From d535d137e55d44c67ce3b67642911bf57fdd9003 Mon Sep 17 00:00:00 2001
From: "Jeroen van Meeuwen (Kolab Systems)" <vanmeeuwen@kolabsys.com>
Date: Mon, 6 Jul 2015 16:32:34 +0200
Subject: [PATCH] Fix TOTP (Resolves T603)

---
 plugins/kolab_2fa/lib/Kolab2FA/Driver/TOTP.php | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/plugins/kolab_2fa/lib/Kolab2FA/Driver/TOTP.php b/plugins/kolab_2fa/lib/Kolab2FA/Driver/TOTP.php
index 8fe9654f..7caa4c6b 100644
--- a/plugins/kolab_2fa/lib/Kolab2FA/Driver/TOTP.php
+++ b/plugins/kolab_2fa/lib/Kolab2FA/Driver/TOTP.php
@@ -76,7 +76,13 @@ class TOTP extends Base
         }
 
         $this->backend->setLabel($this->username)->setSecret($secret);
-        $pass = $this->backend->verify($code);
+
+        // PHP gets a string, but we're comparing integers.
+        $code = (int)$code;
+
+        // Pass a window to indicate the maximum timeslip between client (mobile
+        // device) and server.
+        $pass = $this->backend->verify($code, $timestamp, 150);
 
         // try all codes from $timestamp till now
         if (!$pass && $timestamp) {