|
396 |
+
= 4.2.1 =
|
397 |
+
* Google Authenticator-Two Factor Authentication ( 2FA ):
|
398 |
+
* Change of status during login with phone flow and tested with WP 4.5
|
399 |
+
|
400 |
+
= 4.2.0 =
|
401 |
+
* Google Authenticator-Two Factor Authentication ( 2FA ):
|
402 |
+
* Mark as tested on Wordpress 4.5
|
403 |
+
|
404 |
+
= 4.1.8 =
|
405 |
+
* Google Authenticator-Two Factor Authentication ( 2FA ):
|
406 |
+
* Changed the location of images used for demo. Now being loaded from the site having SSL certificate.
|
407 |
+
|
408 |
+
= 4.1.7 =
|
409 |
+
* Google Authenticator-Two Factor Authentication ( 2FA ):
|
410 |
+
* Improved Error Handling for Remember Device.
|
411 |
+
|
412 |
+
= 4.1.6 =
|
413 |
+
* Google Authenticator-Two Factor Authentication ( 2FA ):
|
414 |
+
* Licensing Plan Updated.
|
415 |
+
|
416 |
+
= 4.1.5 =
|
417 |
+
* Google Authenticator-Two Factor Authentication ( 2FA ):
|
418 |
+
* Added Forgot Password functionality for miniOrange customer admin.
|
419 |
+
* Added warning message for the users who are using lower version of php.
|
420 |
+
* Added functionlity to change the customer email.
|
421 |
+
|
422 |
+
= 4.1.4 =
|
423 |
+
* Google Authenticator-Two Factor Authentication ( 2FA ):
|
424 |
+
* Added an option for admin to enable or disable login for XML-RPC supported applications.
|
425 |
+
|
426 |
+
= 4.1.3 =
|
427 |
+
* Google Authenticator-Two Factor Authentication ( 2FA ):
|
428 |
+
* Fixed CSS Conflict with the plugins in the admin dashboard.
|
429 |
+
* More intuitive UI for woocommerce login.
|
430 |
+
* Tested front-end login with themes like wordpress default theme,
|
431 |
+
customizr theme,zerif-lite theme,accesspress store theme,ishop theme and many more.
|
432 |
+
|
433 |
+
= 4.1.2 =
|
434 |
+
* Google Authenticator-Two Factor Authentication ( 2FA ): Google Authenticator for Windows phone
|
435 |
+
* Fixed CSS conflict with front-end of site if woocommerce is not enabled.
|
436 |
+
|
437 |
+
= 4.1.1 =
|
438 |
+
* Google Authenticator-Two Factor Authentication ( 2FA ): Adding Validation in choosing Security Questions (KBA).
|
439 |
+
|
440 |
+
= 4.1.0 =
|
441 |
+
* Google Authenticator-Two Factor Authentication ( 2FA ): Features added.
|
442 |
+
multisite support
|
443 |
+
Custom login redirection
|
444 |
+
Authy 2-Factor Authentication as separate authentication method
|
445 |
+
|
446 |
+
= 4.0.5 = Login into third party apps which support XML-RPC.
|
447 |
+
|
448 |
+
= 4.0.4 = Added a check of KBA configuration from mobile login.
|
449 |
+
|
450 |
+
= 4.0.3 = Added Support for Authy 2-Factor Authentication App.
|
451 |
+
|
452 |
+
= 4.0.2 = Added a check for selection of unique questions during KBA setup.
|
453 |
+
|
454 |
+
= 4.0.1 = Bug Fix
|
455 |
+
|
456 |
+
= 4.0 =
|
457 |
+
* Two Factor Authentication ( 2FA ): Features added.
|
458 |
+
* KBA as backup method.
|
459 |
+
* mobile browser support.
|
460 |
+
* more intuitive UI for woocommerce login.
|
461 |
+
|
462 |
+
= 3.8 =
|
463 |
+
* Two Factor Authentication ( 2FA ): Bug Fix.
|
464 |
+
|
465 |
+
= 3.7 =
|
466 |
+
* Two Factor Authentication ( 2FA ): Activation of two factor role wise.
|
467 |
+
|
468 |
+
= 3.6 =
|
469 |
+
* Two Factor Authentication ( 2FA ): email verification in inline registration flow for all users.
|
470 |
+
More descriptive setup messages and UI changes.
|
471 |
+
|
472 |
+
= 3.5 =
|
473 |
+
* Two Factor Authentication ( 2FA ): Provided mobile login support.
|
474 |
+
|
475 |
+
= 3.4 =
|
476 |
+
* Two Factor Authentication ( 2FA ): Features added
|
477 |
+
* Inline registration flow for users.
|
478 |
+
* Security Questions (KBA) as additional method
|
479 |
+
* Alternate way of user identification in customer creation.
|
480 |
+
* premium customizable features.
|
481 |
+
|
482 |
+
= 3.3 =
|
483 |
+
* Two Factor Authentication ( 2FA ): Fix the issue of session for some versions of php.
|
484 |
+
|
485 |
+
= 3.2 =
|
486 |
+
* Two Factor Authentication ( 2FA ): Fix for device-id compatibility.
|
487 |
+
|
488 |
+
= 3.1 =
|
489 |
+
* Two Factor Authentication ( 2FA ): Fix for 2FA ShortCode.
|
490 |
+
|
491 |
+
= 3.0 =
|
492 |
+
* Two Factor Authentication ( 2FA ): Features added
|
493 |
+
* Google Authenticator.
|
494 |
+
* Device Id (Remember device).
|
495 |
+
* Choice given to admin to enable specific authentication methods for users.
|
496 |
+
* Two Factor support for woocommerce theme.
|
497 |
+
* Short Code for various customized frontend login.
|
498 |
+
* More intuitive UI and descriptive instructions.
|
499 |
+
|
500 |
+
= 2.6 =
|
501 |
+
* Two Factor Authentication ( 2FA ): Fix the compatibility issues of user session with other security plugins.
|
502 |
+
|
503 |
+
= 2.5 =
|
504 |
+
* Two Factor Authentication ( 2FA ): Fix the compatibility issues with All In One WP Security & Firewall plugin.
|
505 |
+
|
506 |
+
= 2.4 =
|
507 |
+
* Two Factor Authentication ( 2FA ): UI fixes for admin media library dashboard.
|
508 |
+
|
509 |
+
= 2.3 =
|
510 |
+
* Two Factor Authentication ( 2FA ): More descriptive setup messages, more intuitive UI.
|
511 |
+
|
512 |
+
= 2.2 =
|
513 |
+
* Two Factor Authentication ( 2FA ): Fixed css issues for existing users
|
514 |
+
|
515 |
+
= 2.1 =
|
516 |
+
* Two Factor Authentication ( 2FA ): Added support for multiple Two Factor Choices like OTP Over SMS, Phone Call Verification, Push Notification, Soft Token (like Google Authenticator Code), Email Verification, etc.
|
517 |
+
|
518 |
+
= 2.0 =
|
519 |
+
* Two Factor Authentication ( 2FA ): Added login with password plus second factor feature.
|
520 |
+
|
521 |
+
= 1.8 =
|
522 |
+
* Two Factor Authentication ( 2FA ): Added feature of different login form choice,test authentication and help for configuration and setup.
|
523 |
+
|
524 |
+
= 1.7 =
|
525 |
+
* Bug Fixes Two Factor Authentication ( 2FA ): Modifying login screen adaptable to user's login form
|
526 |
+
|
527 |
+
= 1.6 =
|
528 |
+
* Bug Fixes Two Factor Authentication ( 2FA ): fetching 2 factor configuration when activating the plugin after deactivating it.
|
529 |
+
|
530 |
+
= 1.5 =
|
531 |
+
* Bug Fixes Two Factor Authentication ( 2FA ): Login issues and password save issues resolved
|
532 |
+
|
533 |
+
= 1.4 =
|
534 |
+
* Bug Fixes Two Factor Authentication ( 2FA ): Authentication was not working on some version of php.
|
535 |
+
|
536 |
+
= 1.3 =
|
537 |
+
* Bug Fixes
|
538 |
+
|
539 |
+
= 1.2 =
|
540 |
+
* Two Factor Authentication ( 2FA ): Added 2 factor for all users along with forgot phone functionality.
|
541 |
+
|
542 |
+
= 1.1 =
|
543 |
+
* Two Factor Authentication ( 2FA ): Added email ID verification during registration.
|
544 |
+
|
545 |
+
= 1.0.0 =
|
546 |
+
* First version of Two Factor Authentication ( 2FA ) plugin supported with mobile auhthentication for admin only.
|
547 |
+
|
548 |
+
== Upgrade Notice ==
|
549 |
+
|
550 |
+
=5.1.7=
|
551 |
+
* Google Authenticator-Two Factor Authentication (2FA) : Bug fix for DB error after Update.
|
552 |
+
|
553 |
+
= 5.1.6 =
|
554 |
+
* Google Authenticator-Two Factor Authentication (2FA) : Bug fix for DB error.
|
555 |
+
|
556 |
+
= 5.1.5 =
|
557 |
+
* Google Authenticator-Two Factor Authentication (2FA) : UI changes.
|
558 |
+
|
559 |
+
= 5.1.4 =
|
560 |
+
* Google Authenticator-Two Factor Authentication (2FA) : Bug fixes for redirect to login page issues.
|
561 |
+
|
562 |
+
= 5.1.3 =
|
563 |
+
* Google Authenticator-Two Factor Authentication (2FA) : Minor bug fixes.
|
564 |
+
|
565 |
+
= 5.1.2 =
|
566 |
+
* Google Authenticator-Two Factor Authentication (2FA) : Changes in registration flow.
|
567 |
+
|
568 |
+
= 5.1.1 =
|
569 |
+
* Google Authenticator-Two Factor Authentication (2FA) : Minor changes.
|
570 |
+
|
571 |
+
= 5.1.0 =
|
572 |
+
* Google Authenticator-Two Factor Authentication (2FA) : Added new user plans
|
573 |
+
|
574 |
+
= 5.0.17 =
|
575 |
+
* Google Authenticator-Two Factor Authentication (2FA) : Minor Bug fix.
|
576 |
+
|
577 |
+
= 5.0.16 =
|
578 |
+
* Google Authenticator-Two Factor Authentication (2FA) : Bug fixes.
|
579 |
+
|
580 |
+
= 5.0.15 =
|
581 |
+
* Google Authenticator-Two Factor Authentication (2FA) : Added Google Authenticator option in the WP login page itself.
|
582 |
+
|
583 |
+
= 5.0.14 =
|
584 |
+
* Google Authenticator-Two Factor Authentication (2FA) : Bug Fixs.
|
585 |
+
|
586 |
+
= 5.0.13 =
|
587 |
+
* Google Authenticator-Two Factor Authentication (2FA) : Bug Fix and code optimization.
|
588 |
+
|
589 |
+
= 5.0.12 =
|
590 |
+
* Google Authenticator-Two Factor Authentication (2FA) : Added GDPR Compliance.
|
591 |
+
|
592 |
+
= 5.0.11 =
|
593 |
+
* Google Authenticator-Two Factor Authentication (2FA) : Readme Update.
|
594 |
+
|
595 |
+
= 5.0.10 =
|
596 |
+
* Google Authenticator-Two Factor Authentication (2FA) : Added Proxy Setup feature.
|
597 |
+
|
598 |
+
= 5.0.9 =
|
599 |
+
* Google Authenticator-Two Factor Authentication (2FA) : Bug Fix for "The loopback request to your site failed." error.
|
600 |
+
|
601 |
+
= 5.0.8 =
|
602 |
+
* Google Authenticator-Two Factor Authentication (2FA) : Changes for 2FA Free plugin for 1 user forever.
|
603 |
+
|
604 |
+
= 5.0.7 =
|
605 |
+
* Google Authenticator-Two Factor Authentication (2FA) : Bug Fix for User Registration and other plugin conflicts in Dashboard.
|
606 |
+
|
607 |
+
= 5.0.6 =
|
608 |
+
* Google Authenticator-Two Factor Authentication (2FA) : Bug Fix for existing customers who upgraded from 4.5.x version to versions between 5.0.0 and 5.0.4 and are facing issues with the Account Setup Tab.
|
609 |
+
|
610 |
+
= 5.0.5 =
|
611 |
+
* Google Authenticator-Two Factor Authentication (2FA) : Bug fix for user entry during plugin update.
|
612 |
+
|
613 |
+
= 5.0.4 =
|
614 |
+
* Google Authenticator-Two Factor Authentication (2FA) : Workaround for errors during sending of OTP during registration.
|
615 |
+
|
616 |
+
= 5.0.3 =
|
617 |
+
* Google Authenticator-Two Factor Authentication (2FA) : Minor fix for removing warings.
|
618 |
+
|
619 |
+
= 5.0.2 =
|
620 |
+
* Google Authenticator-Two Factor Authentication (2FA) : Bug fix.
|
621 |
+
|
622 |
+
= 5.0.1 =
|
623 |
+
* Google Authenticator-Two Factor Authentication (2FA) : Bug fix.
|
624 |
+
|
625 |
+
= 5.0.0 =
|
626 |
+
* Google Authenticator-Two Factor Authentication (2FA) : New UI Interface, 2-factor authentication for Unlimited Users.
|
627 |
+
* This is a major release.
|
628 |
+
|
629 |
+
= 4.6.2 =
|
630 |
+
* Google Authenticator-Two Factor Authentication (2FA) : Plugin registration fixes and minor warning fixes.
|
631 |
+
|
632 |
+
= 4.6.1 =
|
633 |
+
* Google Authenticator-Two Factor Authentication (2FA) : Login error fix. Please skip version 4.5.9 and update to version 4.6.1
|
634 |
+
|
635 |
+
= 4.5.9 =
|
636 |
+
* Google Authenticator-Two Factor Authentication (2FA) : Bug fixes for customers who were getting redirected to the login page after the two factor authentication.
|
637 |
+
|
638 |
+
= 4.5.8 =
|
639 |
+
* Google Authenticator-Two Factor Authentication (2FA) : Tested upto 4.9.4 and Removed External links.
|
640 |
+
|
641 |
+
= 4.5.7 =
|
642 |
+
* Google Authenticator-Two Factor Authentication (2FA) : Minor bug fixes.
|
643 |
+
|
644 |
+
= 4.5.6 =
|
645 |
+
* Google Authenticator-Two Factor Authentication (2FA) : Tested upto Wordpress 4.9.
|
646 |
+
|
647 |
+
= 4.5.5 =
|
648 |
+
* Google Authenticator-Two Factor Authentication (2FA) : 404 bug fixes.
|
649 |
+
|
650 |
+
= 4.5.4 =
|
651 |
+
* Google Authenticator-Two Factor Authentication (2FA) : Better UI of Login Pages, Fixed Redirection issue. Fixed the error in the last version (4.5.3) for the customers who were getting undefined action error.
|
652 |
+
|
653 |
+
= 4.4.3 =
|
654 |
+
* Google Authenticator-Two Factor Authentication (2FA) : Fixed the login flow for third party Apps that supports XML-RPC.
|
655 |
+
|
656 |
+
= 4.4 =
|
657 |
+
* Google Authenticator-Two Factor Authentication (2FA):
|
658 |
+
* Note: This is very important update having altogether new UI and compatibility with Limit Login Attempts. After updating, please do not logout from your admin dashboard. Try to login from another browser and if you face any issue , please contact us at info@miniorange.com
|
659 |
+
* Compatibility with Limit Login Attempts.
|
660 |
+
* New User Interface for login.
|
661 |
+
|
662 |
+
= 4.3.2 =
|
663 |
+
* Google Authenticator-Two Factor Authentication (TFA): Revised licensing cost for users.
|
664 |
+
|
665 |
+
= 4.3.1 =
|
666 |
+
* Google Authenticator-Two Factor Authentication (TFA): Compatible upto 4.7
|
667 |
+
|
668 |
+
= 4.3.0 =
|
669 |
+
* Google Authenticator-Two Factor Authentication (TFA): Updated miniOrange APIs.
|
670 |
+
|
671 |
+
= 4.2.9 =
|
672 |
+
* Google Authenticator-Two Factor Authentication (TFA): Tested upto WordPress 4.6.
|
673 |
+
|
674 |
+
= 4.2.7 =
|
675 |
+
* Google Authenticator-Two Factor Authentication (TFA): Session Warnig fix in the last version for some of the users.
|
676 |
+
|
677 |
+
= 4.2.6 =
|
678 |
+
* Google Authenticator-Two Factor Authentication (TFA): Compatible with wordpress caching.
|
679 |
+
|
680 |
+
= 4.2.5 =
|
681 |
+
* Google Authenticator-Two Factor Authentication (TFA): Improved the session handler.
|
682 |
+
|
683 |
+
= 4.2.4 =
|
684 |
+
* Google Authenticator-Two Factor Authentication (TFA): Updated faq for limit login attempt type of plugins.
|
685 |
+
|
686 |
+
= 4.2.3 =
|
687 |
+
* Two Factor Authentication ( 2FA ):
|
688 |
+
* Improved Error handling during Account Creation.
|
689 |
+
|
690 |
+
= 4.2.2 =
|
691 |
+
* Two Factor Authentication ( 2FA ):
|
692 |
+
* Registration Flow fixes
|
693 |
+
|
694 |
+
= 4.2.1 =
|
695 |
+
* Two Factor Authentication ( 2FA ):
|
696 |
+
* Change of status during login with phone flow and tested with WP 4.5
|
697 |
+
|
698 |
+
= 4.2.0 =
|
699 |
+
* Two Factor Authentication ( 2FA ):
|
700 |
+
* Mark as tested on Wordpress 4.5
|
701 |
+
|
702 |
+
= 4.1.8 =
|
703 |
+
* Two Factor Authentication ( 2FA ):
|
704 |
+
* Changed the location of images used for demo. Now being loaded from the site having SSL certificate.
|
705 |
+
|
706 |
+
= 4.1.7 =
|
707 |
+
* Two Factor Authentication ( 2FA ):
|
708 |
+
* Improved Error Handling for Remember Device.
|
709 |
+
|
710 |
+
= 4.1.6 =
|
711 |
+
* Two Factor Authentication ( 2FA ):
|
712 |
+
* Licensing Plan Updated.
|
713 |
+
|
714 |
+
= 4.1.5 =
|
715 |
+
* Two Factor Authentication ( 2FA ):
|
716 |
+
* Added Forgot Password functionality for miniOrange customer admin.
|
717 |
+
* Added warning message for the users who are using lower version of php.
|
718 |
+
* Added functionality to change the customer email.
|
719 |
+
|
720 |
+
= 4.1.4 =
|
721 |
+
* Two Factor Authentication ( 2FA ):
|
722 |
+
* Added an option for admin to enable or disable login for XML-RPC supported applications.
|
723 |
+
|
724 |
+
= 4.1.3 =
|
725 |
+
* Two Factor Authentication ( 2FA ):
|
726 |
+
* Fixed CSS Conflict with the plugins in the admin dashboard.
|
727 |
+
* More intuitive UI for woocommerce login.
|
728 |
+
* Tested front-end login with themes like wordpress default theme,
|
729 |
+
customizr theme,zerif-lite theme,accesspress store theme,ishop theme and many more.
|
730 |
+
|
731 |
+
= 4.1.2 =
|
732 |
+
* Two Factor Authentication ( 2FA ): Google Authenticator for Windows phone
|
733 |
+
* Fixed CSS conflict with front-end of site if woocommerce is not enabled.
|
734 |
+
|
735 |
+
= 4.1.1 =
|
736 |
+
* Two Factor Authentication ( 2FA ): Adding Validation in choosing Security Questions (KBA).
|
737 |
+
|
738 |
+
= 4.1.0 =
|
739 |
+
* Two Factor Authentication ( 2FA ): Features added.
|
740 |
+
multisite support
|
741 |
+
Custom login redirection
|
742 |
+
Authy 2-Factor Authentication as separate authentication method
|
743 |
+
|
744 |
+
= 4.0.6 = Added multisite support and custom redirection after login feature.
|
745 |
+
|
746 |
+
= 4.0.5 = Login into third party apps which support XML-RPC.
|
747 |
+
|
748 |
+
= 4.0.4 = Added a check of KBA configuration from mobile login.
|
749 |
+
|
750 |
+
= 4.0.3 = Added Support for Authy 2-Factor Authentication App.
|
751 |
+
|
752 |
+
= 4.0.2 = Added a check for selection of unique questions during KBA setup.
|
753 |
+
|
754 |
+
= 4.0.1 = Bug Fix
|
755 |
+
|
756 |
+
= 4.0 =
|
757 |
+
* Two Factor Authentication ( 2FA ): Features added.
|
758 |
+
* KBA as backup method.
|
759 |
+
* mobile browser support.
|
760 |
+
* more intuitive UI for woocommerce login.
|
761 |
+
|
762 |
+
= 3.8 =
|
763 |
+
* Two Factor Authentication ( 2FA ): Bug Fix for roles.
|
764 |
+
|
765 |
+
= 3.7 =
|
766 |
+
* Two Factor Authentication ( 2FA ): Activation of two factor role wise.
|
767 |
+
|
768 |
+
= 3.6 =
|
769 |
+
* Two Factor Authentication ( 2FA ): email verification in inline registration flow for all users.
|
770 |
+
More descriptive setup messages and UI changes.
|
771 |
+
|
772 |
+
= 3.5 =
|
773 |
+
* Two Factor Authentication ( 2FA ): Provided mobile login support.
|
774 |
+
|
775 |
+
= 3.4 =
|
776 |
+
* Two Factor Authentication ( 2FA ): Features added
|
777 |
+
* Inline registration flow for users.
|
778 |
+
* Security Questions (KBA) as additional method
|
779 |
+
* Alternate way of user identification in customer creation.
|
780 |
+
* premium customizable features.
|
781 |
+
|
782 |
+
= 3.3 =
|
783 |
+
* Two Factor Authentication ( 2FA ): Fix the issue of session for some versions of php.
|
784 |
+
|
785 |
+
= 3.2 =
|
786 |
+
* Two Factor Authentication ( 2FA ): Fix for device-id compatibility.
|
787 |
+
|
788 |
+
= 3.1 =
|
789 |
+
* Two Factor Authentication ( 2FA ): Fix for 2FA ShortCode.
|
790 |
+
|
791 |
+
= 3.0 =
|
792 |
+
* Two Factor Authentication ( 2FA ): Features added
|
793 |
+
* Google Authenticator.
|
794 |
+
* Device Id (Remember device).
|
795 |
+
* Choice given to admin to enable specific authentication methods for users.
|
796 |
+
* Two Factor support for woocommerce theme.
|
797 |
+
* Short Code for various customized fronted login.
|
798 |
+
* More intuitive UI and descriptive instructions.
|
799 |
+
|
800 |
+
= 2.6 =
|
801 |
+
* Two Factor Authentication ( 2FA ): Fix the compatibility issues of user session with other security plugins.
|
802 |
+
|
803 |
+
= 2.5 =
|
804 |
+
* Two Factor Authentication ( 2FA ): Fix the compatibility issues with All In One WP Security & Firewall plugin.
|
805 |
+
|
806 |
+
= 2.4 =
|
807 |
+
* Two Factor Authentication ( 2FA ): UI fixes for admin media library dashboard.
|
808 |
+
|
809 |
+
= 2.3 =
|
810 |
+
* Two Factor Authentication ( 2FA ): More descriptive setup messages, more intuitive UI.
|
811 |
+
|
812 |
+
= 2.2 =
|
813 |
+
* Two Factor Authentication ( 2FA ): Fixed css issues for existing users
|
814 |
+
|
815 |
+
= 2.1 =
|
816 |
+
* Two Factor Authentication ( 2FA ): Added support for multiple Two Factor Choices like OTP Over SMS, Phone Call Verification, Push Notification, Soft Token (like Google Authenticator Code), Email Verification, etc.
|
817 |
+
|
818 |
+
= 2.0 =
|
819 |
+
* Two Factor Authentication ( 2FA ): Added login with password plus second factor feature.
|
820 |
+
|
821 |
+
= 1.8 =
|
822 |
+
* Two Factor Authentication ( 2FA ): Added feature of different login form choice,test authentication and help for configuration and setup.
|
823 |
+
|
824 |
+
= 1.7 =
|
825 |
+
* Bug Fixes Two Factor Authentication ( 2FA ): Modifying login screen adaptable to user's login form
|
826 |
+
|
827 |
+
= 1.6 =
|
828 |
+
* Bug Fixes Two Factor Authentication ( 2FA ): fetching 2 factor configuration when activating the plugin after deactivating it.
|
829 |
+
|
830 |
+
= 1.5 =
|
831 |
+
* Bug Fixes Two Factor Authentication ( 2FA ): Login issues and password save issues resolved
|
832 |
+
|
833 |
+
= 1.4 =
|
834 |
+
* Bug Fixes Two Factor Authentication ( 2FA ): Authentication was not working on some version of php.
|
835 |
+
|
836 |
+
= 1.3 =
|
837 |
+
* Bug Fixes
|
838 |
+
|
839 |
+
= 1.2 =
|
840 |
+
* Two Factor Authentication ( 2FA ): Added 2 factor for all users along with forgot phone functionality.
|
841 |
+
|
842 |
+
= 1.1 =
|
843 |
+
* Two Factor Authentication ( 2FA ): Added email ID verification during registration.
|
844 |
+
|
845 |
+
= 1.0.0 =
|
846 |
+
First version of Two Factor Authentication ( 2FA ) plugin.
|
uninstall.php
ADDED
@@ -0,0 +1,185 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
|
3 |
+
|
4 |
+
if ( ! defined( 'WP_UNINSTALL_PLUGIN' ) ) {
|
5 |
+
exit();
|
6 |
+
}
|
7 |
+
|
8 |
+
include_once dirname( __FILE__ ) . '/database/database_functions.php';
|
9 |
+
global $wpdb;
|
10 |
+
$Mo2fdbQueries = new Mo2fDB();
|
11 |
+
|
12 |
+
$table_name = $wpdb->prefix . 'mo2f_user_details';
|
13 |
+
$Mo2fdbQueries->drop_table( $table_name );
|
14 |
+
$table_name = $wpdb->prefix . 'mo2f_user_login_info';
|
15 |
+
$Mo2fdbQueries->drop_table( $table_name );
|
16 |
+
|
17 |
+
if ( ! is_multisite() ) {
|
18 |
+
|
19 |
+
delete_option( 'mo2f_email' );
|
20 |
+
delete_option( 'mo2f_host_name' );
|
21 |
+
delete_option( 'user_phone' );
|
22 |
+
delete_option( 'mo2f_customerKey' );
|
23 |
+
delete_option( 'mo2f_api_key' );
|
24 |
+
delete_option( 'mo2f_customer_token' );
|
25 |
+
delete_option( 'mo2f_message' );
|
26 |
+
delete_option( 'mo_2factor_admin_registration_status' );
|
27 |
+
delete_option( 'mo2f_login_message' );
|
28 |
+
delete_option( 'mo_2f_login_type_enabled' );
|
29 |
+
delete_option( 'mo2f_admin_disabled_status' );
|
30 |
+
delete_option( 'mo2f_disabled_status' );
|
31 |
+
delete_option( 'mo2f_miniorange_admin' );
|
32 |
+
delete_option( 'mo2f_enable_forgotphone' );
|
33 |
+
delete_option( 'mo2f_enable_login_with_2nd_factor' );
|
34 |
+
delete_option( 'mo2f_activate_plugin' );
|
35 |
+
delete_option( 'mo2f_enable_2fa_for_woocommerce' );
|
36 |
+
delete_option( 'mo2f_remember_device' );
|
37 |
+
delete_option( 'mo2f_app_secret' );
|
38 |
+
delete_option( 'mo2f_inline_registration' );
|
39 |
+
delete_option( 'mo2f_enable_custom' );
|
40 |
+
delete_option( 'mo2f_custom_plugin_name' );
|
41 |
+
delete_option( 'mo2f_enable_custom_icon' );
|
42 |
+
delete_option( 'mo2f_show_sms_transaction_message' );
|
43 |
+
update_option( 'mo2f_is_NC', 1 );
|
44 |
+
update_option( 'mo2f_is_NNC', 1 );
|
45 |
+
delete_option( 'mo2f_admin_first_name' );
|
46 |
+
delete_option( 'mo2_admin_last_name' );
|
47 |
+
delete_option( 'mo2f_admin_company' );
|
48 |
+
delete_option( 'mo2f_proxy_host' );
|
49 |
+
delete_option( 'mo2f_port_number' );
|
50 |
+
delete_option( 'mo2f_proxy_username' );
|
51 |
+
delete_option( 'mo2f_proxy_password' );
|
52 |
+
delete_option( 'mo2f_auth_methods_for_users' );
|
53 |
+
delete_option( 'mo2f_enable_mobile_support' );
|
54 |
+
delete_option( 'mo2f_login_policy' );
|
55 |
+
delete_option( 'mo2f_msg_counter' );
|
56 |
+
delete_option( 'mo2f_modal_display' );
|
57 |
+
delete_option( 'mo2f_disable_poweredby' );
|
58 |
+
delete_option( 'mo2f_new_customer' );
|
59 |
+
delete_option( 'mo2f_enable_2fa_for_users' );
|
60 |
+
delete_option( 'mo2f_phone' );
|
61 |
+
delete_option( 'mo2f_existing_user_values_updated' );
|
62 |
+
delete_option( 'mo2f_login_option_updated' );
|
63 |
+
delete_option( 'mo2f_dbversion' );
|
64 |
+
delete_option( 'mo2f_bug_fix_done' );
|
65 |
+
delete_option( 'mo2f_feedback_form' );
|
66 |
+
delete_option( 'mo2f_enable_2fa_prompt_on_login_page' );
|
67 |
+
delete_option( 'mo2f_configured_2_factor_method' );
|
68 |
+
delete_option( 'mo2f_enable_2fa' );
|
69 |
+
delete_option( 'kba_questions' );
|
70 |
+
delete_option( 'mo2f_customer_selected_plan' );
|
71 |
+
delete_option( 'mo2f_admin_first_name' );
|
72 |
+
delete_option( 'mo2_admin_last_name' );
|
73 |
+
delete_option( 'mo2f_admin_company' );
|
74 |
+
delete_option( 'mo2f_db_option_updated' );
|
75 |
+
delete_option( 'mo2f_login_option_updated' );
|
76 |
+
//delete all stored key-value pairs for the roles
|
77 |
+
global $wp_roles;
|
78 |
+
if ( ! isset( $wp_roles ) ) {
|
79 |
+
$wp_roles = new WP_Roles();
|
80 |
+
}
|
81 |
+
foreach ( $wp_roles->role_names as $id => $name ) {
|
82 |
+
delete_option( 'mo2fa_' . $id );
|
83 |
+
delete_option( 'mo2fa_' . $id . '_login_url' );
|
84 |
+
}
|
85 |
+
} else {
|
86 |
+
global $wpdb;
|
87 |
+
|
88 |
+
$blog_ids = $wpdb->get_col( "SELECT blog_id FROM $wpdb->blogs" );
|
89 |
+
$original_blog_id = get_current_blog_id();
|
90 |
+
|
91 |
+
foreach ( $blog_ids as $blog_id ) {
|
92 |
+
switch_to_blog( $blog_id );
|
93 |
+
delete_option( 'mo2f_email' );
|
94 |
+
delete_option( 'mo2f_host_name' );
|
95 |
+
delete_option( 'user_phone' );
|
96 |
+
delete_option( 'mo2f_customerKey' );
|
97 |
+
delete_option( 'mo2f_api_key' );
|
98 |
+
delete_option( 'mo2f_customer_token' );
|
99 |
+
delete_option( 'mo2f_message' );
|
100 |
+
delete_option( 'mo_2factor_admin_registration_status' );
|
101 |
+
delete_option( 'mo2f_login_message' );
|
102 |
+
delete_option( 'mo_2f_login_type_enabled' );
|
103 |
+
delete_option( 'mo2f_admin_disabled_status' );
|
104 |
+
delete_option( 'mo2f_disabled_status' );
|
105 |
+
delete_option( 'mo2f_miniorange_admin' );
|
106 |
+
delete_option( 'mo2f_enable_forgotphone' );
|
107 |
+
delete_option( 'mo2f_enable_login_with_2nd_factor' );
|
108 |
+
delete_option( 'mo2f_activate_plugin' );
|
109 |
+
delete_option( 'mo2f_enable_2fa_for_woocommerce' );
|
110 |
+
delete_option( 'mo2f_remember_device' );
|
111 |
+
delete_option( 'mo2f_app_secret' );
|
112 |
+
delete_option( 'mo2f_inline_registration' );
|
113 |
+
delete_option( 'mo2f_enable_custom' );
|
114 |
+
delete_option( 'mo2f_custom_plugin_name' );
|
115 |
+
delete_option( 'mo2f_enable_custom_icon' );
|
116 |
+
delete_option( 'mo2f_number_of_transactions' );
|
117 |
+
delete_option( 'mo2f_set_transactions' );
|
118 |
+
delete_option( 'mo2f_show_sms_transaction_message' );
|
119 |
+
update_option( 'mo2f_is_NC', 1 );
|
120 |
+
update_option( 'mo2f_is_NNC', 1 );
|
121 |
+
delete_option( 'mo2f_proxy_host' );
|
122 |
+
delete_option( 'mo2f_port_number' );
|
123 |
+
delete_option( 'mo2f_proxy_username' );
|
124 |
+
delete_option( 'mo2f_proxy_password' );
|
125 |
+
delete_option( 'mo2f_auth_methods_for_users' );
|
126 |
+
delete_option( 'mo2f_enable_mobile_support' );
|
127 |
+
delete_option( 'mo2f_login_policy' );
|
128 |
+
delete_option( 'mo2f_msg_counter' );
|
129 |
+
delete_option( 'mo2f_modal_display' );
|
130 |
+
delete_option( 'mo2f_disable_poweredby' );
|
131 |
+
delete_option( 'mo2f_new_customer' );
|
132 |
+
delete_option( 'mo2f_enable_2fa_for_users' );
|
133 |
+
delete_option( 'mo2f_phone' );
|
134 |
+
delete_option( 'mo2f_existing_user_values_updated' );
|
135 |
+
delete_option( 'mo2f_login_option_updated' );
|
136 |
+
delete_option( 'mo2f_dbversion' );
|
137 |
+
delete_option( 'mo2f_feedback_form' );
|
138 |
+
delete_option( 'mo2f_enable_2fa_prompt_on_login_page' );
|
139 |
+
delete_option( 'mo2f_configured_2_factor_method' );
|
140 |
+
delete_option( 'mo2f_enable_2fa' );
|
141 |
+
delete_option( 'kba_questions' );
|
142 |
+
delete_option( 'mo2f_customer_selected_plan' );
|
143 |
+
delete_option( 'mo2f_admin_first_name' );
|
144 |
+
delete_option( 'mo2_admin_last_name' );
|
145 |
+
delete_option( 'mo2f_admin_company' );
|
146 |
+
delete_option( 'mo2f_db_option_updated' );
|
147 |
+
delete_option( 'mo2f_login_option_updated' );
|
148 |
+
delete_option( 'mo2f_bug_fix_done' );
|
149 |
+
//delete all stored key-value pairs for the roles
|
150 |
+
global $wp_roles;
|
151 |
+
if ( ! isset( $wp_roles ) ) {
|
152 |
+
$wp_roles = new WP_Roles();
|
153 |
+
}
|
154 |
+
foreach ( $wp_roles->role_names as $id => $name ) {
|
155 |
+
delete_option( 'mo2fa_' . $id );
|
156 |
+
delete_option( 'mo2fa_' . $id . '_login_url' );
|
157 |
+
}
|
158 |
+
|
159 |
+
}
|
160 |
+
switch_to_blog( $original_blog_id );
|
161 |
+
}
|
162 |
+
$users = get_users( array() );
|
163 |
+
foreach ( $users as $user ) {
|
164 |
+
delete_user_meta( $user->ID, 'phone_verification_status' );
|
165 |
+
delete_user_meta( $user->ID, 'test_2FA' );
|
166 |
+
delete_user_meta( $user->ID, 'mo2f_2FA_method_to_configure' );
|
167 |
+
delete_user_meta( $user->ID, 'configure_2FA' );
|
168 |
+
delete_user_meta( $user->ID, 'mo2f_2FA_method_to_test' );
|
169 |
+
delete_user_meta( $user->ID, 'mo2f_phone' );
|
170 |
+
delete_user_meta( $user->ID, 'mo_2factor_user_registration_status' );
|
171 |
+
delete_user_meta( $user->ID, 'mo2f_external_app_type' );
|
172 |
+
}
|
173 |
+
//delete previous version key-value pairs
|
174 |
+
delete_option( 'mo_2factor_admin_mobile_registration_status' );
|
175 |
+
delete_option( 'mo_2factor_registration_status' );
|
176 |
+
delete_option( 'mo_2factor_temp_status' );
|
177 |
+
delete_option( 'mo2f_login_username' );
|
178 |
+
delete_option( 'mo2f-login-qrCode' );
|
179 |
+
delete_option( 'mo2f_transactionId' );
|
180 |
+
delete_option( 'mo_2factor_login_status' );
|
181 |
+
delete_option( 'mo2f_configured_2_factor_method' );
|
182 |
+
delete_option( 'mo2f_enable_2fa' );
|
183 |
+
delete_option( 'kba_questions' );
|
184 |
+
|
185 |
+
?>
|
views/configure_authy_authenticator
CHANGED
@@ -5,7 +5,7 @@
|
|
5 |
?>
|
6 |
<table>
|
7 |
<tr>
|
8 |
-
<td class="
|
9 |
<h3><?php echo mo2f_lt( 'Step-1: Configure Authy Authenticator App.' ); ?></h3>
|
10 |
<hr/>
|
11 |
<form name="f" method="post" id="mo2f_configure_google_authy_form1" action="">
|
@@ -22,7 +22,7 @@
|
|
22 |
</form>
|
23 |
</td>
|
24 |
<td class="mo2f_vertical_line"></td>
|
25 |
-
<td class="
|
26 |
<h3><?php echo mo2f_lt( 'Step-2: Set up Authy 2-Factor Authentication App' ); ?></h3>
|
27 |
<h3></h3>
|
28 |
<hr>
|
5 |
?>
|
6 |
<table>
|
7 |
<tr>
|
8 |
+
<td class="mo2f_authy_step1">
|
9 |
<h3><?php echo mo2f_lt( 'Step-1: Configure Authy Authenticator App.' ); ?></h3>
|
10 |
<hr/>
|
11 |
<form name="f" method="post" id="mo2f_configure_google_authy_form1" action="">
|
22 |
</form>
|
23 |
</td>
|
24 |
<td class="mo2f_vertical_line"></td>
|
25 |
+
<td class="mo2f_authy_step2">
|
26 |
<h3><?php echo mo2f_lt( 'Step-2: Set up Authy 2-Factor Authentication App' ); ?></h3>
|
27 |
<h3></h3>
|
28 |
<hr>
|
views/configure_google_authenticator
CHANGED
@@ -1,54 +1,31 @@
|
|
1 |
<?php
|
2 |
|
3 |
function mo2f_configure_google_authenticator( $user ) {
|
4 |
-
|
5 |
$mo2f_google_auth = isset( $_SESSION['mo2f_google_auth'] ) ? $_SESSION['mo2f_google_auth'] : null;
|
6 |
$data = isset( $_SESSION['mo2f_google_auth'] ) ? $mo2f_google_auth['ga_qrCode'] : null;
|
7 |
$ga_secret = isset( $_SESSION['mo2f_google_auth'] ) ? $mo2f_google_auth['ga_secret'] : null;
|
8 |
$h_size = 'h3';
|
|
|
9 |
?>
|
10 |
<table>
|
11 |
<tr>
|
12 |
-
<td class="mo2f_google_authy_step1">
|
13 |
-
<h4><?php echo '<' . $h_size . '>' . mo2f_lt( 'Step-1: Select phone Type' ) . '</' . $h_size . '>'; ?></h4>
|
14 |
-
<hr/>
|
15 |
-
<form name="f" method="post" id="mo2f_configure_google_authy_form1" action="">
|
16 |
-
<input type="radio" name="mo2f_app_type_radio"
|
17 |
-
value="android" <?php checked( $mo2f_google_auth['ga_phone'] == 'android' ); ?> />
|
18 |
-
<b><?php echo mo2f_lt( 'Android' ); ?></b>
|
19 |
-
<br><br>
|
20 |
-
<input type="radio" name="mo2f_app_type_radio"
|
21 |
-
value="iphone" <?php checked( $mo2f_google_auth['ga_phone'] == 'iphone' ); ?> />
|
22 |
-
<b><?php echo mo2f_lt( 'iPhone' ); ?></b>
|
23 |
-
<br><br>
|
24 |
-
<input type="radio" name="mo2f_app_type_radio"
|
25 |
-
value="blackberry" <?php checked( $mo2f_google_auth['ga_phone'] == 'blackberry' ); ?> />
|
26 |
-
<b><?php echo mo2f_lt( 'BlackBerry / Windows' ); ?></b>
|
27 |
-
<br><br>
|
28 |
-
<input type="hidden" name="option" value="mo2f_configure_google_auth_phone_type"/>
|
29 |
-
</form>
|
30 |
-
<form name="f" method="post" action="" id="mo2f_go_back_form">
|
31 |
-
<input type="hidden" name="option" value="mo2f_go_back"/>
|
32 |
-
<input type="submit" name="back" id="go_back" class="button button-primary button-large"
|
33 |
-
style="width:45%;" value="<?php echo mo2f_lt( 'Back' ); ?>"/>
|
34 |
-
</form>
|
35 |
-
</td>
|
36 |
-
<td class="mo2f_vertical_line"></td>
|
37 |
<td class="mo2f_google_authy_step2">
|
38 |
-
<?php echo '<' . $h_size . '>' . mo2f_lt( 'Step-
|
39 |
|
40 |
<hr>
|
41 |
-
|
42 |
-
|
43 |
-
<
|
44 |
-
|
45 |
-
|
46 |
-
<li><?php echo mo2f_lt( 'Search for Google Authenticator.' );
|
47 |
-
<a href="https://play.google.com/store/apps/details?id=com.google.android.apps.authenticator2"
|
48 |
-
|
|
|
49 |
</li>
|
50 |
|
51 |
</ol>
|
|
|
52 |
<h4><?php echo mo2f_lt( 'Open Google Authenticator.' ); ?></h4>
|
53 |
<ol>
|
54 |
<li><?php echo mo2f_lt( 'In the app, tap on Menu and select "Set up account".' ); ?></li>
|
@@ -95,91 +72,16 @@ function mo2f_configure_google_authenticator( $user ) {
|
|
95 |
<li><?php echo mo2f_lt( 'Tap Add.' ); ?></li>
|
96 |
</ol>
|
97 |
</div>
|
98 |
-
|
99 |
-
|
100 |
-
|
101 |
-
|
102 |
-
|
103 |
-
|
104 |
-
<li><?php echo mo2f_lt( 'Navigate to App Store in your phone.' ); ?></li>
|
105 |
-
<li><?php echo mo2f_lt( 'Search for Google Authenticator.' ); ?></b>
|
106 |
-
<a href="http://itunes.apple.com/us/app/google-authenticator/id388497605?mt=8"
|
107 |
-
target="_blank"><?php echo mo2f_lt( 'Download the app from the App Store and install it.' ); ?></a>
|
108 |
-
</li>
|
109 |
-
</ol>
|
110 |
-
<h4><?php echo mo2f_lt( 'Open Google Authenticator.' ); ?></h4>
|
111 |
-
<ol>
|
112 |
-
<li><?php echo mo2f_lt( 'In the app, tap on "+" first, and then on "Scan Barcode".' ); ?></li>
|
113 |
-
<li><?php echo mo2f_lt( 'Use your phone\'s camera to scan the barcode.' ); ?>
|
114 |
-
<center><br>
|
115 |
-
<div id="displayQrCode"><?php echo '<img src="data:image/jpg;base64,' . $data . '" />'; ?></div>
|
116 |
-
</center>
|
117 |
-
</li>
|
118 |
-
</ol>
|
119 |
-
<br>
|
120 |
-
<div><a data-toggle="collapse" href="#mo2f_scanbarcode_i"
|
121 |
-
aria-expanded="false"><b><?php echo mo2f_lt( 'Can\'t scan the barcode? ' ); ?></b></a>
|
122 |
-
</div>
|
123 |
-
<div class="mo2f_collapse" id="mo2f_scanbarcode_i">
|
124 |
-
<ol class="mo2f_ol">
|
125 |
-
<li><?php echo mo2f_lt( 'In the app, tap on + .' ); ?></li>
|
126 |
-
<li><?php echo mo2f_lt( 'Make sure the Key Type is selected as' ); ?>
|
127 |
-
<b> <?php echo mo2f_lt( ' Time-based ' ); ?></b>.
|
128 |
-
</li>
|
129 |
-
<li><?php echo mo2f_lt( 'For the' ); ?>
|
130 |
-
<b> <?php echo mo2f_lt( ' Account ' ); ?></b>
|
131 |
-
<?php echo mo2f_lt( 'field, type your preferred account name' ); ?>.
|
132 |
-
</li>
|
133 |
-
<li><?php echo mo2f_lt( 'For the' ); ?>
|
134 |
-
<b> <?php echo mo2f_lt( ' Key ' ); ?></b>
|
135 |
-
<?php echo mo2f_lt( 'field, type the below secret key' ); ?>:
|
136 |
-
</li>
|
137 |
-
|
138 |
-
<div class="mo2f_google_authy_secret_outer_div">
|
139 |
-
<div class="mo2f_google_authy_secret_inner_div">
|
140 |
-
<?php echo $ga_secret; ?>
|
141 |
-
</div>
|
142 |
-
<div class="mo2f_google_authy_secret">
|
143 |
-
<?php echo mo2f_lt( 'Spaces do not matter' ); ?>.
|
144 |
-
</div>
|
145 |
-
</div>
|
146 |
-
<li><?php echo mo2f_lt( 'Tap Add.' ); ?></li>
|
147 |
-
</ol>
|
148 |
-
</div>
|
149 |
-
</div>
|
150 |
-
|
151 |
-
<div id="mo2f_blackberry_div"
|
152 |
-
style="<?php echo $mo2f_google_auth['ga_phone'] == 'blackberry' ? 'display:block' : 'display:none'; ?>">
|
153 |
-
<h4><?php echo mo2f_lt( 'Install the Google Authenticator app for BlackBerry' ); ?></h4>
|
154 |
-
<ol>
|
155 |
-
<li><?php echo mo2f_lt( 'On your phone, open a web browser.Go to ' ); ?>
|
156 |
-
<b> m.google.com/authenticator</b>.
|
157 |
-
</li>
|
158 |
-
<li><?php echo mo2f_lt( 'Download and install the Google Authenticator application.' ); ?></li>
|
159 |
-
</ol>
|
160 |
-
<br>
|
161 |
-
<h4><?php echo mo2f_lt( 'Now open and configure Google Authenticator.' ); ?></h4>
|
162 |
-
<ol>
|
163 |
-
<li><?php echo mo2f_lt( 'In Google Authenticator, select Manual key entry.' ); ?></li>
|
164 |
-
<li><?php echo mo2f_lt( 'In "Enter account name" type your full email address.' ); ?></li>
|
165 |
-
<li><?php echo mo2f_lt( 'In "Enter key" type your secret key:' ); ?></li>
|
166 |
-
<div class="mo2f_google_authy_secret_outer_div">
|
167 |
-
<div class="mo2f_google_authy_secret_inner_div">
|
168 |
-
<?php echo $ga_secret; ?>
|
169 |
-
</div>
|
170 |
-
<div class="mo2f_google_authy_secret">
|
171 |
-
<?php echo mo2f_lt( 'Spaces do not matter' ); ?>.
|
172 |
-
</div>
|
173 |
-
</div>
|
174 |
-
<li><?php echo mo2f_lt( 'Choose Time-based type of key.' ); ?></li>
|
175 |
-
<li><?php echo mo2f_lt( 'Tap Save.' ); ?></li>
|
176 |
-
</ol>
|
177 |
-
</div>
|
178 |
-
|
179 |
</td>
|
180 |
<td class="mo2f_vertical_line"></td>
|
181 |
<td class="mo2f_google_authy_step3">
|
182 |
-
<h4><?php echo '<' . $h_size . '>' . mo2f_lt( 'Step-
|
183 |
<hr>
|
184 |
<div style="<?php echo isset( $_SESSION['mo2f_google_auth'] ) ? 'display:block' : 'display:none'; ?>">
|
185 |
<div><?php echo mo2f_lt( 'After you have scanned the QR code and created an account, enter the verification code from the scanned account here.' ); ?></div>
|
1 |
<?php
|
2 |
|
3 |
function mo2f_configure_google_authenticator( $user ) {
|
|
|
4 |
$mo2f_google_auth = isset( $_SESSION['mo2f_google_auth'] ) ? $_SESSION['mo2f_google_auth'] : null;
|
5 |
$data = isset( $_SESSION['mo2f_google_auth'] ) ? $mo2f_google_auth['ga_qrCode'] : null;
|
6 |
$ga_secret = isset( $_SESSION['mo2f_google_auth'] ) ? $mo2f_google_auth['ga_secret'] : null;
|
7 |
$h_size = 'h3';
|
8 |
+
|
9 |
?>
|
10 |
<table>
|
11 |
<tr>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
12 |
<td class="mo2f_google_authy_step2">
|
13 |
+
<?php echo '<' . $h_size . '>' . mo2f_lt( 'Step-1: Set up Google Authenticator' ) . '</' . $h_size . '>'; ?>
|
14 |
|
15 |
<hr>
|
16 |
+
|
17 |
+
<h4><?php echo mo2f_lt( 'Install the Google Authenticator App in your phone.' ); ?></h4>
|
18 |
+
<ol style="margin-left:6%">
|
19 |
+
<li><?php echo mo2f_lt( 'Navigate to App/Play Store in your phone.' ); ?>
|
20 |
+
</li>
|
21 |
+
<li><?php echo mo2f_lt( 'Search for Google Authenticator.' ); ?>
|
22 |
+
<b>Android</b>: <a href="https://play.google.com/store/apps/details?id=com.google.android.apps.authenticator2"
|
23 |
+
target="_blank"><?php echo mo2f_lt( 'Play Store ' ); ?></a> <b>iPhone</b>: <a href="http://itunes.apple.com/us/app/google-authenticator/id388497605?mt=8"
|
24 |
+
target="_blank"><?php echo mo2f_lt( 'App Store' ); ?></a>.
|
25 |
</li>
|
26 |
|
27 |
</ol>
|
28 |
+
|
29 |
<h4><?php echo mo2f_lt( 'Open Google Authenticator.' ); ?></h4>
|
30 |
<ol>
|
31 |
<li><?php echo mo2f_lt( 'In the app, tap on Menu and select "Set up account".' ); ?></li>
|
72 |
<li><?php echo mo2f_lt( 'Tap Add.' ); ?></li>
|
73 |
</ol>
|
74 |
</div>
|
75 |
+
<br>
|
76 |
+
<form name="f" method="post" action="" id="mo2f_go_back_form">
|
77 |
+
<input type="hidden" name="option" value="mo2f_go_back"/>
|
78 |
+
<input type="submit" name="back" id="go_back" class="button button-primary button-large"
|
79 |
+
style="width:50px;" value="<?php echo mo2f_lt( 'Back' ); ?>"/>
|
80 |
+
</form>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
81 |
</td>
|
82 |
<td class="mo2f_vertical_line"></td>
|
83 |
<td class="mo2f_google_authy_step3">
|
84 |
+
<h4><?php echo '<' . $h_size . '>' . mo2f_lt( 'Step-2: Verify and Save' ) . '</' . $h_size . '>';; ?></h4>
|
85 |
<hr>
|
86 |
<div style="<?php echo isset( $_SESSION['mo2f_google_auth'] ) ? 'display:block' : 'display:none'; ?>">
|
87 |
<div><?php echo mo2f_lt( 'After you have scanned the QR code and created an account, enter the verification code from the scanned account here.' ); ?></div>
|
views/configure_otp_over_sms
CHANGED
@@ -3,8 +3,8 @@
|
|
3 |
function mo2f_configure_otp_over_sms( $user ) {
|
4 |
global $Mo2fdbQueries;
|
5 |
$mo2f_user_phone = $Mo2fdbQueries->get_user_detail( 'mo2f_user_phone', $user->ID );
|
6 |
-
$user_phone =
|
7 |
-
|
8 |
?>
|
9 |
|
10 |
<h3><?php echo mo2f_lt( 'Configure OTP over SMS' ); ?></h3>
|
@@ -48,4 +48,4 @@ function mo2f_configure_otp_over_sms( $user ) {
|
|
48 |
<?php
|
49 |
}
|
50 |
|
51 |
-
?>
|
3 |
function mo2f_configure_otp_over_sms( $user ) {
|
4 |
global $Mo2fdbQueries;
|
5 |
$mo2f_user_phone = $Mo2fdbQueries->get_user_detail( 'mo2f_user_phone', $user->ID );
|
6 |
+
$user_phone = $mo2f_user_phone ? $mo2f_user_phone : get_option( 'user_phone_temp' );
|
7 |
+
|
8 |
?>
|
9 |
|
10 |
<h3><?php echo mo2f_lt( 'Configure OTP over SMS' ); ?></h3>
|
48 |
<?php
|
49 |
}
|
50 |
|
51 |
+
?>
|
views/customer_registration.php
CHANGED
@@ -11,14 +11,14 @@
|
|
11 |
<div class="login mo_customer_validation-modal-content" style="width:660px !important;">
|
12 |
<div class="mo2f_modal-header">
|
13 |
<button type="button" id="mo2f_registration_closed" class="mo2f_close" data-dismiss="modal">×</button>
|
14 |
-
<h2 class="mo2f_modal-title">You are just one step away from setting up 2FA
|
15 |
</div>
|
16 |
<div class="mo2f_modal-body">
|
17 |
|
18 |
<?php if ( $mo2f_message ) { ?>
|
19 |
-
<div style="padding:
|
20 |
-
<div class="alert alert-info" style="margin-bottom:0px">
|
21 |
-
<p style="font-size:15px"><?php echo $mo2f_message; ?></p>
|
22 |
</div>
|
23 |
</div>
|
24 |
<?php }
|
11 |
<div class="login mo_customer_validation-modal-content" style="width:660px !important;">
|
12 |
<div class="mo2f_modal-header">
|
13 |
<button type="button" id="mo2f_registration_closed" class="mo2f_close" data-dismiss="modal">×</button>
|
14 |
+
<h2 class="mo2f_modal-title">You are just one step away from setting up 2FA.</h2>
|
15 |
</div>
|
16 |
<div class="mo2f_modal-body">
|
17 |
|
18 |
<?php if ( $mo2f_message ) { ?>
|
19 |
+
<div style="padding:5px;">
|
20 |
+
<div class="alert alert-info" style="margin-bottom:0px;padding:3px;">
|
21 |
+
<p style="font-size:15px;margin-left: 2%;"><?php echo $mo2f_message; ?></p>
|
22 |
</div>
|
23 |
</div>
|
24 |
<?php }
|
views/feedback_form.php
CHANGED
@@ -4,12 +4,12 @@
|
|
4 |
}
|
5 |
|
6 |
$setup_guide_link = plugins_url( '/../includes/guides/Instructions for premium customers.pdf', __FILE__ );
|
|
|
7 |
|
8 |
-
$mo2f_message = get_option( 'mo2f_message' );
|
9 |
wp_enqueue_style( 'wp-pointer' );
|
10 |
wp_enqueue_script( 'wp-pointer' );
|
11 |
wp_enqueue_script( 'utils' );
|
12 |
-
wp_enqueue_style( 'mo_2_factor_admin_plugins_page_style', plugins_url( '/../includes/css/mo2f_plugins_page.css?version=5.1.
|
13 |
|
14 |
$action = 'install-plugin';
|
15 |
$slug = 'miniorange-google-authenticator';
|
@@ -29,8 +29,6 @@
|
|
29 |
<div class="mo2f_modal-content">
|
30 |
<h3>Can you please take a minute to give us some feedback? </h3>
|
31 |
|
32 |
-
<?php if ( $mo2f_message != '' ) { ?>
|
33 |
-
<?php } ?>
|
34 |
<form name="f" method="post" action="" id="mo2f_feedback">
|
35 |
<input type="hidden" name="mo2f_feedback" value="mo2f_feedback"/>
|
36 |
<div>
|
@@ -53,13 +51,19 @@
|
|
53 |
<label style="font-weight:normal;font-size:14.6px" for="<?php echo $deactivate_reasons; ?>">
|
54 |
<input type="radio" name="deactivate_plugin" value="<?php echo $deactivate_reasons; ?>"
|
55 |
required>
|
56 |
-
<?php echo $deactivate_reasons;
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
57 |
</div>
|
58 |
|
59 |
|
60 |
<?php } ?>
|
61 |
<br>
|
62 |
-
|
63 |
<textarea id="query_feedback" name="query_feedback" rows="4" style="margin-left:2%" cols="50"
|
64 |
placeholder="Write your query here"></textarea>
|
65 |
|
@@ -68,35 +72,28 @@
|
|
68 |
<div class="mo2f_modal-footer">
|
69 |
<input type="submit" name="miniorange_feedback_submit"
|
70 |
class="button button-primary button-large" style="float:left" value="Submit"/>
|
71 |
-
<input type="
|
72 |
-
|
73 |
-
|
74 |
-
<br>
|
75 |
</div>
|
76 |
</form>
|
77 |
<form name="f" method="post" action="" id="mo2f_feedback_form_close">
|
|
|
78 |
<input type="hidden" name="option" value="mo2f_skip_feedback"/>
|
79 |
</form>
|
80 |
-
<form name="f" method="post" action="" id="mo2f_feedback_form_skip">
|
81 |
-
<input type="hidden" name="option" value="mo2f_skip_feedback"/>
|
82 |
-
</form>
|
83 |
-
|
84 |
</div>
|
85 |
|
86 |
</div>
|
87 |
|
88 |
<script>
|
89 |
|
90 |
-
|
91 |
-
function skip_feedback() {
|
92 |
-
|
93 |
-
jQuery('#mo2f_feedback_form_skip').submit();
|
94 |
-
}
|
95 |
-
|
96 |
function handledeactivateplugin(){
|
97 |
jQuery('#mo2f_feedback_form_close').submit();
|
98 |
}
|
99 |
|
|
|
|
|
100 |
jQuery('a[aria-label="Deactivate miniOrange 2 Factor Authentication"]').click(function () {
|
101 |
// Get the mo2f_modal
|
102 |
<?php if(! get_option( 'mo2f_feedback_form' )){ ?>
|
@@ -114,24 +111,29 @@
|
|
114 |
var reason = jQuery(this).val();
|
115 |
jQuery('#query_feedback').removeAttr('required');
|
116 |
if (reason == "Did not want to create an account") {
|
|
|
117 |
jQuery('#query_feedback').attr("placeholder", "Write your query here.");
|
118 |
jQuery('#link_id').html('<p style="background-color:#a3e8c2;padding:5px;">We have another 2FA plugin for Wordpress that is entirely on-premise. You can manage all your data within the plugin' +
|
119 |
', without the need of creating an account with miniOrange. To get the plugin, ' +
|
120 |
'<a href="<?php echo $install_link?>" target="_blank" onclick="handledeactivateplugin()"><b>CLICK HERE.</b></a></p>');
|
121 |
jQuery('#link_id').show();
|
122 |
}else if (reason == "Upgrading to Premium") {
|
|
|
123 |
jQuery('#query_feedback').attr("placeholder", "Write your query here.");
|
124 |
jQuery('#link_id').html('<p style="background-color:#a3e8c2;padding:5px;">Thanks for upgrading. For setup instructions, please follow this guide' +
|
125 |
', <a href="<?php echo $setup_guide_link?>" download><b>DOWNLOAD GUIDE.</b></a></p>');
|
126 |
jQuery('#link_id').show();
|
127 |
}else if (reason == "Conflicts with other plugins") {
|
128 |
jQuery('#query_feedback').attr("placeholder", "Can you please mention the plugin name, and the issue?");
|
|
|
129 |
jQuery('#link_id').hide();
|
130 |
}else if (reason == "Other Reasons:") {
|
|
|
131 |
jQuery('#query_feedback').attr("placeholder", "Can you let us know the reason for deactivation");
|
132 |
jQuery('#query_feedback').prop('required', true);
|
133 |
jQuery('#link_id').hide();
|
134 |
}else{
|
|
|
135 |
jQuery('#query_feedback').attr("placeholder", "Write your query here.");
|
136 |
jQuery('#link_id').hide();
|
137 |
}
|
4 |
}
|
5 |
|
6 |
$setup_guide_link = plugins_url( '/../includes/guides/Instructions for premium customers.pdf', __FILE__ );
|
7 |
+
$plugins = MO2f_Utility::get_all_plugins_installed();
|
8 |
|
|
|
9 |
wp_enqueue_style( 'wp-pointer' );
|
10 |
wp_enqueue_script( 'wp-pointer' );
|
11 |
wp_enqueue_script( 'utils' );
|
12 |
+
wp_enqueue_style( 'mo_2_factor_admin_plugins_page_style', plugins_url( '/../includes/css/mo2f_plugins_page.css?version=5.1.7', __FILE__ ) );
|
13 |
|
14 |
$action = 'install-plugin';
|
15 |
$slug = 'miniorange-google-authenticator';
|
29 |
<div class="mo2f_modal-content">
|
30 |
<h3>Can you please take a minute to give us some feedback? </h3>
|
31 |
|
|
|
|
|
32 |
<form name="f" method="post" action="" id="mo2f_feedback">
|
33 |
<input type="hidden" name="mo2f_feedback" value="mo2f_feedback"/>
|
34 |
<div>
|
51 |
<label style="font-weight:normal;font-size:14.6px" for="<?php echo $deactivate_reasons; ?>">
|
52 |
<input type="radio" name="deactivate_plugin" value="<?php echo $deactivate_reasons; ?>"
|
53 |
required>
|
54 |
+
<?php echo $deactivate_reasons; ?>
|
55 |
+
<?php if($deactivate_reasons == "Conflicts with other plugins"){ ?>
|
56 |
+
<div id="other_plugins_installed" style="padding:8px;">
|
57 |
+
<?php echo $plugins ; ?>
|
58 |
+
</div>
|
59 |
+
<?php } ?>
|
60 |
+
|
61 |
+
</label>
|
62 |
</div>
|
63 |
|
64 |
|
65 |
<?php } ?>
|
66 |
<br>
|
|
|
67 |
<textarea id="query_feedback" name="query_feedback" rows="4" style="margin-left:2%" cols="50"
|
68 |
placeholder="Write your query here"></textarea>
|
69 |
|
72 |
<div class="mo2f_modal-footer">
|
73 |
<input type="submit" name="miniorange_feedback_submit"
|
74 |
class="button button-primary button-large" style="float:left" value="Submit"/>
|
75 |
+
<input type="button" name="miniorange_feedback_skip"
|
76 |
+
class="button button-primary button-large" style="float:right" value="Skip" onclick="document.getElementById('mo2f_feedback_form_close').submit();"/>
|
77 |
+
</div>
|
78 |
+
<br><br>
|
79 |
</div>
|
80 |
</form>
|
81 |
<form name="f" method="post" action="" id="mo2f_feedback_form_close">
|
82 |
+
|
83 |
<input type="hidden" name="option" value="mo2f_skip_feedback"/>
|
84 |
</form>
|
|
|
|
|
|
|
|
|
85 |
</div>
|
86 |
|
87 |
</div>
|
88 |
|
89 |
<script>
|
90 |
|
|
|
|
|
|
|
|
|
|
|
|
|
91 |
function handledeactivateplugin(){
|
92 |
jQuery('#mo2f_feedback_form_close').submit();
|
93 |
}
|
94 |
|
95 |
+
jQuery('#other_plugins_installed').hide();
|
96 |
+
|
97 |
jQuery('a[aria-label="Deactivate miniOrange 2 Factor Authentication"]').click(function () {
|
98 |
// Get the mo2f_modal
|
99 |
<?php if(! get_option( 'mo2f_feedback_form' )){ ?>
|
111 |
var reason = jQuery(this).val();
|
112 |
jQuery('#query_feedback').removeAttr('required');
|
113 |
if (reason == "Did not want to create an account") {
|
114 |
+
jQuery('#other_plugins_installed').hide();
|
115 |
jQuery('#query_feedback').attr("placeholder", "Write your query here.");
|
116 |
jQuery('#link_id').html('<p style="background-color:#a3e8c2;padding:5px;">We have another 2FA plugin for Wordpress that is entirely on-premise. You can manage all your data within the plugin' +
|
117 |
', without the need of creating an account with miniOrange. To get the plugin, ' +
|
118 |
'<a href="<?php echo $install_link?>" target="_blank" onclick="handledeactivateplugin()"><b>CLICK HERE.</b></a></p>');
|
119 |
jQuery('#link_id').show();
|
120 |
}else if (reason == "Upgrading to Premium") {
|
121 |
+
jQuery('#other_plugins_installed').hide();
|
122 |
jQuery('#query_feedback').attr("placeholder", "Write your query here.");
|
123 |
jQuery('#link_id').html('<p style="background-color:#a3e8c2;padding:5px;">Thanks for upgrading. For setup instructions, please follow this guide' +
|
124 |
', <a href="<?php echo $setup_guide_link?>" download><b>DOWNLOAD GUIDE.</b></a></p>');
|
125 |
jQuery('#link_id').show();
|
126 |
}else if (reason == "Conflicts with other plugins") {
|
127 |
jQuery('#query_feedback').attr("placeholder", "Can you please mention the plugin name, and the issue?");
|
128 |
+
jQuery('#other_plugins_installed').show();
|
129 |
jQuery('#link_id').hide();
|
130 |
}else if (reason == "Other Reasons:") {
|
131 |
+
jQuery('#other_plugins_installed').hide();
|
132 |
jQuery('#query_feedback').attr("placeholder", "Can you let us know the reason for deactivation");
|
133 |
jQuery('#query_feedback').prop('required', true);
|
134 |
jQuery('#link_id').hide();
|
135 |
}else{
|
136 |
+
jQuery('#other_plugins_installed').hide();
|
137 |
jQuery('#query_feedback').attr("placeholder", "Write your query here.");
|
138 |
jQuery('#link_id').hide();
|
139 |
}
|
views/test_2fa_notification.php
ADDED
@@ -0,0 +1,37 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
|
3 |
+
function mo2f_display_test_2fa_notification( $user ) {
|
4 |
+
global $Mo2fdbQueries;
|
5 |
+
$mo2f_configured_2FA_method = $Mo2fdbQueries->get_user_detail( 'mo2f_configured_2FA_method', $user->ID );
|
6 |
+
|
7 |
+
?>
|
8 |
+
<!DOCTYPE html>
|
9 |
+
<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js"></script>
|
10 |
+
<div id="twoFAtestAlertModal" class="mo2f_modal mo2f_modal_inner fade" role="dialog">
|
11 |
+
<div class="mo2f_modal-dialog">
|
12 |
+
<!-- Modal content-->
|
13 |
+
<div class="login mo_customer_validation-modal-content" style="width:660px !important;">
|
14 |
+
<div class="mo2f_modal-header">
|
15 |
+
<button type="button" class="mo2f_close" data-dismiss="modal">×</button>
|
16 |
+
<h2 class="mo2f_modal-title" style="font-family: Roboto,Helvetica,Arial,sans-serif;">2FA Setup Successful.</h2>
|
17 |
+
</div>
|
18 |
+
<div class="mo2f_modal-body">
|
19 |
+
<p style="font-size:14px;"><b><?php echo $mo2f_configured_2FA_method; ?> </b> has been set as your 2-factor authentication method.
|
20 |
+
<br><br>Please test the login flow once with 2nd factor in another browser or in an incognito window of the
|
21 |
+
same browser to ensure you don't get locked out of your site.</p>
|
22 |
+
</div>
|
23 |
+
<div class="mo2f_modal-footer">
|
24 |
+
<button type="button" class="button button-primary" data-dismiss="modal">Got it!</button>
|
25 |
+
</div>
|
26 |
+
</div>
|
27 |
+
</div>
|
28 |
+
</div>
|
29 |
+
|
30 |
+
<script>
|
31 |
+
jQuery(function () {
|
32 |
+
jQuery('#twoFAtestAlertModal').modal('toggle');
|
33 |
+
});
|
34 |
+
</script>
|
35 |
+
|
36 |
+
<?php }
|
37 |
+
?>
|