m2u-upass-core / src / my / com / upass / services / VerifyTokenService.java @ 38:3d22253b0fbc
History | View | Annotate | Download (3.7 KB)
| 1 |
/**
|
|---|---|
| 2 |
* Copyright (c) 2010 Penril Datability (M) Sdn Bhd All rights reserved.
|
| 3 |
*
|
| 4 |
* This software is copyrighted. Under the copyright laws, this software
|
| 5 |
* may not be copied, in whole or in part, without prior written consent
|
| 6 |
* of Penril Datability (M) Sdn Bhd or its assignees. This software is
|
| 7 |
* provided under the terms of a license between Penril Datability (M)
|
| 8 |
* Sdn Bhd and the recipient, and its use is subject to the terms of that
|
| 9 |
* license.
|
| 10 |
*/
|
| 11 |
|
| 12 |
package my.com.upass.services; |
| 13 |
|
| 14 |
import java.util.Date; |
| 15 |
import my.com.upass.Constants; |
| 16 |
import my.com.upass.dao.DAOFactoryProvider; |
| 17 |
import my.com.upass.dao.UserDAO; |
| 18 |
import my.com.upass.dao.UserTokenDAO; |
| 19 |
import my.com.upass.factory.UPassFactory; |
| 20 |
import my.com.upass.pojo.MinimalUserBean; |
| 21 |
import my.com.upass.pojo.UserBean; |
| 22 |
import my.com.upass.pojo.UserTokenBean; |
| 23 |
import my.com.upass.secure.metric.SecureMetricTokenControllerImpl; |
| 24 |
import my.com.upass.vasco.TokenController; |
| 25 |
|
| 26 |
/**
|
| 27 |
* PROGRAMMER: Danniell
|
| 28 |
* CHANGE-NO:
|
| 29 |
* TASK-NO:
|
| 30 |
* DATE CREATED: Dec 28, 2011
|
| 31 |
* TAG AS:
|
| 32 |
* REASON(S):
|
| 33 |
* MODIFICATION:
|
| 34 |
*/
|
| 35 |
|
| 36 |
/**
|
| 37 |
* <Class description>
|
| 38 |
*/
|
| 39 |
public class VerifyTokenService |
| 40 |
{
|
| 41 |
public int verifyToken (String userAlias, String inPassword) |
| 42 |
{
|
| 43 |
int rc = Constants.ERR_SYSTEM_NOT_READY;
|
| 44 |
UserTokenBean tb = new UserTokenBean();
|
| 45 |
|
| 46 |
try
|
| 47 |
{
|
| 48 |
UserTokenDAO tokenDao = DAOFactoryProvider.getDAOFactory () |
| 49 |
.getUserTokenDAO (UPassFactory.getTokenMode ()); |
| 50 |
|
| 51 |
switch (UPassFactory.getTokenMode ())
|
| 52 |
{
|
| 53 |
case GEMALTO:
|
| 54 |
case VASCO:
|
| 55 |
tb = tokenDao.getTokenFromStoreByUserAlias (userAlias); |
| 56 |
|
| 57 |
if (tb == null) |
| 58 |
{
|
| 59 |
return Constants.ERR_USERALIAS_NOT_FOUND;
|
| 60 |
} |
| 61 |
|
| 62 |
if (tb.getVstate () != Constants.TKN_STATE_ASSIGNED)
|
| 63 |
{
|
| 64 |
return Constants.ERR_INVALID_STATE;
|
| 65 |
} |
| 66 |
|
| 67 |
TokenController tc = UPassFactory.getTokenController (tb); |
| 68 |
rc = tc.verifyToken (inPassword, "", ""); |
| 69 |
|
| 70 |
tb = (UserTokenBean) tc.getUpdatedObject (); |
| 71 |
|
| 72 |
// update first time used
|
| 73 |
if (tb.getVdateFirstUsed () == null) |
| 74 |
{
|
| 75 |
tb.setVdateFirstUsed (new Date ()); |
| 76 |
} |
| 77 |
// update last time used
|
| 78 |
tb.setVdateLastUsed (new Date ()); |
| 79 |
|
| 80 |
// update database
|
| 81 |
boolean lrc = tokenDao.updateTokenToStore (tb);
|
| 82 |
|
| 83 |
if (!lrc)
|
| 84 |
{
|
| 85 |
return Constants.ERR_UNKNOWN;
|
| 86 |
} |
| 87 |
break;
|
| 88 |
|
| 89 |
case SECUREMETRIC:
|
| 90 |
|
| 91 |
UserDAO userDao = DAOFactoryProvider.getDAOFactory ().getUserDAO (); |
| 92 |
MinimalUserBean userBean = userDao.getUserFromStore (userAlias, null);
|
| 93 |
|
| 94 |
if (userBean == null){ |
| 95 |
|
| 96 |
return Constants.ERR_USERALIAS_NOT_FOUND;
|
| 97 |
} |
| 98 |
else
|
| 99 |
{
|
| 100 |
TokenController tcSm = UPassFactory.getTokenController (tb); |
| 101 |
rc = tcSm.verifyToken (inPassword, userAlias, "123456");
|
| 102 |
|
| 103 |
/*
|
| 104 |
* Check whether exceed maximum tries
|
| 105 |
* TODO: Check with SM to return specific error code when exceed maximum tries.
|
| 106 |
*/
|
| 107 |
if (Constants.ERR_SUCCESS != rc){
|
| 108 |
SecureMetricTokenControllerImpl impl = new SecureMetricTokenControllerImpl(tb);
|
| 109 |
UserTokenBean tokenUser = impl.getUserTokenByUserId(userAlias); |
| 110 |
int rc1 = impl.getTokenLocked(tokenUser.getVserialNumber());
|
| 111 |
|
| 112 |
if (Constants.ERR_INVALID_CREDENTIAL == rc1){
|
| 113 |
|
| 114 |
return Constants.ERR_EXCEED_MAX_TRIES;
|
| 115 |
} |
| 116 |
//Masking invalid OTP validation,
|
| 117 |
if (Constants.OTPR_CORE_INVALID_OTP == rc){
|
| 118 |
|
| 119 |
return Constants.ERR_INVALID_CREDENTIAL;
|
| 120 |
} |
| 121 |
} |
| 122 |
|
| 123 |
} |
| 124 |
|
| 125 |
break;
|
| 126 |
default:
|
| 127 |
break;
|
| 128 |
|
| 129 |
} |
| 130 |
} |
| 131 |
catch (Exception e) |
| 132 |
{
|
| 133 |
e.printStackTrace (); |
| 134 |
} |
| 135 |
|
| 136 |
return rc;
|
| 137 |
} |
| 138 |
} |