m2u-upass-core / src / my / com / upass / services / VerifyTokenService.java @ 38:3d22253b0fbc
History | View | Annotate | Download (3.7 KB)
1 | 0:02300db8682b | hadi | /**
|
---|---|---|---|
2 | * Copyright (c) 2010 Penril Datability (M) Sdn Bhd All rights reserved.
|
||
3 | *
|
||
4 | * This software is copyrighted. Under the copyright laws, this software
|
||
5 | * may not be copied, in whole or in part, without prior written consent
|
||
6 | * of Penril Datability (M) Sdn Bhd or its assignees. This software is
|
||
7 | * provided under the terms of a license between Penril Datability (M)
|
||
8 | * Sdn Bhd and the recipient, and its use is subject to the terms of that
|
||
9 | * license.
|
||
10 | */
|
||
11 | |||
12 | package my.com.upass.services; |
||
13 | |||
14 | import java.util.Date; |
||
15 | import my.com.upass.Constants; |
||
16 | import my.com.upass.dao.DAOFactoryProvider; |
||
17 | import my.com.upass.dao.UserDAO; |
||
18 | import my.com.upass.dao.UserTokenDAO; |
||
19 | import my.com.upass.factory.UPassFactory; |
||
20 | 23:1281bdc0fb8f | mohd | import my.com.upass.pojo.MinimalUserBean; |
21 | 0:02300db8682b | hadi | import my.com.upass.pojo.UserBean; |
22 | import my.com.upass.pojo.UserTokenBean; |
||
23 | import my.com.upass.secure.metric.SecureMetricTokenControllerImpl; |
||
24 | import my.com.upass.vasco.TokenController; |
||
25 | |||
26 | /**
|
||
27 | * PROGRAMMER: Danniell
|
||
28 | * CHANGE-NO:
|
||
29 | * TASK-NO:
|
||
30 | * DATE CREATED: Dec 28, 2011
|
||
31 | * TAG AS:
|
||
32 | * REASON(S):
|
||
33 | * MODIFICATION:
|
||
34 | */
|
||
35 | |||
36 | /**
|
||
37 | * <Class description>
|
||
38 | */
|
||
39 | public class VerifyTokenService |
||
40 | { |
||
41 | public int verifyToken (String userAlias, String inPassword) |
||
42 | { |
||
43 | int rc = Constants.ERR_SYSTEM_NOT_READY;
|
||
44 | UserTokenBean tb = new UserTokenBean();
|
||
45 | |||
46 | try
|
||
47 | { |
||
48 | UserTokenDAO tokenDao = DAOFactoryProvider.getDAOFactory () |
||
49 | .getUserTokenDAO (UPassFactory.getTokenMode ()); |
||
50 | |||
51 | switch (UPassFactory.getTokenMode ())
|
||
52 | { |
||
53 | case GEMALTO:
|
||
54 | case VASCO:
|
||
55 | tb = tokenDao.getTokenFromStoreByUserAlias (userAlias); |
||
56 | |||
57 | if (tb == null) |
||
58 | { |
||
59 | return Constants.ERR_USERALIAS_NOT_FOUND;
|
||
60 | } |
||
61 | |||
62 | if (tb.getVstate () != Constants.TKN_STATE_ASSIGNED)
|
||
63 | { |
||
64 | return Constants.ERR_INVALID_STATE;
|
||
65 | } |
||
66 | |||
67 | TokenController tc = UPassFactory.getTokenController (tb); |
||
68 | rc = tc.verifyToken (inPassword, "", ""); |
||
69 | |||
70 | tb = (UserTokenBean) tc.getUpdatedObject (); |
||
71 | |||
72 | // update first time used
|
||
73 | if (tb.getVdateFirstUsed () == null) |
||
74 | { |
||
75 | tb.setVdateFirstUsed (new Date ()); |
||
76 | } |
||
77 | // update last time used
|
||
78 | tb.setVdateLastUsed (new Date ()); |
||
79 | |||
80 | // update database
|
||
81 | boolean lrc = tokenDao.updateTokenToStore (tb);
|
||
82 | |||
83 | if (!lrc)
|
||
84 | { |
||
85 | return Constants.ERR_UNKNOWN;
|
||
86 | } |
||
87 | break;
|
||
88 | |||
89 | case SECUREMETRIC:
|
||
90 | |||
91 | UserDAO userDao = DAOFactoryProvider.getDAOFactory ().getUserDAO (); |
||
92 | 35:0530df3f1878 | hadi | MinimalUserBean userBean = userDao.getUserFromStore (userAlias, null);
|
93 | 0:02300db8682b | hadi | |
94 | if (userBean == null){ |
||
95 | |||
96 | return Constants.ERR_USERALIAS_NOT_FOUND;
|
||
97 | } |
||
98 | else
|
||
99 | { |
||
100 | TokenController tcSm = UPassFactory.getTokenController (tb); |
||
101 | rc = tcSm.verifyToken (inPassword, userAlias, "123456");
|
||
102 | |||
103 | /*
|
||
104 | * Check whether exceed maximum tries
|
||
105 | * TODO: Check with SM to return specific error code when exceed maximum tries.
|
||
106 | */
|
||
107 | if (Constants.ERR_SUCCESS != rc){
|
||
108 | SecureMetricTokenControllerImpl impl = new SecureMetricTokenControllerImpl(tb);
|
||
109 | UserTokenBean tokenUser = impl.getUserTokenByUserId(userAlias); |
||
110 | int rc1 = impl.getTokenLocked(tokenUser.getVserialNumber());
|
||
111 | |||
112 | if (Constants.ERR_INVALID_CREDENTIAL == rc1){
|
||
113 | |||
114 | return Constants.ERR_EXCEED_MAX_TRIES;
|
||
115 | } |
||
116 | //Masking invalid OTP validation,
|
||
117 | if (Constants.OTPR_CORE_INVALID_OTP == rc){
|
||
118 | |||
119 | return Constants.ERR_INVALID_CREDENTIAL;
|
||
120 | } |
||
121 | } |
||
122 | |||
123 | } |
||
124 | |||
125 | break;
|
||
126 | default:
|
||
127 | break;
|
||
128 | |||
129 | } |
||
130 | } |
||
131 | catch (Exception e) |
||
132 | { |
||
133 | e.printStackTrace (); |
||
134 | } |
||
135 | |||
136 | return rc;
|
||
137 | } |
||
138 | } |