2

我们正在尝试为我们现有的 netsuite 集成实施基于令牌的身份验证,并且新的实施对于未启用两因素身份验证的 netsuite 帐户按预期工作。

从 netsuite 文档中我们了解到,启用了两因素身份验证的帐户需要注意的额外事项很少。根据文档,我们需要生成一个 OTP 并将其与 Authorization 标头一起发送。要生成 OTP 网络套件,建议遵循此链接。我们已经实现了相同的 c#。但是当在授权标头中使用生成的 OTP 时,我们收到了无效登录尝试错误。Netsuite 登录审核日志显示“ errorsecondfator ”。下面是我们的实现

    public  string generateTOTP(string key,int returnDigits)
    {
        ulong T = new TOTP_SHA1(key).CounterNow();
        string time = T.ToString("X");
        string result = null;

        // Using the counter
        // First 8 bytes are for the movingFactor
        // Compliant with base RFC 4226 (HOTP)
        while (time.Length < 16)
            time = "0" + time;
        var hexString1 = ConvertStringToHex(key,Encoding.Default);
        byte[] msg = hexStr2Bytes(time);
        byte[] k = hexStr2Bytes(hexString1);


        byte[] hash = hmac_sha(k, msg);

        // put selected bytes into result int
        int offset = hash[hash.Length - 1] & 0xf;

        int binary =
            ((hash[offset] & 0x7f) << 24) |
            ((hash[offset + 1] & 0xff) << 16) |
            ((hash[offset + 2] & 0xff) << 8) |
            (hash[offset + 3] & 0xff);

        int otp = binary % DIGITS_POWER[returnDigits];

        result = Convert.ToString(otp);
        while (result.Length < returnDigits)
        {
            result = "0" + result;
        }
        return result;
    }

    private static int[] DIGITS_POWER { get; set; } = { 1, 10, 100, 1000, 10000, 100000, 1000000, 10000000, 100000000 };
    private byte[] K;
    public TOTP_SHA1(string tfasecretkey)
    {
        K = Encoding.ASCII.GetBytes(tfasecretkey);
    }

    public UInt64 CounterNow(int T1 = 30)
    {
        var secondsSinceEpoch = (DateTime.UtcNow - new DateTime(1970, 1, 1, 0, 0, 0, DateTimeKind.Utc)).TotalSeconds;
        return (UInt64)Math.Floor(secondsSinceEpoch / T1);
    }

    private static byte[] hexStr2Bytes(String hex)
    {
        return Enumerable.Range(0, hex.Length)
                 .Where(x => x % 2 == 0)
                 .Select(x => Convert.ToByte(hex.Substring(x, 2), 16))
                 .ToArray();
    }

    private static byte[] hmac_sha(byte[] keyBytes,byte[] text)
    {
        var hmac = HMACSHA512.Create();
        hmac.Key = keyBytes;
        return hmac.ComputeHash(text);
    }

    public static string ConvertStringToHex(String input, System.Text.Encoding encoding)
    {
        Byte[] stringBytes = encoding.GetBytes(input);
        StringBuilder sbBytes = new StringBuilder(stringBytes.Length * 2);
        foreach (byte b in stringBytes)
        {
            sbBytes.AppendFormat("{0:X2}", b);
        }
        return sbBytes.ToString();
    }

netsuite 支持团队关于此错误的反馈是 otp 生成的不符合要求。

任何帮助,将不胜感激。提前致谢。

4

0 回答 0