From cd2661fc0b9ae64643f072b3513b0db8d27a3f0a Mon Sep 17 00:00:00 2001 From: Daniel Supernault Date: Mon, 14 Dec 2020 22:30:44 -0700 Subject: [PATCH] Update 2FA setup, fix qrcode handler --- .../Controllers/Settings/SecuritySettings.php | 16 +- composer.json | 4 +- composer.lock | 401 ++++++++---------- .../settings/security/2fa/setup.blade.php | 2 +- 4 files changed, 203 insertions(+), 220 deletions(-) diff --git a/app/Http/Controllers/Settings/SecuritySettings.php b/app/Http/Controllers/Settings/SecuritySettings.php index 8cb8261e7..1acb96078 100644 --- a/app/Http/Controllers/Settings/SecuritySettings.php +++ b/app/Http/Controllers/Settings/SecuritySettings.php @@ -15,6 +15,10 @@ use DB; use Carbon\Carbon; use Illuminate\Http\Request; use PragmaRX\Google2FA\Google2FA; +use BaconQrCode\Renderer\ImageRenderer; +use BaconQrCode\Renderer\Image\ImagickImageBackEnd; +use BaconQrCode\Renderer\RendererStyle\RendererStyle; +use BaconQrCode\Writer; trait SecuritySettings { @@ -43,14 +47,22 @@ trait SecuritySettings return redirect(route('account.security')); } $backups = $this->generateBackupCodes(); - $google2fa = new Google2FA(); + //$google2fa = new Google2FA(); + $google2fa = app(Google2FA::class); $key = $google2fa->generateSecretKey(32); - $qrcode = $google2fa->getQRCodeInline( + $qrcode = $google2fa->getQRCodeUrl( config('pixelfed.domain.app'), $user->email, $key, 500 ); + $writer = new Writer( + new ImageRenderer( + new RendererStyle(400), + new ImagickImageBackEnd() + ) + ); + $qrcode = base64_encode($writer->writeString($qrcode)); $user->{'2fa_secret'} = $key; $user->{'2fa_backup_codes'} = json_encode($backups); $user->save(); diff --git a/composer.json b/composer.json index 236f19ac8..71c9347d5 100644 --- a/composer.json +++ b/composer.json @@ -32,9 +32,9 @@ "league/iso3166": "^2.1", "pbmedia/laravel-ffmpeg": "^7.0", "phpseclib/phpseclib": "~2.0", - "pixelfed/bacon-qr-code": "^3.0", + "bacon/bacon-qr-code": "^2.0.3", "pixelfed/fractal": "^0.18.0", - "pixelfed/google2fa": "^4.0", + "pragmarx/google2fa": "^8.0", "pixelfed/laravel-snowflake": "^2.0", "pixelfed/zttp": "^0.4", "predis/predis": "^1.1", diff --git a/composer.lock b/composer.lock index 2f33c2f2b..c748505fe 100644 --- a/composer.lock +++ b/composer.lock @@ -4,7 +4,7 @@ "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies", "This file is @generated automatically" ], - "content-hash": "6b4b0bfdf905dad6d2527b5893665b40", + "content-hash": "b4d25a7ba9e07f08e9ddacc2ddf5cfc1", "packages": [ { "name": "alchemy/binary-driver", @@ -130,16 +130,16 @@ }, { "name": "aws/aws-sdk-php", - "version": "3.168.3", + "version": "3.169.0", "source": { "type": "git", "url": "https://github.com/aws/aws-sdk-php.git", - "reference": "49ef1f905388c8185012c9651b80941b8f2a218d" + "reference": "d15a231355e4435fc33bab83df075ec31edd0a9b" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/aws/aws-sdk-php/zipball/49ef1f905388c8185012c9651b80941b8f2a218d", - "reference": "49ef1f905388c8185012c9651b80941b8f2a218d", + "url": "https://api.github.com/repos/aws/aws-sdk-php/zipball/d15a231355e4435fc33bab83df075ec31edd0a9b", + "reference": "d15a231355e4435fc33bab83df075ec31edd0a9b", "shasum": "" }, "require": { @@ -214,9 +214,62 @@ "support": { "forum": "https://forums.aws.amazon.com/forum.jspa?forumID=80", "issues": "https://github.com/aws/aws-sdk-php/issues", - "source": "https://github.com/aws/aws-sdk-php/tree/3.168.3" + "source": "https://github.com/aws/aws-sdk-php/tree/3.169.0" }, - "time": "2020-12-11T19:12:18+00:00" + "time": "2020-12-14T19:12:33+00:00" + }, + { + "name": "bacon/bacon-qr-code", + "version": "2.0.3", + "source": { + "type": "git", + "url": "https://github.com/Bacon/BaconQrCode.git", + "reference": "3e9d791b67d0a2912922b7b7c7312f4b37af41e4" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/Bacon/BaconQrCode/zipball/3e9d791b67d0a2912922b7b7c7312f4b37af41e4", + "reference": "3e9d791b67d0a2912922b7b7c7312f4b37af41e4", + "shasum": "" + }, + "require": { + "dasprid/enum": "^1.0.3", + "ext-iconv": "*", + "php": "^7.1 || ^8.0" + }, + "require-dev": { + "phly/keep-a-changelog": "^1.4", + "phpunit/phpunit": "^7 | ^8 | ^9", + "squizlabs/php_codesniffer": "^3.4" + }, + "suggest": { + "ext-imagick": "to generate QR code images" + }, + "type": "library", + "autoload": { + "psr-4": { + "BaconQrCode\\": "src/" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "BSD-2-Clause" + ], + "authors": [ + { + "name": "Ben Scholzen 'DASPRiD'", + "email": "mail@dasprids.de", + "homepage": "https://dasprids.de/", + "role": "Developer" + } + ], + "description": "BaconQrCode is a QR code generator for PHP.", + "homepage": "https://github.com/Bacon/BaconQrCode", + "support": { + "issues": "https://github.com/Bacon/BaconQrCode/issues", + "source": "https://github.com/Bacon/BaconQrCode/tree/2.0.3" + }, + "time": "2020-10-30T02:02:47+00:00" }, { "name": "beyondcode/laravel-self-diagnosis", @@ -488,6 +541,53 @@ ], "time": "2020-12-03T15:47:16+00:00" }, + { + "name": "dasprid/enum", + "version": "1.0.3", + "source": { + "type": "git", + "url": "https://github.com/DASPRiD/Enum.git", + "reference": "5abf82f213618696dda8e3bf6f64dd042d8542b2" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/DASPRiD/Enum/zipball/5abf82f213618696dda8e3bf6f64dd042d8542b2", + "reference": "5abf82f213618696dda8e3bf6f64dd042d8542b2", + "shasum": "" + }, + "require-dev": { + "phpunit/phpunit": "^7 | ^8 | ^9", + "squizlabs/php_codesniffer": "^3.4" + }, + "type": "library", + "autoload": { + "psr-4": { + "DASPRiD\\Enum\\": "src/" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "BSD-2-Clause" + ], + "authors": [ + { + "name": "Ben Scholzen 'DASPRiD'", + "email": "mail@dasprids.de", + "homepage": "https://dasprids.de/", + "role": "Developer" + } + ], + "description": "PHP 7.1 enum implementation", + "keywords": [ + "enum", + "map" + ], + "support": { + "issues": "https://github.com/DASPRiD/Enum/issues", + "source": "https://github.com/DASPRiD/Enum/tree/1.0.3" + }, + "time": "2020-10-02T16:03:48+00:00" + }, { "name": "defuse/php-encryption", "version": "v2.2.1", @@ -3195,16 +3295,16 @@ }, { "name": "monolog/monolog", - "version": "2.1.1", + "version": "2.2.0", "source": { "type": "git", "url": "https://github.com/Seldaek/monolog.git", - "reference": "f9eee5cec93dfb313a38b6b288741e84e53f02d5" + "reference": "1cb1cde8e8dd0f70cc0fe51354a59acad9302084" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/Seldaek/monolog/zipball/f9eee5cec93dfb313a38b6b288741e84e53f02d5", - "reference": "f9eee5cec93dfb313a38b6b288741e84e53f02d5", + "url": "https://api.github.com/repos/Seldaek/monolog/zipball/1cb1cde8e8dd0f70cc0fe51354a59acad9302084", + "reference": "1cb1cde8e8dd0f70cc0fe51354a59acad9302084", "shasum": "" }, "require": { @@ -3217,16 +3317,17 @@ "require-dev": { "aws/aws-sdk-php": "^2.4.9 || ^3.0", "doctrine/couchdb": "~1.0@dev", - "elasticsearch/elasticsearch": "^6.0", + "elasticsearch/elasticsearch": "^7", "graylog2/gelf-php": "^1.4.2", + "mongodb/mongodb": "^1.8", "php-amqplib/php-amqplib": "~2.4", "php-console/php-console": "^3.1.3", - "php-parallel-lint/php-parallel-lint": "^1.0", "phpspec/prophecy": "^1.6.1", + "phpstan/phpstan": "^0.12.59", "phpunit/phpunit": "^8.5", "predis/predis": "^1.1", "rollbar/rollbar": "^1.3", - "ruflin/elastica": ">=0.90 <3.0", + "ruflin/elastica": ">=0.90 <7.0.1", "swiftmailer/swiftmailer": "^5.3|^6.0" }, "suggest": { @@ -3246,7 +3347,7 @@ "type": "library", "extra": { "branch-alias": { - "dev-master": "2.x-dev" + "dev-main": "2.x-dev" } }, "autoload": { @@ -3262,11 +3363,11 @@ { "name": "Jordi Boggiano", "email": "j.boggiano@seld.be", - "homepage": "http://seld.be" + "homepage": "https://seld.be" } ], "description": "Sends your logs to files, sockets, inboxes, databases and various web services", - "homepage": "http://github.com/Seldaek/monolog", + "homepage": "https://github.com/Seldaek/monolog", "keywords": [ "log", "logging", @@ -3274,7 +3375,7 @@ ], "support": { "issues": "https://github.com/Seldaek/monolog/issues", - "source": "https://github.com/Seldaek/monolog/tree/2.1.1" + "source": "https://github.com/Seldaek/monolog/tree/2.2.0" }, "funding": [ { @@ -3286,7 +3387,7 @@ "type": "tidelift" } ], - "time": "2020-07-23T08:41:23+00:00" + "time": "2020-12-14T13:15:25+00:00" }, { "name": "mtdowling/jmespath.php", @@ -3753,33 +3854,29 @@ }, { "name": "paragonie/random_compat", - "version": "v2.0.19", + "version": "v9.99.100", "source": { "type": "git", "url": "https://github.com/paragonie/random_compat.git", - "reference": "446fc9faa5c2a9ddf65eb7121c0af7e857295241" + "reference": "996434e5492cb4c3edcb9168db6fbb1359ef965a" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/paragonie/random_compat/zipball/446fc9faa5c2a9ddf65eb7121c0af7e857295241", - "reference": "446fc9faa5c2a9ddf65eb7121c0af7e857295241", + "url": "https://api.github.com/repos/paragonie/random_compat/zipball/996434e5492cb4c3edcb9168db6fbb1359ef965a", + "reference": "996434e5492cb4c3edcb9168db6fbb1359ef965a", "shasum": "" }, "require": { - "php": ">=5.2.0" + "php": ">= 7" }, "require-dev": { - "phpunit/phpunit": "4.*|5.*" + "phpunit/phpunit": "4.*|5.*", + "vimeo/psalm": "^1" }, "suggest": { "ext-libsodium": "Provides a modern crypto API that can be used to generate random bytes." }, "type": "library", - "autoload": { - "files": [ - "lib/random.php" - ] - }, "notification-url": "https://packagist.org/downloads/", "license": [ "MIT" @@ -3803,7 +3900,7 @@ "issues": "https://github.com/paragonie/random_compat/issues", "source": "https://github.com/paragonie/random_compat" }, - "time": "2020-10-15T10:06:57+00:00" + "time": "2020-10-15T08:29:30+00:00" }, { "name": "pbmedia/laravel-ffmpeg", @@ -4209,52 +4306,6 @@ ], "time": "2020-09-08T04:24:43+00:00" }, - { - "name": "pixelfed/bacon-qr-code", - "version": "3.1.0", - "source": { - "type": "git", - "url": "https://github.com/pixelfed/BaconQrCode.git", - "reference": "912bb5dba5eea165e500abb8ed36e59971d6d724" - }, - "dist": { - "type": "zip", - "url": "https://api.github.com/repos/pixelfed/BaconQrCode/zipball/912bb5dba5eea165e500abb8ed36e59971d6d724", - "reference": "912bb5dba5eea165e500abb8ed36e59971d6d724", - "shasum": "" - }, - "require": { - "ext-iconv": "*", - "php": "^7.1" - }, - "suggest": { - "ext-imagick": "to generate QR code images" - }, - "type": "library", - "autoload": { - "psr-4": { - "BaconQrCode\\": "src/" - } - }, - "notification-url": "https://packagist.org/downloads/", - "license": [ - "BSD-2-Clause" - ], - "authors": [ - { - "name": "Ben Scholzen 'DASPRiD'", - "email": "mail@dasprids.de", - "homepage": "http://www.dasprids.de", - "role": "Developer" - } - ], - "description": "BaconQrCode is a QR code generator for PHP.", - "homepage": "https://github.com/pixelfed/BaconQrCode", - "support": { - "source": "https://github.com/pixelfed/BaconQrCode/tree/3.1.0" - }, - "time": "2018-09-03T06:48:07+00:00" - }, { "name": "pixelfed/fractal", "version": "0.18.0", @@ -4322,70 +4373,6 @@ }, "time": "2018-07-01T02:30:24+00:00" }, - { - "name": "pixelfed/google2fa", - "version": "v4.0.0", - "source": { - "type": "git", - "url": "https://github.com/pixelfed/google2fa.git", - "reference": "919ecec68074a27818451d8653029773a2391fe5" - }, - "dist": { - "type": "zip", - "url": "https://api.github.com/repos/pixelfed/google2fa/zipball/919ecec68074a27818451d8653029773a2391fe5", - "reference": "919ecec68074a27818451d8653029773a2391fe5", - "shasum": "" - }, - "require": { - "paragonie/constant_time_encoding": "~1.0|~2.0", - "paragonie/random_compat": "~1.4|~2.0", - "php": ">=5.4", - "symfony/polyfill-php56": "~1.2" - }, - "require-dev": { - "bacon/bacon-qr-code": "~1.0", - "phpunit/phpunit": "~4|~5|~6" - }, - "suggest": { - "bacon/bacon-qr-code": "Required to generate inline QR Codes." - }, - "type": "library", - "extra": { - "component": "package", - "branch-alias": { - "dev-master": "2.0-dev" - } - }, - "autoload": { - "psr-4": { - "PragmaRX\\Google2FA\\": "src/", - "PragmaRX\\Google2FA\\Tests\\": "tests/" - } - }, - "notification-url": "https://packagist.org/downloads/", - "license": [ - "MIT" - ], - "authors": [ - { - "name": "Antonio Carlos Ribeiro", - "email": "acr@antoniocarlosribeiro.com", - "role": "Creator & Designer" - } - ], - "description": "A One Time Password Authentication package, compatible with Google Authenticator.", - "keywords": [ - "2fa", - "Authentication", - "Two Factor Authentication", - "google2fa", - "laravel" - ], - "support": { - "source": "https://github.com/pixelfed/google2fa/tree/v4.0.0" - }, - "time": "2018-07-05T03:38:31+00:00" - }, { "name": "pixelfed/laravel-snowflake", "version": "v2.0.0", @@ -4494,6 +4481,58 @@ }, "time": "2018-07-30T05:04:42+00:00" }, + { + "name": "pragmarx/google2fa", + "version": "8.0.0", + "source": { + "type": "git", + "url": "https://github.com/antonioribeiro/google2fa.git", + "reference": "26c4c5cf30a2844ba121760fd7301f8ad240100b" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/antonioribeiro/google2fa/zipball/26c4c5cf30a2844ba121760fd7301f8ad240100b", + "reference": "26c4c5cf30a2844ba121760fd7301f8ad240100b", + "shasum": "" + }, + "require": { + "paragonie/constant_time_encoding": "^1.0|^2.0", + "php": "^7.1|^8.0" + }, + "require-dev": { + "phpstan/phpstan": "^0.12.18", + "phpunit/phpunit": "^7.5.15|^8.5|^9.0" + }, + "type": "library", + "autoload": { + "psr-4": { + "PragmaRX\\Google2FA\\": "src/" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Antonio Carlos Ribeiro", + "email": "acr@antoniocarlosribeiro.com", + "role": "Creator & Designer" + } + ], + "description": "A One Time Password Authentication package, compatible with Google Authenticator.", + "keywords": [ + "2fa", + "Authentication", + "Two Factor Authentication", + "google2fa" + ], + "support": { + "issues": "https://github.com/antonioribeiro/google2fa/issues", + "source": "https://github.com/antonioribeiro/google2fa/tree/8.0.0" + }, + "time": "2020-04-05T10:47:18+00:00" + }, { "name": "predis/predis", "version": "v1.1.6", @@ -7027,74 +7066,6 @@ ], "time": "2020-10-23T14:02:19+00:00" }, - { - "name": "symfony/polyfill-php56", - "version": "v1.20.0", - "source": { - "type": "git", - "url": "https://github.com/symfony/polyfill-php56.git", - "reference": "54b8cd7e6c1643d78d011f3be89f3ef1f9f4c675" - }, - "dist": { - "type": "zip", - "url": "https://api.github.com/repos/symfony/polyfill-php56/zipball/54b8cd7e6c1643d78d011f3be89f3ef1f9f4c675", - "reference": "54b8cd7e6c1643d78d011f3be89f3ef1f9f4c675", - "shasum": "" - }, - "require": { - "php": ">=7.1" - }, - "type": "metapackage", - "extra": { - "branch-alias": { - "dev-main": "1.20-dev" - }, - "thanks": { - "name": "symfony/polyfill", - "url": "https://github.com/symfony/polyfill" - } - }, - "notification-url": "https://packagist.org/downloads/", - "license": [ - "MIT" - ], - "authors": [ - { - "name": "Nicolas Grekas", - "email": "p@tchwork.com" - }, - { - "name": "Symfony Community", - "homepage": "https://symfony.com/contributors" - } - ], - "description": "Symfony polyfill backporting some PHP 5.6+ features to lower PHP versions", - "homepage": "https://symfony.com", - "keywords": [ - "compatibility", - "polyfill", - "portable", - "shim" - ], - "support": { - "source": "https://github.com/symfony/polyfill-php56/tree/v1.20.0" - }, - "funding": [ - { - "url": "https://symfony.com/sponsor", - "type": "custom" - }, - { - "url": "https://github.com/fabpot", - "type": "github" - }, - { - "url": "https://tidelift.com/funding/github/packagist/symfony/symfony", - "type": "tidelift" - } - ], - "time": "2020-10-23T14:02:19+00:00" - }, { "name": "symfony/polyfill-php72", "version": "v1.20.0", @@ -9019,16 +8990,16 @@ }, { "name": "phar-io/version", - "version": "3.0.3", + "version": "3.0.4", "source": { "type": "git", "url": "https://github.com/phar-io/version.git", - "reference": "726c026815142e4f8677b7cb7f2249c9ffb7ecae" + "reference": "e4782611070e50613683d2b9a57730e9a3ba5451" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/phar-io/version/zipball/726c026815142e4f8677b7cb7f2249c9ffb7ecae", - "reference": "726c026815142e4f8677b7cb7f2249c9ffb7ecae", + "url": "https://api.github.com/repos/phar-io/version/zipball/e4782611070e50613683d2b9a57730e9a3ba5451", + "reference": "e4782611070e50613683d2b9a57730e9a3ba5451", "shasum": "" }, "require": { @@ -9064,9 +9035,9 @@ "description": "Library for handling version information and constraints", "support": { "issues": "https://github.com/phar-io/version/issues", - "source": "https://github.com/phar-io/version/tree/3.0.3" + "source": "https://github.com/phar-io/version/tree/3.0.4" }, - "time": "2020-11-30T09:21:21+00:00" + "time": "2020-12-13T23:18:30+00:00" }, { "name": "phpdocumentor/reflection-common", diff --git a/resources/views/settings/security/2fa/setup.blade.php b/resources/views/settings/security/2fa/setup.blade.php index 10e75aae7..d8b3290b2 100644 --- a/resources/views/settings/security/2fa/setup.blade.php +++ b/resources/views/settings/security/2fa/setup.blade.php @@ -45,7 +45,7 @@

QR Code

- +

OTP Secret