I recently checked out the Yubico Java client (
https://github.com/Yubico/yubico-java-client) but when I try to package it (
mvn package) I get the following failure:
Quote:
Failed tests:
testBadOTP(com.yubico.client.v2.YubicoClientTest)
More detail from the report:
Code:
testBadOTP(com.yubico.client.v2.YubicoClientTest) Time elapsed: 3.757 sec <<< FAILURE!
java.lang.AssertionError:
at org.junit.Assert.fail(Assert.java:91)
at org.junit.Assert.assertTrue(Assert.java:43)
at org.junit.Assert.assertNotNull(Assert.java:524)
at org.junit.Assert.assertNotNull(Assert.java:535)
at com.yubico.client.v2.YubicoClientTest.testBadOTP(YubicoClientTest.java:58)
I did some digging around in the code and it appears the test is failing because of a null response; the reason it's null is that the client (com.yubico.client.v2.impl.YubicoClientImpl.java) appears to be expecting the otp and nonce fields to be present in the response but they aren't. For example, it sends this request:
http://api.yubico.com/wsapi/2.0/verify?id=4711&otp=kaka×tamp=1&nonce=88b2a1c644e6451491e86304a0a43031And gets this response back:
Quote:
h=W0/njCTAq0X+QYS3SgZR2uP3Veg=
t=2011-09-21T06:01:38Z0993
status=BAD_OTP
The nonce and otp fields are missing - in the replayed OTP test, the nonce and otp fields ARE present in the response.
I am a bit confused as to what fields SHOULD be in a server response as the Validation Protocol 2.0 (
http://code.google.com/p/yubikey-val-server-php/wiki/ValidationProtocolV20) doesn't appear to mention nonce and otp as fields that are returned in a response (Should they always be present?).
Any thoughts on how to get it to pass the tests so it will build correctly?
Login
FAQ
Search
