Answered

Request for help with generating token key

Hello, I need help to generate a token key as a variable in PROOF via a provided java code (please see below), there is a provided .jar file that I am unable to attach in this forum request. Please let me know if we can set up a Goto Meeting for this, thnaks.

 

package gov.nih.era.erabase.tfa;

import org.jboss.aerogear.security.otp.Totp;

/*
When you set up an authenticator app with a website, that site generates a secret key
- a random collection of numbers and symbols - which you then save to the app. The
site usually shows you that key in the form of a QR code. When you scan that with the
app, the key is then saved to your phone. The key is available during initial setup only.
*/

public class Otp {

public static void main(String[] args) {
String otpKeyStr = "6jm7n6xwitpjooh7ihewyyzeux7aqmw2"; // <- this 2FA secret key.

Totp totp = new Totp(otpKeyStr);
String twoFactorCode = totp.now();
System.out.println(twoFactorCode);
}
}

0
3 comments
Avatar
Stephen Akinpelumia

Update - 

Thanks Payam, I did as you recommended and created the following test case..

BT1_CommonsPlus_LoginGov_Checkout, Test Case ID - 11086

...and I got an Class not found by name 'Login_Gov.TOTPToken' error, Login_Gov.TOTPToken being the Method I entered (please see screenshot below.

I did try running this with the Method field being empty and got an Class not found by name error.

A couple of notes...

  • The developer that is involved in this testing provided me with two files, a .jar file (aerogear-otp-java-1.0.0.jar) that I had uploaded and is being referenced in step 14 of the BT1_CommonsPlus_LoginGov_Checkout test case; and a .java file with the script I referenced in the beginning. 
  • I had tried to add this script in an Execute_Javascript step in Step 13, it did not look like it would work
  • Please forgive my naivetes, I have never done a code snippet before :(

..i would appreciate any help with this, thanks.

0
Comment actions Permalink
Avatar
Pavel Kasper

Hi Stephen,
Subject-7 Platform doesn't allow execution of plain .java files, but you can execute .jar files.
In your case, you have to:

  1. Make sure that the executable method is not static, has empty parameters, and returns a String with the next format "Status,Message", where Status can be FAIL, PASS, ERROR, FAIL_SKIP; and Message  - any message.
  2. Package your .java file as .jar file
  3. Upload packaged jar file and 'aerogear-otp-java-1.0.0.jar' via file uploads
  4. Create code snippet: select uploaded files as dependencies, for the 'Class' field you have to provide the full class name (package + class name). E.g you have a class with the name Otp inside gov.nih.era.erabase.tfa package, the full class name, in this case, will be gov.nih.era.erabase.tfa.Otp
  5. Use the created code snippet in the test case by using the Execute_Java step: you can leave the Class field empty, for the method you have to provide just a the method name(E.g you have a class with the name Otp inside gov.nih.era.erabase.tfa package which has execute method(), then you just need to use execute as Method)
0
Comment actions Permalink

Please sign in to leave a comment.