Authentication Token Adapter Extension Tutorial

The authentication token adapter is invoked when using MultiFactor Authentication(MFA). The extension must override handle_token method to validate the authentication token.

Let’s follow the steps for creating an Authentication Token Adapter:

1. Create an extension using q2 create_extension command:

   q2 create_extension
   New Extension Name: AddAuthToken
   What type of extension are you creating?
   
       1) Online (default)
       2) SSO (Third Party Integration)
       3) Ardent (API)
       4) Q2Console (Backoffice)
       5) Central (Legacy Backoffice)
       6) Adapter    <-------------
       7) Audit Action
       8) Custom Health Check
       9) Message Bus
       10) Caliper API Custom Endpoint
       11) Base Extension
   
   
   Please make a selection and press Return [1]: 6
   Adapter
   Select adapter type to generate
   
       1) Account Details
       2) Authentication Token <--------
       3) Check Image
       4) Domestic Wire
       5) Deposit Item Image
       6) FX Rate
       7) Instant Payments
       8) International Wire
       9) Remote Deposit
       10) Statement Image
   
   
   Please make a selection and press Return: 1
   Authentication Token
   

2. Run the q2 install command to install the extension

3. Run q2 sandbox auth_token enable --use-symantec cli command should be run to enable all the required symantec properties to the group to which the user belongs to

4. Let’s implement a simple code to validate auth token:

   async def handle_token(self, secret: str, otp: str, otp2: str) -> bool:
       """
       Evaluate token here, any number divisible by 7 will return True else False.
       The parameters will be passed in from UUX.
   
       :param secret: The token secret configured in Q2 Central
       :param otp: The token submitted by the user
       :param otp2: The second submitted user token, if applicable
       """
       if int(otp) % 7 == 0:
           return True
       return False
   

5. Now let’s see our extension in action. Go to uux page, enter username and password. After clicking Login In the page should be something like the screenshot below

   

6. Now according to code, a number divisible by 7 validates to True. The success page shows as the image below:

   

   If the token validates to False, the failure page shows as the image below:

   

Note

q2 sandbox auth_token disable cli command should be run to disable the symantec properties for the group to which the user belongs to.