search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Fully responsive globals.php with vertical menu (#2460)
[openemr.git] / interface / usergroup / mfa_u2f.php
blob7f05fe84a87c111e898b7a83dff5c8c62a9faad3
1 <?php
2 /**
3 * FIDO U2F Support Module
4 *
5 * @package OpenEMR
6 * @link http://www.open-emr.org
7 * @author Rod Roark <rod@sunsetsystems.com>
8 * @author Brady Miller <brady.g.miller@gmail.com>
9 * @copyright Copyright (c) 2018 Rod Roark <rod@sunsetsystems.com>
10 * @copyright Copyright (c) 2018 Brady Miller <brady.g.miller@gmail.com>
11 * @license https://github.com/openemr/openemr/blob/master/LICENSE CNU General Public License 3
12 */
13
14
15 require_once('../globals.php');
16 require_once("$srcdir/options.inc.php");
17
18 use OpenEMR\Core\Header;
19 use OpenEMR\OeUI\OemrUI;
20
21 // https is required, and with a proxy the server might not see it.
22 $scheme = "https://"; // isset($_SERVER['HTTPS']) ? "https://" : "http://";
23 $appId = $scheme . $_SERVER['HTTP_HOST'];
24 $u2f = new u2flib_server\U2F($appId);
25
26 $userid = $_SESSION['authId'];
27 $action = $_REQUEST['action'];
28 $user_name = getUserIDInfo($userid);
29 $user_full_name = $user_name['fname'] . " " . $user_name['lname'];
30 ?>
31 <html>
32 <head>
33 <?php Header::setupHeader(); ?>
34 <title><?php echo xlt('U2F Registration'); ?></title>
35 <script src="<?php echo $GLOBALS['webroot'] ?>/library/js/u2f-api.js"></script>
36 <script>
37
38 function doregister() {
39 var f = document.forms[0];
40 if (f.form_name.value.trim() == '') {
41 alert(<?php echo xlj("Please enter a name for this key."); ?>);
42 return;
43 }
44 var request = JSON.parse(f.form_request.value);
45 u2f.register(
46 <?php echo js_escape($appId); ?>,
47 [request],
48 [],
49 function(data) {
50 if(data.errorCode && data.errorCode != 0) {
51 alert(<?php echo xlj("Registration failed with error"); ?> + ' ' + data.errorCode);
52 return;
53 }
54 f.form_registration.value = JSON.stringify(data);
55 f.action.value = 'reg2';
56 top.restoreSession();
57 f.submit();
58 },
59 60
60 );
61 }
62
63 function docancel() {
64 window.location.href = 'mfa_registrations.php';
65 }
66
67 </script>
68 <?php
69 $arrOeUiSettings = array(
70 'heading_title' => xl('Register Universal 2nd Factor Key') . " - " . xl('U2F'),
71 'include_patient_name' => false,
72 'expandable' => false,
73 'expandable_files' => array(),//all file names need suffix _xpd
74 'action' => "",//conceal, reveal, search, reset, link or back
75 'action_title' => "",
76 'action_href' => "",//only for actions - reset, link or back
77 'show_help_icon' => false,
78 'help_file_name' => ""
79 );
80 $oemr_ui = new OemrUI($arrOeUiSettings);
81 ?>
82 </head>
83 <body class="body_top">
84 <div id="container_div" class="<?php echo $oemr_ui->oeContainer();?>">
85 <div class="row">
86 <div class="col-sm-12">
87 <div class="page-header">
88 <?php echo $oemr_ui->pageHeading() . "\r\n"; ?>
89 </div>
90 </div>
91 </div>
92 <form method='post' action='mfa_u2f.php' onsubmit='return top.restoreSession()'>
93 <input type="hidden" name="csrf_token_form" value="<?php echo attr(collectCsrfToken()); ?>" />
94
95 <?php
96
97 ///////////////////////////////////////////////////////////////////////
98
99 if ($action == 'reg1') {
100 list ($request, $signs) = $u2f->getRegisterData();
101 ?>
102 <div class="row">
103 <div class="col-sm-12">
104 <fieldset>
105 <legend><?php echo xlt('Register U2F Key for') . " " . $user_full_name; ?></legend>
106 <div class='col-sm-12'>
107 <p><?php echo xlt("Instructions");?>:
108 <ul>
109 <li><?php echo xlt('This will register a new U2F USB key'); ?></li>
110 <li><?php echo xlt('Type a name for your key, insert it into a USB port and click the Register button below'); ?></li>
111 <li><?php echo xlt('Then press the flashing button on your key within 1 minute to complete registration'); ?></li>
112 </ul>
113 </div>
114
115 <div class="form-group">
116 <label for="form_name" class="col-sm-2 col-form-label"><?php echo xlt('Please give this key a name'); ?></label>
117 <div class="col-sm-4">
118 <input type='text' class='form-control' name='form_name' id='form_name'>
119 <input type='hidden' name='form_request' value='<?php echo attr(json_encode($request)); ?>'>
120 <input type='hidden' name='form_signs' value='<?php echo attr(json_encode($signs)); ?>'>
121 <input type='hidden' name='form_registration' value=''>
122 </div>
123 </div>
124
125 <div class='col-sm-12'>
126 <ul>
127 <li><?php echo xlt('A secure (HTTPS) web connection is required for U2F'); ?></li>
128 <li><?php echo xlt('Chrome browser version 41 and above, Mozilla Firefox browser version 64 and above, Microsoft Edge browser version 19 and above, Safari browser version 13 and above, Opera browser version 40 and Opera browser version 42 and above support FIDO U2F API'); ?></li>
129 <li><?php echo xlt('Internet Explorer browser version 6 to Internet Explorer browser version 11 does not support FIDO U2F API'); ?></li>
130
131 <li><?php echo xlt('For U2F support on Linux click'); ?>: <a href='https://www.key-id.com/enable-fido-u2f-linux/' rel="noopener" target='_blank'><?php echo text('Enable FIDO U2F Linux'); ?></a></li>
132 <li><?php echo xlt('For Firefox click'); ?>: <a href='https://www.trishtech.com/2018/07/enable-fido-u2f-security-key-yubikey-in-mozilla-firefox/' rel="noopener" target='_blank'><?php echo text('Enable FIDO U2F Key in Firefox'); ?></a></li>
133 </ul>
134 </div>
135 </fieldset>
136 <div class="form-group clearfix">
137 <div class="col-sm-12 text-left position-override">
138 <button type="button" class="btn btn-default btn-save" value='<?php echo xla('Register'); ?>' onclick='doregister()'><?php echo xlt('Register'); ?></button>
139 <button type="button" class="btn btn-link btn-cancel btn-separate-left" value="<?php echo xla('Cancel'); ?>" onclick="docancel()" ><?php echo xlt('Cancel'); ?></button>
140 </div>
141 </div>
142 </div>
143 </div>
144 <?php
145 } elseif ($action == 'reg2') {
146 if (!verifyCsrfToken($_POST["csrf_token_form"])) {
147 csrfNotVerified();
148 }
149 try {
150 $data = $u2f->doRegister(json_decode($_POST['form_request']), json_decode($_POST['form_registration']));
151 } catch (u2flib_server\Error $e) {
152 die(xlt('Registration error') . ': ' . text($e->getMessage()));
153 }
154 echo "<script>\n";
155 $row = sqlQuery(
156 "SELECT COUNT(*) AS count FROM login_mfa_registrations WHERE " .
157 "`user_id` = ? AND `name` = ?",
158 array($userid, $_POST['form_name'])
159 );
160 if (empty($row['count'])) {
161 sqlStatement(
162 "INSERT INTO login_mfa_registrations " .
163 "(`user_id`, `method`, `name`, `var1`, `var2`) VALUES " .
164 "(?, 'U2F', ?, ?, ?)",
165 array($userid, $_POST['form_name'], json_encode($data), '')
166 );
167 } else {
168 echo " alert(" . xlj('This key name is already in use by you. Try again.') . ");\n";
169 }
170 echo " window.location.href = 'mfa_registrations.php';\n";
171 echo "</script>\n";
172 }
173
174 ///////////////////////////////////////////////////////////////////////
175
176 ?>
177
178 <input type='hidden' name='action' value='' />
179 </form>
180 </div><!--end of container div -->
181 <?php $oemr_ui->oeBelowContainerDiv();?>
182 </body>
183 </html>
Mirror of official OpenEMR Sourceforge repository