m2u-upass-core / src / my / com / upass / services / VerifyTokenService.java @ 65:4f1fc40dc837
History | View | Annotate | Download (3.7 KB)
1 |
/**
|
---|---|
2 |
* Copyright (c) 2010 Penril Datability (M) Sdn Bhd All rights reserved.
|
3 |
*
|
4 |
* This software is copyrighted. Under the copyright laws, this software
|
5 |
* may not be copied, in whole or in part, without prior written consent
|
6 |
* of Penril Datability (M) Sdn Bhd or its assignees. This software is
|
7 |
* provided under the terms of a license between Penril Datability (M)
|
8 |
* Sdn Bhd and the recipient, and its use is subject to the terms of that
|
9 |
* license.
|
10 |
*/
|
11 |
|
12 |
package my.com.upass.services; |
13 |
|
14 |
import java.util.Date; |
15 |
import my.com.upass.Constants; |
16 |
import my.com.upass.dao.DAOFactoryProvider; |
17 |
import my.com.upass.dao.UserDAO; |
18 |
import my.com.upass.dao.UserTokenDAO; |
19 |
import my.com.upass.factory.UPassFactory; |
20 |
import my.com.upass.pojo.MinimalUserBean; |
21 |
import my.com.upass.pojo.UserBean; |
22 |
import my.com.upass.pojo.UserTokenBean; |
23 |
import my.com.upass.secure.metric.SecureMetricTokenControllerImpl; |
24 |
import my.com.upass.vasco.TokenController; |
25 |
|
26 |
/**
|
27 |
* PROGRAMMER: Danniell
|
28 |
* CHANGE-NO:
|
29 |
* TASK-NO:
|
30 |
* DATE CREATED: Dec 28, 2011
|
31 |
* TAG AS:
|
32 |
* REASON(S):
|
33 |
* MODIFICATION:
|
34 |
*/
|
35 |
|
36 |
/**
|
37 |
* <Class description>
|
38 |
*/
|
39 |
public class VerifyTokenService |
40 |
{ |
41 |
public int verifyToken (String userAlias, String inPassword) |
42 |
{ |
43 |
int rc = Constants.ERR_SYSTEM_NOT_READY;
|
44 |
UserTokenBean tb = new UserTokenBean();
|
45 |
|
46 |
try
|
47 |
{ |
48 |
UserTokenDAO tokenDao = DAOFactoryProvider.getDAOFactory () |
49 |
.getUserTokenDAO (UPassFactory.getTokenMode ()); |
50 |
|
51 |
switch (UPassFactory.getTokenMode ())
|
52 |
{ |
53 |
case GEMALTO:
|
54 |
case VASCO:
|
55 |
tb = tokenDao.getTokenFromStoreByUserAlias (userAlias); |
56 |
|
57 |
if (tb == null) |
58 |
{ |
59 |
return Constants.ERR_USERALIAS_NOT_FOUND;
|
60 |
} |
61 |
|
62 |
if (tb.getVstate () != Constants.TKN_STATE_ASSIGNED)
|
63 |
{ |
64 |
return Constants.ERR_INVALID_STATE;
|
65 |
} |
66 |
|
67 |
TokenController tc = UPassFactory.getTokenController (tb); |
68 |
rc = tc.verifyToken (inPassword, "", ""); |
69 |
|
70 |
tb = (UserTokenBean) tc.getUpdatedObject (); |
71 |
|
72 |
// update first time used
|
73 |
if (tb.getVdateFirstUsed () == null) |
74 |
{ |
75 |
tb.setVdateFirstUsed (new Date ()); |
76 |
} |
77 |
// update last time used
|
78 |
tb.setVdateLastUsed (new Date ()); |
79 |
|
80 |
// update database
|
81 |
boolean lrc = tokenDao.updateTokenToStore (tb);
|
82 |
|
83 |
if (!lrc)
|
84 |
{ |
85 |
return Constants.ERR_UNKNOWN;
|
86 |
} |
87 |
break;
|
88 |
|
89 |
case SECUREMETRIC:
|
90 |
|
91 |
UserDAO userDao = DAOFactoryProvider.getDAOFactory ().getUserDAO (); |
92 |
MinimalUserBean userBean = userDao.getUserFromStore (userAlias, null);
|
93 |
|
94 |
if (userBean == null){ |
95 |
|
96 |
return Constants.ERR_USERALIAS_NOT_FOUND;
|
97 |
} |
98 |
else
|
99 |
{ |
100 |
TokenController tcSm = UPassFactory.getTokenController (tb); |
101 |
rc = tcSm.verifyToken (inPassword, userAlias, "123456");
|
102 |
|
103 |
/*
|
104 |
* Check whether exceed maximum tries
|
105 |
* TODO: Check with SM to return specific error code when exceed maximum tries.
|
106 |
*/
|
107 |
if (Constants.ERR_SUCCESS != rc){
|
108 |
SecureMetricTokenControllerImpl impl = new SecureMetricTokenControllerImpl(tb);
|
109 |
UserTokenBean tokenUser = impl.getUserTokenByUserId(userAlias); |
110 |
int rc1 = impl.getTokenLocked(tokenUser.getVserialNumber());
|
111 |
|
112 |
if (Constants.ERR_INVALID_CREDENTIAL == rc1){
|
113 |
|
114 |
return Constants.ERR_EXCEED_MAX_TRIES;
|
115 |
} |
116 |
//Masking invalid OTP validation,
|
117 |
if (Constants.OTPR_CORE_INVALID_OTP == rc){
|
118 |
|
119 |
return Constants.ERR_INVALID_CREDENTIAL;
|
120 |
} |
121 |
} |
122 |
|
123 |
} |
124 |
|
125 |
break;
|
126 |
default:
|
127 |
break;
|
128 |
|
129 |
} |
130 |
} |
131 |
catch (Exception e) |
132 |
{ |
133 |
e.printStackTrace (); |
134 |
} |
135 |
|
136 |
return rc;
|
137 |
} |
138 |
} |