kandi background
Explore Kits

google-authenticator | Open source version of Google Authenticator | Authentication library

 by   google Java Version: Current License: Apache-2.0

 by   google Java Version: Current License: Apache-2.0

Download this library from

kandi X-RAY | google-authenticator Summary

google-authenticator is a Java library typically used in Security, Authentication applications. google-authenticator has no vulnerabilities, it has a Permissive License and it has high support. However google-authenticator has 14 bugs and it build file is not available. You can download it from GitHub.
The Google Authenticator project includes implementations of one-time passcode generators for several mobile platforms. One-time passcodes are generated using open standards developed by the Initiative for Open Authentication (OATH) (which is unrelated to OAuth). This GitHub project is specifically for the Google Authenticator apps which target the Blackberry and iOS mobile platforms.
Support
Support
Quality
Quality
Security
Security
License
License
Reuse
Reuse

kandi-support Support

  • google-authenticator has a highly active ecosystem.
  • It has 4606 star(s) with 902 fork(s). There are 359 watchers for this library.
  • It had no major release in the last 12 months.
  • There are 164 open issues and 505 have been closed. On average issues are closed in 107 days. There are 1 open pull requests and 0 closed requests.
  • It has a negative sentiment in the developer community.
  • The latest version of google-authenticator is current.
google-authenticator Support
Best in #Authentication
Average in #Authentication
google-authenticator Support
Best in #Authentication
Average in #Authentication

quality kandi Quality

  • google-authenticator has 14 bugs (0 blocker, 0 critical, 12 major, 2 minor) and 235 code smells.
google-authenticator Quality
Best in #Authentication
Average in #Authentication
google-authenticator Quality
Best in #Authentication
Average in #Authentication

securitySecurity

  • google-authenticator has no vulnerabilities reported, and its dependent libraries have no vulnerabilities reported.
  • google-authenticator code analysis shows 0 unresolved vulnerabilities.
  • There are 0 security hotspots that need review.
google-authenticator Security
Best in #Authentication
Average in #Authentication
google-authenticator Security
Best in #Authentication
Average in #Authentication

license License

  • google-authenticator is licensed under the Apache-2.0 License. This license is Permissive.
  • Permissive licenses have the least restrictions, and you can use them in most projects.
google-authenticator License
Best in #Authentication
Average in #Authentication
google-authenticator License
Best in #Authentication
Average in #Authentication

buildReuse

  • google-authenticator releases are not available. You will need to build from source code and install.
  • google-authenticator has no build file. You will be need to create the build yourself to build the component from source.
  • google-authenticator saves you 1669 person hours of effort in developing the same functionality from scratch.
  • It has 3702 lines of code, 354 functions and 90 files.
  • It has high code complexity. Code complexity directly impacts maintainability of the code.
google-authenticator Reuse
Best in #Authentication
Average in #Authentication
google-authenticator Reuse
Best in #Authentication
Average in #Authentication
Top functions reviewed by kandi - BETA

kandi has reviewed google-authenticator and discovered the below as its top functions. This is intended to give you an instant insight into google-authenticator implemented functionality, and help decide if they suit your requirements.

  • Compute a block block .
  • Decodes the given string .
  • Read a line from the buffer .
  • Parse the secret .
  • Runs the MADlet .
  • Add a context menu to the context menu .
  • Initializes the digest .
  • Encodes the given byte array .
  • Validates the key and update the status text .
  • Searches for a match .

google-authenticator Key Features

Android app.

Pluggable Authentication Module, aka PAM.

Unit test stub for google authenticator barcode scanning using PHPUnit in Laravel

copy iconCopydownload iconDownload
$cookie = ['cookiename' => \Crypt::encryptString(json_encode(array('cookieValue' => 1)))];

  $this->call('post', 'login', [
        'username' => user1,
        'password' => 'test',
        '_token' => csrf_token(),
        'remember'  => 'on',
    ], $cookie)

CAS 6.2.x MFA Principal Attribute Trigger 'memberOf' Active Directory Not Working

copy iconCopydownload iconDownload
cas.authn.mfa.global-principal-attribute-value-regex=.*ForceMfa.+

FreeRadius 3.0.13 + Google Auth + SSSD + Active Directory - Filter via AD security groups

copy iconCopydownload iconDownload
post-auth {
  update {
    &reply: += &session-state:
  }
-sql
exec
remove_reply_message_if_eap
# Custom post-auth policies
  if (LDAP-Group == "AD_Group_SystemAdmins") {
    update reply {
      Class := "AD_Group_SystemAdmins"
    }
  }
  elsif (LDAP-Group == "AD_Group_SystemUsers") {
    update reply {
      Class := "AD_Group_SystemUsers"
    }
   }
  else {
    update reply {
      Reply-Message = "Not authorized to access this system"
    }
    update control {
      Auth-Type := "Reject"
    }
   }

HmacSHA1 different result in Node crypto and CryptoJS

copy iconCopydownload iconDownload
let result = CryptoJS.HmacSHA1(buffer.toString(), secret);
let result = CryptoJS.HmacSHA1(CryptoJS.lib.WordArray.create(buffer), secret);
const CryptoJS = require("crypto-js");

function generateHOTP(secret, counter) {
    const buffer = Buffer.alloc(8);
    for (let i = 0; i < 8; i++) {
        buffer[7 - i] = counter & 0xff;
        counter = counter >> 8;
    }

    const hmac = CryptoJS.algo.HMAC.create(CryptoJS.algo.SHA1, secret);
    hmac.update(CryptoJS.lib.WordArray.create(buffer))
    return Buffer.from(hmac.finalize().toString(), 'hex');
}
-----------------------
let result = CryptoJS.HmacSHA1(buffer.toString(), secret);
let result = CryptoJS.HmacSHA1(CryptoJS.lib.WordArray.create(buffer), secret);
const CryptoJS = require("crypto-js");

function generateHOTP(secret, counter) {
    const buffer = Buffer.alloc(8);
    for (let i = 0; i < 8; i++) {
        buffer[7 - i] = counter & 0xff;
        counter = counter >> 8;
    }

    const hmac = CryptoJS.algo.HMAC.create(CryptoJS.algo.SHA1, secret);
    hmac.update(CryptoJS.lib.WordArray.create(buffer))
    return Buffer.from(hmac.finalize().toString(), 'hex');
}
-----------------------
let result = CryptoJS.HmacSHA1(buffer.toString(), secret);
let result = CryptoJS.HmacSHA1(CryptoJS.lib.WordArray.create(buffer), secret);
const CryptoJS = require("crypto-js");

function generateHOTP(secret, counter) {
    const buffer = Buffer.alloc(8);
    for (let i = 0; i < 8; i++) {
        buffer[7 - i] = counter & 0xff;
        counter = counter >> 8;
    }

    const hmac = CryptoJS.algo.HMAC.create(CryptoJS.algo.SHA1, secret);
    hmac.update(CryptoJS.lib.WordArray.create(buffer))
    return Buffer.from(hmac.finalize().toString(), 'hex');
}

"Session store not set on request." with Google 2fa

copy iconCopydownload iconDownload
chmown -R www-data storage/*

Argument 2 passed to App\Http\Controllers\Auth\LoginController::authenticated()

copy iconCopydownload iconDownload
protected function authenticated(Request $request, $user)
use Illuminate\Contracts\Auth\Authenticatable;

...

protected function authenticated(Request $request, Authenticatable $user)
-----------------------
protected function authenticated(Request $request, $user)
use Illuminate\Contracts\Auth\Authenticatable;

...

protected function authenticated(Request $request, Authenticatable $user)

Automating 2-step Authentication with Selenium / Python?

copy iconCopydownload iconDownload
from pyotp import *
totp = TOTP("16 chars secret code goes here")
token = totp.now()
print (token)

Google two factor authentication not work on 'su' command

copy iconCopydownload iconDownload
AllowUsers admin bob
-----------------------
auth required pam_google_authenticator.so

Why this command "google-auth" works in the terminal but not from bash script?

copy iconCopydownload iconDownload
#!/bin/bash
google-auth
chmod +x yourscript.sh
-----------------------
#!/bin/bash
google-auth
chmod +x yourscript.sh

Google Authenticator One-time Password Algorithm in C#

copy iconCopydownload iconDownload
class Program
{
    static void Main(string[] args)
    {
        var bytes = Base32Encoding.ToBytes("JBSWY3DPEHPK3PXP");

        var totp = new Totp(bytes);

        var result = totp.ComputeTotp();
        var remainingTime = totp.RemainingSeconds();
    }
}
public class Totp
{
    const long unixEpochTicks = 621355968000000000L;

    const long ticksToSeconds = 10000000L;

    private const int step = 30;

    private const int totpSize = 6;

    private byte[] key;

    public Totp(byte[] secretKey)
    {
        key = secretKey;
    }

    public string ComputeTotp()
    {
        var window = CalculateTimeStepFromTimestamp(DateTime.UtcNow);

        var data = GetBigEndianBytes(window);

        var hmac = new HMACSHA1();
        hmac.Key = key;
        var hmacComputedHash = hmac.ComputeHash(data);

        int offset = hmacComputedHash[hmacComputedHash.Length - 1] & 0x0F;
        var otp = (hmacComputedHash[offset] & 0x7f) << 24
               | (hmacComputedHash[offset + 1] & 0xff) << 16
               | (hmacComputedHash[offset + 2] & 0xff) << 8
               | (hmacComputedHash[offset + 3] & 0xff) % 1000000;

        var result = Digits(otp, totpSize);

        return result;
    }

    public int RemainingSeconds()
    {
        return step - (int)(((DateTime.UtcNow.Ticks - unixEpochTicks) / ticksToSeconds) % step);
    }

    private byte[] GetBigEndianBytes(long input)
    {
        // Since .net uses little endian numbers, we need to reverse the byte order to get big endian.
        var data = BitConverter.GetBytes(input);
        Array.Reverse(data);
        return data;
    }

    private long CalculateTimeStepFromTimestamp(DateTime timestamp)
    {
        var unixTimestamp = (timestamp.Ticks - unixEpochTicks) / ticksToSeconds;
        var window = unixTimestamp / (long)step;
        return window;
    }

    private string Digits(long input, int digitCount)
    {
        var truncatedValue = ((int)input % (int)Math.Pow(10, digitCount));
        return truncatedValue.ToString().PadLeft(digitCount, '0');
    }

}
public static class Base32Encoding
{
    public static byte[] ToBytes(string input)
    {
        if (string.IsNullOrEmpty(input))
        {
            throw new ArgumentNullException("input");
        }

        input = input.TrimEnd('='); //remove padding characters
        int byteCount = input.Length * 5 / 8; //this must be TRUNCATED
        byte[] returnArray = new byte[byteCount];

        byte curByte = 0, bitsRemaining = 8;
        int mask = 0, arrayIndex = 0;

        foreach (char c in input)
        {
            int cValue = CharToValue(c);

            if (bitsRemaining > 5)
            {
                mask = cValue << (bitsRemaining - 5);
                curByte = (byte)(curByte | mask);
                bitsRemaining -= 5;
            }
            else
            {
                mask = cValue >> (5 - bitsRemaining);
                curByte = (byte)(curByte | mask);
                returnArray[arrayIndex++] = curByte;
                curByte = (byte)(cValue << (3 + bitsRemaining));
                bitsRemaining += 3;
            }
        }

        //if we didn't end with a full byte
        if (arrayIndex != byteCount)
        {
            returnArray[arrayIndex] = curByte;
        }

        return returnArray;
    }

    public static string ToString(byte[] input)
    {
        if (input == null || input.Length == 0)
        {
            throw new ArgumentNullException("input");
        }

        int charCount = (int)Math.Ceiling(input.Length / 5d) * 8;
        char[] returnArray = new char[charCount];

        byte nextChar = 0, bitsRemaining = 5;
        int arrayIndex = 0;

        foreach (byte b in input)
        {
            nextChar = (byte)(nextChar | (b >> (8 - bitsRemaining)));
            returnArray[arrayIndex++] = ValueToChar(nextChar);

            if (bitsRemaining < 4)
            {
                nextChar = (byte)((b >> (3 - bitsRemaining)) & 31);
                returnArray[arrayIndex++] = ValueToChar(nextChar);
                bitsRemaining += 5;
            }

            bitsRemaining -= 3;
            nextChar = (byte)((b << bitsRemaining) & 31);
        }

        //if we didn't end with a full char
        if (arrayIndex != charCount)
        {
            returnArray[arrayIndex++] = ValueToChar(nextChar);
            while (arrayIndex != charCount) returnArray[arrayIndex++] = '='; //padding
        }

        return new string(returnArray);
    }

    private static int CharToValue(char c)
    {
        int value = (int)c;

        //65-90 == uppercase letters
        if (value < 91 && value > 64)
        {
            return value - 65;
        }
        //50-55 == numbers 2-7
        if (value < 56 && value > 49)
        {
            return value - 24;
        }
        //97-122 == lowercase letters
        if (value < 123 && value > 96)
        {
            return value - 97;
        }

        throw new ArgumentException("Character is not a Base32 character.", "c");
    }

    private static char ValueToChar(byte b)
    {
        if (b < 26)
        {
            return (char)(b + 65);
        }

        if (b < 32)
        {
            return (char)(b + 24);
        }

        throw new ArgumentException("Byte is not a value Base32 value.", "b");
    }

}
-----------------------
class Program
{
    static void Main(string[] args)
    {
        var bytes = Base32Encoding.ToBytes("JBSWY3DPEHPK3PXP");

        var totp = new Totp(bytes);

        var result = totp.ComputeTotp();
        var remainingTime = totp.RemainingSeconds();
    }
}
public class Totp
{
    const long unixEpochTicks = 621355968000000000L;

    const long ticksToSeconds = 10000000L;

    private const int step = 30;

    private const int totpSize = 6;

    private byte[] key;

    public Totp(byte[] secretKey)
    {
        key = secretKey;
    }

    public string ComputeTotp()
    {
        var window = CalculateTimeStepFromTimestamp(DateTime.UtcNow);

        var data = GetBigEndianBytes(window);

        var hmac = new HMACSHA1();
        hmac.Key = key;
        var hmacComputedHash = hmac.ComputeHash(data);

        int offset = hmacComputedHash[hmacComputedHash.Length - 1] & 0x0F;
        var otp = (hmacComputedHash[offset] & 0x7f) << 24
               | (hmacComputedHash[offset + 1] & 0xff) << 16
               | (hmacComputedHash[offset + 2] & 0xff) << 8
               | (hmacComputedHash[offset + 3] & 0xff) % 1000000;

        var result = Digits(otp, totpSize);

        return result;
    }

    public int RemainingSeconds()
    {
        return step - (int)(((DateTime.UtcNow.Ticks - unixEpochTicks) / ticksToSeconds) % step);
    }

    private byte[] GetBigEndianBytes(long input)
    {
        // Since .net uses little endian numbers, we need to reverse the byte order to get big endian.
        var data = BitConverter.GetBytes(input);
        Array.Reverse(data);
        return data;
    }

    private long CalculateTimeStepFromTimestamp(DateTime timestamp)
    {
        var unixTimestamp = (timestamp.Ticks - unixEpochTicks) / ticksToSeconds;
        var window = unixTimestamp / (long)step;
        return window;
    }

    private string Digits(long input, int digitCount)
    {
        var truncatedValue = ((int)input % (int)Math.Pow(10, digitCount));
        return truncatedValue.ToString().PadLeft(digitCount, '0');
    }

}
public static class Base32Encoding
{
    public static byte[] ToBytes(string input)
    {
        if (string.IsNullOrEmpty(input))
        {
            throw new ArgumentNullException("input");
        }

        input = input.TrimEnd('='); //remove padding characters
        int byteCount = input.Length * 5 / 8; //this must be TRUNCATED
        byte[] returnArray = new byte[byteCount];

        byte curByte = 0, bitsRemaining = 8;
        int mask = 0, arrayIndex = 0;

        foreach (char c in input)
        {
            int cValue = CharToValue(c);

            if (bitsRemaining > 5)
            {
                mask = cValue << (bitsRemaining - 5);
                curByte = (byte)(curByte | mask);
                bitsRemaining -= 5;
            }
            else
            {
                mask = cValue >> (5 - bitsRemaining);
                curByte = (byte)(curByte | mask);
                returnArray[arrayIndex++] = curByte;
                curByte = (byte)(cValue << (3 + bitsRemaining));
                bitsRemaining += 3;
            }
        }

        //if we didn't end with a full byte
        if (arrayIndex != byteCount)
        {
            returnArray[arrayIndex] = curByte;
        }

        return returnArray;
    }

    public static string ToString(byte[] input)
    {
        if (input == null || input.Length == 0)
        {
            throw new ArgumentNullException("input");
        }

        int charCount = (int)Math.Ceiling(input.Length / 5d) * 8;
        char[] returnArray = new char[charCount];

        byte nextChar = 0, bitsRemaining = 5;
        int arrayIndex = 0;

        foreach (byte b in input)
        {
            nextChar = (byte)(nextChar | (b >> (8 - bitsRemaining)));
            returnArray[arrayIndex++] = ValueToChar(nextChar);

            if (bitsRemaining < 4)
            {
                nextChar = (byte)((b >> (3 - bitsRemaining)) & 31);
                returnArray[arrayIndex++] = ValueToChar(nextChar);
                bitsRemaining += 5;
            }

            bitsRemaining -= 3;
            nextChar = (byte)((b << bitsRemaining) & 31);
        }

        //if we didn't end with a full char
        if (arrayIndex != charCount)
        {
            returnArray[arrayIndex++] = ValueToChar(nextChar);
            while (arrayIndex != charCount) returnArray[arrayIndex++] = '='; //padding
        }

        return new string(returnArray);
    }

    private static int CharToValue(char c)
    {
        int value = (int)c;

        //65-90 == uppercase letters
        if (value < 91 && value > 64)
        {
            return value - 65;
        }
        //50-55 == numbers 2-7
        if (value < 56 && value > 49)
        {
            return value - 24;
        }
        //97-122 == lowercase letters
        if (value < 123 && value > 96)
        {
            return value - 97;
        }

        throw new ArgumentException("Character is not a Base32 character.", "c");
    }

    private static char ValueToChar(byte b)
    {
        if (b < 26)
        {
            return (char)(b + 65);
        }

        if (b < 32)
        {
            return (char)(b + 24);
        }

        throw new ArgumentException("Byte is not a value Base32 value.", "b");
    }

}
-----------------------
class Program
{
    static void Main(string[] args)
    {
        var bytes = Base32Encoding.ToBytes("JBSWY3DPEHPK3PXP");

        var totp = new Totp(bytes);

        var result = totp.ComputeTotp();
        var remainingTime = totp.RemainingSeconds();
    }
}
public class Totp
{
    const long unixEpochTicks = 621355968000000000L;

    const long ticksToSeconds = 10000000L;

    private const int step = 30;

    private const int totpSize = 6;

    private byte[] key;

    public Totp(byte[] secretKey)
    {
        key = secretKey;
    }

    public string ComputeTotp()
    {
        var window = CalculateTimeStepFromTimestamp(DateTime.UtcNow);

        var data = GetBigEndianBytes(window);

        var hmac = new HMACSHA1();
        hmac.Key = key;
        var hmacComputedHash = hmac.ComputeHash(data);

        int offset = hmacComputedHash[hmacComputedHash.Length - 1] & 0x0F;
        var otp = (hmacComputedHash[offset] & 0x7f) << 24
               | (hmacComputedHash[offset + 1] & 0xff) << 16
               | (hmacComputedHash[offset + 2] & 0xff) << 8
               | (hmacComputedHash[offset + 3] & 0xff) % 1000000;

        var result = Digits(otp, totpSize);

        return result;
    }

    public int RemainingSeconds()
    {
        return step - (int)(((DateTime.UtcNow.Ticks - unixEpochTicks) / ticksToSeconds) % step);
    }

    private byte[] GetBigEndianBytes(long input)
    {
        // Since .net uses little endian numbers, we need to reverse the byte order to get big endian.
        var data = BitConverter.GetBytes(input);
        Array.Reverse(data);
        return data;
    }

    private long CalculateTimeStepFromTimestamp(DateTime timestamp)
    {
        var unixTimestamp = (timestamp.Ticks - unixEpochTicks) / ticksToSeconds;
        var window = unixTimestamp / (long)step;
        return window;
    }

    private string Digits(long input, int digitCount)
    {
        var truncatedValue = ((int)input % (int)Math.Pow(10, digitCount));
        return truncatedValue.ToString().PadLeft(digitCount, '0');
    }

}
public static class Base32Encoding
{
    public static byte[] ToBytes(string input)
    {
        if (string.IsNullOrEmpty(input))
        {
            throw new ArgumentNullException("input");
        }

        input = input.TrimEnd('='); //remove padding characters
        int byteCount = input.Length * 5 / 8; //this must be TRUNCATED
        byte[] returnArray = new byte[byteCount];

        byte curByte = 0, bitsRemaining = 8;
        int mask = 0, arrayIndex = 0;

        foreach (char c in input)
        {
            int cValue = CharToValue(c);

            if (bitsRemaining > 5)
            {
                mask = cValue << (bitsRemaining - 5);
                curByte = (byte)(curByte | mask);
                bitsRemaining -= 5;
            }
            else
            {
                mask = cValue >> (5 - bitsRemaining);
                curByte = (byte)(curByte | mask);
                returnArray[arrayIndex++] = curByte;
                curByte = (byte)(cValue << (3 + bitsRemaining));
                bitsRemaining += 3;
            }
        }

        //if we didn't end with a full byte
        if (arrayIndex != byteCount)
        {
            returnArray[arrayIndex] = curByte;
        }

        return returnArray;
    }

    public static string ToString(byte[] input)
    {
        if (input == null || input.Length == 0)
        {
            throw new ArgumentNullException("input");
        }

        int charCount = (int)Math.Ceiling(input.Length / 5d) * 8;
        char[] returnArray = new char[charCount];

        byte nextChar = 0, bitsRemaining = 5;
        int arrayIndex = 0;

        foreach (byte b in input)
        {
            nextChar = (byte)(nextChar | (b >> (8 - bitsRemaining)));
            returnArray[arrayIndex++] = ValueToChar(nextChar);

            if (bitsRemaining < 4)
            {
                nextChar = (byte)((b >> (3 - bitsRemaining)) & 31);
                returnArray[arrayIndex++] = ValueToChar(nextChar);
                bitsRemaining += 5;
            }

            bitsRemaining -= 3;
            nextChar = (byte)((b << bitsRemaining) & 31);
        }

        //if we didn't end with a full char
        if (arrayIndex != charCount)
        {
            returnArray[arrayIndex++] = ValueToChar(nextChar);
            while (arrayIndex != charCount) returnArray[arrayIndex++] = '='; //padding
        }

        return new string(returnArray);
    }

    private static int CharToValue(char c)
    {
        int value = (int)c;

        //65-90 == uppercase letters
        if (value < 91 && value > 64)
        {
            return value - 65;
        }
        //50-55 == numbers 2-7
        if (value < 56 && value > 49)
        {
            return value - 24;
        }
        //97-122 == lowercase letters
        if (value < 123 && value > 96)
        {
            return value - 97;
        }

        throw new ArgumentException("Character is not a Base32 character.", "c");
    }

    private static char ValueToChar(byte b)
    {
        if (b < 26)
        {
            return (char)(b + 65);
        }

        if (b < 32)
        {
            return (char)(b + 24);
        }

        throw new ArgumentException("Byte is not a value Base32 value.", "b");
    }

}
-----------------------
        var secretKey= Base32Encoding.ToBytes("your secret code");
        var totp = new Totp(secretKey);
        var otp = totp.ComputeTotp();

Community Discussions

Trending Discussions on google-authenticator
  • using TOTP Microsoft authenticator for ASP.NET MVC
  • Unit test stub for google authenticator barcode scanning using PHPUnit in Laravel
  • CAS 6.2.x MFA Principal Attribute Trigger 'memberOf' Active Directory Not Working
  • FreeRadius 3.0.13 + Google Auth + SSSD + Active Directory - Filter via AD security groups
  • HmacSHA1 different result in Node crypto and CryptoJS
  • Matching TOTP implementation with Google Authenticator
  • "Session store not set on request." with Google 2fa
  • Argument 2 passed to App\Http\Controllers\Auth\LoginController::authenticated()
  • Automating 2-step Authentication with Selenium / Python?
  • Google two factor authentication not work on 'su' command
Trending Discussions on google-authenticator

QUESTION

using TOTP Microsoft authenticator for ASP.NET MVC

Asked 2021-Feb-10 at 18:50

We already have a single authentication process using Active Directory for our home made web sites (simple login and password). Our AD is also on Azure (everything is synchronized).

Now we want 2 factors authentification using this: (Microsoft Authenticator) https://www.microsoft.com/en-us/account/authenticator

I've been searching for an exemple for a while, but most of the tutorials I found are about MVC CORE; I'm not using core, just regular MVC .Net Framework. Furthermore, the only tutorials I found using .Net framework were for Google authenticator, not Microsoft's one.

The intended behavior would be the same as when I connect to office 365, first I enter my password in the web site, then I receive a notification on my cell phone (for exemple), by approving the connection, I can have access to web content.

I'm still trying to figure out if this is even allowed, is Microsoft Authenticator only meant to be used for Microsoft developers or can we random developers use this app for our 2FA needs? Or is there a way to trigger the office 365 authentication windows?

If yes, they don't seem eager to share any code or tutorial for MVC .net Framework. (I'm still searching)

EDIT for comments:

Microsoft auth .Net Core documentation:

https://docs.microsoft.com/en-us/aspnet/core/security/authentication/mfa?view=aspnetcore-5.0

Google auth with .Net framework documentation:

https://medium.com/@henryhdelgado/2fa-with-google-authenticator-in-asp-mvc-4788c79c47

ANSWER

Answered 2021-Feb-10 at 18:50

In short: you don't need to do anything (provided that your application authenticates users using OIDC, which it will do if you're using Azure Active Directory or Office 365 with your application). Just flip the switch in your organization's O365 or AAD settings to require TOTP/2FA.

However, if your application is actually authenticating against on-prem AD (whether using Kerberos via the browser shell, or with "Forms authentication") and you can't make your web-application authenticate against AAD/O365 (not on-prem AD) and you don't have AD Federation working, then you're in for a world of pain because getting on-prem 2FA working is a massive undertaking that requires just as much work from your sysadmins as it does from you (and then your question would be closed for being "too broad", sorry!)


Authenticating against AAD/O365 can be done using any OIDC client library, though Microsoft does make a purpose-built library available on NuGet which works in .NET Framework applications in addition to .NET Core: https://www.nuget.org/packages/Microsoft.Identity.Client/ (formerly https://www.nuget.org/packages/Microsoft.IdentityModel.Clients.ActiveDirectory/ )


"Azure Active Directory" (AAD) is a misnomer btw, as it has very little to do with on-prem Active Directory. That said, if you're using Office 365 within your enterprise then you will already have AAD up-and-running - just be aware that it's still completely unrelated to Active Directory (as far as technology is concerned).

Using AAD/O365 for SSO basically means using OIDC (whereas on-prem AD is Kerberos, not OIDC) - so any OIDC library can be used with AAD/O365. The TOTP/2FA part is handled entirely by AAD/O365 so you don't actually need to do anything in your own application to handle TOTP/2FA.

Source https://stackoverflow.com/questions/66123661

Community Discussions, Code Snippets contain sources that include Stack Exchange Network

Vulnerabilities

No vulnerabilities reported

Install google-authenticator

You can download it from GitHub.
You can use google-authenticator like any standard Java library. Please include the the jar files in your classpath. You can also use any IDE and you can run and debug the google-authenticator component as you would do with any other Java program. Best practice is to use a build tool that supports dependency management such as Maven or Gradle. For Maven installation, please refer maven.apache.org. For Gradle installation, please refer gradle.org .

Support

For any new features, suggestions and bugs create an issue on GitHub. If you have any questions check and ask questions on community page Stack Overflow .

DOWNLOAD this Library from

Find, review, and download reusable Libraries, Code Snippets, Cloud APIs from
over 430 million Knowledge Items
Find more libraries
Reuse Solution Kits and Libraries Curated by Popular Use Cases

Save this library and start creating your kit

Explore Related Topics

Share this Page

share link
Consider Popular Authentication Libraries
Compare Authentication Libraries with Highest Support
Compare Authentication Libraries with Highest Quality
Compare Authentication Libraries with Highest Security
Compare Authentication Libraries with Permissive License
Find, review, and download reusable Libraries, Code Snippets, Cloud APIs from
over 430 million Knowledge Items
Find more libraries
Reuse Solution Kits and Libraries Curated by Popular Use Cases

Save this library and start creating your kit

  • © 2022 Open Weaver Inc.