KEYCLOAK-1863 added both issuer and account name to otp configuration
This commit is contained in:
parent
c21b56d596
commit
d8ebf1e3d6
3 changed files with 16 additions and 5 deletions
|
@ -51,7 +51,7 @@ public class TotpBean {
|
||||||
|
|
||||||
this.totpSecret = randomString(20);
|
this.totpSecret = randomString(20);
|
||||||
this.totpSecretEncoded = Base32.encode(totpSecret.getBytes());
|
this.totpSecretEncoded = Base32.encode(totpSecret.getBytes());
|
||||||
this.keyUri = realm.getOTPPolicy().getKeyURI(realm, this.totpSecret);
|
this.keyUri = realm.getOTPPolicy().getKeyURI(realm, user, this.totpSecret);
|
||||||
}
|
}
|
||||||
|
|
||||||
private static String randomString(int length) {
|
private static String randomString(int length) {
|
||||||
|
|
|
@ -49,7 +49,7 @@ public class TotpBean {
|
||||||
|
|
||||||
this.totpSecret = HmacOTP.generateSecret(20);
|
this.totpSecret = HmacOTP.generateSecret(20);
|
||||||
this.totpSecretEncoded = Base32.encode(totpSecret.getBytes());
|
this.totpSecretEncoded = Base32.encode(totpSecret.getBytes());
|
||||||
this.keyUri = realm.getOTPPolicy().getKeyURI(realm, this.totpSecret);
|
this.keyUri = realm.getOTPPolicy().getKeyURI(realm, user, this.totpSecret);
|
||||||
}
|
}
|
||||||
|
|
||||||
public boolean isEnabled() {
|
public boolean isEnabled() {
|
||||||
|
|
|
@ -1,8 +1,11 @@
|
||||||
package org.keycloak.models;
|
package org.keycloak.models;
|
||||||
|
|
||||||
|
import org.jboss.logging.Logger;
|
||||||
import org.keycloak.models.utils.Base32;
|
import org.keycloak.models.utils.Base32;
|
||||||
import org.keycloak.models.utils.HmacOTP;
|
import org.keycloak.models.utils.HmacOTP;
|
||||||
|
|
||||||
|
import java.io.UnsupportedEncodingException;
|
||||||
|
import java.net.URLEncoder;
|
||||||
import java.util.HashMap;
|
import java.util.HashMap;
|
||||||
import java.util.Map;
|
import java.util.Map;
|
||||||
|
|
||||||
|
@ -12,6 +15,7 @@ import java.util.Map;
|
||||||
*/
|
*/
|
||||||
public class OTPPolicy {
|
public class OTPPolicy {
|
||||||
|
|
||||||
|
protected static final Logger logger = Logger.getLogger(OTPPolicy.class);
|
||||||
|
|
||||||
protected String type;
|
protected String type;
|
||||||
protected String algorithm;
|
protected String algorithm;
|
||||||
|
@ -90,9 +94,16 @@ public class OTPPolicy {
|
||||||
this.period = period;
|
this.period = period;
|
||||||
}
|
}
|
||||||
|
|
||||||
public String getKeyURI(RealmModel realm, String secret) {
|
public String getKeyURI(RealmModel realm, UserModel user, String secret) {
|
||||||
|
|
||||||
String uri = "otpauth://" + type + "/" + realm.getName() + "?secret=" + Base32.encode(secret.getBytes()) + "&digits=" + digits + "&algorithm=" + algToKeyUriAlg.get(algorithm);
|
String uri = null;
|
||||||
|
uri = "otpauth://" + type + "/" + realm.getName() + ":" + user.getUsername() + "?secret=" +
|
||||||
|
Base32.encode(secret.getBytes()) + "&digits=" + digits + "&algorithm=" + algToKeyUriAlg.get(algorithm);
|
||||||
|
try {
|
||||||
|
uri += "&issuer=" + URLEncoder.encode(realm.getName(), "UTF-8");
|
||||||
|
} catch (UnsupportedEncodingException e) {
|
||||||
|
logger.debug("Failed to add issuer parameter to OTP URI becasue UTF-8 is not supported.");
|
||||||
|
}
|
||||||
if (type.equals(UserCredentialModel.HOTP)) {
|
if (type.equals(UserCredentialModel.HOTP)) {
|
||||||
uri += "&counter=" + initialCounter;
|
uri += "&counter=" + initialCounter;
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue