OTP Token Registration (Offline) API

Call this function to register offline OTP token.

Below is the URL to access the API functions:

PUT /CentagateWS/webresources/token/register/otp/offline/{admin_username}

Parameters

No	Parameters	Occurence	Descriptions
1	Username	Required	The User’s Username
2	CenToken	Required	The Hmac Value Calculated Using SHA256 With SecretCode As Key And Plain Text From Admin Username + AuthToken

Sample Code

As in below there are some examples of source code of access the API functions:

Java

public static void main(String[] args) {

	ClientConfig config = new DefaultClientConfig ();
	Client client = Client.create ( config );
	WebResource service = client.resource ("https://<domain_name>/CentagateWS/webresources");
			
	Gson gson = new Gson();
	
	String authToken = "{authToken}"
	String adminUsername = "{adminUsername}";
	String secretCode "{secretCode}";
	String cenToken = convertHmacSha256(secretCode, adminUsername + authToken);

	HashMap<String, String> map = new HashMap<String, String>();
	map.put("username", "username");
	map.put("cenToken", cenToken);  

	ClientResponse response = service.path("token").path("register").path("otp").path("offline").path(adminUsername).accept(MediaType.APPLICATION_JSON).put(ClientResponse.class, gson.toJson(map));
				
	String retJson = response.getEntity(String.class);

	HashMap<String, Object> returnData = (HashMap<String, Object>) gson.fromJson(retJson, HashMap.class);

	String code = returnData.get("code").toString();
	String message = returnData.get("message").toString();
	String object = returnData.get("object").toString();
}

public static String convertHmacSha256(String secretKey, String params) throws NoSuchAlgorithmException, 
            InvalidKeyException,IllegalStateException, SignatureException, NoSuchProviderException, Exception
{
	try
	{
		final SecretKeySpec secret_key = new SecretKeySpec ( StringUtils.getBytesUtf8 ( secretKey ) , "HmacSHA256" );
		final Mac mac = Mac.getInstance ( "HmacSHA256" );
		mac.init ( secret_key );
		final byte[] bytes = mac.doFinal ( StringUtils.getBytesUtf8 ( params ) );
		return Hex.encodeHexString ( bytes );
	}
	catch ( NoSuchAlgorithmException e )
	{
		throw new NoSuchAlgorithmException ( e );
	}
	catch ( InvalidKeyException e )
	{
		throw new InvalidKeyException ( e );
	}
	catch ( IllegalStateException e )
	{
		throw new IllegalStateException ( e );
	}
	catch ( Exception e )
	{
		throw new Exception ( e );
	}
}

Node Js

const https = require('https')

var crypto = require('crypto');
var username = "<username>";

var adminUsername = "<adminUsername>";
var authToken = "<authToken>";
var secretCode = "<secretCode>";
  
var cenTokenText = adminUsername + authToken;
var hash, cenToken;

/* generate cenToken value*/
cenToken = crypto.createHmac(sha256, secretCode);    
cenToken.write(cenTokenText);
cenToken.end();      
hash = cenToken.read().toString('hex');    

const data = JSON.stringify({
	username: username,
	cenToken: hash
})

const options = {
	hostname: "<domain_name>",
	port: 443,
	path:'/CentagateWS/webresources/token/register/otp/offline/'+adminUsername,
	method: 'PUT',
	headers: {
		'Accept': 'application/json',
		'Content-Type': 'application/json',
	}
}

const req = https.request(options, res =>{
	console.log(`HTTP Status Code: ${res.statusCode}`)
	var body = '';
	res.on('data', function(d){
		
	body += d;
	var parsed = JSON.parse(body);
	
	if (parsed.code == 0){
	   console.log('Authentication Succeed');
	   console.log('Response:');
	   console.log(body);
	}
	else {
	  console.log('Authentication Fail, ' +'Message:' + parsed.message);
	  console.log('Code:' + parsed.code); 
	}
		
	})
})

req.on('ERROR', error => {
	console.error(error)
})

req.write(data)
req.end()

PHP

<?php
    $adminUsername = "<adminUsername>";
    $url = 'https://<domain_name>/CentagateWS/webresources/token/register/otp/offline/'.$adminUsername;
    
    $ch = curl_init($url);
    
    $secretCode = "<secretCode>";
    $authToken = "<authToken>";
    $username = "<username>";
    
    $cenToken_text = $adminUsername.$authToken;
    $cenToken = hash_hmac('sha256', $cenToken_text, $secretCode); // calculate cenToken value
    
    $jsonData = array (
    	'username'=> $username,
    	'cenToken' => $cenToken
    );
    
    $jsonDataEncoded = json_encode($jsonData);
    
    curl_setopt($ch, CURLOPT_CUSTOMREQUEST, 'PUT');
    curl_setopt($ch, CURLOPT_POSTFIELDS, $jsonDataEncoded);
    curl_setopt($ch, CURLOPT_HTTPHEADER, array('Content-Type: application/json'));
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
    
    $result = curl_exec($ch);
    
    
    $obj = json_decode($result); 
    if ($obj->{'code'} != 0){
    	print "Authentication fail";
    	print "Message: ".$obj->{'message'}; 
    	echo " <br>"; 
    	print "Code: ".$obj->{'code'};
    }
    else {
    	print "Authentication succeed";
    	echo " <br>"; 
    	print "Message: ".$obj->{'message'}; 
    	echo " <br>"; 
    	print "Code: ".$obj->{'code'}; 
    	echo " <br>"; 
    	print "Result:" ;
    	echo " <br>"; 
    	print $result;
    }
    
    curl_close($ch);

?>

Error Code

Return Code	Details
0	Success
10001	Permission is not allowed
10002	Invalid Input
10003	DB protection error
10004	DB error
10011	Crypto error
22002	User not found
29008	An OTP token already registered to this user