public static boolean validOTP(RealmModel realm, String token, String secret) { OTPPolicy policy = realm.getOTPPolicy(); if (policy.getType().equals(UserCredentialModel.TOTP)) { TimeBasedOTP validator = new TimeBasedOTP(policy.getAlgorithm(), policy.getDigits(), policy.getPeriod(), policy.getLookAheadWindow()); return validator.validateTOTP(token, secret.getBytes()); } else { HmacOTP validator = new HmacOTP(policy.getDigits(), policy.getAlgorithm(), policy.getLookAheadWindow()); int c = validator.validateHOTP(token, secret, policy.getInitialCounter()); return c > -1; } }
public static boolean validTOTP(RealmModel realm, UserModel user, String otp) { UserCredentialValueModel passwordCred = null; OTPPolicy policy = realm.getOTPPolicy(); TimeBasedOTP validator = new TimeBasedOTP(policy.getAlgorithm(), policy.getDigits(), policy.getPeriod(), policy.getLookAheadWindow()); for (UserCredentialValueModel cred : user.getCredentialsDirectly()) { if (cred.getType().equals(UserCredentialModel.TOTP)) { if (validator.validateTOTP(otp, cred.getValue().getBytes())) { return true; } } } return false; } public static boolean validSecret(RealmModel realm, UserModel user, String secret) {
@Override public void setOTPPolicy(OTPPolicy policy) { realm.setOtpPolicyAlgorithm(policy.getAlgorithm()); realm.setOtpPolicyDigits(policy.getDigits()); realm.setOtpPolicyInitialCounter(policy.getInitialCounter()); realm.setOtpPolicyLookAheadWindow(policy.getLookAheadWindow()); realm.setOtpPolicyType(policy.getType()); realm.setOtpPolicyPeriod(policy.getPeriod()); em.flush(); }
public static boolean validHOTP(RealmModel realm, UserModel user, String otp) { UserCredentialValueModel passwordCred = null; OTPPolicy policy = realm.getOTPPolicy(); HmacOTP validator = new HmacOTP(policy.getDigits(), policy.getAlgorithm(), policy.getLookAheadWindow()); for (UserCredentialValueModel cred : user.getCredentialsDirectly()) { if (cred.getType().equals(UserCredentialModel.HOTP)) { int counter = validator.validateHOTP(otp, cred.getValue(), cred.getCounter()); if (counter < 0) return false; cred.setCounter(counter); user.updateCredentialDirectly(cred); return true; } } return false; }
@Override public void setOTPPolicy(OTPPolicy policy) { realm.setOtpPolicyAlgorithm(policy.getAlgorithm()); realm.setOtpPolicyDigits(policy.getDigits()); realm.setOtpPolicyInitialCounter(policy.getInitialCounter()); realm.setOtpPolicyLookAheadWindow(policy.getLookAheadWindow()); realm.setOtpPolicyType(policy.getType()); realm.setOtpPolicyPeriod(policy.getPeriod()); updateRealm(); }
rep.setOtpPolicyInitialCounter(otpPolicy.getInitialCounter()); rep.setOtpPolicyType(otpPolicy.getType()); rep.setOtpPolicyLookAheadWindow(otpPolicy.getLookAheadWindow()); if (realm.getBrowserFlow() != null) rep.setBrowserFlow(realm.getBrowserFlow().getAlias()); if (realm.getRegistrationFlow() != null) rep.setRegistrationFlow(realm.getRegistrationFlow().getAlias());