Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

MOSIP-31314 OTP validation security fix #1194

Merged
merged 1 commit into from
Feb 12, 2024
Merged

MOSIP-31314 OTP validation security fix #1194

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions ...n-common/src/main/java/io/mosip/authentication/common/service/integration/OTPManager.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -105,7 +105,7 @@ public boolean sendOtp(OtpRequestDTO otpRequestDTO, String idvid, String idvidTy
throws IdAuthenticationBusinessException {

String refIdHash = securityManager.hash(idvid);
Optional<OtpTransaction> otpEntityOpt = otpRepo.findFirstByRefIdAndStatusCodeInOrderByGeneratedDtimesDesc(refIdHash, QUERIED_STATUS_CODES);
Optional<OtpTransaction> otpEntityOpt = otpRepo.findFirstByRefIdAndStatusCodeInAndGeneratedDtimesNotNullOrderByGeneratedDtimesDesc(refIdHash, QUERIED_STATUS_CODES);

if(otpEntityOpt.isPresent()) {
OtpTransaction otpEntity = otpEntityOpt.get();
Expand Down Expand Up @@ -214,7 +214,7 @@ private String generateOTP(String uin) throws IdAuthUncheckedException {
*/
public boolean validateOtp(String pinValue, String otpKey, String individualId) throws IdAuthenticationBusinessException {
String refIdHash = securityManager.hash(individualId);
Optional<OtpTransaction> otpEntityOpt = otpRepo.findFirstByRefIdAndStatusCodeInOrderByGeneratedDtimesDesc(refIdHash, QUERIED_STATUS_CODES);
Optional<OtpTransaction> otpEntityOpt = otpRepo.findFirstByRefIdAndStatusCodeInAndGeneratedDtimesNotNullOrderByGeneratedDtimesDesc(refIdHash, QUERIED_STATUS_CODES);

if (otpEntityOpt.isEmpty()) {
throw new IdAuthenticationBusinessException(IdAuthenticationErrorConstants.OTP_REQUEST_REQUIRED);
Expand Down
2 changes: 1 addition & 1 deletion ...mon/src/main/java/io/mosip/authentication/common/service/repository/OtpTxnRepository.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,6 @@ public interface OtpTxnRepository extends BaseRepository<OtpTransaction, String>
* @param refIdHash the ref id hash
* @return the optional
*/
Optional<OtpTransaction> findFirstByRefIdAndStatusCodeInOrderByGeneratedDtimesDesc(String refIdHash, List<String> statusCodes);
Optional<OtpTransaction> findFirstByRefIdAndStatusCodeInAndGeneratedDtimesNotNullOrderByGeneratedDtimesDesc(String refIdHash, List<String> statusCodes);

}
52 changes: 26 additions & 26 deletions ...mmon/src/test/java/io/mosip/authentication/common/service/integration/OTPManagerTest.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -168,7 +168,7 @@ public void sendOtpTest_frozen_within30mins() throws RestServiceException, IdAut
OtpTransaction entity = new OtpTransaction();
entity.setStatusCode(IdAuthCommonConstants.FROZEN);
entity.setUpdDTimes(DateUtils.getUTCCurrentDateTime().minus(30, ChronoUnit.MINUTES));
when(otpRepo.findFirstByRefIdAndStatusCodeInOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(entity));
when(otpRepo.findFirstByRefIdAndStatusCodeInAndGeneratedDtimesNotNullOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(entity));
try {
otpManager.sendOtp(otpRequestDTO, "426789089018", "UIN", valueMap, templateLanguages);
} catch(IdAuthenticationBusinessException ex) {
Expand Down Expand Up @@ -196,7 +196,7 @@ public void sendOtpTest_frozen_In31mins() throws RestServiceException, IdAuthent
OtpTransaction entity = new OtpTransaction();
entity.setStatusCode(IdAuthCommonConstants.FROZEN);
entity.setUpdDTimes(DateUtils.getUTCCurrentDateTime().minus(31, ChronoUnit.MINUTES));
when(otpRepo.findFirstByRefIdAndStatusCodeInOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(entity));
when(otpRepo.findFirstByRefIdAndStatusCodeInAndGeneratedDtimesNotNullOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(entity));
try {
when(otpRepo.save(Mockito.any())).thenAnswer(invocation -> {
assertEquals(IdAuthCommonConstants.ACTIVE_STATUS, ((OtpTransaction)invocation.getArguments()[0]).getStatusCode());
Expand Down Expand Up @@ -228,7 +228,7 @@ public void sendOtpTest_USED_entry() throws RestServiceException, IdAuthenticati
OtpTransaction entity = new OtpTransaction();
entity.setStatusCode(IdAuthCommonConstants.USED_STATUS);
entity.setUpdDTimes(DateUtils.getUTCCurrentDateTime().minus(31, ChronoUnit.MINUTES));
when(otpRepo.findFirstByRefIdAndStatusCodeInOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(entity));
when(otpRepo.findFirstByRefIdAndStatusCodeInAndGeneratedDtimesNotNullOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(entity));
try {
when(otpRepo.save(Mockito.any())).thenAnswer(invocation -> {
assertEquals(IdAuthCommonConstants.ACTIVE_STATUS, ((OtpTransaction)invocation.getArguments()[0]).getStatusCode());
Expand Down Expand Up @@ -260,7 +260,7 @@ public void sendOtpTest_frozen_within25mins() throws RestServiceException, IdAut
OtpTransaction entity = new OtpTransaction();
entity.setStatusCode(IdAuthCommonConstants.FROZEN);
entity.setUpdDTimes(DateUtils.getUTCCurrentDateTime().minus(25, ChronoUnit.MINUTES));
when(otpRepo.findFirstByRefIdAndStatusCodeInOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(entity));
when(otpRepo.findFirstByRefIdAndStatusCodeInAndGeneratedDtimesNotNullOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(entity));
try {
otpManager.sendOtp(otpRequestDTO, "426789089018", "UIN", valueMap, templateLanguages);
} catch(IdAuthenticationBusinessException ex) {
Expand Down Expand Up @@ -543,7 +543,7 @@ public void TestOtpAuthFailure()
otpEntity.setStatusCode(IdAuthCommonConstants.ACTIVE_STATUS);
otpEntity.setOtpHash("otphash");

Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntity ));
Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInAndGeneratedDtimesNotNullOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntity ));

boolean expactedOTP = otpManager.validateOtp("Test123", "123456", "426789089018");
assertFalse(expactedOTP);
Expand Down Expand Up @@ -765,7 +765,7 @@ public void TestInvalidAttemptWith_UsedEntity()
otpEntity.setStatusCode(IdAuthCommonConstants.USED_STATUS);
otpEntity.setOtpHash("otphash");

Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntity ));
Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInAndGeneratedDtimesNotNullOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntity ));

try {
otpManager.validateOtp("Test123", "123456", "426789089018");
Expand All @@ -786,7 +786,7 @@ public void TestInvalidAttemptWith_nullUpdateCount()
otpEntity.setStatusCode(IdAuthCommonConstants.ACTIVE_STATUS);
otpEntity.setOtpHash("otphash");

Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntity ));
Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInAndGeneratedDtimesNotNullOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntity ));

try {
boolean result = otpManager.validateOtp("Test123", "123456", "426789089018");
Expand All @@ -812,7 +812,7 @@ public void TestInvalidAttemptWith_1UpdateCount()
otpEntity.setValidationRetryCount(1);
otpEntity.setOtpHash("otphash");

Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntity ));
Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInAndGeneratedDtimesNotNullOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntity ));

try {
boolean result = otpManager.validateOtp("Test123", "123456", "426789089018");
Expand All @@ -838,7 +838,7 @@ public void TestInvalidAttemptWith_4UpdateCount()
otpEntity.setValidationRetryCount(4);
otpEntity.setOtpHash("otphash");

Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntity ));
Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInAndGeneratedDtimesNotNullOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntity ));

try {
boolean result = otpManager.validateOtp("Test123", "123456", "426789089018");
Expand All @@ -865,7 +865,7 @@ public void TestInvalidAttemptWith_FrozenStatus()
otpEntity.setValidationRetryCount(5);
otpEntity.setOtpHash("otphash");

Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntity ));
Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInAndGeneratedDtimesNotNullOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntity ));

try {
otpManager.validateOtp("Test123", "123456", "426789089018");
Expand Down Expand Up @@ -893,7 +893,7 @@ public void TestInvalidAttemptWith_FrozenStatusWithin25Mins()
otpEntity.setUpdDTimes(DateUtils.getUTCCurrentDateTime().minus(25, ChronoUnit.MINUTES));
otpEntity.setOtpHash("otphash");

Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntity ));
Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInAndGeneratedDtimesNotNullOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntity ));

try {
otpManager.validateOtp("Test123", "123456", "426789089018");
Expand Down Expand Up @@ -921,7 +921,7 @@ public void TestInvalidAttemptWith_FrozenStatusWithin29Mins()
otpEntity.setUpdDTimes(DateUtils.getUTCCurrentDateTime().minus(29, ChronoUnit.MINUTES));
otpEntity.setOtpHash("otphash");

Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntity ));
Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInAndGeneratedDtimesNotNullOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntity ));

try {
otpManager.validateOtp("Test123", "123456", "426789089018");
Expand Down Expand Up @@ -949,7 +949,7 @@ public void TestInvalidAttemptWith_FrozenStatusWithin31Mins()
otpEntity.setUpdDTimes(DateUtils.getUTCCurrentDateTime().minus(31, ChronoUnit.MINUTES));
otpEntity.setOtpHash("otphash");

Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntity ));
Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInAndGeneratedDtimesNotNullOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntity ));

try {
otpManager.validateOtp("Test123", "123456", "426789089018");
Expand All @@ -975,7 +975,7 @@ public void TestValidAttemptWith_nullUpdateCount()
otpEntity.setOtpHash("313233343536234B45595F53504C49545445522354657374313233");
otpEntity.setExpiryDtimes(DateUtils.getUTCCurrentDateTime().plus(1, ChronoUnit.MINUTES));

Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntity ));
Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInAndGeneratedDtimesNotNullOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntity ));

try {
boolean result = otpManager.validateOtp("Test123", "123456", "426789089018");
Expand All @@ -1001,7 +1001,7 @@ public void TestValidAttemptWith_1UpdateCount()
otpEntity.setOtpHash("313233343536234B45595F53504C49545445522354657374313233");
otpEntity.setExpiryDtimes(DateUtils.getUTCCurrentDateTime().plus(1, ChronoUnit.MINUTES));

Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntity ));
Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInAndGeneratedDtimesNotNullOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntity ));

try {
boolean result = otpManager.validateOtp("Test123", "123456", "426789089018");
Expand All @@ -1027,7 +1027,7 @@ public void TestValidAttemptWith_4UpdateCount()
otpEntity.setOtpHash("313233343536234B45595F53504C49545445522354657374313233");
otpEntity.setExpiryDtimes(DateUtils.getUTCCurrentDateTime().plus(1, ChronoUnit.MINUTES));

Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntity ));
Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInAndGeneratedDtimesNotNullOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntity ));

try {
boolean result = otpManager.validateOtp("Test123", "123456", "426789089018");
Expand All @@ -1054,7 +1054,7 @@ public void TestValidAttemptWith_FrozenStatus()
otpEntity.setOtpHash("313233343536234B45595F53504C49545445522354657374313233");
otpEntity.setExpiryDtimes(DateUtils.getUTCCurrentDateTime().plus(1, ChronoUnit.MINUTES));

Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntity ));
Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInAndGeneratedDtimesNotNullOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntity ));

try {
otpManager.validateOtp("Test123", "123456", "426789089018");
Expand Down Expand Up @@ -1083,7 +1083,7 @@ public void TestValidAttemptWith_FrozenStatusWithin25Mins()
otpEntity.setOtpHash("313233343536234B45595F53504C49545445522354657374313233");
otpEntity.setExpiryDtimes(DateUtils.getUTCCurrentDateTime().plus(1, ChronoUnit.MINUTES));

Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntity ));
Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInAndGeneratedDtimesNotNullOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntity ));

try {
otpManager.validateOtp("Test123", "123456", "426789089018");
Expand Down Expand Up @@ -1112,7 +1112,7 @@ public void TestValidAttemptWith_FrozenStatusWithin29Mins()
otpEntity.setOtpHash("313233343536234B45595F53504C49545445522354657374313233");
otpEntity.setExpiryDtimes(DateUtils.getUTCCurrentDateTime().plus(1, ChronoUnit.MINUTES));

Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntity ));
Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInAndGeneratedDtimesNotNullOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntity ));

try {
otpManager.validateOtp("Test123", "123456", "426789089018");
Expand Down Expand Up @@ -1141,7 +1141,7 @@ public void TestValidAttemptWith_FrozenStatusWithin31Mins()
otpEntity.setOtpHash("313233343536234B45595F53504C49545445522354657374313233");
otpEntity.setExpiryDtimes(DateUtils.getUTCCurrentDateTime().plus(1, ChronoUnit.MINUTES));

Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntity ));
Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInAndGeneratedDtimesNotNullOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntity ));

try {
otpManager.validateOtp("Test123", "123456", "426789089018");
Expand All @@ -1168,7 +1168,7 @@ public void TestValidAttemptWith_FrozenStatusWithin31Mins_expiredOtp()
otpEntity.setOtpHash("313233343536234B45595F53504C49545445522354657374313233");
otpEntity.setExpiryDtimes(DateUtils.getUTCCurrentDateTime().minus(1, ChronoUnit.MINUTES));

Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntity ));
Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInAndGeneratedDtimesNotNullOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntity ));

try {
otpManager.validateOtp("Test123", "123456", "426789089018");
Expand Down Expand Up @@ -1201,7 +1201,7 @@ public void TestThrowOtpException_UINLocked()
otpEntity.setOtpHash("otphash");
otpEntity.setStatusCode(IdAuthCommonConstants.ACTIVE_STATUS);

Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntity ));
Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInAndGeneratedDtimesNotNullOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntity ));

try {
otpManager.validateOtp("Test123", "123456", "426789089018");
Expand Down Expand Up @@ -1229,7 +1229,7 @@ public void TestThrowOtpException_OtpExpired() throws RestServiceException, IdAu
otpEntity.setStatusCode(IdAuthCommonConstants.ACTIVE_STATUS);
otpEntity.setOtpHash("otphash");

Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntity ));
Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInAndGeneratedDtimesNotNullOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntity ));

try {
otpManager.validateOtp("Test123", "123456", "426789089018");
Expand Down Expand Up @@ -1257,7 +1257,7 @@ public void TestThrowOtpException_ValidationUnsuccessful()
otpEntity.setStatusCode(IdAuthCommonConstants.ACTIVE_STATUS);
otpEntity.setOtpHash("otphash");

Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntity ));
Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInAndGeneratedDtimesNotNullOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntity ));
try {
otpManager.validateOtp("Test123", "123456", "426789089018");
} catch (IdAuthenticationBusinessException ex) {
Expand All @@ -1284,7 +1284,7 @@ public void TestThrowOtpException_OtpPresent_Expired()
Mockito.when(securityManager.hash(Mockito.anyString())).thenReturn("hash");
otpEntry.setStatusCode(IdAuthCommonConstants.ACTIVE_STATUS);
otpEntry.setOtpHash("otphash");
Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntry));
Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInAndGeneratedDtimesNotNullOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntry));
try {
otpManager.validateOtp("Test123", "123456", "426789089018");
} catch (IdAuthenticationBusinessException ex) {
Expand All @@ -1311,7 +1311,7 @@ public void TestThrowOtpException_OtpPresent_NotExpired_Valid()
Mockito.when(securityManager.hash(Mockito.anyString())).thenReturn("hash");
otpEntry.setStatusCode(IdAuthCommonConstants.ACTIVE_STATUS);
otpEntry.setOtpHash("otphash");
Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntry));
Mockito.when(otpRepo.findFirstByRefIdAndStatusCodeInAndGeneratedDtimesNotNullOrderByGeneratedDtimesDesc(Mockito.anyString(), Mockito.anyList())).thenReturn(Optional.of(otpEntry));
try {
otpManager.validateOtp("Test123", "123456", "426789089018");
} catch (IdAuthenticationBusinessException ex) {
Expand Down
Loading