[cas-user] Re: Gauth multifactor auth with CAS 6.4.0

[Michele Andreoli]

Solved! I'm missing some configurations into *application.properties*

cas.authn.mfa.gauth.crypto.encryption.key=***

cas.authn.mfa.gauth.crypto.encryption.keySize=256

cas.authn.mfa.gauth.crypto.signing.key=***

cas.authn.mfa.gauth.crypto.signing.keySize=512

So after reboot, CAS will take these key instead generating a new one

Il giorno mercoledì 22 settembre 2021 alle 09:46:29 UTC+2 Michele Andreoli 
ha scritto:

> Hi,
>
> I'm trying to configure the multifactor authentication with *Google 
> Authenticator provider* on *CAS 6.4.0*.
>
> If I start CAS everthing goes well and I'm able to register my device with 
> the generated qrcode and login.
> If I *reboot CAS*, when it ask me for token for login, the token 
> generated by my registered device is not valid. So, I need to delete qrcode 
> data (gauthCredentialRepository inside mongodb for example) and regenerate 
> a new qrcode.
>
> I see thaht calling the actuator endpoint after the *first login*:
> GET /cas/actuator/gauthCredentialRepository
> The response was:
> [
>     {
>         "@class": 
> "org.apereo.cas.gauth.credential.GoogleAuthenticatorAccount",
>         "scratchCodes": [
>             71727014,
>             10026393,
>             53569943,
>             99181679,
>             11527675
>         ],
>         "id": 1632236034928,
>         *"secretKey": "PGCKVHVFTQNCYRK4GJASSALFYTJM5ZIC",*
>         "validationCode": 194284,
>         "username": "fd",
>         "name": "charming_penicillin",
>         "registrationDate": "2021-09-21T16:53:54.928+02:00"
>     }
> ]
>
> After rebooting CAS if I call the same actuator endpoint, I see that 
> secret key is missing:
> [
>     {
>         "@class": 
> "org.apereo.cas.gauth.credential.GoogleAuthenticatorAccount",
>         "scratchCodes": [
>             71727014,
>             10026393,
>             53569943,
>             99181679,
>             11527675
>         ],
>         "id": 1632236034928,
>         "validationCode": 194284,
>         "username": "fd",
>         "name": "charming_penicillin",
>         "registrationDate": "2021-09-21T16:53:54.928+02:00"
>     }
> ]
>
> Is there a way to fix this issue?
>
>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/7008a9fe-6136-444e-9948-f9e6689d84c4n%40apereo.org.