[PET] TOTP Authenticator improvement

classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

[PET] TOTP Authenticator improvement

vivekananthan
Hi All,

We are now improving the TOTP Authenticator [1] with the following fixes.

Support to work with IS 5.3.0.

Need to fix according to the following JIRAs
Fix to support registering TOTP at the time of login.
  • If a user hasn't enabled TOTP and hasn't configured a Google authenticator app then he should be able to register at the corresponding step.
  • If the user already has TOTP configured then he should be able to proceed with authentication.
Fix according to the code review comments.

Please add if you have further suggestions on above improvement in TOTP Authenticator.


Thanks,

Vivekananthan Sivanayagam
Software Engineer | WSO2
[hidden email]
M:+94752786138

_______________________________________________
Architecture mailing list
[hidden email]
https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
Reply | Threaded
Open this post in threaded view
|

Re: [PET] TOTP Authenticator improvement

Shakila Sivagnanarajah
Hi,

I have modified the UI feature of TOTP authenticator to support enabling the authenticator in the authentication flow. Please find the screenshots below.

Screenshots of authenticator web-app:

Inline image 8

If click "Enable TOTP"
Inline image 1

If click "Next"
Inline image 3

If click "Get a Verification Code"
Inline image 1


Screenshots of Dashboard:
Inline image 6

If click "Scan QR Code"
Inline image 2


Thanks

On Mon, Jun 5, 2017 at 6:05 PM, Vivekananthan Sivanayagam <[hidden email]> wrote:
Hi All,

We are now improving the TOTP Authenticator [1] with the following fixes.

Support to work with IS 5.3.0.

Need to fix according to the following JIRAs
Fix to support registering TOTP at the time of login.
  • If a user hasn't enabled TOTP and hasn't configured a Google authenticator app then he should be able to register at the corresponding step.
  • If the user already has TOTP configured then he should be able to proceed with authentication.
Fix according to the code review comments.

Please add if you have further suggestions on above improvement in TOTP Authenticator.


Thanks,

Vivekananthan Sivanayagam
Software Engineer | WSO2
[hidden email]
M:<a href="tel:+94%2075%20278%206138" value="+94752786138" target="_blank">+94752786138

_______________________________________________
Architecture mailing list
[hidden email]
https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture




--
Shakila Sasikaran
Software Engineer
Mobile :+94 (0) 77 526 6848
WSO2, Inc. 
lean . enterprise . middleware

_______________________________________________
Architecture mailing list
[hidden email]
https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
Reply | Threaded
Open this post in threaded view
|

Re: [PET] TOTP Authenticator improvement

Shakila Sivagnanarajah
Adding people

On Fri, Jul 21, 2017 at 10:51 AM, Shakila Sasikaran <[hidden email]> wrote:
Hi,

I have modified the UI feature of TOTP authenticator to support enabling the authenticator in the authentication flow. Please find the screenshots below.

Screenshots of authenticator web-app:

Inline image 8

If click "Enable TOTP"
Inline image 1

If click "Next"
Inline image 3

If click "Get a Verification Code"
Inline image 1


Screenshots of Dashboard:
Inline image 6

If click "Scan QR Code"
Inline image 2


Thanks

On Mon, Jun 5, 2017 at 6:05 PM, Vivekananthan Sivanayagam <[hidden email]> wrote:
Hi All,

We are now improving the TOTP Authenticator [1] with the following fixes.

Support to work with IS 5.3.0.

Need to fix according to the following JIRAs
Fix to support registering TOTP at the time of login.
  • If a user hasn't enabled TOTP and hasn't configured a Google authenticator app then he should be able to register at the corresponding step.
  • If the user already has TOTP configured then he should be able to proceed with authentication.
Fix according to the code review comments.

Please add if you have further suggestions on above improvement in TOTP Authenticator.


Thanks,

Vivekananthan Sivanayagam
Software Engineer | WSO2
[hidden email]
M:<a href="tel:+94%2075%20278%206138" value="+94752786138" target="_blank">+94752786138

_______________________________________________
Architecture mailing list
[hidden email]
https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture




--
Shakila Sasikaran
Software Engineer
Mobile :<a href="tel:+94%2077%20526%206848" value="+94775266848" target="_blank">+94 (0) 77 526 6848
WSO2, Inc. 
lean . enterprise . middleware



--
Shakila Sasikaran
Software Engineer
Mobile :+94 (0) 77 526 6848
WSO2, Inc. 
lean . enterprise . middleware

_______________________________________________
Architecture mailing list
[hidden email]
https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
Reply | Threaded
Open this post in threaded view
|

Re: [PET] TOTP Authenticator improvement

Dakshika Jayathilaka
Hi All,

IMO we need to clearly mention the two scenarios that we are trying to cover. AFAIU we are discussing,

1. End User enable TOTP
2. Admin enabled TOTP

IMHO for end-user story TOTP term is too technical. Is there any way to simplify that to "2-step verification" or something?

Also If they enable the option we need to clearly mention how to use this. Here is a simple flow suggestion for first use case.




WDYT?

Regards, 

Dakshika Jayathilaka
PMC Member & Committer of Apache Stratos
Associate Technical Lead
WSO2, Inc.
lean.enterprise.middleware
0771100911

On Fri, Jul 21, 2017 at 11:18 AM, Shakila Sasikaran <[hidden email]> wrote:
Adding people

On Fri, Jul 21, 2017 at 10:51 AM, Shakila Sasikaran <[hidden email]> wrote:
Hi,

I have modified the UI feature of TOTP authenticator to support enabling the authenticator in the authentication flow. Please find the screenshots below.

Screenshots of authenticator web-app:

Inline image 8

If click "Enable TOTP"
Inline image 1

If click "Next"
Inline image 3

If click "Get a Verification Code"
Inline image 1


Screenshots of Dashboard:
Inline image 6

If click "Scan QR Code"
Inline image 2


Thanks

On Mon, Jun 5, 2017 at 6:05 PM, Vivekananthan Sivanayagam <[hidden email]> wrote:
Hi All,

We are now improving the TOTP Authenticator [1] with the following fixes.

Support to work with IS 5.3.0.

Need to fix according to the following JIRAs
Fix to support registering TOTP at the time of login.
  • If a user hasn't enabled TOTP and hasn't configured a Google authenticator app then he should be able to register at the corresponding step.
  • If the user already has TOTP configured then he should be able to proceed with authentication.
Fix according to the code review comments.

Please add if you have further suggestions on above improvement in TOTP Authenticator.


Thanks,

Vivekananthan Sivanayagam
Software Engineer | WSO2
[hidden email]
M:<a href="tel:+94%2075%20278%206138" value="+94752786138" target="_blank">+94752786138

_______________________________________________
Architecture mailing list
[hidden email]
https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture




--
Shakila Sasikaran
Software Engineer
Mobile :<a href="tel:+94%2077%20526%206848" value="+94775266848" target="_blank">+94 (0) 77 526 6848
WSO2, Inc. 
lean . enterprise . middleware



--
Shakila Sasikaran
Software Engineer
Mobile :<a href="tel:+94%2077%20526%206848" value="+94775266848" target="_blank">+94 (0) 77 526 6848
WSO2, Inc. 
lean . enterprise . middleware

_______________________________________________
Architecture mailing list
[hidden email]
https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture



_______________________________________________
Architecture mailing list
[hidden email]
https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture