You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@guacamole.apache.org by vn...@apache.org on 2018/02/05 18:04:27 UTC
[09/21] guacamole-client git commit: GUACAMOLE-96: Allow users to
enter either the current or previous TOTP codes.
GUACAMOLE-96: Allow users to enter either the current or previous TOTP codes.
Project: http://git-wip-us.apache.org/repos/asf/guacamole-client/repo
Commit: http://git-wip-us.apache.org/repos/asf/guacamole-client/commit/78c398f4
Tree: http://git-wip-us.apache.org/repos/asf/guacamole-client/tree/78c398f4
Diff: http://git-wip-us.apache.org/repos/asf/guacamole-client/diff/78c398f4
Branch: refs/heads/master
Commit: 78c398f45d484ba4935870f6cd5a146a6f9d2f16
Parents: 8dd5537
Author: Michael Jumper <mj...@apache.org>
Authored: Mon Nov 20 01:19:39 2017 -0800
Committer: Michael Jumper <mj...@apache.org>
Committed: Sun Feb 4 19:45:17 2018 -0800
----------------------------------------------------------------------
.../auth/totp/UserVerificationService.java | 2 +-
.../apache/guacamole/totp/TOTPGenerator.java | 29 ++++++++++++++++++++
2 files changed, 30 insertions(+), 1 deletion(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/guacamole-client/blob/78c398f4/extensions/guacamole-auth-totp/src/main/java/org/apache/guacamole/auth/totp/UserVerificationService.java
----------------------------------------------------------------------
diff --git a/extensions/guacamole-auth-totp/src/main/java/org/apache/guacamole/auth/totp/UserVerificationService.java b/extensions/guacamole-auth-totp/src/main/java/org/apache/guacamole/auth/totp/UserVerificationService.java
index cb73730..823c5ef 100644
--- a/extensions/guacamole-auth-totp/src/main/java/org/apache/guacamole/auth/totp/UserVerificationService.java
+++ b/extensions/guacamole-auth-totp/src/main/java/org/apache/guacamole/auth/totp/UserVerificationService.java
@@ -142,7 +142,7 @@ public class UserVerificationService {
// Verify provided TOTP against value produced by generator
byte[] key = BASE32.decode(encodedKey);
TOTPGenerator totp = new TOTPGenerator(key, TOTPGenerator.Mode.SHA1, 6);
- if (code.equals(totp.generate()))
+ if (code.equals(totp.generate()) || code.equals(totp.previous()))
return;
}
http://git-wip-us.apache.org/repos/asf/guacamole-client/blob/78c398f4/extensions/guacamole-auth-totp/src/main/java/org/apache/guacamole/totp/TOTPGenerator.java
----------------------------------------------------------------------
diff --git a/extensions/guacamole-auth-totp/src/main/java/org/apache/guacamole/totp/TOTPGenerator.java b/extensions/guacamole-auth-totp/src/main/java/org/apache/guacamole/totp/TOTPGenerator.java
index 004c23b..b8c0d95 100644
--- a/extensions/guacamole-auth-totp/src/main/java/org/apache/guacamole/totp/TOTPGenerator.java
+++ b/extensions/guacamole-auth-totp/src/main/java/org/apache/guacamole/totp/TOTPGenerator.java
@@ -399,4 +399,33 @@ public class TOTPGenerator {
return generate(System.currentTimeMillis() / 1000);
}
+ /**
+ * Returns the TOTP code which would have been generated immediately prior
+ * to the code returned by invoking generate() with the given timestamp.
+ *
+ * @param time
+ * The absolute timestamp to use to generate the TOTP code, in seconds
+ * since midnight, 1970-01-01, UTC (UNIX epoch).
+ *
+ * @return
+ * The TOTP code which would have been generated immediately prior to
+ * the the code returned by invoking generate() with the given
+ * timestamp.
+ */
+ public String previous(long time) {
+ return generate(Math.max(startTime, time - timeStep));
+ }
+
+ /**
+ * Returns the TOTP code which would have been generated immediately prior
+ * to the code currently being returned by generate().
+ *
+ * @return
+ * The TOTP code which would have been generated immediately prior to
+ * the code currently being returned by generate().
+ */
+ public String previous() {
+ return previous(System.currentTimeMillis() / 1000);
+ }
+
}