libre.sh/keycloak-scim
3
0
Fork 0
Code Issues 15 Pull requests Releases 1 Packages Activity Actions

KEYCLOAK-1863 added both issuer and account name to otp configuration

Browse source
This commit is contained in:
Cory Snyder 2015-09-18 13:02:36 -04:00
parent c21b56d596
commit d8ebf1e3d6
3 changed files with 16 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
forms/account-freemarker/src/main/java/org/keycloak/account/freemarker/model/TotpBean.java
View file

@ -51,7 +51,7 @@ public class TotpBean {
this.totpSecret = randomString(20); this.totpSecret = randomString(20);
this.totpSecretEncoded = Base32.encode(totpSecret.getBytes()); this.totpSecretEncoded = Base32.encode(totpSecret.getBytes());
this.keyUri = realm.getOTPPolicy().getKeyURI(realm, this.totpSecret); this.keyUri = realm.getOTPPolicy().getKeyURI(realm, user, this.totpSecret);
} }
private static String randomString(int length) { private static String randomString(int length) {

2
forms/login-freemarker/src/main/java/org/keycloak/login/freemarker/model/TotpBean.java
View file

@ -49,7 +49,7 @@ public class TotpBean {
this.totpSecret = HmacOTP.generateSecret(20); this.totpSecret = HmacOTP.generateSecret(20);
this.totpSecretEncoded = Base32.encode(totpSecret.getBytes()); this.totpSecretEncoded = Base32.encode(totpSecret.getBytes());
this.keyUri = realm.getOTPPolicy().getKeyURI(realm, this.totpSecret); this.keyUri = realm.getOTPPolicy().getKeyURI(realm, user, this.totpSecret);
} }
public boolean isEnabled() { public boolean isEnabled() {

17
model/api/src/main/java/org/keycloak/models/OTPPolicy.java
View file

@ -1,8 +1,11 @@
package org.keycloak.models; package org.keycloak.models;
import org.jboss.logging.Logger;
import org.keycloak.models.utils.Base32; import org.keycloak.models.utils.Base32;
import org.keycloak.models.utils.HmacOTP; import org.keycloak.models.utils.HmacOTP;
import java.io.UnsupportedEncodingException;
import java.net.URLEncoder;
import java.util.HashMap; import java.util.HashMap;
import java.util.Map; import java.util.Map;
@ -12,6 +15,7 @@ import java.util.Map;
*/ */
public class OTPPolicy { public class OTPPolicy {
protected static final Logger logger = Logger.getLogger(OTPPolicy.class);
protected String type; protected String type;
protected String algorithm; protected String algorithm;
@ -90,10 +94,17 @@ public class OTPPolicy {
this.period = period; this.period = period;
} }
public String getKeyURI(RealmModel realm, String secret) { public String getKeyURI(RealmModel realm, UserModel user, String secret) {
String uri = "otpauth://" + type + "/" + realm.getName() + "?secret=" + Base32.encode(secret.getBytes()) + "&digits=" + digits + "&algorithm=" + algToKeyUriAlg.get(algorithm); String uri = null;
if (type.equals(UserCredentialModel.HOTP)) { uri = "otpauth://" + type + "/" + realm.getName() + ":" + user.getUsername() + "?secret=" +
Base32.encode(secret.getBytes()) + "&digits=" + digits + "&algorithm=" + algToKeyUriAlg.get(algorithm);
try {
uri += "&issuer=" + URLEncoder.encode(realm.getName(), "UTF-8");
} catch (UnsupportedEncodingException e) {
logger.debug("Failed to add issuer parameter to OTP URI becasue UTF-8 is not supported.");
}
if (type.equals(UserCredentialModel.HOTP)) {
uri += "&counter=" + initialCounter; uri += "&counter=" + initialCounter;
} }
if (type.equals(UserCredentialModel.TOTP)) { if (type.equals(UserCredentialModel.TOTP)) {