Can someone guide me on what I've done wrong with implementing Google authentication app?
Here is what I've tried without success:
1# Create secret key
$chars = 'ABCDEFGHIJKLMNOPQRSTUVWXYZ234567'; // allowed characters in Base32
$secret = '';
for ( $i = 0; $i < 16; $i++ )
{ $secret .= substr( $chars, mt_rand( 0, strlen( $chars ) - 1 ), 1 ); }
2# Create QR code via google service (description+secret key)and scan by smart phone and 6 digit is generating in every 30sec by Google-authentication app
3#. Now I'm trying to verify it ...([use base32 algo][1])
$tm = floor( time() / 30 ); // for time purpose
$secretkey=Base32::decode($secretkey); // return blank
$time=chr(0).chr(0).chr(0).chr(0).pack('N*',$tm+$i);
// Hash it with users secret key
$hm = hash_hmac( 'SHA1', $time, $secretkey, true );
// Use last nipple of result as index/offset
$offset = ord(substr($hm,-1)) & 0x0F;
// grab 4 bytes of the result
$hashpart=substr($hm,$offset,4);
// Unpak binary value
$value=unpack("N",$hashpart);
$value=$value[1];
// Only 32 bits
$value = $value & 0x7FFFFFFF;
$value = $value % 1000000;
The above code is based on other sources(wordpress google authentication app)...but it's not working.
$secretkey=Base32::decode($secretkey);
always returns blank (empty)
Is there another way how to verify or implement time-based algo? Or a link where I can read about how to code for 2-way authentication for site?
Thanks for advance and appreciable effort. (I think its a security purpose question so I have put here instead of stackoverflow.. :) )
Implemented by using github.com/chregu/GoogleAuthenticator.php
Related
I was playing with this was able to get it working immediately using Node/Javascript, took a while using Golang (this is just generating the user/password to be sent to coturn.) Notice the secret should match the coturn configuration and in the API JS/Go side.
The configuration on coturn: /etc/turnserver.conf
listening-port=443
tls-listening-port=443
listening-ip=10.100.0.2
relay-ip=10.100.0.2
external-ip=123.456.78.9
min-port=10000
max-port=20000
verbose
fingerprint
lt-cred-mech
server-name=myserver
realm=myserver
cert=/etc/SSL/fullchain.pem
pkey=/etc/SSL/privkey.pem
log-file=/var/log/turnserver.log
use-auth-secret
static-auth-secret=MySecret
The following is Node/Js Implementation API (copied from elsewhere - worked):
var crypto = require('crypto');
var unixTimeStamp = parseInt(Date.now()/1000) + 24*3600, // this credential valid for 24 hours
TempUser = [unixTimeStamp, "SomeUser"].join(':'),
TempPassword,
hmac = crypto.createHmac('sha1', "MySecret");
hmac.setEncoding('base64');
hmac.write(TempUser);
hmac.end();
TempPassword = hmac.read();
The following is GOLANG Implementation API (took a while):
UserId := "SomeUser"
// This worked, returned the exact seconds
timestamp := strconv.FormatInt(time.Now().UTC().Unix()+24*3600, 10)
// Example: The above is 1602692130
secret := "MySecret"
TempUser := timestamp + ":" + UserId // For API Auth, coturn expects this format, the timestamp is the expiry date of the final temp user/password.
// Create a new HMAC by defining the hash type and the key (as byte array)
//h := hmac.New(sha256.New, []byte(secret)) // sha256 does not work, use sha1
h := hmac.New(sha1.New, []byte(secret))
h.Write([]byte(TempUser))
//sha := b64.URLEncoding.EncodeToString(h.Sum(nil)) // URLEncoding did not work
TempPassword := b64.StdEncoding.EncodeToString(h.Sum(nil)) // StdEncoding worked
The JS on the Webrtc client. Notice we are using the TempUser and TempPassword here to be sent to coturn.
...
const stunUrl = 'stun:mystun_server',
turnUsername = TempUser,
turnPassword = TempPassword,
...
'iceServers': [
{ 'url': stunUrl },
{
'urls': turnUrl1,
'username': turnUsername,
'credential': turnPassword
},
Now coturn will authenticate using the TempUser and TempPassword above. Hope someone will find this useful. Thanks!
When i try to pass param from my application using [TwilioVoice Call] method i am not able to get those param on twiML application. but when i try to pass same data from POSTMAN with FormData its working fine and also successfully able to create call.
Would you please help me how can i use param passed from my iOS application into twiML
TwiML Application in PHP :
<?php
/*
* Makes a call to the specified client using the Twilio REST API.
*/
include('./vendor/autoload.php');
include('./config.php');
$to = isset($_GET["to"]) ? $_GET["to"] : "";
if (!isset($to) || empty($to)) {
$to = isset($POST["to"]) ? $_POST["to"] : "";
}
$from = isset($_GET["from"]) ? $_GET["from"] : "";
if (!isset($from) || empty($from)) {
$from = isset($POST["from"]) ? $_POST["from"] : "";
}
use Twilio\Twiml;
$response = new Twiml();
$dial = $response->dial(['callerId' => $from]);
$dial->client($to);
echo $response;
iOS Objective-C :
self.call = [TwilioVoice call:[self fetchAccessToken]
params:#{#"to": #"1",#"from":#"2"}
uuid:uuid
delegate:self];
Twilio Error Log when i try to pass param from iOS
Warning - 13224 Dial: Twilio does not support calling this number or the number is invalid
Reference TwiML Application Code
https://github.com/twilio/voice-quickstart-server-php
Twilio developer evangelist here.
The 12100 error comes from Twilio not being able to parse the TwiML returned from your server. In this case, it is because your PHP is not returning TwiML, it's trying to make a call using the REST API.
It should return a <Dial> with a nested <Client>. You can build this up using the helper library too. Try changing your code to this:
<?php
include('./vendor/autoload.php');
include('./config.php');
$to = isset($_REQUEST["To"]) ? $_REQUEST["To"] : "";
$to = str_replace("client:", "", $to);
$from = isset($_REQUEST["From"]) ? $_REQUEST["From"] : "";
use Twilio\Twiml;
$response = new Twiml();
$dial = $response->dial(['callerId' => $from]);
$dial->client($to);
echo $response;
Let me know if that helps.
Step 1. In the name you have to pass name of the user(any thing you want)
Step 2. You need to generate token using 3 parameters
Step 3. You need to create object of VoiceGrant
Step 4. You need to pass Id
Step 5. You need to set PUSH notification Id generate from twilio
$name = $this->input->post('name');
//$PUSH_CREDENTIAL_SID = 'CRaf1a66dd4a7656876e16c7820ef5c01e';
$outgoingApplicationSid = 'APf9b1b789ba690b8789d95a42511f2018';
// choose a random username for the connecting user
$identity = $name;
// Create access token, which we will serialize and send to the client
$token = new AccessToken(
$this->twilioAccountSid,
$this->twilioApiKey,
$this->twilioApiSecret,
3600,
$identity
);
// $chatGrant = new ChatGrant( $pushCredentialSid= "CRaf1a66dd4a7656876e16c7820ef5c01e");
//
// print_r($chatGrant);die;
// Create Chat grant
// $voiceGrant = new VoiceGrant($serviceSid = 'IS840a7e5f64634ab6bf179c3f8b0adfc4',$pushCredentialSid = 'CRaf1a66dd4a7656876e16c7820ef5c01e');
$voiceGrant = new VoiceGrant();
$voiceGrant->setOutgoingApplicationSid($outgoingApplicationSid);
// Optional: add to allow incoming calls
$voiceGrant->setIncomingAllow(true);
$voiceGrant->setPushCredentialSid('CRaf1a66dd4a7656876e16c7820ef5c01e');
// Add grant to token
$token->addGrant($voiceGrant);
// render token to string
$voice_token = $token->toJWT();
if($voice_token){
$data['token'] = $voice_token;
$this->response = array('status'=>1,'data'=>$data);
}else{
$this->response = array('status'=>0,'message'=>'Not found');
}
I'm new to Stackoverflow and this will be my first question. My HTML5 player works fine on Internet Explorer but doesn't work on google chrome. I'm using a PlayReady stream which is encrypted with CENC. How can I let this work on chrome? I don't have access to the servers, they're run by third parties.
Thanks
Technically it is possible to support Widevine while you're stream is PlayReady. This is possible since you use CENC. Since you don't have access to the servers like you mentioned you can use a technique called PSSH Forging. It basically replaces the pieces to make chrome think it's Widevine, since it's CENC the CDM will decrypt the video and the stream will play.
For the sake of ease i'm going to assume you use DASH.
We have here a PSSH Box:
const widevinePSSH = '0000005c7073736800000000edef8ba979d64acea3c827dcd51d21ed0000003c080112101c773709e5ab359cbed9512bc27755fa1a087573702d63656e63221848486333436557724e5a792b32564572776e64562b673d3d2a003200';
You need to replace 1c773709e5ab359cbed9512bc27755fa with your KID.
And then at the part where you insert you'r segment in the SourceBuffer (before appendSegment) you can do the following:
let segment = args[0];
segment = new Uint8Array(segment);
const newPssh = widevinePSSH.replace('1c773709e5ab359cbed9512bc27755fa', psshKid);
const subArray = new Uint8Array(DRMUtils.stringToArrayBuffer('70737368'));
let index = 0;
const found = subArray.every((item) => {
const masterIndex = segment.indexOf(item, index);
if (~masterIndex) {
index = masterIndex;
return true;
}
});
if (found) {
return originalSourceBufferAppendBuffer.apply(this, [].slice.call(args));
}
segment = DRMUtils.uInt8ArrayToHex(segment);
// Inject the forged signal
// 70737368 = pssh
segment = segment.substr(0, segment.lastIndexOf('70737368') - 8) + newPssh + segment.substr(segment.lastIndexOf('70737368') - 8);
// Fix the MOOV atom length
// 6d6f6f76 = moov
const header = segment.substr(0, segment.indexOf('6d6f6f76') - 8);
const payload = segment.substr(segment.indexOf('6d6f6f76') - 8);
const newLength = Math.floor(payload.length / 2);
segment = header + DRMUtils.intToHex(newLength, 8) + payload.substr(8);
segment = decode(segment).b;
Sadly i can only share bits and pieces but this is roughly what you should do to get it working.
I am working on prestashop web services for my android app, i searched a lot in google, but i did not find proper document/proper explanation. Can any one please guide me how to do user login/authentication using prestashop web services?.
You can make a call to the customer endpoint filtering by the customer's email. The result would have a "passwd" field, which is a hashed password which could either be md5 or bcrypt since Prestashop supports both. You can then hash the customer's password input and compare with the "passwd" field in the response. If the length of the "passwd" field is 32 (md5), you'll need parameter _COOKIE_KEY_ set in /app/config/parameters.php as a salt to generate your hash;
Make the call like this https://yourprestashopurl.com/api/customers?filter[email]=email#email.com&display=full
For md5 (if passwd is 32 characters long):
$hash = md5(_COOKIE_KEY_ . $input_password);
You can then compare $hash with passwd
For bcrypt (if passwd is 60 characters long):
Option 1:
$verify = password_verify($input_password, passwd);
You can accept $input_password when this returns true, otherwise $input_password is invalid
Option 2:
$hash = password_hash($input_password, PASSWORD_BCRYPT);
You can then compare $hash with passwd
Note: password_hash and password_verify are both built-in php functions since PHP 5.5.0
Use the PrestaShop webservices and filter with email and password like below:
http://localhost/api/customers/?filter[email]=test#prestashop.com&filter[password]=19910794b7c0b413e80f58298a8d8300
For those who are still searching for this answer:
<?php
if (isset($_GET["email"]) && isset($_GET["password"]))
{
$email = $_GET["email"];
$password = $_GET["password"];
$COOKIE_KEY = 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXX';
$jsonurl = "https://XXXXXXXXXXXXXXXXXXXX#example.com/api/customers?filter[email]=".$email."&display=[passwd]&output_format=JSON";
$json = file_get_contents($jsonurl);
$json_a = json_decode($json, true);
$loopone = $json_a['customers'];
$looptwo = $loopone[0];
$loopthree = $looptwo['passwd'];
$ZCpassword = md5($COOKIE_KEY . $password);
if (strcmp($loopthree, $ZCpassword) == 0) {
echo "sucess";
} else {
echo "fail";
}
}
else
{
echo "Error";
}
?>
I am retrieving tweets from multiple accounts (around 20) and displaying them on a page. The request are very slow and my page takes one to two minutes to load. I am using the twitteroauth library (PHP). If i reduce the number of accounts, the loading time kind of decreases.
Here's the function
//twitter credentials and connection
$consumer_key = variable_get('tw_consumer_key', 'xxxxxxxxxxx'); //consumer key
$consumer_secret = variable_get('tw_consumer_secret', 'xxxxxxx'); // consumer secret
$oauth_token = variable_get('tw_access_token', 'xxxxxxxxxxxx'); //oAuth Token
$oauth_token_secret = variable_get('tw_access_token_secret', 'xxxxxxxxxx'); //oAuth Token Secret
$connection = new TwitterOAuth($consumer_key, $consumer_secret, $oauth_token, $oauth_token_secret);
$connection->host = "https://api.twitter.com/1.1/";
//Retrieve feeds now
foreach ($twitter_accounts as $account_twitter) {
if (!empty($account_twitter['lien'])) {
$page_url = $account_twitter['lien'];
$twitter_name = $account_twitter['compte'];
$query = 'https://api.twitter.com/1.1/statuses/user_timeline.json?screen_name=' . $twitter_name . '&exclude_replies=true&include_rts=true&include_entities=true';
$content = $connection->get($query);
if (sizeof($content) > 0 && empty($content->errors)) {
$tw_tweets['posts'] = $content;
$tw_tweets['url'] = $page_url;
$twitter_feeds[] = $tw_tweets;
}//end if sizeof
else {
if (!empty($content->errors)) {
$error = '';
$error = (isset($content->errors[0]->message)) ? $content->errors[0]->message : '';
$error .= (isset($content->errors[0]->code)) ? ' code' . $content->errors[0]->code : '';
watchdog('ffbb_hubsocial', 'Twitter Account ' . $account_twitter['compte'] . ' failed to return results :' . $error);
}
}
}
}
Is the API slow ?
Anyone knows if the problem is with twitter ?
Duplicate question: Why are the Twitter api calls so slow?
As the above answer states, try testing the URL in your browser and see how long it takes. Hence, you'll be able to see if the issue is on your side or due to Twitter.