Hi all,
I’m new on privacyIDEA and OTP Server. So, I’m trying to create a new token, but I got on error on that:
"error": {"message": "ERR905: Missing parameter: 'otpkey'", "code": 905}}
So, I’d like to know how could I generate an OTP Key to send in the POST method of /token/init
here is my Java Code:
WebClient tokenClient = WebClient.create("https://192.168.2.3");
// [...]
Base32 b32 = new Base32();
Hex h = new Hex();
byte[] secretBytes = b32.decode(<what should I put here??>);
String hexSecret = new String(h.encode(secretBytes));
JSONObject tokeninit = new JSONObject();
tokeninit.put("otpkey", hexSecret);
tokeninit.put("type", "HOTP");
tokeninit.put("pin", "1234");
tokeninit.put("user", "vagrant");
tokeninit.put("realm", "defrealm");
tokenClient.header("Authorization", token);
response = tokenClient.post(jsonObject.toString());
// [...]
Please help me to understand how to generate that and how otpkey works!
Best regards,
Celso Agra
Hello Celso,
starting with the API? Taking the steep curve?
Read this http://privacyidea.readthedocs.io/en/latest/modules/api.html , this http://privacyidea.readthedocs.io/en/latest/modules/api/auth.html and this http://privacyidea.readthedocs.io/en/latest/modules/api/token.html#post--token-init .
otpkey
depends on the token type you are enrolling.
In certain cases it makes sense to use genkey
.
Also do not foget the PI-Authorization
header.
Kind regards
Cornelius
celsoagra:
JSONObject tokeninit = new JSONObject();
tokeninit.put(“otpkey”, hexSecret);
tokeninit.put(“type”, “HOTP”);
tokeninit.put(“pin”, “1234”);
tokeninit.put(“user”, “vagrant”);
tokeninit.put(“realm”, “defrealm”);
tokenClient.header(“Authorization”, token);
response = tokenClient.post(jsonObject.toString());
I do not speak java, but it looks like you are not passing your parameters to the POST call.
Thanks @cornelinux !
I’m testing some features about OTP Server… the idea is consume part of REST API, such as create user, authenticate, create a token, validate it, …
It seems I just need the otpkey, when I looked in the token-init method. but I think there is more to params to do a request.
I’m using junit (java) and considering pass a JSON like this:
{
“otpkey” : “hexSecret”,
“type” : “HOTP”,
“pin” : “1234”,
“user” : “vagrant",
“realm” : “defrealm”
}
Also, I’m passing the Authorization
header (I got token using /auth method)
should I need more params for token/init?
cornelinux:
enrolling
Also, I could notice that when I try to enroll a token, the same error happena:
But, If I check “generate OTP Key on the Server”, everything works fine
I’m using the version 2.19.1
You are right - would you mind opening an issue at github https://github.com/privacyidea/privacyidea (if you have a github account)
I can not reproduce getting an error when providing these parameters:
celsoagra:
JSONObject tokeninit = new JSONObject();
tokeninit.put(“otpkey”, hexSecret);
tokeninit.put(“type”, “HOTP”);
tokeninit.put(“pin”, “1234”);
tokeninit.put(“user”, “vagrant”);
tokeninit.put(“realm”, “defrealm”);
However, I can reproduce an error from within the UI, since the error arises from when the request contains a parameter genkey=0
or genkey=false
.
See Missing otpkey in /token/init when genkey is set to false · Issue #793 · privacyidea/privacyidea · GitHub
Thanks @cornelinux
Here is the issue on github
moreover, here is the whole java code:
public void testPrivacyIdea() {
WebClient client = WebClient.create(“https://192.168.2.3 ”);
client.path(“auth”);
client.type(“application/json”);
disabledCN(client);
JSONObject jsonObject = new JSONObject();
jsonObject.put("username", "admin");
jsonObject.put("password", "admin");
Response response = client.post(jsonObject.toString());
String responseObject = response.readEntity(String.class);
JSONObject object = new JSONObject(responseObject);
JSONObject value = (JSONObject) ((JSONObject) object.get("result")).get("value");
String token = value.get("token").toString();
System.out.println(token);
WebClient tokenClient = WebClient.create("https://192.168.2.3");
tokenClient.path("token/init");
tokenClient.type("application/json");
tokenClient.accept("application/json");
disabledCN(tokenClient); // avoid the ssl problems
JSONObject tokeninit = new JSONObject();
tokeninit.put("otpkey", "d6f66965821434f2027e0ea4f597890f7d5c8067");
tokeninit.put("genkey", 0);
tokeninit.put("serial", "NEW001");
tokeninit.put("description", "unit test");
tokeninit.put("type", "HOTP");
tokeninit.put("otplen", 6);
tokeninit.put("hashlib", "sha1");
tokeninit.put("keysize", 20);
tokeninit.put("pin", "1234");
tokeninit.put("user", "vagrant");
tokeninit.put("realm", "defrealm");
tokenClient.header("Authorization", token);
response = tokenClient.post(jsonObject.toString());
responseObject = response.readEntity(String.class);
System.out.println(responseObject);
}
I’m using junit to do this tests, and my resul is:
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VybmFtZSI6ImFkbWluIiwibm9uY2UiOiIxZWQ2MDQ5ZWUxY2M1MGM4YmQ1Y2VlZTQwND[...]
{“jsonrpc”: “2.0”, “signature”: “17888367902524921686356549237956269687957184806742938861125116236994889089378982028605413202969214134566646994158950292353311398338[…]22601218074269702982791095780649691151303871270510567656002953423982025186225313605147”, “detail”: null, “version”: “privacyIDEA 2.19.1”, “result”: {“status”: false, “error”: {“message”: “ERR905: Missing parameter: ‘otpkey’”, “code”: 905}}, “time”: 1506595308.442671, “id”: 1}
I reduce token and signature a litle bit!
So…
It will be fixed by issue #793
Thanks again @cornelinux