TOTP.php

Go to the documentation of this file.

<?php
 
namespace ZitadelPhpClient\User\SetupTwoFactorAuth;
 
 
use Exception;
use chillerlan\QRCode\QRCode;
 
class TOTP
{
    private array $settings;
    private int $userid;
    private string $secret;
    private string $totpUri;
 
    public function __construct(array $settings) {
        $this->settings = $settings;
    }
 
    public function setUserId(int $userid) {
        $this->userid = $userid;
    }
 
    public function getURI(): string {
        return $this->totpUri;
    }
 
    public function getSecret(): string {
        return $this->secret;
    }
 
    public function getQRCode(): string {
        $qrCode = new QRCode;
        return $qrCode->render($this->totpUri);
    }
 
    public function start() {
        $token = $this->settings["userToken"];
        $curl = curl_init();
 
        curl_setopt_array($curl, array(
            CURLOPT_URL => $this->settings["domain"] . "/v2beta/users/$this->userid/totp",
            CURLOPT_RETURNTRANSFER => true,
            CURLOPT_ENCODING => '',
            CURLOPT_MAXREDIRS => 10,
            CURLOPT_TIMEOUT => 0,
            CURLOPT_FOLLOWLOCATION => true,
            CURLOPT_CUSTOMREQUEST => 'POST',
            CURLOPT_POSTFIELDS =>"{}",
            CURLOPT_HTTPHEADER => array(
                "Content-Type: application/json",
                "Accept: application/json",
                "Authorization: Bearer $token"
            ),
        ));
 
        $response = json_decode(curl_exec($curl));
        curl_close($curl);
        if(isset($response->code)) {
            throw new Exception("Error-Code: " . $response->code . " Message: " . $response->message);
        } else{
            $this->totpUri = $response->uri;
            $this->secret = $response->secret;
        }
    }
 
    public function verify($verifyCode): bool
    {
        $token = $this->settings["userToken"];
        $curl = curl_init();
 
        curl_setopt_array($curl, array(
            CURLOPT_URL => $this->settings["domain"] . "/v2beta/users/$this->userid/totp/verify",
            CURLOPT_RETURNTRANSFER => true,
            CURLOPT_ENCODING => '',
            CURLOPT_MAXREDIRS => 10,
            CURLOPT_TIMEOUT => 0,
            CURLOPT_FOLLOWLOCATION => true,
            CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
            CURLOPT_CUSTOMREQUEST => 'POST',
            CURLOPT_POSTFIELDS => "{
                \"code\": \"$verifyCode\"
            }",
            CURLOPT_HTTPHEADER => array(
                "Content-Type: application/json",
                "Accept: application/json",
                "Authorization: Bearer $token"
            ),
        ));
 
        $response = json_decode(curl_exec($curl));
        curl_close($curl);
        if (isset($response->code)) {
            return false;
        }
        return true;
    }
 
}