m2u-upass-core / src / my / com / upass / services / VerifyTokenService.java @ 18:78fbff99ec6c
History | View | Annotate | Download (3.65 KB)
| 1 | 0:02300db8682b | hadi | /**
|
|---|---|---|---|
| 2 | * Copyright (c) 2010 Penril Datability (M) Sdn Bhd All rights reserved.
|
||
| 3 | *
|
||
| 4 | * This software is copyrighted. Under the copyright laws, this software
|
||
| 5 | * may not be copied, in whole or in part, without prior written consent
|
||
| 6 | * of Penril Datability (M) Sdn Bhd or its assignees. This software is
|
||
| 7 | * provided under the terms of a license between Penril Datability (M)
|
||
| 8 | * Sdn Bhd and the recipient, and its use is subject to the terms of that
|
||
| 9 | * license.
|
||
| 10 | */
|
||
| 11 | |||
| 12 | package my.com.upass.services; |
||
| 13 | |||
| 14 | import java.util.Date; |
||
| 15 | import my.com.upass.Constants; |
||
| 16 | import my.com.upass.dao.DAOFactoryProvider; |
||
| 17 | import my.com.upass.dao.UserDAO; |
||
| 18 | import my.com.upass.dao.UserTokenDAO; |
||
| 19 | import my.com.upass.factory.UPassFactory; |
||
| 20 | import my.com.upass.pojo.UserBean; |
||
| 21 | import my.com.upass.pojo.UserTokenBean; |
||
| 22 | import my.com.upass.secure.metric.SecureMetricTokenControllerImpl; |
||
| 23 | import my.com.upass.vasco.TokenController; |
||
| 24 | |||
| 25 | /**
|
||
| 26 | * PROGRAMMER: Danniell
|
||
| 27 | * CHANGE-NO:
|
||
| 28 | * TASK-NO:
|
||
| 29 | * DATE CREATED: Dec 28, 2011
|
||
| 30 | * TAG AS:
|
||
| 31 | * REASON(S):
|
||
| 32 | * MODIFICATION:
|
||
| 33 | */
|
||
| 34 | |||
| 35 | /**
|
||
| 36 | * <Class description>
|
||
| 37 | */
|
||
| 38 | public class VerifyTokenService |
||
| 39 | {
|
||
| 40 | public int verifyToken (String userAlias, String inPassword) |
||
| 41 | {
|
||
| 42 | int rc = Constants.ERR_SYSTEM_NOT_READY;
|
||
| 43 | UserTokenBean tb = new UserTokenBean();
|
||
| 44 | |||
| 45 | try
|
||
| 46 | {
|
||
| 47 | UserTokenDAO tokenDao = DAOFactoryProvider.getDAOFactory () |
||
| 48 | .getUserTokenDAO (UPassFactory.getTokenMode ()); |
||
| 49 | |||
| 50 | switch (UPassFactory.getTokenMode ())
|
||
| 51 | {
|
||
| 52 | case GEMALTO:
|
||
| 53 | case VASCO:
|
||
| 54 | tb = tokenDao.getTokenFromStoreByUserAlias (userAlias); |
||
| 55 | |||
| 56 | if (tb == null) |
||
| 57 | {
|
||
| 58 | return Constants.ERR_USERALIAS_NOT_FOUND;
|
||
| 59 | } |
||
| 60 | |||
| 61 | if (tb.getVstate () != Constants.TKN_STATE_ASSIGNED)
|
||
| 62 | {
|
||
| 63 | return Constants.ERR_INVALID_STATE;
|
||
| 64 | } |
||
| 65 | |||
| 66 | TokenController tc = UPassFactory.getTokenController (tb); |
||
| 67 | rc = tc.verifyToken (inPassword, "", ""); |
||
| 68 | |||
| 69 | tb = (UserTokenBean) tc.getUpdatedObject (); |
||
| 70 | |||
| 71 | // update first time used
|
||
| 72 | if (tb.getVdateFirstUsed () == null) |
||
| 73 | {
|
||
| 74 | tb.setVdateFirstUsed (new Date ()); |
||
| 75 | } |
||
| 76 | // update last time used
|
||
| 77 | tb.setVdateLastUsed (new Date ()); |
||
| 78 | |||
| 79 | // update database
|
||
| 80 | boolean lrc = tokenDao.updateTokenToStore (tb);
|
||
| 81 | |||
| 82 | if (!lrc)
|
||
| 83 | {
|
||
| 84 | return Constants.ERR_UNKNOWN;
|
||
| 85 | } |
||
| 86 | break;
|
||
| 87 | |||
| 88 | case SECUREMETRIC:
|
||
| 89 | |||
| 90 | UserDAO userDao = DAOFactoryProvider.getDAOFactory ().getUserDAO (); |
||
| 91 | UserBean userBean = userDao.getUserFromStore (userAlias); |
||
| 92 | |||
| 93 | if (userBean == null){ |
||
| 94 | |||
| 95 | return Constants.ERR_USERALIAS_NOT_FOUND;
|
||
| 96 | } |
||
| 97 | else
|
||
| 98 | {
|
||
| 99 | TokenController tcSm = UPassFactory.getTokenController (tb); |
||
| 100 | rc = tcSm.verifyToken (inPassword, userAlias, "123456");
|
||
| 101 | |||
| 102 | /*
|
||
| 103 | * Check whether exceed maximum tries
|
||
| 104 | * TODO: Check with SM to return specific error code when exceed maximum tries.
|
||
| 105 | */
|
||
| 106 | if (Constants.ERR_SUCCESS != rc){
|
||
| 107 | SecureMetricTokenControllerImpl impl = new SecureMetricTokenControllerImpl(tb);
|
||
| 108 | UserTokenBean tokenUser = impl.getUserTokenByUserId(userAlias); |
||
| 109 | int rc1 = impl.getTokenLocked(tokenUser.getVserialNumber());
|
||
| 110 | |||
| 111 | if (Constants.ERR_INVALID_CREDENTIAL == rc1){
|
||
| 112 | |||
| 113 | return Constants.ERR_EXCEED_MAX_TRIES;
|
||
| 114 | } |
||
| 115 | //Masking invalid OTP validation,
|
||
| 116 | if (Constants.OTPR_CORE_INVALID_OTP == rc){
|
||
| 117 | |||
| 118 | return Constants.ERR_INVALID_CREDENTIAL;
|
||
| 119 | } |
||
| 120 | } |
||
| 121 | |||
| 122 | } |
||
| 123 | |||
| 124 | break;
|
||
| 125 | default:
|
||
| 126 | break;
|
||
| 127 | |||
| 128 | } |
||
| 129 | } |
||
| 130 | catch (Exception e) |
||
| 131 | {
|
||
| 132 | e.printStackTrace (); |
||
| 133 | } |
||
| 134 | |||
| 135 | return rc;
|
||
| 136 | } |
||
| 137 | } |