diff options
| author | Matthew Somerville <matthew@mysociety.org> | 2019-11-22 19:07:26 +0000 |
|---|---|---|
| committer | Matthew Somerville <matthew@mysociety.org> | 2019-11-23 14:52:02 +0000 |
| commit | 5ee12f1525fd928cb7af7558b61a2d0a001155bf (patch) | |
| tree | 1f6cedb8abbde5ffa049289aa4995a9ad51e4486 | |
| parent | 09026f609ce28860d555967e0f5d7cd833fb20d0 (diff) | |
Switch to internal QR code generator.
| -rw-r--r-- | conf/packages | 1 | ||||
| -rw-r--r-- | cpanfile | 1 | ||||
| -rw-r--r-- | cpanfile.snapshot | 7 | ||||
| -rw-r--r-- | perllib/Catalyst/Authentication/Credential/2FA.pm | 6 | ||||
| -rw-r--r-- | perllib/FixMyStreet/App.pm | 4 | ||||
| -rw-r--r-- | perllib/FixMyStreet/App/Controller/Auth.pm | 4 | ||||
| -rw-r--r-- | perllib/FixMyStreet/App/Controller/Auth/Profile.pm | 4 | ||||
| -rw-r--r-- | perllib/FixMyStreet/Auth/GoogleAuth.pm | 27 | ||||
| -rw-r--r-- | t/app/controller/report_new.t | 1 | ||||
| -rw-r--r-- | templates/web/base/auth/2fa/form-add.html | 2 |
10 files changed, 46 insertions, 11 deletions
diff --git a/conf/packages b/conf/packages index 23be6d28c..b8dd68e80 100644 --- a/conf/packages +++ b/conf/packages @@ -6,6 +6,7 @@ make g++ jhead liblocale-gettext-perl +libpng-dev libsoap-lite-perl memcached perl @@ -87,6 +87,7 @@ requires 'HTML::Entities'; requires 'HTML::FormHandler::Model::DBIC'; requires 'HTTP::Request::Common'; requires 'Image::Size', '3.300'; +requires 'Image::PNG::QRCode'; requires 'IO::Socket::SSL', '2.066'; requires 'IO::String'; requires 'JSON::MaybeXS'; diff --git a/cpanfile.snapshot b/cpanfile.snapshot index 273e4827c..ccb8bf1f6 100644 --- a/cpanfile.snapshot +++ b/cpanfile.snapshot @@ -3696,6 +3696,13 @@ DISTRIBUTIONS IO::WrapTie::Slave 2.110 requirements: ExtUtils::MakeMaker 0 + Image-PNG-QRCode-0.10 + pathname: B/BK/BKB/Image-PNG-QRCode-0.10.tar.gz + provides: + Image::PNG::QRCode 0.10 + requirements: + ExtUtils::MakeMaker 0 + perl 5.006001 Image-Size-3.300 pathname: R/RJ/RJRAY/Image-Size-3.300.tar.gz provides: diff --git a/perllib/Catalyst/Authentication/Credential/2FA.pm b/perllib/Catalyst/Authentication/Credential/2FA.pm index 8b6771037..3f59ada06 100644 --- a/perllib/Catalyst/Authentication/Credential/2FA.pm +++ b/perllib/Catalyst/Authentication/Credential/2FA.pm @@ -2,7 +2,7 @@ package Catalyst::Authentication::Credential::2FA; use strict; use warnings; -use Auth::GoogleAuth; +use FixMyStreet::Auth::GoogleAuth; our $VERSION = "0.01"; @@ -52,8 +52,8 @@ sub authenticate { } if ($action eq 'activate') { - my $auth = Auth::GoogleAuth->new; - $c->stash->{qr_code} = $auth->qr_code($secret, $user_obj->email, 'FixMyStreet'); + my $auth = FixMyStreet::Auth::GoogleAuth->new; + $c->stash->{qr_code} = $auth->qr_code($secret, $user_obj->email, $c->cobrand->base_url); $c->stash->{secret32} = $auth->secret32; $c->stash->{stage} = 'activate'; } diff --git a/perllib/FixMyStreet/App.pm b/perllib/FixMyStreet/App.pm index 3e8c07fb0..42556d1df 100644 --- a/perllib/FixMyStreet/App.pm +++ b/perllib/FixMyStreet/App.pm @@ -13,7 +13,7 @@ use FixMyStreet::Email::Sender; use FixMyStreet::PhotoStorage; use Utils; -use Auth::GoogleAuth; +use FixMyStreet::Auth::GoogleAuth; use Path::Tiny 'path'; use Try::Tiny; use Text::CSV; @@ -528,7 +528,7 @@ sub check_2fa { my ($c, $secret32) = @_; if (my $code = $c->get_param('2fa_code')) { - my $auth = Auth::GoogleAuth->new; + my $auth = FixMyStreet::Auth::GoogleAuth->new; return 1 if $auth->verify($code, 2, $secret32); $c->stash->{incorrect_code} = 1; } diff --git a/perllib/FixMyStreet/App/Controller/Auth.pm b/perllib/FixMyStreet/App/Controller/Auth.pm index 8265506ab..4660f45dd 100644 --- a/perllib/FixMyStreet/App/Controller/Auth.pm +++ b/perllib/FixMyStreet/App/Controller/Auth.pm @@ -364,8 +364,8 @@ sub signup_2fa : Private { } if ($action eq 'activate') { - my $auth = Auth::GoogleAuth->new; - $c->stash->{qr_code} = $auth->qr_code($secret, $user->email, 'FixMyStreet'); + my $auth = FixMyStreet::Auth::GoogleAuth->new; + $c->stash->{qr_code} = $auth->qr_code($secret, $user->email, $c->cobrand->base_url); $c->stash->{secret32} = $auth->secret32; $c->stash->{stage} = 'activate'; } diff --git a/perllib/FixMyStreet/App/Controller/Auth/Profile.pm b/perllib/FixMyStreet/App/Controller/Auth/Profile.pm index a1bbfc570..a89c6f539 100644 --- a/perllib/FixMyStreet/App/Controller/Auth/Profile.pm +++ b/perllib/FixMyStreet/App/Controller/Auth/Profile.pm @@ -216,8 +216,8 @@ sub generate_token : Path('/auth/generate_token') { } if ($action eq 'activate') { - my $auth = Auth::GoogleAuth->new; - $c->stash->{qr_code} = $auth->qr_code($secret, $c->user->email, 'FixMyStreet'); + my $auth = FixMyStreet::Auth::GoogleAuth->new; + $c->stash->{qr_code} = $auth->qr_code($secret, $c->user->email, $c->cobrand->base_url); $c->stash->{secret32} = $auth->secret32; $c->stash->{stage} = 'activate'; } diff --git a/perllib/FixMyStreet/Auth/GoogleAuth.pm b/perllib/FixMyStreet/Auth/GoogleAuth.pm new file mode 100644 index 000000000..ffe58b2dd --- /dev/null +++ b/perllib/FixMyStreet/Auth/GoogleAuth.pm @@ -0,0 +1,27 @@ +package FixMyStreet::Auth::GoogleAuth; + +use parent 'Auth::GoogleAuth'; + +use strict; +use warnings; +use Image::PNG::QRCode 'qrpng'; +use URI; + +# Overridden to return a data: URI of the image +sub qr_code { + my $self = shift; + my ( $secret32, $key_id, $issuer, $return_otpauth ) = @_; + + # Make issuer a bit nicer to read + $issuer =~ s{https?://}{}; + + my $otpauth = $self->SUPER::qr_code($secret32, $key_id, $issuer, 1); + return $otpauth if $return_otpauth; + + my $u = URI->new('data:'); + $u->media_type('image/png'); + $u->data(qrpng(text => $otpauth)); + return $u; +} + +1; diff --git a/t/app/controller/report_new.t b/t/app/controller/report_new.t index a364c786c..650defb70 100644 --- a/t/app/controller/report_new.t +++ b/t/app/controller/report_new.t @@ -990,7 +990,6 @@ foreach my $test ( use Auth::GoogleAuth; my $auth = Auth::GoogleAuth->new({ secret32 => $token }); my $code = $auth->code; - print $mech->encoded_content; $mech->submit_form_ok({ with_fields => { '2fa_code' => $code } }, "provide correct 2FA code" ); } diff --git a/templates/web/base/auth/2fa/form-add.html b/templates/web/base/auth/2fa/form-add.html index 706f1a31d..3603ec46c 100644 --- a/templates/web/base/auth/2fa/form-add.html +++ b/templates/web/base/auth/2fa/form-add.html @@ -1,6 +1,6 @@ <p>[% loc('Please scan this image with your app, or enter the text code into your app, then generate a new one-time code and enter it below:') %]</p> -<p align="center"><img src="[% qr_code %]"></p> +<p align="center"><img src="[% qr_code %]" alt=""></p> <p align="center">[% secret32.replace('(....)', '$1 ') %]</p> [% IF incorrect_code %] |