mirror of
https://github.com/sismics/docs.git
synced 2024-11-25 15:17:57 +01:00
#268: endpoint to test TOTP code
This commit is contained in:
parent
0d50676586
commit
c6eb1c813c
@ -919,6 +919,47 @@ public class UserResource extends BaseResource {
|
|||||||
.add("secret", key.getKey());
|
.add("secret", key.getKey());
|
||||||
return Response.ok().entity(response.build()).build();
|
return Response.ok().entity(response.build()).build();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Test time-based one-time password.
|
||||||
|
*
|
||||||
|
* @api {post} /user/test_totp Test TOTP authentication
|
||||||
|
* @apiDescription Test a TOTP validation code.
|
||||||
|
* @apiName PostUserTestTotp
|
||||||
|
* @apiParam {String} code TOTP validation code
|
||||||
|
* @apiGroup User
|
||||||
|
* @apiSuccess {String} status Status OK
|
||||||
|
* @apiError (client) ForbiddenError The validation code is not valid or access denied
|
||||||
|
* @apiPermission user
|
||||||
|
* @apiVersion 1.6.0
|
||||||
|
*
|
||||||
|
* @return Response
|
||||||
|
*/
|
||||||
|
@POST
|
||||||
|
@Path("test_totp")
|
||||||
|
public Response testTotp(@FormParam("code") String validationCodeStr) {
|
||||||
|
if (!authenticate() || principal.isGuest()) {
|
||||||
|
throw new ForbiddenClientException();
|
||||||
|
}
|
||||||
|
|
||||||
|
// Get the user
|
||||||
|
UserDao userDao = new UserDao();
|
||||||
|
User user = userDao.getActiveByUsername(principal.getName());
|
||||||
|
|
||||||
|
// Test the validation code
|
||||||
|
if (user.getTotpKey() != null) {
|
||||||
|
int validationCode = ValidationUtil.validateInteger(validationCodeStr, "code");
|
||||||
|
GoogleAuthenticator googleAuthenticator = new GoogleAuthenticator();
|
||||||
|
if (!googleAuthenticator.authorize(user.getTotpKey(), validationCode)) {
|
||||||
|
throw new ForbiddenClientException();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
// Always return OK
|
||||||
|
JsonObjectBuilder response = Json.createObjectBuilder()
|
||||||
|
.add("status", "ok");
|
||||||
|
return Response.ok().entity(response.build()).build();
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Disable time-based one-time password for the current user.
|
* Disable time-based one-time password for the current user.
|
||||||
|
@ -370,7 +370,16 @@ public class TestUserResource extends BaseJerseyTest {
|
|||||||
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, totp1Token)
|
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, totp1Token)
|
||||||
.get(JsonObject.class);
|
.get(JsonObject.class);
|
||||||
Assert.assertTrue(json.getBoolean("totp_enabled"));
|
Assert.assertTrue(json.getBoolean("totp_enabled"));
|
||||||
|
|
||||||
|
// Generate a OTP
|
||||||
|
validationCode = googleAuthenticator.calculateCode(secret, new Date().getTime() / 30000);
|
||||||
|
|
||||||
|
// Test a validation code
|
||||||
|
target().path("/user/test_totp").request()
|
||||||
|
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, totp1Token)
|
||||||
|
.post(Entity.form(new Form()
|
||||||
|
.param("code", Integer.toString(validationCode))), JsonObject.class);
|
||||||
|
|
||||||
// Disable TOTP for totp1
|
// Disable TOTP for totp1
|
||||||
target().path("/user/disable_totp").request()
|
target().path("/user/disable_totp").request()
|
||||||
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, totp1Token)
|
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, totp1Token)
|
||||||
|
Loading…
Reference in New Issue
Block a user