tag:blogger.com,1999:blog-7952810330436823110.post7649027102714629000..comments2024-03-20T10:09:26.121+01:00Comments on The Grey Blog: Google Authenticator: Using It With Your Own Java Authentication ServerEnrico M. Crisostomohttp://www.blogger.com/profile/02688166348157974808noreply@blogger.comBlogger55125tag:blogger.com,1999:blog-7952810330436823110.post-53310980927308621682017-08-21T16:04:04.504+02:002017-08-21T16:04:04.504+02:00Hi.
Thank you very much for doing incredible. It ...Hi.<br /><br />Thank you very much for doing incredible. It is best tutorial I have searched for GA<br />Anonymoushttps://www.blogger.com/profile/10233011121304210880noreply@blogger.comtag:blogger.com,1999:blog-7952810330436823110.post-85045136226652572242017-07-01T13:53:50.623+02:002017-07-01T13:53:50.623+02:00Thanks a lot! You made a new blog entry to answer ...Thanks a lot! You made a new blog entry to answer my question; I really appreciate your time and effort.Anonymoushttps://www.blogger.com/profile/17340952577138720457noreply@blogger.comtag:blogger.com,1999:blog-7952810330436823110.post-41713376973996453522017-04-17T15:04:26.123+02:002017-04-17T15:04:26.123+02:00Works nicely. One gotcha: If the verification code...Works nicely. One gotcha: If the verification code from Google Authenticator is not matching the server-side generated code it might be that the Authenticator internal clock is out of sync with Google's servers. To correct this on Android, open the Authenticator app, open top-right menu > Settings > Time correction for codes > Sync now.Lars Helgehttps://www.blogger.com/profile/04830612777604754549noreply@blogger.comtag:blogger.com,1999:blog-7952810330436823110.post-83613039719273654302016-01-07T13:20:23.860+01:002016-01-07T13:20:23.860+01:00Hi All,
I Have taken your code as Reference and Cr...Hi All,<br />I Have taken your code as Reference and Created the sample JAVA Web Application and using the same in my Project and the Code is working like charm in my system (India). But the same code is not working in the Singapore. I am trying a lot but not getting the reason . Can anybody please help on this.<br />Reference from : https://github.com/wstrange/GoogleAuth<br />1. Is there any dependency with the Country name .<br />Thanks in Advance..Anonymoushttps://www.blogger.com/profile/01247987474675356445noreply@blogger.comtag:blogger.com,1999:blog-7952810330436823110.post-26103543794804744772015-12-09T17:35:21.798+01:002015-12-09T17:35:21.798+01:00Hi Stephen, please, open an issue in the project s...Hi Stephen, please, open an issue in the project so that we concentrate all the communications there.Enrico M. Crisostomohttps://www.blogger.com/profile/02688166348157974808noreply@blogger.comtag:blogger.com,1999:blog-7952810330436823110.post-22055806064666335382015-12-09T16:54:55.165+01:002015-12-09T16:54:55.165+01:00Hi, Enrico
I've been successfully using your ...Hi, Enrico<br /><br />I've been successfully using your GoogleAuth library for quite a while but now have a need to be able to generate validation codes (i.e., for sending via SMS). All the bits and pieces are there in the GoogleAuth project but are package private (it actually looks like the pieces are there but just wasn't finished). Since I know what changes need to be made, would you be open to me making them and you reviewing them for inclusion in the github project? Thanks!Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-7952810330436823110.post-5993886238214509822015-07-20T18:51:52.144+02:002015-07-20T18:51:52.144+02:00Hi, Just carried out an experiment after this comm...Hi, Just carried out an experiment after this comment. By setting the time off by a day on the server I got locked out of the system for all values provided by the authenticator on my phone. However, when I provided an emergency key it logged me in. I guess the default settings for google authenticator PAM work. -- AAnonymousnoreply@blogger.comtag:blogger.com,1999:blog-7952810330436823110.post-83240324761298556472015-07-20T18:18:53.075+02:002015-07-20T18:18:53.075+02:00Hi, and if the application happens to be the login...Hi, and if the application happens to be the login shell? How do we get the shell to respond to the emergency keys? It probably needs to be handlesd before it reaches the application. Perhaps the google authenticator PAM should take care of this. Consider what happens if the time daemon dies at the target host. There's got to be a configuration for this without a work around...Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-7952810330436823110.post-13376225479313197842015-07-20T16:28:00.763+02:002015-07-20T16:28:00.763+02:00Hi, the emergency codes are managed by the applica...Hi, the emergency codes are managed by the application: they are not validated using TOTP. Hence, I guess you would just look up the provided password against the list of scratch codes still active and if you find a match you will authenticate the user (and mark the code as used).Enrico M. Crisostomohttps://www.blogger.com/profile/02688166348157974808noreply@blogger.comtag:blogger.com,1999:blog-7952810330436823110.post-64541927917638116172015-07-20T14:35:55.241+02:002015-07-20T14:35:55.241+02:00Will the emergency codes work even if the time set...Will the emergency codes work even if the time settings in the client and server are wildly different?Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-7952810330436823110.post-19661686841994716872015-05-12T19:18:27.625+02:002015-05-12T19:18:27.625+02:00Hi samba,
Unfortunately since TOTP password are a...Hi samba,<br /><br />Unfortunately since TOTP password are a function of time, the only way for unit tests to work would be generating a TOTP password and validate it straight away (which BTW it does in another test). Those failures can be ignored since they require some refactoring.Enrico M. Crisostomohttps://www.blogger.com/profile/02688166348157974808noreply@blogger.comtag:blogger.com,1999:blog-7952810330436823110.post-82624724609180720302015-05-12T19:12:11.126+02:002015-05-12T19:12:11.126+02:00Hi Enrico,
I downloaded your code and ran Unit T...Hi Enrico,<br /> I downloaded your code and ran Unit Tests mentioned in GoogleAuthTest.java. for both authorise(), authoriseUser() unit tests i got following message. "Check VALIDATION_CODE = false". Is there any thing am i missing related to time settings in my system. I am using Windows, eclipse , jre7.<br />Thankssambanoreply@blogger.comtag:blogger.com,1999:blog-7952810330436823110.post-61642708668011633002015-04-06T15:12:22.316+02:002015-04-06T15:12:22.316+02:00Solved my issue. Server clocks kept in sync with o...Solved my issue. Server clocks kept in sync with other than unix epoch.<br /><br />Thank you for your help...:)Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-7952810330436823110.post-51195042641033813162015-04-01T09:42:12.660+02:002015-04-01T09:42:12.660+02:00That's really weird. Can you dump the value of...That's really weird. Can you dump the value of new Date().getTime() in both a server that is working correctly and one that is not and see if they are correct? That's the only moment in which time information is used.<br /><br />In your first comment you hinted at a "difference in time" that I interpreted as a timezone difference. Now I guess that's not the problem. Are server clocks kept in sync with NTP? This algorithm is time sensible: if the skew is too big, you won't be able to validate a TOTP password.Enrico M. Crisostomohttps://www.blogger.com/profile/02688166348157974808noreply@blogger.comtag:blogger.com,1999:blog-7952810330436823110.post-6072195846569834102015-04-01T09:26:16.723+02:002015-04-01T09:26:16.723+02:00Sorry about that...above question is related to yo...Sorry about that...above question is related to your last comment on march 29.<br />I copied same code what u provided in the link and passed my secret code to my android mobile GAuthenticator app through qrcode.<br />In some servers it is working fine. I can't able to trace correct problem in some servers that code(Gauth app generated) is not matching with the code generated in your code.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-7952810330436823110.post-1688476097105176122015-04-01T09:10:30.635+02:002015-04-01T09:10:30.635+02:00I'm sorry but your question is too general: it...I'm sorry but your question is too general: it's a needle in a haystack. I have no idea what your "server" is, what applications you are running and which one of them is involved into TOTP authentication.Enrico M. Crisostomohttps://www.blogger.com/profile/02688166348157974808noreply@blogger.comtag:blogger.com,1999:blog-7952810330436823110.post-8647348559216610382015-04-01T09:06:31.371+02:002015-04-01T09:06:31.371+02:00Thanks for ur explanation,
How to check my server...Thanks for ur explanation, <br />How to check my server is using the number of seconds elapsed from midnight of 1970/01/01 UTC (the UNIX epoch)?<br />plz elaborate with guidelines....ThanqAnonymousnoreply@blogger.comtag:blogger.com,1999:blog-7952810330436823110.post-43048126670647804722015-03-29T18:43:54.038+02:002015-03-29T18:43:54.038+02:00Hi,
Of course it's possible. The error here i...Hi,<br /><br />Of course it's possible. The error here is using local time: both your server and your client must agree on a time representation and RFC-6238 mandates the use of UTC. Make sure the server is using the number of seconds elapsed from midnight of 1970/01/01 UTC (the UNIX epoch).<br /><br />Cheers,<br />-- <br />EnricoEnrico M. Crisostomohttps://www.blogger.com/profile/02688166348157974808noreply@blogger.comtag:blogger.com,1999:blog-7952810330436823110.post-48672410793252046812015-03-29T18:40:28.499+02:002015-03-29T18:40:28.499+02:00Hi Enrico,
My case is, Authenticator is working fi...Hi Enrico,<br />My case is, Authenticator is working fine when both client phone and server time is same. But when there is a difference in time between client and server, code generated in mobile is not working, when i enter in server to verify.(like server in US and client in India). Mobile time and server running time will be different in this case.<br />plz help me...Is this scenario possible in Google Authenticator?Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-7952810330436823110.post-76899248596633866432015-02-12T21:02:29.101+01:002015-02-12T21:02:29.101+01:00You are welcome, Peter.You are welcome, Peter.Enrico M. Crisostomohttps://www.blogger.com/profile/02688166348157974808noreply@blogger.comtag:blogger.com,1999:blog-7952810330436823110.post-12463137816795703232015-02-12T21:01:54.436+01:002015-02-12T21:01:54.436+01:00Yeah. It works. Your help is appreciated. Thank yo...Yeah. It works. Your help is appreciated. Thank you.Peternoreply@blogger.comtag:blogger.com,1999:blog-7952810330436823110.post-3222084934353598252015-02-12T18:01:02.171+01:002015-02-12T18:01:02.171+01:00Hi Peter,
Yes, and that method is expected to wor...Hi Peter,<br /><br />Yes, and that method is expected to work as is. I just re-tested it and I found no problem in it.Enrico M. Crisostomohttps://www.blogger.com/profile/02688166348157974808noreply@blogger.comtag:blogger.com,1999:blog-7952810330436823110.post-11317635917230508152015-02-12T17:58:34.710+01:002015-02-12T17:58:34.710+01:00Alright here is what i meant. The
authorize(Strin...Alright here is what i meant. The <br />authorize(String secret, int verificationCode) takes verificationCode as int and when i call i convert string value (003456) coming from ui to int it will be changed to 3456 and therefore <br />authorize() method will be called with validationCode 3456. <br /><br />Now authorize method internally calls return checkCode( secret, verificationCode,<br />new Date().getTime(), this.config.getWindowSize());<br /><br />This is method is internally doing integer comparisons. I just want to know where to change what to make this leading 0 issue be resolved. Thank you.Peternoreply@blogger.comtag:blogger.com,1999:blog-7952810330436823110.post-34703928878395174652015-02-12T17:44:34.698+01:002015-02-12T17:44:34.698+01:00Hi Peter, you have to pass the secret key and an i...Hi Peter, you have to pass the secret key and an integer whose value is 2314.<br /><br />I don't understand what this means:<br /><br />The validation is already changed to 2314 with no lead ing zeros when this method is called.Enrico M. Crisostomohttps://www.blogger.com/profile/02688166348157974808noreply@blogger.comtag:blogger.com,1999:blog-7952810330436823110.post-40771404014783997422015-02-12T17:13:57.582+01:002015-02-12T17:13:57.582+01:00I am sorry i didn't get it exactly.
e.g. if Va...I am sorry i didn't get it exactly.<br />e.g. if ValidattionCode generated by google authenticator is 002314<br />and secret is ABDCD342434DD then what do i have to do exactly in authorize method. The validation is already changed to 2314 with no lead ing zeros when this method is called. Please advise.Peternoreply@blogger.com