HOTPService.java revision aab54d7ccd6899484d10355ec0a29c5eef85cd2d
/*
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
*
* Copyright (c) 2009 Sun Microsystems Inc. All Rights Reserved
*
* The contents of this file are subject to the terms
* of the Common Development and Distribution License
* (the License). You may not use this file except in
* compliance with the License.
*
* You can obtain a copy of the License at
* See the License for the specific language governing
* permission and limitations under the License.
*
* When distributing Covered Code, include this CDDL
* Header Notice in each file and include the License file
* at opensso/legal/CDDLv1.0.txt.
* If applicable, add the following below the CDDL Header,
* with the fields enclosed by brackets [] replaced by
* your own identifying information:
* "Portions Copyrighted [year] [name of copyright owner]"
*
* $Id: HOTP.java,v 1.1 2009/03/24 23:52:12 pluo Exp $
*
* Portions Copyrighted 2013-2014 ForgeRock AS
* Portions Copyrighted 2014 Nomura Research Institute, Ltd
*/
/**
* Provides the functionality to send OTP codes to a users Telephone and email.
*/
public class HOTPService {
// TODO : the moving factor should be retrieved from user's profile
private static int movingFactor = 0;
private final AMIdentityRepository amIdentityRepo;
private final String gatewaySMSImplClass;
private final long codeValidityDuration;
private String telephoneAttribute;
private final String carrierAttribute;
private String emailAttribute;
private final String codeDelivery;
private SecureRandom secureRandom;
private final Map<?, ?> currentConfig;
private final int codeLength;
private final String messageSubject;
private final String messageContent;
private final String fromAddressAttributeName;
private String sentHOTPCode;
private long sentHOTPCodeTime;
/**
* Constructs an instance of the HOTPService.
*
* @param amIdentityRepo An instance of the AMIdentityRepository.
* @param userName The user's name.
* @param hotpParams The authentication modules configuration settings.
*/
this.amIdentityRepo = amIdentityRepo;
try {
} catch (NoSuchAlgorithmException ex) {
secureRandom = null;
}
}
/**
* Sends a otp code to the users telephone number and/or email address, based on the authentication module's
* configuration settings.
*
* @throws AuthLoginException If there is a problem sending the OTP code.
*/
public void sendHOTP() throws AuthLoginException {
try {
sentHOTPCode = HOTPAlgorithm.generateOTP(getSharedSecret(), getMovingFactor(), codeLength, false, 16);
} catch (NoSuchAlgorithmException e) {
} catch (InvalidKeyException e) {
}
}
private byte[] getSharedSecret() {
}
private int getMovingFactor() {
return movingFactor++;
}
/**
* Determines if the given OTP code matches the OTP code that was sent previously.
*
* @param enteredHOTPCode The OTP code to verify.
* @return Whether the OTP code matches the OTP code that was sent to the user.
*/
// one time use only
sentHOTPCode = null;
return true;
} else {
if (DEBUG.messageEnabled()) {
}
return false;
}
} else {
if (DEBUG.messageEnabled()) {
}
return false;
}
}
/**
* Sends the otp code to the users telephone number and/or email address, based on the authentication module's
* configuration settings.
*
* @param otpCode The OTP code to send.
* @param subject The subject of the message.
* @param message The body of the message.
* @throws AuthLoginException If there is a problem sending the OTP code.
*/
idsc.setRecursive(true);
// search for the identity
try {
if (DEBUG.messageEnabled()) {
+ "with alternative attributes " + userSearchAttributes);
}
//workaround as data store always adds 'user-naming-attribute' to searchfilter
}
if (searchResults != null) {
}
+ " is not found");
throw new IdRepoException(
"HTOP:sendSMS : More than one user found for the userName "
+ userName);
}
boolean delivered = false;
try {
delivered = true;
}
} catch (AuthLoginException ale) {
}
try {
delivered = true;
}
} catch (AuthLoginException ale) {
}
throw cause;
}
}
} else {
if (DEBUG.messageEnabled()) {
}
}
} catch (ClassNotFoundException ee) {
} catch (InstantiationException ie) {
} catch (IdRepoException e) {
cause = e;
} catch (Exception e) {
cause = e;
}
}
}
/**
* Gets the Telephone number of the user.
*
* @param identity The user's identity.
* @return The user's telephone number.
* @throws IdRepoException If there is a problem getting the user's telephone number.
* @throws SSOException If there is a problem getting the user's telephone number.
*/
telephoneAttribute="telephoneNumber";
}
if (DEBUG.messageEnabled()) {
}
// use the first number in the set
// add in the carrier
} else {
}
if (DEBUG.messageEnabled()) {
}
}
}
if (DEBUG.messageEnabled()) {
+ " with username : " + userName);
/*
* Log a message if the carrier is unknown. The SMSGateway module is designed to use AT&T's SMS gateway
* as default. Not sure why the product uses a default in this situation instead of simply not attempting
* to send a text message but we don't want to break any existing installations so just log it for debug
* purposes.
*
*/
+ "@txt.att.net ");
}
}
} else {
if (DEBUG.messageEnabled()) {
+ userName);
}
}
return phone;
}
/**
* Gets the Email address of the user.
*
* @param identity The user's identity.
* @return The user's email address.
* @throws IdRepoException If there is a problem getting the user's email address.
* @throws SSOException If there is a problem getting the user's email address.
*/
emailAttribute="mail";
}
if (DEBUG.messageEnabled()) {
}
if (DEBUG.messageEnabled()) {
DEBUG.message("HOTP.sendSMS() : IdRepo: email address found " + mail + " with username : " + userName);
}
} else {
if (DEBUG.messageEnabled()) {
}
}
return mail;
}
/**
*
* @return the attributes to be returned when querying the data store
*/
}
}
return returnAttributes;
}
return Collections.EMPTY_MAP;
}
}
return map;
}
}