Skip to content

Commit

Permalink
MOSIP-31314 OTP validation security fix
Browse files Browse the repository at this point in the history 
Signed-off-by: kameshsr <[email protected]>
  • Loading branch information
@kameshsr
kameshsr committed Feb 12, 2024
1 parent 136c0d4 commit 01686c8
Show file tree
Hide file tree
Showing 3 changed files with 29 additions and 29 deletions.
4 changes: 2 additions & 2 deletions ...n-common/src/main/java/io/mosip/authentication/common/service/integration/OTPManager.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -105,7 +105,7 @@ public boolean sendOtp(OtpRequestDTO otpRequestDTO, String idvid, String idvidTy
throws IdAuthenticationBusinessException {

String refIdHash = securityManager.hash(idvid);
Optional<OtpTransaction> otpEntityOpt = otpRepo.findFirstByRefIdAndStatusCodeInOrderByGeneratedDtimesDesc(refIdHash, QUERIED_STATUS_CODES);
Optional<OtpTransaction> otpEntityOpt = otpRepo.findFirstByRefIdAndStatusCodeInAndGeneratedDtimesNotNullOrderByGeneratedDtimesDesc(refIdHash, QUERIED_STATUS_CODES);

if(otpEntityOpt.isPresent()) {
OtpTransaction otpEntity = otpEntityOpt.get();
Expand Down Expand Up @@ -214,7 +214,7 @@ private String generateOTP(String uin) throws IdAuthUncheckedException {
*/
public boolean validateOtp(String pinValue, String otpKey, String individualId) throws IdAuthenticationBusinessException {
String refIdHash = securityManager.hash(individualId);
Optional<OtpTransaction> otpEntityOpt = otpRepo.findFirstByRefIdAndStatusCodeInOrderByGeneratedDtimesDesc(refIdHash, QUERIED_STATUS_CODES);
Optional<OtpTransaction> otpEntityOpt = otpRepo.findFirstByRefIdAndStatusCodeInAndGeneratedDtimesNotNullOrderByGeneratedDtimesDesc(refIdHash, QUERIED_STATUS_CODES);

if (otpEntityOpt.isEmpty()) {
throw new IdAuthenticationBusinessException(IdAuthenticationErrorConstants.OTP_REQUEST_REQUIRED);
Expand Down
2 changes: 1 addition & 1 deletion ...mon/src/main/java/io/mosip/authentication/common/service/repository/OtpTxnRepository.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,6 @@ public interface OtpTxnRepository extends BaseRepository<OtpTransaction, String>
* @param refIdHash the ref id hash
* @return the optional
*/
Optional<OtpTransaction> findFirstByRefIdAndStatusCodeInOrderByGeneratedDtimesDesc(String refIdHash, List<String> statusCodes);
Optional<OtpTransaction> findFirstByRefIdAndStatusCodeInAndGeneratedDtimesNotNullOrderByGeneratedDtimesDesc(String refIdHash, List<String> statusCodes);

}
52 changes: 26 additions & 26 deletions ...mmon/src/test/java/io/mosip/authentication/common/service/integration/OTPManagerTest.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -168,7 +168,7 @@ public void sendOtpTest_frozen_within30mins() throws RestServiceException, IdAut
OtpTransaction entity = new OtpTransaction();
entity.setStatusCode(IdAuthCommonConstants.FROZEN);
entity.setUpdDTimes(DateUtils.getUTCCurrentDateTime().minus(30, ChronoUnit.MINUTES));
when(otpRepo.findFirstByRefIdAndStatusCodeInOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(entity));
when(otpRepo.findFirstByRefIdAndStatusCodeInAndGeneratedDtimesNotNullOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(entity));
try {
otpManager.sendOtp(otpRequestDTO, "426789089018", "UIN", valueMap, templateLanguages);
} catch(IdAuthenticationBusinessException ex) {
Expand Down Expand Up @@ -196,7 +196,7 @@ public void sendOtpTest_frozen_In31mins() throws RestServiceException, IdAuthent
OtpTransaction entity = new OtpTransaction();
entity.setStatusCode(IdAuthCommonConstants.FROZEN);
entity.setUpdDTimes(DateUtils.getUTCCurrentDateTime().minus(31, ChronoUnit.MINUTES));
when(otpRepo.findFirstByRefIdAndStatusCodeInOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(entity));
when(otpRepo.findFirstByRefIdAndStatusCodeInAndGeneratedDtimesNotNullOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(entity));
try {
when(otpRepo.save(Mockito.any())).thenAnswer(invocation -> {
assertEquals(IdAuthCommonConstants.ACTIVE_STATUS, ((OtpTransaction)invocation.getArguments()[0]).getStatusCode());
Expand Down Expand Up @@ -228,7 +228,7 @@ public void sendOtpTest_USED_entry() throws RestServiceException, IdAuthenticati
OtpTransaction entity = new OtpTransaction();
entity.setStatusCode(IdAuthCommonConstants.USED_STATUS);
entity.setUpdDTimes(DateUtils.getUTCCurrentDateTime().minus(31, ChronoUnit.MINUTES));
when(otpRepo.findFirstByRefIdAndStatusCodeInOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(entity));
when(otpRepo.findFirstByRefIdAndStatusCodeInAndGeneratedDtimesNotNullOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(entity));
try {
when(otpRepo.save(Mockito.any())).thenAnswer(invocation -> {
assertEquals(IdAuthCommonConstants.ACTIVE_STATUS, ((OtpTransaction)invocation.getArguments()[0]).getStatusCode());
Expand Down Expand Up @@ -260,7 +260,7 @@ public void sendOtpTest_frozen_within25mins() throws RestServiceException, IdAut
OtpTransaction entity = new OtpTransaction();
entity.setStatusCode(IdAuthCommonConstants.FROZEN);
entity.setUpdDTimes(DateUtils.getUTCCurrentDateTime().minus(25, ChronoUnit.MINUTES));
when(otpRepo.findFirstByRefIdAndStatusCodeInOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(entity));
when(otpRepo.findFirstByRefIdAndStatusCodeInAndGeneratedDtimesNotNullOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(entity));
try {
otpManager.sendOtp(otpRequestDTO, "426789089018", "UIN", valueMap, templateLanguages);
} catch(IdAuthenticationBusinessException ex) {
Expand Down Expand Up @@ -543,7 +543,7 @@ public void TestOtpAuthFailure()
otpEntity.setStatusCode(IdAuthCommonConstants.ACTIVE_STATUS);
otpEntity.setOtpHash("otphash");

Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntity ));
Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInAndGeneratedDtimesNotNullOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntity ));

boolean expactedOTP = otpManager.validateOtp("Test123", "123456", "426789089018");
assertFalse(expactedOTP);
Expand Down Expand Up @@ -765,7 +765,7 @@ public void TestInvalidAttemptWith_UsedEntity()
otpEntity.setStatusCode(IdAuthCommonConstants.USED_STATUS);
otpEntity.setOtpHash("otphash");

Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntity ));
Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInAndGeneratedDtimesNotNullOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntity ));

try {
otpManager.validateOtp("Test123", "123456", "426789089018");
Expand All @@ -786,7 +786,7 @@ public void TestInvalidAttemptWith_nullUpdateCount()
otpEntity.setStatusCode(IdAuthCommonConstants.ACTIVE_STATUS);
otpEntity.setOtpHash("otphash");

Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntity ));
Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInAndGeneratedDtimesNotNullOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntity ));

try {
boolean result = otpManager.validateOtp("Test123", "123456", "426789089018");
Expand All @@ -812,7 +812,7 @@ public void TestInvalidAttemptWith_1UpdateCount()
otpEntity.setValidationRetryCount(1);
otpEntity.setOtpHash("otphash");

Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntity ));
Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInAndGeneratedDtimesNotNullOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntity ));

try {
boolean result = otpManager.validateOtp("Test123", "123456", "426789089018");
Expand All @@ -838,7 +838,7 @@ public void TestInvalidAttemptWith_4UpdateCount()
otpEntity.setValidationRetryCount(4);
otpEntity.setOtpHash("otphash");

Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntity ));
Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInAndGeneratedDtimesNotNullOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntity ));

try {
boolean result = otpManager.validateOtp("Test123", "123456", "426789089018");
Expand All @@ -865,7 +865,7 @@ public void TestInvalidAttemptWith_FrozenStatus()
otpEntity.setValidationRetryCount(5);
otpEntity.setOtpHash("otphash");

Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntity ));
Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInAndGeneratedDtimesNotNullOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntity ));

try {
otpManager.validateOtp("Test123", "123456", "426789089018");
Expand Down Expand Up @@ -893,7 +893,7 @@ public void TestInvalidAttemptWith_FrozenStatusWithin25Mins()
otpEntity.setUpdDTimes(DateUtils.getUTCCurrentDateTime().minus(25, ChronoUnit.MINUTES));
otpEntity.setOtpHash("otphash");

Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntity ));
Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInAndGeneratedDtimesNotNullOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntity ));

try {
otpManager.validateOtp("Test123", "123456", "426789089018");
Expand Down Expand Up @@ -921,7 +921,7 @@ public void TestInvalidAttemptWith_FrozenStatusWithin29Mins()
otpEntity.setUpdDTimes(DateUtils.getUTCCurrentDateTime().minus(29, ChronoUnit.MINUTES));
otpEntity.setOtpHash("otphash");

Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntity ));
Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInAndGeneratedDtimesNotNullOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntity ));

try {
otpManager.validateOtp("Test123", "123456", "426789089018");
Expand Down Expand Up @@ -949,7 +949,7 @@ public void TestInvalidAttemptWith_FrozenStatusWithin31Mins()
otpEntity.setUpdDTimes(DateUtils.getUTCCurrentDateTime().minus(31, ChronoUnit.MINUTES));
otpEntity.setOtpHash("otphash");

Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntity ));
Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInAndGeneratedDtimesNotNullOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntity ));

try {
otpManager.validateOtp("Test123", "123456", "426789089018");
Expand All @@ -975,7 +975,7 @@ public void TestValidAttemptWith_nullUpdateCount()
otpEntity.setOtpHash("313233343536234B45595F53504C49545445522354657374313233");
otpEntity.setExpiryDtimes(DateUtils.getUTCCurrentDateTime().plus(1, ChronoUnit.MINUTES));

Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntity ));
Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInAndGeneratedDtimesNotNullOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntity ));

try {
boolean result = otpManager.validateOtp("Test123", "123456", "426789089018");
Expand All @@ -1001,7 +1001,7 @@ public void TestValidAttemptWith_1UpdateCount()
otpEntity.setOtpHash("313233343536234B45595F53504C49545445522354657374313233");
otpEntity.setExpiryDtimes(DateUtils.getUTCCurrentDateTime().plus(1, ChronoUnit.MINUTES));

Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntity ));
Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInAndGeneratedDtimesNotNullOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntity ));

try {
boolean result = otpManager.validateOtp("Test123", "123456", "426789089018");
Expand All @@ -1027,7 +1027,7 @@ public void TestValidAttemptWith_4UpdateCount()
otpEntity.setOtpHash("313233343536234B45595F53504C49545445522354657374313233");
otpEntity.setExpiryDtimes(DateUtils.getUTCCurrentDateTime().plus(1, ChronoUnit.MINUTES));

Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntity ));
Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInAndGeneratedDtimesNotNullOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntity ));

try {
boolean result = otpManager.validateOtp("Test123", "123456", "426789089018");
Expand All @@ -1054,7 +1054,7 @@ public void TestValidAttemptWith_FrozenStatus()
otpEntity.setOtpHash("313233343536234B45595F53504C49545445522354657374313233");
otpEntity.setExpiryDtimes(DateUtils.getUTCCurrentDateTime().plus(1, ChronoUnit.MINUTES));

Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntity ));
Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInAndGeneratedDtimesNotNullOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntity ));

try {
otpManager.validateOtp("Test123", "123456", "426789089018");
Expand Down Expand Up @@ -1083,7 +1083,7 @@ public void TestValidAttemptWith_FrozenStatusWithin25Mins()
otpEntity.setOtpHash("313233343536234B45595F53504C49545445522354657374313233");
otpEntity.setExpiryDtimes(DateUtils.getUTCCurrentDateTime().plus(1, ChronoUnit.MINUTES));

Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntity ));
Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInAndGeneratedDtimesNotNullOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntity ));

try {
otpManager.validateOtp("Test123", "123456", "426789089018");
Expand Down Expand Up @@ -1112,7 +1112,7 @@ public void TestValidAttemptWith_FrozenStatusWithin29Mins()
otpEntity.setOtpHash("313233343536234B45595F53504C49545445522354657374313233");
otpEntity.setExpiryDtimes(DateUtils.getUTCCurrentDateTime().plus(1, ChronoUnit.MINUTES));

Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntity ));
Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInAndGeneratedDtimesNotNullOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntity ));

try {
otpManager.validateOtp("Test123", "123456", "426789089018");
Expand Down Expand Up @@ -1141,7 +1141,7 @@ public void TestValidAttemptWith_FrozenStatusWithin31Mins()
otpEntity.setOtpHash("313233343536234B45595F53504C49545445522354657374313233");
otpEntity.setExpiryDtimes(DateUtils.getUTCCurrentDateTime().plus(1, ChronoUnit.MINUTES));

Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntity ));
Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInAndGeneratedDtimesNotNullOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntity ));

try {
otpManager.validateOtp("Test123", "123456", "426789089018");
Expand All @@ -1168,7 +1168,7 @@ public void TestValidAttemptWith_FrozenStatusWithin31Mins_expiredOtp()
otpEntity.setOtpHash("313233343536234B45595F53504C49545445522354657374313233");
otpEntity.setExpiryDtimes(DateUtils.getUTCCurrentDateTime().minus(1, ChronoUnit.MINUTES));

Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntity ));
Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInAndGeneratedDtimesNotNullOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntity ));

try {
otpManager.validateOtp("Test123", "123456", "426789089018");
Expand Down Expand Up @@ -1201,7 +1201,7 @@ public void TestThrowOtpException_UINLocked()
otpEntity.setOtpHash("otphash");
otpEntity.setStatusCode(IdAuthCommonConstants.ACTIVE_STATUS);

Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntity ));
Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInAndGeneratedDtimesNotNullOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntity ));

try {
otpManager.validateOtp("Test123", "123456", "426789089018");
Expand Down Expand Up @@ -1229,7 +1229,7 @@ public void TestThrowOtpException_OtpExpired() throws RestServiceException, IdAu
otpEntity.setStatusCode(IdAuthCommonConstants.ACTIVE_STATUS);
otpEntity.setOtpHash("otphash");

Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntity ));
Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInAndGeneratedDtimesNotNullOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntity ));

try {
otpManager.validateOtp("Test123", "123456", "426789089018");
Expand Down Expand Up @@ -1257,7 +1257,7 @@ public void TestThrowOtpException_ValidationUnsuccessful()
otpEntity.setStatusCode(IdAuthCommonConstants.ACTIVE_STATUS);
otpEntity.setOtpHash("otphash");

Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntity ));
Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInAndGeneratedDtimesNotNullOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntity ));
try {
otpManager.validateOtp("Test123", "123456", "426789089018");
} catch (IdAuthenticationBusinessException ex) {
Expand All @@ -1284,7 +1284,7 @@ public void TestThrowOtpException_OtpPresent_Expired()
Mockito.when(securityManager.hash(Mockito.anyString())).thenReturn("hash");
otpEntry.setStatusCode(IdAuthCommonConstants.ACTIVE_STATUS);
otpEntry.setOtpHash("otphash");
Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntry));
Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInAndGeneratedDtimesNotNullOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntry));
try {
otpManager.validateOtp("Test123", "123456", "426789089018");
} catch (IdAuthenticationBusinessException ex) {
Expand All @@ -1311,7 +1311,7 @@ public void TestThrowOtpException_OtpPresent_NotExpired_Valid()
Mockito.when(securityManager.hash(Mockito.anyString())).thenReturn("hash");
otpEntry.setStatusCode(IdAuthCommonConstants.ACTIVE_STATUS);
otpEntry.setOtpHash("otphash");
Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntry));
Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInAndGeneratedDtimesNotNullOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntry));
try {
otpManager.validateOtp("Test123", "123456", "426789089018");
} catch (IdAuthenticationBusinessException ex) {
Expand Down

0 comments on commit 01686c8

Please sign in to comment.