m2u-upass-core / src / my / com / upass / services / VerifyTokenService.java @ 8:1982e43e6686
History | View | Annotate | Download (3.65 KB)
1 | 0:02300db8682b | hadi | /**
|
---|---|---|---|
2 | * Copyright (c) 2010 Penril Datability (M) Sdn Bhd All rights reserved.
|
||
3 | *
|
||
4 | * This software is copyrighted. Under the copyright laws, this software
|
||
5 | * may not be copied, in whole or in part, without prior written consent
|
||
6 | * of Penril Datability (M) Sdn Bhd or its assignees. This software is
|
||
7 | * provided under the terms of a license between Penril Datability (M)
|
||
8 | * Sdn Bhd and the recipient, and its use is subject to the terms of that
|
||
9 | * license.
|
||
10 | */
|
||
11 | |||
12 | package my.com.upass.services; |
||
13 | |||
14 | import java.util.Date; |
||
15 | import my.com.upass.Constants; |
||
16 | import my.com.upass.dao.DAOFactoryProvider; |
||
17 | import my.com.upass.dao.UserDAO; |
||
18 | import my.com.upass.dao.UserTokenDAO; |
||
19 | import my.com.upass.factory.UPassFactory; |
||
20 | import my.com.upass.pojo.UserBean; |
||
21 | import my.com.upass.pojo.UserTokenBean; |
||
22 | import my.com.upass.secure.metric.SecureMetricTokenControllerImpl; |
||
23 | import my.com.upass.vasco.TokenController; |
||
24 | |||
25 | /**
|
||
26 | * PROGRAMMER: Danniell
|
||
27 | * CHANGE-NO:
|
||
28 | * TASK-NO:
|
||
29 | * DATE CREATED: Dec 28, 2011
|
||
30 | * TAG AS:
|
||
31 | * REASON(S):
|
||
32 | * MODIFICATION:
|
||
33 | */
|
||
34 | |||
35 | /**
|
||
36 | * <Class description>
|
||
37 | */
|
||
38 | public class VerifyTokenService |
||
39 | { |
||
40 | public int verifyToken (String userAlias, String inPassword) |
||
41 | { |
||
42 | int rc = Constants.ERR_SYSTEM_NOT_READY;
|
||
43 | UserTokenBean tb = new UserTokenBean();
|
||
44 | |||
45 | try
|
||
46 | { |
||
47 | UserTokenDAO tokenDao = DAOFactoryProvider.getDAOFactory () |
||
48 | .getUserTokenDAO (UPassFactory.getTokenMode ()); |
||
49 | |||
50 | switch (UPassFactory.getTokenMode ())
|
||
51 | { |
||
52 | case GEMALTO:
|
||
53 | case VASCO:
|
||
54 | tb = tokenDao.getTokenFromStoreByUserAlias (userAlias); |
||
55 | |||
56 | if (tb == null) |
||
57 | { |
||
58 | return Constants.ERR_USERALIAS_NOT_FOUND;
|
||
59 | } |
||
60 | |||
61 | if (tb.getVstate () != Constants.TKN_STATE_ASSIGNED)
|
||
62 | { |
||
63 | return Constants.ERR_INVALID_STATE;
|
||
64 | } |
||
65 | |||
66 | TokenController tc = UPassFactory.getTokenController (tb); |
||
67 | rc = tc.verifyToken (inPassword, "", ""); |
||
68 | |||
69 | tb = (UserTokenBean) tc.getUpdatedObject (); |
||
70 | |||
71 | // update first time used
|
||
72 | if (tb.getVdateFirstUsed () == null) |
||
73 | { |
||
74 | tb.setVdateFirstUsed (new Date ()); |
||
75 | } |
||
76 | // update last time used
|
||
77 | tb.setVdateLastUsed (new Date ()); |
||
78 | |||
79 | // update database
|
||
80 | boolean lrc = tokenDao.updateTokenToStore (tb);
|
||
81 | |||
82 | if (!lrc)
|
||
83 | { |
||
84 | return Constants.ERR_UNKNOWN;
|
||
85 | } |
||
86 | break;
|
||
87 | |||
88 | case SECUREMETRIC:
|
||
89 | |||
90 | UserDAO userDao = DAOFactoryProvider.getDAOFactory ().getUserDAO (); |
||
91 | UserBean userBean = userDao.getUserFromStore (userAlias); |
||
92 | |||
93 | if (userBean == null){ |
||
94 | |||
95 | return Constants.ERR_USERALIAS_NOT_FOUND;
|
||
96 | } |
||
97 | else
|
||
98 | { |
||
99 | TokenController tcSm = UPassFactory.getTokenController (tb); |
||
100 | rc = tcSm.verifyToken (inPassword, userAlias, "123456");
|
||
101 | |||
102 | /*
|
||
103 | * Check whether exceed maximum tries
|
||
104 | * TODO: Check with SM to return specific error code when exceed maximum tries.
|
||
105 | */
|
||
106 | if (Constants.ERR_SUCCESS != rc){
|
||
107 | SecureMetricTokenControllerImpl impl = new SecureMetricTokenControllerImpl(tb);
|
||
108 | UserTokenBean tokenUser = impl.getUserTokenByUserId(userAlias); |
||
109 | int rc1 = impl.getTokenLocked(tokenUser.getVserialNumber());
|
||
110 | |||
111 | if (Constants.ERR_INVALID_CREDENTIAL == rc1){
|
||
112 | |||
113 | return Constants.ERR_EXCEED_MAX_TRIES;
|
||
114 | } |
||
115 | //Masking invalid OTP validation,
|
||
116 | if (Constants.OTPR_CORE_INVALID_OTP == rc){
|
||
117 | |||
118 | return Constants.ERR_INVALID_CREDENTIAL;
|
||
119 | } |
||
120 | } |
||
121 | |||
122 | } |
||
123 | |||
124 | break;
|
||
125 | default:
|
||
126 | break;
|
||
127 | |||
128 | } |
||
129 | } |
||
130 | catch (Exception e) |
||
131 | { |
||
132 | e.printStackTrace (); |
||
133 | } |
||
134 | |||
135 | return rc;
|
||
136 | } |
||
137 | } |