/**
* Verifier - To be used only on the server side
*
* <p>Taken from Google Authenticator with small modifications from {@see <a
* href="http://code.google.com/p/google-authenticator/source/browse/src/com/google/android/apps/authenticator/PasscodeGenerator.java?repo=android#212">PasscodeGenerator.java</a>}
*
* <p>Verify a timeout code. The timeout code will be valid for a time determined by the interval
* period and the number of adjacent intervals checked.
*
* @param otp Timeout code
* @return True if the timeout code is valid
* <p>Author: [email protected] (Steve Weis)
*/
public boolean verify(String otp) {
try {
long code = Long.parseLong(otp);
long currentInterval = clock.getCurrentInterval();
int pastResponse = Math.max(DELAY_WINDOW, 0);
for (int i = pastResponse; i >= 0; --i) {
int candidate = generate(this.secret, currentInterval - i);
if (candidate == code) {
return true;
}
}
} catch (NumberFormatException nfe) {
Logger.getLogger(getClass().getName()).log(Level.WARNING, "invalid otp", nfe);
}
return false;
}
/**
* Retrieves the current OTP
*
* @return OTP
*/
public String now() {
return leftPadding(hash(secret, clock.getCurrentInterval()));
}
