@Override
public String requestChallenge(String user) throws InterxException {
SessionInitEntry entry = core.getEntryForUser(user);
if (entry == null) {
// Get the (encrypted) password.
String password = getAccountCollection().getPassword(user);
// Create a new, random challenge, and record it.
entry = password == null ? core.recordBadUser() : core.recordGoodUser(user, password);
entry.challenge = createChallenge(entry.index);
entry.expectedResponse =
password == null ? null : calcExpectedResponse(entry.challenge, password);
}
return entry.challenge;
}
@Override
public String answerChallenge(SessionCreateRequest r) throws InterxException {
String challenge = r.getKey();
String response = r.getDigest();
int index = challengeToIndex(challenge);
if (index >= 0) {
String user = core.testAnswerToChallenge(index, challenge, response);
if (user != null) {
// Give the client what it earned.
String accountId = getAccountCollection().getAccountId(user);
return getAuthorizedResource().access(accountId);
}
}
throw new InterxException(InterxErrorCode.NO_SUCH_USER);
}