com.warrenstrange.googleauth.GoogleAuthenticator Java Examples

The following examples show how to use com.warrenstrange.googleauth.GoogleAuthenticator. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: OTPUtil.java    From sunbird-lms-service with MIT License 7 votes vote down vote up 
public static String generateOTP() {
  String otpSize = ProjectUtil.getConfigValue(JsonKey.SUNBIRD_OTP_LENGTH);
  int codeDigits = StringUtils.isBlank(otpSize) ? MINIMUM_OTP_LENGTH : Integer.valueOf(otpSize);
  GoogleAuthenticatorConfig config =
      new GoogleAuthenticatorConfig.GoogleAuthenticatorConfigBuilder()
          .setCodeDigits(codeDigits)
          .setKeyRepresentation(KeyRepresentation.BASE64)
          .build();
  GoogleAuthenticator gAuth = new GoogleAuthenticator(config);
  GoogleAuthenticatorKey key = gAuth.createCredentials();
  String secret = key.getKey();
  int code = gAuth.getTotpPassword(secret);
  return String.valueOf(code);
}
Example #2
Source File: TwoFactorAuthenticationController.java    From lams with GNU General Public License v2.0 6 votes vote down vote up 
@RequestMapping("/twoFactorAuthentication")
   public String execute(HttpServletRequest request) throws Exception {

// check if user needs to get his shared two-factor authorization secret
User loggedInUser = userManagementService.getUserByLogin(request.getRemoteUser());
if (loggedInUser.isTwoFactorAuthenticationEnabled()
	&& loggedInUser.getTwoFactorAuthenticationSecret() == null) {

    GoogleAuthenticator gAuth = new GoogleAuthenticator();
    final GoogleAuthenticatorKey key = gAuth.createCredentials();
    String sharedSecret = key.getKey();

    loggedInUser.setTwoFactorAuthenticationSecret(sharedSecret);
    userManagementService.saveUser(loggedInUser);

    request.setAttribute("sharedSecret", sharedSecret);
    String QRCode = GoogleAuthenticatorQRGenerator.getOtpAuthURL(null,
	    "LAMS account: " + loggedInUser.getLogin(), key);
    request.setAttribute("QRCode", QRCode);
}

return "twoFactorAuthSecret";
   }
Example #3
Source File: LoginService.java    From cia with Apache License 2.0 6 votes vote down vote up 
private static boolean verifyOtp(final LoginRequest serviceRequest, final String authKey) {
	boolean authorizedOtp = true;

	if (authKey != null) {
		final GoogleAuthenticator gAuth = new GoogleAuthenticator();

		if (!StringUtils.isBlank(serviceRequest.getOtpCode())
				&& StringUtils.isNumeric(serviceRequest.getOtpCode())) {
			authorizedOtp = gAuth.authorize(authKey,
					Integer.parseInt(serviceRequest.getOtpCode()));
		} else {
			authorizedOtp = false;
		}
	}
	return authorizedOtp;
}
Example #4
Source File: SetGoogleAuthenticatorCredentialService.java    From cia with Apache License 2.0 4 votes vote down vote up 
@Override
@Secured({ "ROLE_USER", "ROLE_ADMIN"})
public SetGoogleAuthenticatorCredentialResponse processService(
		final SetGoogleAuthenticatorCredentialRequest serviceRequest) {

	final SetGoogleAuthenticatorCredentialResponse inputValidation = inputValidation(serviceRequest);
	if (inputValidation != null) {
		return inputValidation;
	}

	LOGGER.info("{}:{}",serviceRequest.getClass().getSimpleName(),serviceRequest.getSessionId());
	final CreateApplicationEventRequest eventRequest = createApplicationEventForService(serviceRequest);

	final UserAccount userAccount = getUserAccountFromSecurityContext();

	SetGoogleAuthenticatorCredentialResponse response = new SetGoogleAuthenticatorCredentialResponse(ServiceResult.SUCCESS);
	if (userAccount != null) {

		final GoogleAuthenticator gAuth = new GoogleAuthenticator();
		final GoogleAuthenticatorKey gKey = gAuth.createCredentials();

		if (passwordEncoder.matches(
				userAccount.getUserId() + ".uuid" + serviceRequest.getUserpassword(), userAccount.getUserpassword())) {

			final EncryptedValue encryptedValue = new EncryptedValue();
			encryptedValue.setId(userAccount.getHjid());
			encryptedValue.setUserId(userAccount.getUserId());
			encryptedValue.setVaultName(GoogleAuthenticatorKey.class.getSimpleName());
			encryptedValue.setStorage(vaultManager.encryptValue(serviceRequest.getUserpassword(), userAccount.getUserId(), gKey.getKey()));
			encryptedValueDAO.persist(encryptedValue);

			final String otpAuthTotpURL = GoogleAuthenticatorQRGenerator.getOtpAuthTotpURL(agencyDAO.getAll().get(0).getAgencyName(), userAccount.getEmail(), gKey);

			response.setOtpAuthTotpURL(otpAuthTotpURL);
			response.setGoogleAuthKey(gKey.getKey());
			response.setGoogleAuthVerificationCode(gKey.getVerificationCode());
			response.setGoogleAuthScratchCodes(gKey.getScratchCodes());
		} else {
			response = new SetGoogleAuthenticatorCredentialResponse(ServiceResult.FAILURE);
		}
	}

	eventRequest.setApplicationMessage(response.getResult().toString());
	createApplicationEventService.processService(eventRequest);

	return response;
}
Example #5
Source File: LoginServiceITest.java    From cia with Apache License 2.0 4 votes vote down vote up 
@Test
public void serviceLoginRequestMfaSuccessTest() throws Exception {
	final CreateApplicationSessionRequest createApplicationSesstion = createApplicationSesstionWithRoleAnonymous();

	final RegisterUserRequest serviceRequest = new RegisterUserRequest();
	serviceRequest.setCountry("Sweden");
	serviceRequest.setUsername(UUID.randomUUID().toString());
	serviceRequest.setEmail(serviceRequest.getUsername() + "@email.com");
	serviceRequest.setUserpassword("Userpassword1!");
	serviceRequest.setUserType(UserType.PRIVATE);
	serviceRequest.setSessionId(createApplicationSesstion.getSessionId());

	final RegisterUserResponse response = (RegisterUserResponse) applicationManager.service(serviceRequest);
	assertNotNull("Expect a result", response);
	assertEquals(EXPECT_SUCCESS,ServiceResult.SUCCESS, response.getResult());

	final DataContainer<UserAccount, Long> dataContainer = applicationManager.getDataContainer(UserAccount.class);
	final List<UserAccount> allBy = dataContainer.getAllBy(UserAccount_.username, serviceRequest.getUsername());
	assertEquals(1, allBy.size());

	final SetGoogleAuthenticatorCredentialRequest setGoogleAuthenticatorCredentialRequest = new SetGoogleAuthenticatorCredentialRequest();
	setGoogleAuthenticatorCredentialRequest.setSessionId(serviceRequest.getSessionId());
	setGoogleAuthenticatorCredentialRequest.setUserpassword("Userpassword1!");

	final ServiceResponse setGoogleAuthenticatorCredentialResponse = applicationManager.service(setGoogleAuthenticatorCredentialRequest);

	assertNotNull(EXPECT_A_RESULT, setGoogleAuthenticatorCredentialResponse);
	assertEquals(EXPECT_SUCCESS,ServiceResult.SUCCESS, setGoogleAuthenticatorCredentialResponse.getResult());		

	final GoogleAuthenticator gAuth = new GoogleAuthenticator();
			
	final LoginRequest loginRequest = new LoginRequest();
	loginRequest.setEmail(serviceRequest.getEmail());
	loginRequest.setSessionId(serviceRequest.getSessionId());
	loginRequest.setUserpassword(serviceRequest.getUserpassword());
	loginRequest.setOtpCode(""+ gAuth.getTotpPassword(vaultManager.getEncryptedValue(serviceRequest.getUserpassword(), allBy.get(0))));
	
	final LoginResponse loginResponse = (LoginResponse) applicationManager.service(loginRequest);

	assertNotNull("Expect a result", loginResponse);
	assertEquals(EXPECT_SUCCESS,ServiceResult.SUCCESS, loginResponse.getResult());
}
Example #6
Source File: TotpAuthenticator.java    From AuthMeReloaded with GNU General Public License v3.0 4 votes vote down vote up 
/**
 * @return new Google Authenticator instance
 */
protected IGoogleAuthenticator createGoogleAuthenticator() {
    return new GoogleAuthenticator();
}