Fixed MFA secret key handling

Signed-off-by: Alberto Codutti <alberto.codutti@eurotech.com>
eclipse · Dec 15, 2022 · 759956f · 759956f
1 parent 0d478c0
commit 759956f
Show file tree

Hide file tree

Showing 2 changed files with 6 additions and 9 deletions.
diff --git a/...tion/api/src/main/java/org/eclipse/kapua/service/authentication/mfa/MfaAuthenticator.java b/...tion/api/src/main/java/org/eclipse/kapua/service/authentication/mfa/MfaAuthenticator.java
@@ -34,13 +34,13 @@ public interface MfaAuthenticator {
     /**
      * Validates a code generated with the authenticator app.
      *
-     * @param encryptedSecret  The encoded secret key
+     * @param mfaSecretKey     The MFA secret key.
      * @param verificationCode The verification code
-     * @return {@code true} if the verficationCode is valid, {@code false} otherwise
+     * @return {@code true} if the verficationCode is valid, {@code false} otherwise.
      * @throws KapuaException
      * @since 1.3.0
      */
-    boolean authorize(String encryptedSecret, int verificationCode) throws KapuaException;
+    boolean authorize(String mfaSecretKey, int verificationCode) throws KapuaException;
 
     /**
      * Validates a scratch code.

diff --git a/...rc/main/java/org/eclipse/kapua/service/authentication/shiro/mfa/MfaAuthenticatorImpl.java b/...rc/main/java/org/eclipse/kapua/service/authentication/shiro/mfa/MfaAuthenticatorImpl.java
@@ -21,7 +21,6 @@
 import org.eclipse.kapua.service.authentication.mfa.MfaAuthenticator;
 import org.eclipse.kapua.service.authentication.shiro.setting.KapuaAuthenticationSetting;
 import org.eclipse.kapua.service.authentication.shiro.setting.KapuaAuthenticationSettingKeys;
-import org.eclipse.kapua.service.authentication.shiro.utils.AuthenticationUtils;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.security.crypto.bcrypt.BCrypt;
@@ -89,19 +88,17 @@ public boolean isEnabled() {
     }
 
     @Override
-    public boolean authorize(String encryptedSecret, int verificationCode) throws KapuaException {
+    public boolean authorize(String mfaSecretKey, int verificationCode) throws KapuaException {
         //
         // Argument validation
-        ArgumentValidator.notNull(encryptedSecret, "encryptedSecret");
+        ArgumentValidator.notNull(mfaSecretKey, "mfaSecretKey");
         ArgumentValidator.notNegative(verificationCode, "verificationCode");
 
         //
         // Do check
-        String secret = AuthenticationUtils.decryptAes(encryptedSecret);
-
         GoogleAuthenticator ga = new GoogleAuthenticator(GOOGLE_AUTHENTICATOR_CONFIG);
 
-        return ga.authorize(secret, verificationCode);
+        return ga.authorize(mfaSecretKey, verificationCode);
     }
 
     @Override