use of com.predic8.membrane.core.interceptor.authentication.session.totp.OtpProvider in project service-proxy by membrane.
the class LoginTest method test.
@Test
public void test() throws IOException, InterruptedException {
Process2 sl = new Process2.Builder().in(getExampleDir("login")).script("service-proxy").waitForMembrane().start();
try {
String form = AssertUtils.getAndAssert200("http://localhost:2000/");
AssertUtils.assertContains("Username:", form);
AssertUtils.assertContains("Password:", form);
form = AssertUtils.postAndAssert(200, "http://localhost:2000/login/", new String[] { "Content-Type", "application/x-www-form-urlencoded" }, "username=john&password=password");
AssertUtils.assertContains("token:", form);
String token = new OtpProvider().getNextCode("abcdefghijklmnop", System.currentTimeMillis());
form = AssertUtils.postAndAssert(200, "http://localhost:2000/login/", new String[] { "Content-Type", "application/x-www-form-urlencoded" }, "token=" + token);
// successful login?
AssertUtils.assertContains("This page has moved to", form);
// access the "protected" page
form = AssertUtils.getAndAssert200("http://localhost:2000/");
AssertUtils.assertContains("predic8.com", form);
// logout
form = AssertUtils.getAndAssert200("http://localhost:2000/login/logout");
AssertUtils.assertContains("Username:", form);
} finally {
sl.killScript();
}
}
use of com.predic8.membrane.core.interceptor.authentication.session.totp.OtpProvider in project service-proxy by membrane.
the class TOTPTokenProvider method verifyToken.
@Override
public void verifyToken(Map<String, String> userAttributes, String token) {
OtpProvider otpp = new OtpProvider();
String secret;
synchronized (userAttributes) {
secret = userAttributes.get("secret");
}
long curTime = System.currentTimeMillis();
if (!otpp.verifyCode(secret, curTime, token, 1)) {
log.info("The given token was not equal to generated token.\nGenerated token: \"" + otpp.getNextCode(secret, curTime) + "\"\nGiven token: \"" + token + "\"\nUser: \"" + userAttributes.get("username") + "\"");
throw new NoSuchElementException("INVALID_TOKEN");
}
}
Aggregations