public class SecovidServicesWs extends Object
Modifier and Type | Class and Description |
---|---|
static class |
SecovidServicesWs.ServicesWSFault
This "wrapper" class was necessary to use a common utility between ManagementWS and ServicesWS.
|
Constructor and Description |
---|
SecovidServicesWs() |
Modifier and Type | Method and Description |
---|---|
AuthenticateResult |
authenticate(String userId,
String tokenPassword,
String locale)
This function authenticates a user and an OTP against one of the token that are assigned to the user. |
AuthenticateResult |
authenticateChap(AuthenticateChapRequest authenticateChapRequest)
This function authenticates a user and an OTP against one of the token that are assigned to the user. |
AuthenticateResult |
challengeAnswerChap(String state,
String answer,
String locale)
If SSMS requests additional data (methods
SecovidServicesWs.authenticateChap() or
SecovidServicesWs.challengeAnswerChap() returned with
ReturnResult.SEND_CHALLENGE }, clients must call this method to
send the challenge answer to the server. |
AuthenticateResult |
challengeResponse(String state,
String challengeAnswer,
String locale)
If an authentication was done, at the server side, an AuthenticateResult will be sent to the client. |
static void |
checkForDataNotNull(Object obj,
String objectName)
This "wrapper" method was necessary to use a common utility between ManagementWS and ServicesWS.
|
SecovidUserInfo |
getUserInfo(String userId)
getUserInfo fetches the following properties of a SecOVID user for information purpose: • userID - String - the unique SecOVID user ID • locked - boolean - the locked state of the SecOVID user (true or false, true as well if temporarily locked) • lockReason - String - the lockReasonKey if user is locked • list of token serial numbers - List of String - a list of token serial numbers of the assigned tokens These properties will be provided as an object of type SecovidUserInfo . |
boolean |
isLocked(String tokenSnr)
Returns the information as to whether or not the token is locked.
|
boolean |
isUserLocked(String userId)
Returns the information as to whether or not the user is locked.
|
boolean |
resync(String tokenSnr,
String[] otps)
Perform a re-synchronization for a token:
2 consecutive one time passwords (OTPs) must be validated
by the server.
|
boolean |
resyncByUserId(String userId,
String[] otps)
Perform a re-synchronization for a token of a given user:
2 consecutive one time passwords (OTPs) must be validated
by the server.
|
boolean |
verify(String tokenSnr,
String otp)
Deprecated.
use method
verifyEx(String, String) |
boolean |
verifyEx(String tokenSnr,
String otp)
Verification of an one time password (OTP) for the token with the given serial number.
|
@Deprecated public boolean verify(String tokenSnr, String otp) throws SecovidServicesWs.ServicesWSFault
verifyEx(String, String)
tokenSnr
- The serial number of the token.otp
- The one time password (OTP).true
if the verification was successful.SecovidServicesWs.ServicesWSFault
- SecovidErrorCodes.INTERNAL_SERVER_ERROR
if an internal error occurred.
SecovidErrorCodes.INVALID_ARGUMENT
if an argument is null or empty.
SecovidErrorCodes.TOKEN_DOES_NOT_EXIST
if the token does not exist.
SecovidErrorCodes.TOKEN_NOT_ASSIGNED_TO_USER
if the token is not assigned to a user.
SecovidErrorCodes.OTP_WRONG
if the verification of the token failed.
SecovidErrorCodes.INVALID_OTP
if OTP has a wrong length or contains invalid characters.
SecovidErrorCodes.USER_IS_LOCKED
if the user, which is assigned to the token, is locked.public boolean verifyEx(String tokenSnr, String otp) throws SecovidServicesWs.ServicesWSFault
tokenSnr
- The serial number of the token.otp
- The one time password (OTP).true
if the verification was successful. false
if the OTP was wrong.SecovidServicesWs.ServicesWSFault
- SecovidErrorCodes.INTERNAL_SERVER_ERROR
if an internal error occurred.
SecovidErrorCodes.INVALID_ARGUMENT
if an argument is null or empty.
SecovidErrorCodes.INVALID_OTP
if OTP has a wrong length or contains invalid characters.
SecovidErrorCodes.TOKEN_DOES_NOT_EXIST
if the token does not exist.
SecovidErrorCodes.TOKEN_NOT_ASSIGNED_TO_USER
if the token is not assigned to a user.
SecovidErrorCodes.USER_IS_LOCKED
if the user, which is assigned to the token, is locked.public boolean resync(String tokenSnr, String[] otps) throws SecovidServicesWs.ServicesWSFault
tokenSnr
- The serial number of the token.otps
- 2 consecutive OTPs.true
re-synchronization was successful. false
re-synchronization failed (most probably because of wrong OTPs; for details see the server log).SecovidServicesWs.ServicesWSFault
- SecovidErrorCodes.INTERNAL_SERVER_ERROR
if an internal error occurred.
SecovidErrorCodes.INVALID_ARGUMENT
if an argument is null or empty. Or if not exactly 2 otps are delivered.
SecovidErrorCodes.TOKEN_DOES_NOT_EXIST
if the token does not exist.
SecovidErrorCodes.USER_IS_LOCKED
if the user, which is assigned to the token, is locked.
SecovidErrorCodes.TOKEN_WRONG_STATE
if the token is locked or the lock-reason is not LOCK_REASON_RESYNC.
SecovidErrorCodes.TOKEN_NOT_ASSIGNED_TO_USER
if the token is not assigned to an user.public boolean resyncByUserId(String userId, String[] otps) throws SecovidServicesWs.ServicesWSFault
userId
- The loginname of the user.otps
- 2 consecutive OTPs.true
if re-synchronization was successful. false
if re-synchronization was not successful.SecovidServicesWs.ServicesWSFault
- SecovidErrorCodes.INTERNAL_SERVER_ERROR
if an internal error occurred.
SecovidErrorCodes.INVALID_ARGUMENT
if an argument is null or empty. Or if not exactly 2 otps are delivered.
SecovidErrorCodes.USER_DOES_NOT_EXIST
if the user, which is assigned to a token, does not exist.
SecovidErrorCodes.USER_IS_LOCKED
if the user is locked.
SecovidErrorCodes.NO_TOKENS_ASSIGNED_TO_USER
if any token is assigned to the user.public boolean isLocked(String tokenSnr) throws SecovidServicesWs.ServicesWSFault
tokenSnr
- The serial number of the token.true
if the token represented by the token serial number is locked. false
in any other case.SecovidServicesWs.ServicesWSFault
- SecovidErrorCodes.INTERNAL_SERVER_ERROR
if an internal error occurred.
SecovidErrorCodes.INVALID_ARGUMENT
if argument 'tokenSnr' is null or empty.
SecovidErrorCodes.TOKEN_DOES_NOT_EXIST
if the token does not exist.public boolean isUserLocked(String userId) throws SecovidServicesWs.ServicesWSFault
userId
- The user id.true
if the user represented by the user id is locked. false
in any other case.SecovidServicesWs.ServicesWSFault
- SecovidErrorCodes.MISSING_PARAMETER_UID
if the user id is empty or null.public AuthenticateResult authenticate(String userId, String tokenPassword, String locale) throws SecovidServicesWs.ServicesWSFault
userId
- tokenPassword
- - one of the following possible values:
locale
- (optional) The language of the locale (ISO 639-1) in which the response messages will be given. If locale cannot be resolved to 'de' or 'en', 'en' will be used.AuthenticateResult
of the authentication.SecovidServicesWs.ServicesWSFault
- SecovidErrorCodes.INTERNAL_SERVER_ERROR
if an internal error occurred.
SecovidErrorCodes.INVALID_USERID
if the userId is null or empty.
SecovidErrorCodes.INVALID_TOKEN_PASSWORD
if the token password is null or empty.
SecovidErrorCodes.INVALID_LOCALE
if the locale is null, empty or no ISO 639-1 language.public AuthenticateResult challengeResponse(String state, String challengeAnswer, String locale) throws SecovidServicesWs.ServicesWSFault
AuthenticateResult
will be sent to the client. This result contains a ReturnResult
}.
ReturnResult
} is SEND_CHALLENGE the server will wait for a client answer. The client will call this method to send the challenge answer to the server.state
- The state (i.e. token serial number) keeps a server information key that is needed to identify a matching RADIUS conversation.
If the state is set to "ignore" the conversation will end immediately.challengeAnswer
- The client's answer to the last AuthenticateResult
.locale
- (optional) The language of the locale (ISO 639-1) in which the response messages will be given. If locale cannot be resolved to 'de' or 'en', 'en' will be used.AuthenticateResult
of the challenge response.SecovidServicesWs.ServicesWSFault
- SecovidErrorCodes.INTERNAL_SERVER_ERROR
if an internal error occurred.
SecovidErrorCodes.INVALID_STATE
if the state is null or empty.
SecovidErrorCodes.INVALID_CHALLENGE_ANSWER
if the challengeAnswer is null or empty.
SecovidErrorCodes.INVALID_LOCALE
if the locale is null, empty or no ISO 639-1 language.public SecovidUserInfo getUserInfo(String userId) throws SecovidServicesWs.ServicesWSFault
SecovidUserInfo
.userId
- SecovidUserInfo
for the given user ID.SecovidServicesWs.ServicesWSFault
- SecovidErrorCodes.INVALID_USERID
if the parameter userId is missing (null or empty).
SecovidErrorCodes.USER_DOES_NOT_EXIST
if the user does not exist.public AuthenticateResult authenticateChap(AuthenticateChapRequest authenticateChapRequest) throws SecovidServicesWs.ServicesWSFault
authenticateChapRequest
- The AuthenticateChapRequest
which contains all
information that are needed to create a chap request for
authentication.AuthenticateResult
contains among others
ReturnResult.OK
(authentication succeeded),
ReturnResult.REJECTED
(authentication failed) or
ReturnResult.SEND_CHALLENGE
(server requires more data)SecovidServicesWs.ServicesWSFault
- SecovidErrorCodes.INTERNAL_SERVER_ERROR
if an internal error occurred.
SecovidErrorCodes.INVALID_PARAMETER
if the userId is null or empty.
SecovidErrorCodes.INVALID_PARAMETER
if the chap mode is null or empty.
SecovidErrorCodes.INVALID_PARAMETER
if the chap challenge is null or empty.
SecovidErrorCodes.INVALID_PARAMETER
if the chap response is null or empty.
SecovidErrorCodes.INVALID_PARAMETER
if the locale is null, empty or no ISO 639-1 language.public AuthenticateResult challengeAnswerChap(String state, String answer, String locale) throws SecovidServicesWs.ServicesWSFault
ReturnResult.SEND_CHALLENGE
}, clients must call this method to
send the challenge answer to the server. state
- The state (i.e. token serial number) keeps a server
information key that is needed to identify a matching RADIUS
conversation.answer
- The client's answer (e.g. another OTP, a new password, etc.).locale
- String representation of a Locale (according to ISO 639-1).
SSMS will display challenge texts according to this locale.AuthenticateResult
contains among others
ReturnResult.OK
(authentication succeeded, change
Server-PIN Succeeded), ReturnResult.REJECTED
(authentication failed) or ReturnResult.SEND_CHALLENGE
(server requires more data) ReturnResult.OK
instead of
ReturnResult.SEND_CHALLENGE
in
SecovidServicesWs.authenticate() PAP-method.SecovidServicesWs.ServicesWSFault
- SecovidErrorCodes.INTERNAL_SERVER_ERROR
if an internal error occurred.
SecovidErrorCodes.INVALID_PARAMETER
if the state is null or empty.
SecovidErrorCodes.INVALID_PARAMETER
if the answer is null or empty.
SecovidErrorCodes.INVALID_PARAMETER
if the locale is null, empty or no ISO 639-1 language.public static void checkForDataNotNull(Object obj, String objectName) throws SecovidServicesWs.ServicesWSFault
obj
- See WSUtils.checkForDataNotNull(java.lang.Object, java.lang.String)
objectName
- SecovidServicesWs.ServicesWSFault
Copyright © 2022 KOBIL Systems GmbH. All rights reserved.