OTP Generation

0
Hi, how to implement Standard 6-8 digit  OTP generation in Mendix for two-factor Authentication.
asked
3 answers
3

Call a Create Variable activity with this expression:

floor(random() * (99999999 - 99999)) + 99999

This will generate a value with at least 6 and max 8 digits. With the combination of floor and random you should be able to get what you want.

answered
0

Try RandomString from Community Commons. Often times clients will wish specific characters (only numbers, only digits, etc), so you can write your own version that takes a parameter of a string that represents the characters to use in the result

java.lang.String  str_retval=new String();
java.util.Random rnd=new java.util.Random();
for(int i=0;i<int_len;i++){
    str_retval=str_retval+str_characters.charAt(Math.abs(rnd.nextInt())%str_characters.length());
}
return str_retval;

 

answered
0

For secure standards, try jchambers/java-otp

var totp = new com.eatthepath.otp.TimeBasedOneTimePasswordGenerator();
var key;
var keyGenerator = javax.crypto.KeyGenerator.getInstance(totp.getAlgorithm());
// SHA-1 and SHA-256 prefer 64-byte (512-bit) keys; SHA512 prefers 128-byte (1024-bit) keys
keyGenerator.init(512);
// with key, generate otp
keyGenerator.init(512);
key = keyGenerator.generateKey();
now = java.time.Instant.now();
later = now.plus(totp.getTimeStep());
alert("Current password: "+totp.generateOneTimePassword(key, now));
alert("Future password:  "+totp.generateOneTimePassword(key, later));

Seems to work

answered