com.gemalto.idp.mobile.otp

Interface Token

All Superinterfaces:

Authenticatable

All Known Subinterfaces:

CapToken, DualSeedOathToken, DualSeedSoftOathToken, OathToken, SoftCapToken, SoftOathToken, SoftVicToken, VicToken

public interface Token
extends Authenticatable

An interface that represents user's credentials known as tokens.

Since:

4.0

Method Summary

Modifier and Type	Method and Description
void	changePin(PinAuthInput oldPinAuthInput, PinAuthInput newPinAuthInput) Change the PIN of the token.
java.lang.String	getName() Gets the name of the token.
int	getUserTokenId() Gets the User Token Identifier.
boolean	isSoft() Returns true if the token's credentials are software based (the credentials are not stored inside a special hardware chip).
void	upgradeToMultiAuthMode(PinAuthInput pinAuthInput) Upgrade the token to enable multi-authentication mode for this token.

Methods inherited from interface com.gemalto.idp.mobile.authentication.Authenticatable

activateAuthMode, deactivateAuthMode, getActivatedModes, getUUID, isAuthModeActive, isMultiAuthModeEnabled

Method Detail

getName

java.lang.String getName()

Gets the name of the token. The name of the token was defined when the token was created.

Returns:

the name of the token

isSoft

boolean isSoft()

Returns true if the token's credentials are software based (the credentials are not stored inside a special hardware chip).

Returns:

true if this is a soft token

getUserTokenId

int getUserTokenId()

Gets the User Token Identifier.

The UTI is an unsigned value ranging from 0x00 to 0xFF (i.e. 0 to 255). It is generated by the provisioning server and is part of the credential pushed during provisioning. It is guaranteed that two tokens for the same end-user (on authentication server) and from the same EPS domain will never have the same UTI. See the Enrolment and Provisioning Server documentation for domains configuration description.

The UTI is defined only if the token has been created with Provisioning Protocol V3 or V5. When the token has been created with Provisioning Protocol V1 or V2 the method returns -1.

Returns:

the user token id, -1 if none.

Since:

4.0

changePin

void changePin(PinAuthInput oldPinAuthInput,
               PinAuthInput newPinAuthInput)
        throws IdpException

Change the PIN of the token.

Parameters:

oldPinAuthInput - PinAuthInput with current PIN value

newPinAuthInput - PinAuthInput with new Pin value

Throws:

java.lang.IllegalArgumentException - if a pin is null or contains non-digit characters.

IdpRuntimeException - when there is a cryptography operation failure.

IdpException - this is generic exception, you can directly catch this exception or catch each specific exception below.

PinRuleException - when the new PIN does not comply with the configured PIN rules.

DeviceFingerprintException - when the token's fingerprint checksum does not match.

PasswordManagerException - when the TOKEN domain is not logged in (using one of the password managers)

IdpStorageException - when database operation failed.

Since:

4.0

upgradeToMultiAuthMode

void upgradeToMultiAuthMode(PinAuthInput pinAuthInput)
                     throws IdpException

Upgrade the token to enable multi-authentication mode for this token. Once enabled, other AuthenticationModes rather than @{link PinAuthMode} can be activated.

Parameters:

pinAuthInput - pin authentication input

Throws:

java.lang.IllegalArgumentException - if a pin is null or contains non-digit characters.

IdpRuntimeException - when there is a cryptography operation failure.

IdpException - this is generic exception, you can directly catch this exception or catch each specific exception below.

DeviceFingerprintException - when the token's fingerprint checksum does not match.

PasswordManagerException - when the TOKEN domain is not logged in (using one of the password managers)

IdpStorageException - when database operation failed.

Since:

4.0