|
|||||||||
Representation of an Invisible Token in Smart ID Digital Access, should map to a browser.
| Property | Type | Description |
| remove | boolean | Set to true to remove the Invisible Token (active browser). |
| browsername | string | Identifier of the browser selected by the user when browser was provisioned. Read only. |
| created | long | Time stamp on when the Invisible Token was created, milliseconds since January 1, 1970 UTC. Read only. |
| lastUsed | string | Time stamp on when the Invisible Token was last used, milliseconds since January 1, 1970 UTC. Read only. |
This example shows in principal how to "remember" a new browser and how to retrieve the new Invisible Token seed from the returned subject. The example also shows how to send a HOTP generated token in the second turn.
using System; using System.Collections.Generic; using System.Linq; using System.Text; using SampleApplication.ServiceReference1; using System.ServiceModel; namespace SampleApplication { class TestInvisibleToken { private static String BROWSER_NAME = "test"; private static String SEED = ""; public TestInvisibleToken() { // Only a test, trust all certificates System.Net.ServicePointManager.ServerCertificateValidationCallback = ((sender, certificate, chain, sslPolicyErrors) => true); } internal void run() { var authenticateClient = new AuthenticateClient(); int turns = 2; for (int i = 1; i < turns + 1; i++) { Logger.Info("Turn " + i + "/" + turns + ":"); authenticate(authenticateClient); } Logger.Info("Test done."); } private void authenticate(AuthenticateClient authenticateClient) { try { Subject subject = new Subject(); subject.language = "en"; subject.credentials = new List().ToArray(); subject.credentials = XpiUtil.addCredential(subject.credentials, "username", "joe"); subject.credentials = XpiUtil.addCredential(subject.credentials, "password", "secret"); if (SEED.Length > 0) { // Generate OTP using SEED and browser name from previous turn. subject.credentials = XpiUtil.addCredential(subject.credentials, "browsername", BROWSER_NAME); subject.credentials = XpiUtil.addCredential(subject.credentials, "otp", XpiUtil.generateHOTP(SEED)); } int invisibleTokenMethod = 3; XpiUtil.logAuthenticationRequest(subject); subject = authenticateClient.authenticate(subject, invisibleTokenMethod); XpiUtil.logAuthenticated(subject); } catch (FaultException challengeException) { processChallenge(authenticateClient, challengeException); } catch (FaultException e) { String errorMsg = "Exception"; if (e.Detail.code >= 1101 && e.Detail.code <= 1199) { errorMsg = "Authentication Exception"; } Logger.Error(errorMsg + ": " + e.Message + ", code=" + e.Detail.code.ToString()); } catch (Exception e) { Logger.Error("Could not authenticate user, unexpected exception: ", e.Message); } } private void processChallenge(AuthenticateClient authenticateClient, FaultException challengeException) { XpiUtil.logChallengeResponse(challengeException, getReplyMessage(challengeException)); String replyMsg = getReplyMessage(challengeException); if (replyMsg.StartsWith("One-Time password has been sent")) { sendOtp(authenticateClient, challengeException); } else if (replyMsg.StartsWith("seed ")) { updateSeed(authenticateClient, challengeException); } else { Logger.Error("Unexpected challenge:" + replyMsg); } } private void sendOtp(AuthenticateClient authenticateClient, FaultException challengeException) { Subject subject = challengeException.Detail.subject; String notifiedOTP = "aaaa"; subject.credentials = XpiUtil.addCredential(subject.credentials, "password", notifiedOTP); // Comment: add "remember" so seed gets generated... subject.credentials = XpiUtil.addCredential(subject.credentials, "remember", "true"); subject.credentials = XpiUtil.addCredential(subject.credentials, "browsername", BROWSER_NAME); try { XpiUtil.logAuthenticationRequest(subject); subject = authenticateClient.authenticate(subject, challengeException.Detail.method); XpiUtil.logAuthenticated(subject); } catch (FaultException e) { processChallenge(authenticateClient, e); } } private void updateSeed(AuthenticateClient authenticateClient, FaultException challengeException) { Subject subject = challengeException.Detail.subject; SEED = getSeed(challengeException); XpiUtil.logAuthenticationRequest(subject); subject = authenticateClient.authenticate(subject, challengeException.Detail.method); XpiUtil.logAuthenticated(subject); } private string getReplyMessage(FaultException e) { String replymsg = ""; MapItem item = XpiUtil.getByKey(e.Detail.subject.credentials, "replymsg"); if (item != null && item.value != null) { replymsg = Encoding.UTF8.GetString(item.value); } return replymsg; } private string getSeed(FaultException e) { String seed = ""; MapItem item = XpiUtil.getByKey(e.Detail.subject.credentials, "arg1"); if (item != null && item.value != null) { seed = Encoding.UTF8.GetString(item.value); } return seed; } } }
Copyright © 1999-2023, Technology Nexus Secured Business Solutions AB. All rights reserved.