- You are here:
- Home
- CodeXchange
- All
- PowerBuilder
- Two Factor Authentication
Two Factor Authentication
- Bruce Armstrong
- Code Author
- Away
Less
More
- Posts: 55
5 years 5 months ago - 10 months 1 week ago #247
by Bruce Armstrong
This message has an attachment file.
Bruce Armstrong created the code: Two Factor Authentication
Sample code showing how to do two factor authentication using PowerBuilder
This message has an attachment file.
Please log in or register to see it.
Last Edit: 10 months 1 week ago by Bruce Armstrong. Reason: Updating code to work with PowerServer and correct timestamp structure defintion
Please Log in or Create an account to join the conversation.
- Bruce Armstrong
- Code Author
- Away
Less
More
- Posts: 55
3 months 2 weeks ago - 3 months 2 weeks ago #544
by Bruce Armstrong
Bruce Armstrong replied the code: Two Factor Authentication
Time-based one time passwords (TOTP) is a standard (
en.wikipedia.org/wiki/Time-based_one-time_password
). As long as the application in question uses the same settings (same start Unix epoch, same interval, same shared key), it should generate the same result. That's why another application and Google Authenticator can produce equivalent values based on equivalent inputs. In particular, that's why the PowerBuilder code and Google Authenticator should produce the same values.
I can't see anyway in Google Authenticator (at least on iOS) to change the settings so that it might generate different values. And Google Authenticator on iOS is what I used when I demonstrated the use of the routine at several Elevates. I can't explain why it's not working for you.
Actually, I can think of one thing. TOTPs are sensitive to the computer you are generating the value on having it's system time set correctly. If that is off by a few seconds, then the wrong interval will be calculated and you will get different values. Make sure the time on your iOS device is correct.
I can't see anyway in Google Authenticator (at least on iOS) to change the settings so that it might generate different values. And Google Authenticator on iOS is what I used when I demonstrated the use of the routine at several Elevates. I can't explain why it's not working for you.
Actually, I can think of one thing. TOTPs are sensitive to the computer you are generating the value on having it's system time set correctly. If that is off by a few seconds, then the wrong interval will be calculated and you will get different values. Make sure the time on your iOS device is correct.
Last Edit: 3 months 2 weeks ago by Bruce Armstrong.
Please Log in or Create an account to join the conversation.
- Panos Platanas
- Offline
Less
More
- Posts: 2
3 months 2 weeks ago #543
by Panos Platanas
Panos Platanas replied the code: Two Factor Authentication
Thank you Bruce! On the spot as always.
Only one strange issue: It operates just fine with Google Authenticator on Android but not with Google Authenticator using iOS.
Even more strangely, if I use a different 2FA app on iOS, it works.
Have you got any idea why this may happen?
Thank you
Only one strange issue: It operates just fine with Google Authenticator on Android but not with Google Authenticator using iOS.
Even more strangely, if I use a different 2FA app on iOS, it works.
Have you got any idea why this may happen?
Thank you
Please Log in or Create an account to join the conversation.
- Bruce Armstrong
- Code Author
- Away
Less
More
- Posts: 55
4 months 1 day ago #541
by Bruce Armstrong
Bruce Armstrong replied the code: Two Factor Authentication
I later updated the sample to work with the CoderObject that was introduced in PowerBuilder 2019. Specifically, the base32encode method was added to that object in 2019R2.
You would either need to upgrade to at least PowerBuilder 2019 R2, or manually replace the call to that method with the PowerScript 32 bit encoding method that I posted in the original article.
You would either need to upgrade to at least PowerBuilder 2019 R2, or manually replace the call to that method with the PowerScript 32 bit encoding method that I posted in the original article.
Please Log in or Create an account to join the conversation.
- Panos Platanas
- Offline
Less
More
- Posts: 2
4 months 1 day ago - 4 months 1 day ago #540
by Panos Platanas
Panos Platanas replied the code: Two Factor Authentication
Thank you Bruce!
I am trying to run this on PB2017R3 but build fails:
Uknown function name base32encode
What should I check?
Thanx!
I am trying to run this on PB2017R3 but build fails:
Uknown function name base32encode
What should I check?
Thanx!
Last Edit: 4 months 1 day ago by Panos Platanas.
Please Log in or Create an account to join the conversation.
- Rob Stevens
- Offline
Less
More
- Posts: 2
7 months 3 weeks ago #529
by Rob Stevens
Rob Stevens replied the code: Two Factor Authentication
Thanks Bruce
I since found the below url that appears to work
api.qrserver.com/v1/create-qr-code
And was able to just replace the google api with it. ie
ls_chart_url = ' api.qrserver.com/v1/create-qr-code/?size= ' + String ( width ) + 'x' + String ( height ) + '&data=' + ls_provision_url
We may use this as a quick interim solution until we look at integrating your QR dll.
Kind regards
Rob
I since found the below url that appears to work
api.qrserver.com/v1/create-qr-code
And was able to just replace the google api with it. ie
ls_chart_url = ' api.qrserver.com/v1/create-qr-code/?size= ' + String ( width ) + 'x' + String ( height ) + '&data=' + ls_provision_url
We may use this as a quick interim solution until we look at integrating your QR dll.
Kind regards
Rob
Please Log in or Create an account to join the conversation.
- Bruce Armstrong
- Code Author
- Away
Less
More
- Posts: 55
7 months 3 weeks ago #528
by Bruce Armstrong
Bruce Armstrong replied the code: Two Factor Authentication
Yes, it should be that simple. There's nothing magic about a TOTP url (except perhaps the otpauth://totp/ prefix). It's just a text string that can be encoded just like any other URL or text string.
Please Log in or Create an account to join the conversation.
- Rob Stevens
- Offline
Less
More
- Posts: 2
7 months 4 weeks ago - 7 months 4 weeks ago #527
by Rob Stevens
Rob Stevens replied the code: Two Factor Authentication
Hi Bruce
Our call to the google chart API has stopped working so it looks like they have finally turned if off.
I've found your QR Code Demo - but I haven't been able to find any examples of code to date using it to generate a QR code for two factor authentication.
Is this available?
Is it as simple as passing in the resulting ls_provision_url below
blob lblb_provision_url
string ls_keystring, ls_provision_url
n_base32 lnv_base32
CoderObject co
co = create CoderObject
ls_keystring = lnv_base32.of_encode( key )
ls_provision_url = 'otpauth://totp/' + identifier + '?secret=' + ls_keystring
lblb_provision_url = Blob ( ls_provision_url, EncodingUTF8! )
ls_provision_url = co.urlencode( lblb_provision_url )
To
inv_generator.of_generateqrcode(ls_provision_url)
Kind regards
Rob
Our call to the google chart API has stopped working so it looks like they have finally turned if off.
I've found your QR Code Demo - but I haven't been able to find any examples of code to date using it to generate a QR code for two factor authentication.
Is this available?
Is it as simple as passing in the resulting ls_provision_url below
blob lblb_provision_url
string ls_keystring, ls_provision_url
n_base32 lnv_base32
CoderObject co
co = create CoderObject
ls_keystring = lnv_base32.of_encode( key )
ls_provision_url = 'otpauth://totp/' + identifier + '?secret=' + ls_keystring
lblb_provision_url = Blob ( ls_provision_url, EncodingUTF8! )
ls_provision_url = co.urlencode( lblb_provision_url )
To
inv_generator.of_generateqrcode(ls_provision_url)
Kind regards
Rob
Last Edit: 7 months 4 weeks ago by Rob Stevens.
Please Log in or Create an account to join the conversation.
- George Mikhailovsky
- Offline
Less
More
- Posts: 5
2 years 6 months ago #423
by George Mikhailovsky
George Mikhailovsky replied the code: Two Factor Authentication
Bruce, I confirm that QR identification works fine for me in both PB2019/PS2020 and PB2021/PS2021 environments. Thanks, George
Please Log in or Create an account to join the conversation.
- VINOD NAIR
- Offline
Less
More
- Posts: 2
2 years 7 months ago #422
by VINOD NAIR
VINOD NAIR replied the code: Two Factor Authentication
Hi Bruce,
We were able to make it work in PS 2020. The issue was related to the Encode function and not related to the QR Code. We created a DLL to encompass Encode function and call it from Powerbuilder and it resolved our issues on web. This was suggested to us by Appeon ....see below
For base32 encoding, please package it as DLL according to the source code online and then call it in PB. It should work on web too. Please refer to the
article below for details.
gist.github.com/BravoTango86/2a085185c3b9bd8383a1f956600e515f
social.msdn.microsoft.com/Forums/en-US/d...-code?forum=netfxbcl
We were able to make it work in PS 2020. The issue was related to the Encode function and not related to the QR Code. We created a DLL to encompass Encode function and call it from Powerbuilder and it resolved our issues on web. This was suggested to us by Appeon ....see below
For base32 encoding, please package it as DLL according to the source code online and then call it in PB. It should work on web too. Please refer to the
article below for details.
gist.github.com/BravoTango86/2a085185c3b9bd8383a1f956600e515f
social.msdn.microsoft.com/Forums/en-US/d...-code?forum=netfxbcl
Please Log in or Create an account to join the conversation.
- Bruce Armstrong
- Code Author
- Away
Less
More
- Posts: 55
2 years 7 months ago #420
by Bruce Armstrong
Bruce Armstrong replied the code: Two Factor Authentication
I just tried it with PowerServer 2021 and it worked fine. Of course, that one doesn't attempt to generate a web application. I really can't speak to how it works with PowerServer 2020.
Please Log in or Create an account to join the conversation.
Moderators: Appeon Administrator