Two Factor Authentication

  • Bruce Armstrong
  • Bruce Armstrong's Avatar Code Author
  • Away
More
5 years 5 months ago - 10 months 1 week ago #247 by Bruce Armstrong
Bruce Armstrong created the code: Two Factor Authentication
Sample code showing how to do two factor authentication using PowerBuilder

This message has an attachment file.
Please log in or register to see it.

Last Edit: 10 months 1 week ago by Bruce Armstrong. Reason: Updating code to work with PowerServer and correct timestamp structure defintion

Please Log in or Create an account to join the conversation.

  • Bruce Armstrong
  • Bruce Armstrong's Avatar Code Author
  • Away
More
3 months 2 weeks ago - 3 months 2 weeks ago #544 by Bruce Armstrong
Bruce Armstrong replied the code: Two Factor Authentication
Time-based one time passwords (TOTP) is a standard ( en.wikipedia.org/wiki/Time-based_one-time_password ). As long as the application in question uses the same settings (same start Unix epoch, same interval, same shared key), it should generate the same result. That's why another application and Google Authenticator can produce equivalent values based on equivalent inputs. In particular, that's why the PowerBuilder code and Google Authenticator should produce the same values.

I can't see anyway in Google Authenticator (at least on iOS) to change the settings so that it might generate different values. And Google Authenticator on iOS is what I used when I demonstrated the use of the routine at several Elevates. I can't explain why it's not working for you.

Actually, I can think of one thing. TOTPs are sensitive to the computer you are generating the value on having it's system time set correctly. If that is off by a few seconds, then the wrong interval will be calculated and you will get different values. Make sure the time on your iOS device is correct.
Last Edit: 3 months 2 weeks ago by Bruce Armstrong.

Please Log in or Create an account to join the conversation.

More
3 months 2 weeks ago #543 by Panos Platanas
Panos Platanas replied the code: Two Factor Authentication
Thank you Bruce! On the spot as always.
Only one strange issue: It operates just fine with Google Authenticator on Android but not with Google Authenticator using iOS.
Even more strangely, if I use a different 2FA app on iOS, it works.
Have you got any idea why this may happen?

Thank you

Please Log in or Create an account to join the conversation.

  • Bruce Armstrong
  • Bruce Armstrong's Avatar Code Author
  • Away
More
4 months 1 day ago #541 by Bruce Armstrong
Bruce Armstrong replied the code: Two Factor Authentication
I later updated the sample to work with the CoderObject that was introduced in PowerBuilder 2019. Specifically, the base32encode method was added to that object in 2019R2.

You would either need to upgrade to at least PowerBuilder 2019 R2, or manually replace the call to that method with the PowerScript 32 bit encoding method that I posted in the original article.

Please Log in or Create an account to join the conversation.

More
4 months 1 day ago - 4 months 1 day ago #540 by Panos Platanas
Panos Platanas replied the code: Two Factor Authentication
Thank you Bruce!
I am trying to run this on PB2017R3 but build fails:
Uknown function name base32encode

What should I check?

Thanx!
Last Edit: 4 months 1 day ago by Panos Platanas.

Please Log in or Create an account to join the conversation.

More
7 months 3 weeks ago #529 by Rob Stevens
Rob Stevens replied the code: Two Factor Authentication
Thanks Bruce
I since found the below url that appears to work
api.qrserver.com/v1/create-qr-code

And was able to just replace the google api with it. ie

ls_chart_url = ' api.qrserver.com/v1/create-qr-code/?size= ' + String ( width ) + 'x' + String ( height ) + '&data=' + ls_provision_url

We may use this as a quick interim solution until we look at integrating your QR dll.

Kind regards
Rob

Please Log in or Create an account to join the conversation.

  • Bruce Armstrong
  • Bruce Armstrong's Avatar Code Author
  • Away
More
7 months 3 weeks ago #528 by Bruce Armstrong
Bruce Armstrong replied the code: Two Factor Authentication
Yes, it should be that simple. There's nothing magic about a TOTP url (except perhaps the otpauth://totp/ prefix). It's just a text string that can be encoded just like any other URL or text string.

Please Log in or Create an account to join the conversation.

More
7 months 4 weeks ago - 7 months 4 weeks ago #527 by Rob Stevens
Rob Stevens replied the code: Two Factor Authentication
Hi Bruce
Our call to the google chart API has stopped working so it looks like they have finally turned if off.
I've found your QR Code Demo - but I haven't been able to find any examples of code to date using it to generate a QR code for two factor authentication.
Is this available?

Is it as simple as passing in the resulting ls_provision_url below

blob lblb_provision_url
string ls_keystring, ls_provision_url
n_base32 lnv_base32
CoderObject co

co = create CoderObject

ls_keystring = lnv_base32.of_encode( key )
ls_provision_url = 'otpauth://totp/' + identifier + '?secret=' + ls_keystring
lblb_provision_url = Blob ( ls_provision_url, EncodingUTF8! )
ls_provision_url = co.urlencode( lblb_provision_url )

To
inv_generator.of_generateqrcode(ls_provision_url)


Kind regards
Rob
Last Edit: 7 months 4 weeks ago by Rob Stevens.

Please Log in or Create an account to join the conversation.

More
2 years 6 months ago #423 by George Mikhailovsky
George Mikhailovsky replied the code: Two Factor Authentication
Bruce, I confirm that QR identification works fine for me in both PB2019/PS2020 and PB2021/PS2021 environments. Thanks, George

Please Log in or Create an account to join the conversation.

More
2 years 7 months ago #422 by VINOD NAIR
VINOD NAIR replied the code: Two Factor Authentication
Hi Bruce,

We were able to make it work in PS 2020. The issue was related to the Encode function and not related to the QR Code. We created a DLL to encompass Encode function and call it from Powerbuilder and it resolved our issues on web. This was suggested to us by Appeon ....see below


For base32 encoding, please package it as DLL according to the source code online and then call it in PB. It should work on web too. Please refer to the
article below for details.
gist.github.com/BravoTango86/2a085185c3b9bd8383a1f956600e515f
social.msdn.microsoft.com/Forums/en-US/d...-code?forum=netfxbcl

Please Log in or Create an account to join the conversation.

  • Bruce Armstrong
  • Bruce Armstrong's Avatar Code Author
  • Away
More
2 years 7 months ago #420 by Bruce Armstrong
Bruce Armstrong replied the code: Two Factor Authentication
I just tried it with PowerServer 2021 and it worked fine. Of course, that one doesn't attempt to generate a web application. I really can't speak to how it works with PowerServer 2020.

Please Log in or Create an account to join the conversation.

Moderators: Appeon Administrator