public String getKeyURI(RealmModel realm, UserModel user, String secret) { try { String displayName = realm.getDisplayName() != null && !realm.getDisplayName().isEmpty() ? realm.getDisplayName() : realm.getName(); String uri; uri = "otpauth://" + type + "/" + URLEncoder.encode(user.getUsername(), "UTF-8") + "?secret=" + Base32.encode(secret.getBytes()) + "&digits=" + digits + "&algorithm=" + algToKeyUriAlg.get(algorithm); uri += "&issuer=" + URLEncoder.encode(displayName, "UTF-8"); if (type.equals(UserCredentialModel.HOTP)) { uri += "&counter=" + initialCounter; } if (type.equals(UserCredentialModel.TOTP)) { uri += "&period=" + period; } return uri; } catch (UnsupportedEncodingException e) { throw new RuntimeException(e); } } }
String parameters = "secret=" + Base32.encode(secret.getBytes()) // + "&digits=" + digits // + "&algorithm=" + algToKeyUriAlg.get(algorithm) //
public TotpBean(KeycloakSession session, RealmModel realm, UserModel user, URI baseUri) { this.enabled = session.users().configuredForCredentialType(realm.getOTPPolicy().getType(), realm, user); this.contextUrl = baseUri.getPath(); this.totpSecret = randomString(20); this.totpSecretEncoded = Base32.encode(totpSecret.getBytes()); this.keyUri = realm.getOTPPolicy().getKeyURI(realm, user, this.totpSecret); }