getTimestamp(); } $start = $timestamp - ($timeWindow / 2); $end = $timestamp + ($timeWindow / 2); for ($now = $start; $now <= $end; $now += 30) { if ($inputToken === $this->generateToken($secret, $now)) { return true; } } return false; } /** * @param string $secret * @param int|null $timestamp * * @throws TotpTokenManagerException * * @return string */ public function generateToken($secret, $timestamp = null) { $totp = new Totp(); try { $token = $totp->GenerateToken(Base32::decode($secret), $timestamp); } catch (Exception $e) { throw new TotpTokenManagerException($e->getMessage(), $e->getCode(), $e); } return $token; } /** * @param int $length * * @throws TotpTokenManagerException * * @return string */ public function generateBase32Secret($length = 16) { if (!function_exists('openssl_random_pseudo_bytes')) { throw new TotpTokenManagerException('Can not generate secret. OpenSSL PHP extension is missing.'); } try { $secretBytes = Totp::GenerateSecret($length); // @todo Eventuell StringUtil::random verwenden return Base32::encode($secretBytes); } catch (Exception $e) { throw new TotpTokenManagerException($e->getMessage(), $e->getCode(), $e); } } }