Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Mosip 31314 otp validation security fix #1193

Closed
wants to merge 32 commits into from
Closed

Mosip 31314 otp validation security fix #1193

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
32 commits
Select commit Hold shift + click to select a range
a72c124
WIP added OTP freezing logic
Feb 5, 2024
393a2c3
Added test cases
Feb 6, 2024
b07d219
Added sendotp test cases
Feb 7, 2024
6b9c13b
Merge remote-tracking branch 'upstream/develop' into MOSIP-31314-otp-…
Feb 7, 2024
03d93bf
Updated db scripts to index refid but not otphash
Feb 7, 2024
4a1d1db
Minor refectoring
Feb 7, 2024
5a3db6c
Corrected otp freezing property names
Feb 7, 2024
054dc6d
Correction to the OTP frozen message
Feb 7, 2024
bd45eca
Correction to the OTP frozen message
Feb 7, 2024
3a5a593
Correction to the OTP frozen message
Feb 7, 2024
671490c
Added validation on frozen error message
Feb 7, 2024
9c2af4c
Minor refactoring
Feb 7, 2024
40979b7
Added javadocs
Feb 7, 2024
a0bec18
Fixed test failure
Feb 7, 2024
0cda197
Merge branch 'develop' of https://github.com/mosip/id-authentication …
Feb 7, 2024
a0a73c1
Avoided nested if elses for exceptions in else block
Feb 8, 2024
ea47be4
Fixed otp error message
Feb 8, 2024
770cd5a
Applied review comments
Feb 8, 2024
60211ae
Minor jdoc update
Feb 8, 2024
60ababe
Fix to saving entity
Feb 9, 2024
0d035d4
Merge remote-tracking branch 'upstream/develop' into MOSIP-31314-otp-…
Feb 9, 2024
fa78e20
Fix for the JPA query method
Feb 9, 2024
30efaf3
Fix for the JPA query method
Feb 9, 2024
5ea55ac
Fix for the JPA query method
Feb 9, 2024
89f76bb
Minor fix to OTP generation time setting
Feb 9, 2024
f1f4583
Merge remote-tracking branch 'upstream/develop' into MOSIP-31314-otp-…
Feb 9, 2024
b4991ec
Merge remote-tracking branch 'upstream/develop' into MOSIP-31314-otp-…
Feb 9, 2024
06bcf96
Fix to updating generated dtimes
Feb 9, 2024
c757b69
Merge remote-tracking branch 'upstream/develop' into MOSIP-31314-otp-…
Feb 9, 2024
9d8dba7
Resetting validateretrycount for exiting entry on otp request
Feb 9, 2024
d7d6e4a
Merge remote-tracking branch 'upstream/develop' into MOSIP-31314-otp-…
Feb 9, 2024
4cf19f3
Added null check on generateddtimes in the query
Feb 12, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions ...n-common/src/main/java/io/mosip/authentication/common/service/integration/OTPManager.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -105,7 +105,7 @@ public boolean sendOtp(OtpRequestDTO otpRequestDTO, String idvid, String idvidTy
throws IdAuthenticationBusinessException {

String refIdHash = securityManager.hash(idvid);
Optional<OtpTransaction> otpEntityOpt = otpRepo.findFirstByRefIdAndStatusCodeInOrderByGeneratedDtimesDesc(refIdHash, QUERIED_STATUS_CODES);
Optional<OtpTransaction> otpEntityOpt = otpRepo.findFirstByRefIdAndStatusCodeInAndGeneratedDtimesNotNullOrderByGeneratedDtimesDesc(refIdHash, QUERIED_STATUS_CODES);

if(otpEntityOpt.isPresent()) {
OtpTransaction otpEntity = otpEntityOpt.get();
Expand Down Expand Up @@ -214,7 +214,7 @@ private String generateOTP(String uin) throws IdAuthUncheckedException {
*/
public boolean validateOtp(String pinValue, String otpKey, String individualId) throws IdAuthenticationBusinessException {
String refIdHash = securityManager.hash(individualId);
Optional<OtpTransaction> otpEntityOpt = otpRepo.findFirstByRefIdAndStatusCodeInOrderByGeneratedDtimesDesc(refIdHash, QUERIED_STATUS_CODES);
Optional<OtpTransaction> otpEntityOpt = otpRepo.findFirstByRefIdAndStatusCodeInAndGeneratedDtimesNotNullOrderByGeneratedDtimesDesc(refIdHash, QUERIED_STATUS_CODES);

if (otpEntityOpt.isEmpty()) {
throw new IdAuthenticationBusinessException(IdAuthenticationErrorConstants.OTP_REQUEST_REQUIRED);
Expand Down
2 changes: 1 addition & 1 deletion ...mon/src/main/java/io/mosip/authentication/common/service/repository/OtpTxnRepository.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,6 @@ public interface OtpTxnRepository extends BaseRepository<OtpTransaction, String>
* @param refIdHash the ref id hash
* @return the optional
*/
Optional<OtpTransaction> findFirstByRefIdAndStatusCodeInOrderByGeneratedDtimesDesc(String refIdHash, List<String> statusCodes);
Optional<OtpTransaction> findFirstByRefIdAndStatusCodeInAndGeneratedDtimesNotNullOrderByGeneratedDtimesDesc(String refIdHash, List<String> statusCodes);

}
52 changes: 26 additions & 26 deletions ...mmon/src/test/java/io/mosip/authentication/common/service/integration/OTPManagerTest.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -168,7 +168,7 @@ public void sendOtpTest_frozen_within30mins() throws RestServiceException, IdAut
OtpTransaction entity = new OtpTransaction();
entity.setStatusCode(IdAuthCommonConstants.FROZEN);
entity.setUpdDTimes(DateUtils.getUTCCurrentDateTime().minus(30, ChronoUnit.MINUTES));
when(otpRepo.findFirstByRefIdAndStatusCodeInOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(entity));
when(otpRepo.findFirstByRefIdAndStatusCodeInAndGeneratedDtimesNotNullOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(entity));
try {
otpManager.sendOtp(otpRequestDTO, "426789089018", "UIN", valueMap, templateLanguages);
} catch(IdAuthenticationBusinessException ex) {
Expand Down Expand Up @@ -196,7 +196,7 @@ public void sendOtpTest_frozen_In31mins() throws RestServiceException, IdAuthent
OtpTransaction entity = new OtpTransaction();
entity.setStatusCode(IdAuthCommonConstants.FROZEN);
entity.setUpdDTimes(DateUtils.getUTCCurrentDateTime().minus(31, ChronoUnit.MINUTES));
when(otpRepo.findFirstByRefIdAndStatusCodeInOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(entity));
when(otpRepo.findFirstByRefIdAndStatusCodeInAndGeneratedDtimesNotNullOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(entity));
try {
when(otpRepo.save(Mockito.any())).thenAnswer(invocation -> {
assertEquals(IdAuthCommonConstants.ACTIVE_STATUS, ((OtpTransaction)invocation.getArguments()[0]).getStatusCode());
Expand Down Expand Up @@ -228,7 +228,7 @@ public void sendOtpTest_USED_entry() throws RestServiceException, IdAuthenticati
OtpTransaction entity = new OtpTransaction();
entity.setStatusCode(IdAuthCommonConstants.USED_STATUS);
entity.setUpdDTimes(DateUtils.getUTCCurrentDateTime().minus(31, ChronoUnit.MINUTES));
when(otpRepo.findFirstByRefIdAndStatusCodeInOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(entity));
when(otpRepo.findFirstByRefIdAndStatusCodeInAndGeneratedDtimesNotNullOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(entity));
try {
when(otpRepo.save(Mockito.any())).thenAnswer(invocation -> {
assertEquals(IdAuthCommonConstants.ACTIVE_STATUS, ((OtpTransaction)invocation.getArguments()[0]).getStatusCode());
Expand Down Expand Up @@ -260,7 +260,7 @@ public void sendOtpTest_frozen_within25mins() throws RestServiceException, IdAut
OtpTransaction entity = new OtpTransaction();
entity.setStatusCode(IdAuthCommonConstants.FROZEN);
entity.setUpdDTimes(DateUtils.getUTCCurrentDateTime().minus(25, ChronoUnit.MINUTES));
when(otpRepo.findFirstByRefIdAndStatusCodeInOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(entity));
when(otpRepo.findFirstByRefIdAndStatusCodeInAndGeneratedDtimesNotNullOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(entity));
try {
otpManager.sendOtp(otpRequestDTO, "426789089018", "UIN", valueMap, templateLanguages);
} catch(IdAuthenticationBusinessException ex) {
Expand Down Expand Up @@ -543,7 +543,7 @@ public void TestOtpAuthFailure()
otpEntity.setStatusCode(IdAuthCommonConstants.ACTIVE_STATUS);
otpEntity.setOtpHash("otphash");

Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntity ));
Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInAndGeneratedDtimesNotNullOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntity ));

boolean expactedOTP = otpManager.validateOtp("Test123", "123456", "426789089018");
assertFalse(expactedOTP);
Expand Down Expand Up @@ -765,7 +765,7 @@ public void TestInvalidAttemptWith_UsedEntity()
otpEntity.setStatusCode(IdAuthCommonConstants.USED_STATUS);
otpEntity.setOtpHash("otphash");

Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntity ));
Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInAndGeneratedDtimesNotNullOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntity ));

try {
otpManager.validateOtp("Test123", "123456", "426789089018");
Expand All @@ -786,7 +786,7 @@ public void TestInvalidAttemptWith_nullUpdateCount()
otpEntity.setStatusCode(IdAuthCommonConstants.ACTIVE_STATUS);
otpEntity.setOtpHash("otphash");

Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntity ));
Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInAndGeneratedDtimesNotNullOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntity ));

try {
boolean result = otpManager.validateOtp("Test123", "123456", "426789089018");
Expand All @@ -812,7 +812,7 @@ public void TestInvalidAttemptWith_1UpdateCount()
otpEntity.setValidationRetryCount(1);
otpEntity.setOtpHash("otphash");

Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntity ));
Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInAndGeneratedDtimesNotNullOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntity ));

try {
boolean result = otpManager.validateOtp("Test123", "123456", "426789089018");
Expand All @@ -838,7 +838,7 @@ public void TestInvalidAttemptWith_4UpdateCount()
otpEntity.setValidationRetryCount(4);
otpEntity.setOtpHash("otphash");

Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntity ));
Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInAndGeneratedDtimesNotNullOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntity ));

try {
boolean result = otpManager.validateOtp("Test123", "123456", "426789089018");
Expand All @@ -865,7 +865,7 @@ public void TestInvalidAttemptWith_FrozenStatus()
otpEntity.setValidationRetryCount(5);
otpEntity.setOtpHash("otphash");

Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntity ));
Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInAndGeneratedDtimesNotNullOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntity ));

try {
otpManager.validateOtp("Test123", "123456", "426789089018");
Expand Down Expand Up @@ -893,7 +893,7 @@ public void TestInvalidAttemptWith_FrozenStatusWithin25Mins()
otpEntity.setUpdDTimes(DateUtils.getUTCCurrentDateTime().minus(25, ChronoUnit.MINUTES));
otpEntity.setOtpHash("otphash");

Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntity ));
Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInAndGeneratedDtimesNotNullOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntity ));

try {
otpManager.validateOtp("Test123", "123456", "426789089018");
Expand Down Expand Up @@ -921,7 +921,7 @@ public void TestInvalidAttemptWith_FrozenStatusWithin29Mins()
otpEntity.setUpdDTimes(DateUtils.getUTCCurrentDateTime().minus(29, ChronoUnit.MINUTES));
otpEntity.setOtpHash("otphash");

Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntity ));
Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInAndGeneratedDtimesNotNullOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntity ));

try {
otpManager.validateOtp("Test123", "123456", "426789089018");
Expand Down Expand Up @@ -949,7 +949,7 @@ public void TestInvalidAttemptWith_FrozenStatusWithin31Mins()
otpEntity.setUpdDTimes(DateUtils.getUTCCurrentDateTime().minus(31, ChronoUnit.MINUTES));
otpEntity.setOtpHash("otphash");

Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntity ));
Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInAndGeneratedDtimesNotNullOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntity ));

try {
otpManager.validateOtp("Test123", "123456", "426789089018");
Expand All @@ -975,7 +975,7 @@ public void TestValidAttemptWith_nullUpdateCount()
otpEntity.setOtpHash("313233343536234B45595F53504C49545445522354657374313233");
otpEntity.setExpiryDtimes(DateUtils.getUTCCurrentDateTime().plus(1, ChronoUnit.MINUTES));

Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntity ));
Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInAndGeneratedDtimesNotNullOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntity ));

try {
boolean result = otpManager.validateOtp("Test123", "123456", "426789089018");
Expand All @@ -1001,7 +1001,7 @@ public void TestValidAttemptWith_1UpdateCount()
otpEntity.setOtpHash("313233343536234B45595F53504C49545445522354657374313233");
otpEntity.setExpiryDtimes(DateUtils.getUTCCurrentDateTime().plus(1, ChronoUnit.MINUTES));

Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntity ));
Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInAndGeneratedDtimesNotNullOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntity ));

try {
boolean result = otpManager.validateOtp("Test123", "123456", "426789089018");
Expand All @@ -1027,7 +1027,7 @@ public void TestValidAttemptWith_4UpdateCount()
otpEntity.setOtpHash("313233343536234B45595F53504C49545445522354657374313233");
otpEntity.setExpiryDtimes(DateUtils.getUTCCurrentDateTime().plus(1, ChronoUnit.MINUTES));

Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntity ));
Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInAndGeneratedDtimesNotNullOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntity ));

try {
boolean result = otpManager.validateOtp("Test123", "123456", "426789089018");
Expand All @@ -1054,7 +1054,7 @@ public void TestValidAttemptWith_FrozenStatus()
otpEntity.setOtpHash("313233343536234B45595F53504C49545445522354657374313233");
otpEntity.setExpiryDtimes(DateUtils.getUTCCurrentDateTime().plus(1, ChronoUnit.MINUTES));

Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntity ));
Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInAndGeneratedDtimesNotNullOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntity ));

try {
otpManager.validateOtp("Test123", "123456", "426789089018");
Expand Down Expand Up @@ -1083,7 +1083,7 @@ public void TestValidAttemptWith_FrozenStatusWithin25Mins()
otpEntity.setOtpHash("313233343536234B45595F53504C49545445522354657374313233");
otpEntity.setExpiryDtimes(DateUtils.getUTCCurrentDateTime().plus(1, ChronoUnit.MINUTES));

Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntity ));
Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInAndGeneratedDtimesNotNullOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntity ));

try {
otpManager.validateOtp("Test123", "123456", "426789089018");
Expand Down Expand Up @@ -1112,7 +1112,7 @@ public void TestValidAttemptWith_FrozenStatusWithin29Mins()
otpEntity.setOtpHash("313233343536234B45595F53504C49545445522354657374313233");
otpEntity.setExpiryDtimes(DateUtils.getUTCCurrentDateTime().plus(1, ChronoUnit.MINUTES));

Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntity ));
Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInAndGeneratedDtimesNotNullOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntity ));

try {
otpManager.validateOtp("Test123", "123456", "426789089018");
Expand Down Expand Up @@ -1141,7 +1141,7 @@ public void TestValidAttemptWith_FrozenStatusWithin31Mins()
otpEntity.setOtpHash("313233343536234B45595F53504C49545445522354657374313233");
otpEntity.setExpiryDtimes(DateUtils.getUTCCurrentDateTime().plus(1, ChronoUnit.MINUTES));

Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntity ));
Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInAndGeneratedDtimesNotNullOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntity ));

try {
otpManager.validateOtp("Test123", "123456", "426789089018");
Expand All @@ -1168,7 +1168,7 @@ public void TestValidAttemptWith_FrozenStatusWithin31Mins_expiredOtp()
otpEntity.setOtpHash("313233343536234B45595F53504C49545445522354657374313233");
otpEntity.setExpiryDtimes(DateUtils.getUTCCurrentDateTime().minus(1, ChronoUnit.MINUTES));

Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntity ));
Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInAndGeneratedDtimesNotNullOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntity ));

try {
otpManager.validateOtp("Test123", "123456", "426789089018");
Expand Down Expand Up @@ -1201,7 +1201,7 @@ public void TestThrowOtpException_UINLocked()
otpEntity.setOtpHash("otphash");
otpEntity.setStatusCode(IdAuthCommonConstants.ACTIVE_STATUS);

Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntity ));
Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInAndGeneratedDtimesNotNullOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntity ));

try {
otpManager.validateOtp("Test123", "123456", "426789089018");
Expand Down Expand Up @@ -1229,7 +1229,7 @@ public void TestThrowOtpException_OtpExpired() throws RestServiceException, IdAu
otpEntity.setStatusCode(IdAuthCommonConstants.ACTIVE_STATUS);
otpEntity.setOtpHash("otphash");

Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntity ));
Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInAndGeneratedDtimesNotNullOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntity ));

try {
otpManager.validateOtp("Test123", "123456", "426789089018");
Expand Down Expand Up @@ -1257,7 +1257,7 @@ public void TestThrowOtpException_ValidationUnsuccessful()
otpEntity.setStatusCode(IdAuthCommonConstants.ACTIVE_STATUS);
otpEntity.setOtpHash("otphash");

Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntity ));
Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInAndGeneratedDtimesNotNullOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntity ));
try {
otpManager.validateOtp("Test123", "123456", "426789089018");
} catch (IdAuthenticationBusinessException ex) {
Expand All @@ -1284,7 +1284,7 @@ public void TestThrowOtpException_OtpPresent_Expired()
Mockito.when(securityManager.hash(Mockito.anyString())).thenReturn("hash");
otpEntry.setStatusCode(IdAuthCommonConstants.ACTIVE_STATUS);
otpEntry.setOtpHash("otphash");
Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntry));
Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInAndGeneratedDtimesNotNullOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntry));
try {
otpManager.validateOtp("Test123", "123456", "426789089018");
} catch (IdAuthenticationBusinessException ex) {
Expand All @@ -1311,7 +1311,7 @@ public void TestThrowOtpException_OtpPresent_NotExpired_Valid()
Mockito.when(securityManager.hash(Mockito.anyString())).thenReturn("hash");
otpEntry.setStatusCode(IdAuthCommonConstants.ACTIVE_STATUS);
otpEntry.setOtpHash("otphash");
Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntry));
Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInAndGeneratedDtimesNotNullOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntry));
try {
otpManager.validateOtp("Test123", "123456", "426789089018");
} catch (IdAuthenticationBusinessException ex) {
Expand Down
Loading