use of io.gravitee.am.common.exception.mfa.InvalidCodeException in project gravitee-access-management by gravitee-io.
the class EmailFactorProvider method verify.
@Override
public Completable verify(FactorContext context) {
final String code = context.getData(FactorContext.KEY_CODE, String.class);
final EnrolledFactor enrolledFactor = context.getData(FactorContext.KEY_ENROLLED_FACTOR, EnrolledFactor.class);
return Completable.create(emitter -> {
try {
final String otpCode = generateOTP(enrolledFactor);
if (!code.equals(otpCode)) {
emitter.onError(new InvalidCodeException("Invalid 2FA Code"));
}
// get last connection date of the user to test code
if (Instant.now().isAfter(Instant.ofEpochMilli(enrolledFactor.getSecurity().getData(FactorDataKeys.KEY_EXPIRE_AT, Long.class)))) {
emitter.onError(new InvalidCodeException("Invalid 2FA Code"));
}
emitter.onComplete();
} catch (Exception ex) {
logger.error("An error occurs while validating 2FA code", ex);
emitter.onError(new InvalidCodeException("Invalid 2FA Code"));
}
});
}
use of io.gravitee.am.common.exception.mfa.InvalidCodeException in project gravitee-access-management by gravitee-io.
the class RecoveryCodeFactorProvider method verify.
@Override
public Completable verify(FactorContext context) {
final String code = context.getData(FactorContext.KEY_CODE, String.class);
final EnrolledFactor enrolledFactor = context.getData(FactorContext.KEY_ENROLLED_FACTOR, EnrolledFactor.class);
final List<String> recoveryCodes = (List<String>) enrolledFactor.getSecurity().getAdditionalData().get(RECOVERY_CODE);
return Completable.create(emitter -> {
if (recoveryCodes.contains(code)) {
// remove the code from the list as the recovery is not re-usable
recoveryCodes.remove(code);
enrolledFactor.getSecurity().setAdditionalData(Map.of(RECOVERY_CODE, recoveryCodes));
emitter.onComplete();
} else {
emitter.onError(new InvalidCodeException("Invalid recovery code"));
}
});
}
use of io.gravitee.am.common.exception.mfa.InvalidCodeException in project gravitee-access-management by gravitee-io.
the class InfobipResourceProvider method verify.
@Override
public Completable verify(MFAChallenge challenge) {
return Completable.create((emitter) -> {
String pin = challenge.getCode();
try {
TfaVerifyPinResponse verifyResponse = this.tfaApi.verifyTfaPhoneNumber(pinId, new TfaVerifyPinRequest().pin(pin));
boolean verified = verifyResponse.getVerified();
LOGGER.debug("Infobip Verification code with ID '{}' verified with status '{}'", this.pinId, verified);
if (!verified) {
emitter.onError(new InvalidCodeException("Challenger not verified"));
} else {
emitter.onComplete();
}
} catch (com.infobip.ApiException e) {
LOGGER.error("Challenge verification fails", e);
emitter.onError(new InvalidCodeException("Invalid 2FA Code"));
}
});
}
use of io.gravitee.am.common.exception.mfa.InvalidCodeException in project gravitee-access-management by gravitee-io.
the class TwilioVerifyResourceProvider method verify.
@Override
public Completable verify(MFAChallenge challenge) {
return Completable.create((emitter) -> {
try {
VerificationCheck verification = VerificationCheck.creator(configuration.getSid(), challenge.getCode()).setTo(challenge.getTarget()).create();
LOGGER.debug("Twilio Verification code with ID '{}' verified with status '{}'", verification.getSid(), verification.getStatus());
if (!APPROVED.equalsIgnoreCase(verification.getStatus())) {
emitter.onError(new InvalidCodeException("Invalid 2FA Code"));
}
emitter.onComplete();
} catch (ApiException e) {
LOGGER.error("Challenge verification fails", e);
emitter.onError(new InvalidCodeException("Invalid 2FA Code"));
}
});
}
use of io.gravitee.am.common.exception.mfa.InvalidCodeException in project gravitee-access-management by gravitee-io.
the class OTPFactorProvider method verify.
@Override
public Completable verify(FactorContext context) {
final String code = context.getData(FactorContext.KEY_CODE, String.class);
final EnrolledFactor enrolledFactor = context.getData(FactorContext.KEY_ENROLLED_FACTOR, EnrolledFactor.class);
return Completable.create(emitter -> {
try {
final String otpCode = TOTP.generateTOTP(SharedSecret.base32Str2Hex(enrolledFactor.getSecurity().getValue()));
if (!code.equals(otpCode)) {
emitter.onError(new InvalidCodeException("Invalid 2FA Code"));
}
emitter.onComplete();
} catch (Exception ex) {
logger.error("An error occurs while validating 2FA code", ex);
emitter.onError(new InvalidCodeException("Invalid 2FA Code"));
}
});
}
Aggregations