public class OTPVerifier extends Object
The idea of two factor authentication is that a valid user is authenticated by something he or she knows (a password) and something he or she has (a security token or a mobile phone + app). Hence the name "two factor authentication".
This app or security token generates time based codes (sometime referred to as "one time password" OTP). This helper class can be used to generate a configuration QR code (which is essentially a configuration URL used by popular apps (like Google Authenticator). It also permits to verify OTP submitted by the user.
Constructor and Description |
---|
OTPVerifier() |
Modifier and Type | Method and Description |
---|---|
boolean |
checkCode(String secret,
String code)
Verifies the given OTP against the given secret key.
|
String |
computeCode(String secret)
Computes an OTP code for the given secret and current interval.
|
String |
generateSharedSecret()
Returns a randomly generated key which can be used as shared secret.
|
String |
getAsAuthURL(String account,
String secret)
Generates an OTPAUTH-URL which can be used to generate a QR code for a
mobile device.
|
@Nonnull public String generateSharedSecret()
A secret like this has to be stored per user. It is required by checkCode(String, String)
to verify
a given OTP. Also use getAsAuthURL(String, String)
to generate an URL which can be put into
a QR code to configure apps like Google Authenticator.
@Nonnull public String getAsAuthURL(String account, String secret)
account
- name of the account associated with this codesecret
- the secret used to generate the OTP codespublic boolean checkCode(String secret, String code)
secret
- the secret stored for this usercode
- the OTP entered by the userCopyright © 2018. All rights reserved.