LegacyTokenValidationValve

Valve for validating and converting a legacy HOTP/TOTP token.

This valve is used together with TokenValidationValve.

Properties

Name Description Default value Mandatory Supports property expansion
username_param_name Property containing the username. User-Name No Yes
provided_otp_param_name Property containing the provided otp value. Yes Yes
stored_token_attribute Item Property containing the legacy token key. Yes No
stored_drift_attribute Item Property containing the legacy token TOTP drift value. No No
hotp_lookahead Look ahead value for HOTP tokens. 20 No No
otp_length The length of the token one-time password. 6 No No
convert_token If the token should be converted to PhenixID server. true No No
remove_hex_prefix If hex prefix value needs to be removed (if token key starts with 0x, this will be removed). true No No

Example Configuration

{
        "name": "LegacyTokenValidationValve",
        "config": { 
              "username_param_name":"{{request.User-Name}}",
              "stored_token_attribute":"carLicense",
              "provided_otp_param_name":"{{request.User-Password}}",
              "convert_token": "true",
	      "remove_hex_prefix": "true",
	      "hotp_lookahead": "20",
	      "otp_length": "6"
        }
}

The value for parameter provided_otp_param_name is the  provided otp sent in the request.

The value for  username_param_name  is the userid sent in the request.
Most common values for the username_param_name are User-Name for RADIUS and username for HTTP.

Requirements

Item set must have at least one entry.