1. Norman Thimm
  2. google2fa

Overview

HTTPS SSH
Project Homepage:
http://www.familiethimm.de

Zarafa Project site:
https://community.zarafa.com/pg/plugins/project/32087/developer/norman/google2fa-webapp-twofactor-authentication-with-google-authenticator

Code Repository:
https://bitbucket.org/normanth/google2fa

Tested on:
- Kopano WebApp 3.3.0 - Kopano Core 8.3.0
- Kopano DeskApp: Only works without 2FA (configure whitelist in config.php)

Release notes:

0.4.5
- Recommendations by Kopano added (Using EncryptionStore, WebAppSession, Constructor Cleanup, FavIcon, Disable button if user can not use it)
- Remove name Zarafa from configuration site
- Rename config.php to config_default.php

0.4.4
- Adjust a parent constructor call to be compatible with Zarafa WebApp and Kopano WebApp.

0.4.3
- Set proper width of code verification response dialog.
- Generate secret before the QR code is rendered locally.
- If the user logs in without having 2FA enabled the QR code generation needs to retrieve username and secret from different session variables.

0.4.2
- Fix QR generation code.
- Check CSS file location by file_exists, not by version number.

0.4.1
- Retrieve username from EncryptionStore instead from session in QR code and MySQL handler
- CSS location for login page has changed only for v2.2.0, consider that in stylesheet link
- Retrieve the username from encryptionStore to display in configuration wizard

0.4.0
- adapt authentication to work with WebApp > 2.1

0.3.2
- Fix: problem with QRCode generation on server if WebApp-Settings

0.3.1
- add notification on activation/deactivation
- deactivate qr code cache
- optimizing error handling

0.3
- Generation of QR Code on own server (default is generation with Google)
- MYSQL support (default is WebApp settings)
- Whitelist with subnets to login without 2FA
- Configuration of 2FA activation with config.php
- Bugfix: wrong MCRYPT parameter on Linux
- Small bugfixes
- Documentation: Configuration for a company with cental administration

0.2.4
- New language file added (Dutch) / Neue Sprachdatei hinzugefügt (Niederländisch)

0.2.3
- Security: MCrypt support for storing secret key and codes (see config.php) / Sicherheit: MCrypt Unterstützung für die Speicherung des geheimen Schlüssels und der geheimen Codes (siehe config.php)
- Lock icon in the settings / Schloss-Icon in den Einstellungen

0.2.2
- Fix: Language files updated (English/German) / Sprachdateien aktualisiert (englisch/deutsch)
- New language file added (French) / Neue Sprachdatei hinzugefügt (französisch)

0.2.1
- Fix: If no time-independent codes have been generated, a login with an empty code is possible. / Wenn keine zeitunabhängigen Codes generiert wurden, ist ein Login mit leerem Code möglich.
- Fix: If secret key doesn't exist because time-independent codes should be used, the plugin doesn't ask for a code. / Wenn die Konfiguration nicht vorgenommen wurde. / kein geheimer Schlüssel erzeugt wurde, weil alleine die zeitunabhängigen Codes verwendet werden sollen, erscheint trotz aktivierter Authentifizierung keine Code-Abfrage.

0.2
- Multilingual (currently English and German)
- User-oriented configuration; prepared for administrator configuration
- Prepared for using DB or LDAP
- Configure the authenticator App via QR code or manually
- A code can only be used on-time
- Support for time-independent single-use emergency codes