Skip to content

Commit

Permalink
Fixed MFA secret key handling
Browse files Browse the repository at this point in the history
Signed-off-by: Alberto Codutti <[email protected]>
  • Loading branch information
Coduz committed Dec 15, 2022
1 parent b095058 commit 3d1e4cf
Show file tree
Hide file tree
Showing 2 changed files with 6 additions and 9 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -34,13 +34,13 @@ public interface MfaAuthenticator {
/**
* Validates a code generated with the authenticator app.
*
* @param encryptedSecret The encoded secret key
* @param mfaSecretKey The MFA secret key.
* @param verificationCode The verification code
* @return {@code true} if the verficationCode is valid, {@code false} otherwise
* @return {@code true} if the verficationCode is valid, {@code false} otherwise.
* @throws KapuaException
* @since 1.3.0
*/
boolean authorize(String encryptedSecret, int verificationCode) throws KapuaException;
boolean authorize(String mfaSecretKey, int verificationCode) throws KapuaException;

/**
* Validates a scratch code.
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,6 @@
import org.eclipse.kapua.service.authentication.mfa.MfaAuthenticator;
import org.eclipse.kapua.service.authentication.shiro.setting.KapuaAuthenticationSetting;
import org.eclipse.kapua.service.authentication.shiro.setting.KapuaAuthenticationSettingKeys;
import org.eclipse.kapua.service.authentication.shiro.utils.AuthenticationUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.crypto.bcrypt.BCrypt;
Expand Down Expand Up @@ -89,19 +88,17 @@ public boolean isEnabled() {
}

@Override
public boolean authorize(String encryptedSecret, int verificationCode) throws KapuaException {
public boolean authorize(String mfaSecretKey, int verificationCode) throws KapuaException {
//
// Argument validation
ArgumentValidator.notNull(encryptedSecret, "encryptedSecret");
ArgumentValidator.notNull(mfaSecretKey, "mfaSecretKey");
ArgumentValidator.notNegative(verificationCode, "verificationCode");

//
// Do check
String secret = AuthenticationUtils.decryptAes(encryptedSecret);

GoogleAuthenticator ga = new GoogleAuthenticator(GOOGLE_AUTHENTICATOR_CONFIG);

return ga.authorize(secret, verificationCode);
return ga.authorize(mfaSecretKey, verificationCode);
}

@Override
Expand Down

0 comments on commit 3d1e4cf

Please sign in to comment.