Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

OATH authentication module(not FR OATH) does not work in Japanese locale #131

Closed
ogis-tada opened this issue Sep 5, 2019 · 0 comments
Closed

OATH authentication module(not FR OATH) does not work in Japanese locale #131

ogis-tada opened this issue Sep 5, 2019 · 0 comments
Labels
severity:broken expected use type:bug Something isn't working
Milestone
OpenAM 14.0.0

Comments

@ogis-tada
Copy link
Contributor

Description

In the OATH authentication module (not the FR OATH authentication module), the implementation and Japanese callback XML are inconsistent. Therefore, if you authenticate with a browser with a Japanese locale, an authentication error will occur even if you enter the correct OTP.

Steps to reproduce

The OATH algorithm works in the same way for both TOTP and HOTP, but here we describe how to reproduce it using HOTP.

  1. Set the OATH authentication module.
    1. Create a new module instance.
      • Realm > Top Level Realm > Authentication > Modules > Add Module
        • Name: OATH-Test
        • Type: OATH
    2. Configure the module.
      • Secret Key Attribute Name: secretKey
      • Counter Attribute Name: counter
  2. Create an authentication chain that includes the OATH authentication module.
    1. Create a new authentication chain.
      • Realm > Top Level Realm > Authentication > Chains > Add Chain
        • Name: oath
    2. Add modules to the authentication chain.
      • DataStore: Required
      • OATH-Test: Required
  3. Register the attributes required for the test user.
    • secretKey: Base16 encoded value of a specific string.
      • ex. specific string: Hello World!
      • ex. base16 value: 48656C6C6F20576F726C6421
    • counter: 0
  4. Register the HOTP seed in the smartphone app "Google Authenticator".
    • '+' button > Manual entry
      • Account: openam-oath
      • Key: Base32 encoded value of a specific string
        • ex. specific string: Hello World!
        • ex. base32 value(excluding padding '='): JBSWY3DPEBLW64TMMQQQ
      • Time based: false
  5. Access by browser.
    1. Access to "https://opena.example.com/sso/XUI/#login/&service=oath".
    2. Enter the ID / Password of the test user.
    3. Check and enter the HOTP code on the smartphone app "Google Authenticator".

Expected Results

Authentication succeeds in both English and Japanese locales.

Actual Results

Authentication succeeds in English locale, but authentication error occurs in Japanese locale.
@ogis-tada ogis-tada added this to the OpenAM 14.0.0 milestone Sep 5, 2019
@ogis-miyamura ogis-miyamura mentioned this issue Nov 28, 2019
Merged
tsujiguchitky pushed a commit that referenced this issue Nov 28, 2019
@ogis-miyamura @tsujiguchitky
Issue #131 OATH authentication module(not FR OATH) does not work in J…
ab0c585 
…apanese locale (#190)

* Supplemented missing callback#0 for OATH Japanese XML
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
severity:broken expected use type:bug Something isn't working
Projects
None yet
Milestone
OpenAM 14.0.0
Development

No branches or pull requests
2 participants
@tsujiguchitky @ogis-tada