diff --git a/appinfo/info.xml b/appinfo/info.xml
index d5d0749..3f2c1ba 100644
--- a/appinfo/info.xml
+++ b/appinfo/info.xml
@@ -8,6 +8,11 @@
0.0.1
TwoFactor_U2F
tools
+
+
+ OCA\TwoFactor_U2F\Provider\U2FProvider
+
+
diff --git a/js/challenge.js b/js/challenge.js
new file mode 100644
index 0000000..ef7de95
--- /dev/null
+++ b/js/challenge.js
@@ -0,0 +1,21 @@
+/* global OCA, u2f */
+
+(function (OCA, u2f) {
+ 'use strict';
+
+ OCA.TwoFactor_U2F = OCA.TwoFactor_U2F || {};
+
+ $(function () {
+ var req = JSON.parse($('#u2f-auth').val());
+ console.log("sign: ", req);
+ u2f.sign(req, function (data) {
+ var $form = $('#u2f-form');
+ var $auth = $('#challenge');
+ console.log($form);
+ console.log($auth);
+ console.log("Authenticate callback", data);
+ $auth.val(JSON.stringify(data));
+ $form.submit();
+ });
+ });
+})(OCA || {}, u2f);
diff --git a/lib/Provider/U2FProvider.php b/lib/Provider/U2FProvider.php
new file mode 100644
index 0000000..0acc7f3
--- /dev/null
+++ b/lib/Provider/U2FProvider.php
@@ -0,0 +1,101 @@
+
+ * @copyright Christoph Wurst 2016
+ */
+
+namespace OCA\TwoFactor_U2F\Provider;
+
+use OCA\TwoFactor_U2F\Service\U2FManager;
+use OCP\Authentication\TwoFactorAuth\IProvider;
+use OCP\IL10N;
+use OCP\IUser;
+use OCP\Template;
+
+class U2FProvider implements IProvider {
+
+ /** @var IL10N */
+ private $l10n;
+
+ /** @var U2FManager */
+ private $manager;
+
+ /**
+ * @param IL10N $l10n
+ * @param U2FManager $manager
+ */
+ public function __construct(IL10N $l10n, U2FManager $manager) {
+ $this->l10n = $l10n;
+ $this->manager = $manager;
+ }
+
+ /**
+ * Get unique identifier of this 2FA provider
+ *
+ * @return string
+ */
+ public function getId() {
+ return 'u2f';
+ }
+
+ /**
+ * Get the display name for selecting the 2FA provider
+ *
+ * @return string
+ */
+ public function getDisplayName() {
+ return 'U2F Device';
+ }
+
+ /**
+ * Get the description for selecting the 2FA provider
+ *
+ * @return string
+ */
+ public function getDescription() {
+ return $this->l10n->t('Authenticate with an U2F device');
+ }
+
+ /**
+ * Get the template for rending the 2FA provider view
+ *
+ * @param IUser $user
+ * @return Template
+ */
+ public function getTemplate(IUser $user) {
+ $reqs = $this->manager->startAuthenticate();
+
+ $tmpl = new Template('twofactor_u2f', 'challenge');
+ $tmpl->assign('reqs', $reqs);
+ return $tmpl;
+ }
+
+ /**
+ * Verify the given challenge
+ *
+ * @param IUser $user
+ * @param string $challenge
+ */
+ public function verifyChallenge(IUser $user, $challenge) {
+ $x = $challenge;
+ $this->manager->finishAuthenticate($challenge);
+ return true;
+ }
+
+ /**
+ * Decides whether 2FA is enabled for the given user
+ *
+ * @param IUser $user
+ * @return boolean
+ */
+ public function isTwoFactorAuthEnabledForUser(IUser $user) {
+ return $this->manager->isEnabled($user);
+ }
+
+}
diff --git a/lib/Service/U2FManager.php b/lib/Service/U2FManager.php
index 8564d7f..4acbb7d 100644
--- a/lib/Service/U2FManager.php
+++ b/lib/Service/U2FManager.php
@@ -89,11 +89,17 @@ class U2FManager {
public function startAuthenticate() {
$u2f = $this->getU2f();
- $u2f->getAuthenticateData($registrations);
+ $reqs = $u2f->getAuthenticateData($this->getRegs());
+ $this->session->set('twofactor_u2f_authReq', json_encode($reqs));
+ return $reqs;
}
- public function finishAuthenticate() {
-
+ public function finishAuthenticate($challenge) {
+ $u2f = $this->getU2f();
+
+ $authReq = json_decode($this->session->get('twofactor_u2f_authReq'));
+ $reg = $u2f->doAuthenticate($authReq, $this->getRegs(), json_decode($challenge));
+ $this->setReg($reg);
}
}
diff --git a/templates/challenge.php b/templates/challenge.php
new file mode 100644
index 0000000..5b31dad
--- /dev/null
+++ b/templates/challenge.php
@@ -0,0 +1,12 @@
+
+
+
+
+
\ No newline at end of file