* Fix a bug that caused timeslices to be returned instead of the inte…

…nded timeslice * Upped version
RobThree · Jun 6, 2018 · fca87f2 · fca87f2
1 parent 72572c5
commit fca87f2
Show file tree

Hide file tree

Showing 4 changed files with 10 additions and 9 deletions.
diff --git a/composer.json b/composer.json
@@ -1,7 +1,7 @@
 {
     "name": "robthree/twofactorauth",
     "description": "Two Factor Authentication",
-    "version": "1.6.3",
+    "version": "1.6.4",
     "type": "library",
     "keywords": [ "Authentication", "Two Factor Authentication", "Multi Factor Authentication", "TFA", "MFA", "PHP", "Authenticator", "Authy" ],
     "homepage": "https://github.com/RobThree/TwoFactorAuth",

diff --git a/lib/TwoFactorAuth.php b/lib/TwoFactorAuth.php
@@ -86,7 +86,8 @@ public function verifyCode($secret, $code, $discrepancy = 1, $time = null, &$tim
         // To keep safe from timing-attachs we iterate *all* possible codes even though we already may have verified a code is correct
         for ($i = -$discrepancy; $i <= $discrepancy; $i++) {
             $ts = $timetamp + ($i * $this->period);
-            $timeslice += $this->codeEquals($this->getCode($secret, $ts), $code) ? $ts : 0;
+            $slice = $this->getTimeSlice($ts);
+            $timeslice += $this->codeEquals($this->getCode($secret, $ts), $code) ? $slice : 0;
         }
 
         return $timeslice > 0;

diff --git a/phpunit.xml.tmppica b/phpunit.xml.tmppica
diff --git a/tests/TwoFactorAuthTest.php b/tests/TwoFactorAuthTest.php
@@ -157,19 +157,19 @@ public function testVerifyCorrectTimeSliceIsReturned() {
         // We test with discrepancy 3 (so total of 7 codes: c-3, c-2, c-1, c, c+1, c+2, c+3
         // Ensure each corresponding timeslice is returned correctly
         $this->assertEquals(true, $tfa->verifyCode('VMR466AB62ZBOKHE', '534113', 3, 1426847190, $timeslice1));
-        $this->assertEquals(1426847100, $timeslice1);
+        $this->assertEquals(47561570, $timeslice1);
         $this->assertEquals(true, $tfa->verifyCode('VMR466AB62ZBOKHE', '819652', 3, 1426847190, $timeslice2));
-        $this->assertEquals(1426847130, $timeslice2);
+        $this->assertEquals(47561571, $timeslice2);
         $this->assertEquals(true, $tfa->verifyCode('VMR466AB62ZBOKHE', '915954', 3, 1426847190, $timeslice3));
-        $this->assertEquals(1426847160, $timeslice3);
+        $this->assertEquals(47561572, $timeslice3);
         $this->assertEquals(true, $tfa->verifyCode('VMR466AB62ZBOKHE', '543160', 3, 1426847190, $timeslice4));
-        $this->assertEquals(1426847190, $timeslice4);
+        $this->assertEquals(47561573, $timeslice4);
         $this->assertEquals(true, $tfa->verifyCode('VMR466AB62ZBOKHE', '348401', 3, 1426847190, $timeslice5));
-        $this->assertEquals(1426847220, $timeslice5);
+        $this->assertEquals(47561574, $timeslice5);
         $this->assertEquals(true, $tfa->verifyCode('VMR466AB62ZBOKHE', '648525', 3, 1426847190, $timeslice6));
-        $this->assertEquals(1426847250, $timeslice6);
+        $this->assertEquals(47561575, $timeslice6);
         $this->assertEquals(true, $tfa->verifyCode('VMR466AB62ZBOKHE', '170645', 3, 1426847190, $timeslice7));
-        $this->assertEquals(1426847280, $timeslice7);
+        $this->assertEquals(47561576, $timeslice7);
     }
 
     public function testTotpUriIsCorrect() {