From 4a5591db4e6c5c9428fe826f27f3492adf6238d7 Mon Sep 17 00:00:00 2001 From: cookieMr Date: Thu, 10 Sep 2020 14:52:31 +0200 Subject: [PATCH] Generate QR code image locally (for seurity reasons) --- pom.xml | 11 ++++ .../GoogleAuthenticatorQRGenerator.java | 51 +++++++++++++++++++ 2 files changed, 62 insertions(+) diff --git a/pom.xml b/pom.xml index 8abf13c..219321d 100644 --- a/pom.xml +++ b/pom.xml @@ -83,6 +83,7 @@ 3.2.0 4.13 3.2.1 + 3.4.0 @@ -102,6 +103,16 @@ httpclient ${httpclient.version} + + com.google.zxing + core + ${zxing.version} + + + com.google.zxing + javase + ${zxing.version} + diff --git a/src/main/java/com/warrenstrange/googleauth/GoogleAuthenticatorQRGenerator.java b/src/main/java/com/warrenstrange/googleauth/GoogleAuthenticatorQRGenerator.java index 376c3a3..0e7c3b3 100644 --- a/src/main/java/com/warrenstrange/googleauth/GoogleAuthenticatorQRGenerator.java +++ b/src/main/java/com/warrenstrange/googleauth/GoogleAuthenticatorQRGenerator.java @@ -30,8 +30,17 @@ package com.warrenstrange.googleauth; +import com.google.zxing.BarcodeFormat; +import com.google.zxing.WriterException; +import com.google.zxing.client.j2se.MatrixToImageWriter; +import com.google.zxing.common.BitMatrix; +import com.google.zxing.qrcode.QRCodeWriter; import org.apache.http.client.utils.URIBuilder; +import javax.imageio.ImageIO; +import java.awt.image.BufferedImage; +import java.io.ByteArrayOutputStream; +import java.io.IOException; import java.io.UnsupportedEncodingException; import java.net.URLEncoder; @@ -132,7 +141,11 @@ private static String formatLabel(String issuer, String accountName) * @return the Google Chart API call URL to generate a QR code containing * the provided information. * @see Google Authenticator - KeyUriFormat + * + * @deprecated this method is deprecated in favor of {@link GoogleAuthenticatorQRGenerator#getOtpAuthQrByteArrayOutputStream} + * which does make user send secret over wire (generated URL by this method does that) */ + @Deprecated public static String getOtpAuthURL(String issuer, String accountName, GoogleAuthenticatorKey credentials) @@ -143,6 +156,44 @@ public static String getOtpAuthURL(String issuer, internalURLEncode(getOtpAuthTotpURL(issuer, accountName, credentials))); } + /** + * Returns a {@link ByteArrayOutputStream} that contains a QR code that was generated locally + * and which can be loaded into the Google Authenticator application. The user scans this + * bar code with the application on their smart phones. + *

+ * The current implementation supports the following features: + *

+ * + * @param issuer The issuer name. This parameter cannot contain the colon + * (:) character. This parameter can be null. + * @param accountName The account name. This parameter shall not be null. + * @param credentials The generated credentials. This parameter shall not be null. + * @return a byte array stream that contains a QR code image + * @throws IOException in case when buffered image could not be written into byte array stream + * @throws WriterException in case when QR bit matrix could not be prepared + */ + public static ByteArrayOutputStream getOtpAuthQrByteArrayOutputStream(String issuer, + String accountName, + GoogleAuthenticatorKey credentials) + throws IOException, WriterException + { + String otpAuthUri = getOtpAuthTotpURL(issuer, accountName, credentials); + + QRCodeWriter qrWriter = new QRCodeWriter(); + BitMatrix bitMatrix = qrWriter.encode(otpAuthUri, BarcodeFormat.QR_CODE, 200, 200); + + BufferedImage bufferedImage = MatrixToImageWriter.toBufferedImage(bitMatrix); + + ByteArrayOutputStream outputStream = new ByteArrayOutputStream(); + ImageIO.write(bufferedImage, "png", outputStream); + + return outputStream; + } + /** * Returns the basic otpauth TOTP URI. This URI might be sent to the user via email, QR code or some other method. * Use a secure transport since this URI contains the secret.