diff --git a/pom.xml b/pom.xml
index 02c6d4e0..7f7094cc 100644
--- a/pom.xml
+++ b/pom.xml
@@ -432,7 +432,7 @@
commons-io
commons-io
- 2.15.1
+ 2.16.1
com.warrenstrange
@@ -452,7 +452,7 @@
commons-codec
commons-codec
- 1.16.0
+ 1.17.0
diff --git a/superfly-service/src/main/java/com/payneteasy/superfly/hotp/HOTPServiceImpl.java b/superfly-service/src/main/java/com/payneteasy/superfly/hotp/HOTPServiceImpl.java
index 33198d5c..426a45a0 100644
--- a/superfly-service/src/main/java/com/payneteasy/superfly/hotp/HOTPServiceImpl.java
+++ b/superfly-service/src/main/java/com/payneteasy/superfly/hotp/HOTPServiceImpl.java
@@ -39,6 +39,10 @@ public class HOTPServiceImpl implements HOTPService {
private UserService userService;
private CryptoService cryptoService;
+ public ThreadLocal getGoogleAuthenticator() {
+ return googleAuthenticator;
+ }
+
@Required
public void setEmailService(EmailService emailService) {
this.emailService = emailService;
diff --git a/superfly-service/src/test/java/com/payneteasy/superfly/hotp/HOTPServiceImplTest.java b/superfly-service/src/test/java/com/payneteasy/superfly/hotp/HOTPServiceImplTest.java
new file mode 100644
index 00000000..adce6e69
--- /dev/null
+++ b/superfly-service/src/test/java/com/payneteasy/superfly/hotp/HOTPServiceImplTest.java
@@ -0,0 +1,63 @@
+package com.payneteasy.superfly.hotp;
+
+import com.payneteasy.superfly.api.SsoDecryptException;
+import com.payneteasy.superfly.crypto.CryptoServiceImpl;
+import com.payneteasy.superfly.crypto.exception.EncryptException;
+import com.payneteasy.superfly.service.UserService;
+import com.payneteasy.superfly.service.impl.UserServiceImpl;
+import com.warrenstrange.googleauth.GoogleAuthenticatorKey;
+import org.junit.Assert;
+import org.junit.Before;
+import org.junit.Test;
+
+public class HOTPServiceImplTest {
+ public static final String USERNAME = "user";
+ private HOTPServiceImpl service;
+ private GoogleAuthenticatorKey credentials;
+
+ @Before
+ public void setup() {
+ service = new HOTPServiceImpl();
+ credentials = service.getGoogleAuthenticator().get().createCredentials();
+
+ CryptoServiceImpl cryptoService = new CryptoServiceImpl();
+ cryptoService.setCryptoSalt("GOOGLE_SALT");
+ cryptoService.setCryptoSecret("GOOGLE_SECRET");
+
+ UserService userService = new UserServiceImpl() {
+ @Override
+ public String getOtpMasterKeyByUsername(String username) {
+ if (USERNAME.equals(username)) {
+ try {
+ return cryptoService.encrypt(credentials.getKey());
+ } catch (EncryptException e) {
+ throw new RuntimeException(e);
+ }
+ }
+ return null;
+ }
+ };
+ service.setCryptoService(cryptoService);
+ service.setUserService(userService);
+ }
+
+ @Test
+ public void testValidateGoogleTimePassword() throws SsoDecryptException {
+ String totpPassword = String.valueOf(
+ service.getGoogleAuthenticator().get().getTotpPassword(credentials.getKey())
+ );
+
+ boolean valid = service.validateGoogleTimePassword(USERNAME, totpPassword);
+
+ Assert.assertTrue( "Not valid code", valid);
+ }
+
+ @Test
+ public void testUnValidateGoogleTimePassword() throws SsoDecryptException {
+ String totpPassword = "123123";
+
+ boolean valid = service.validateGoogleTimePassword(USERNAME, totpPassword);
+
+ Assert.assertFalse( "Valid code", valid);
+ }
+}
\ No newline at end of file