Stefan created GUACAMOLE-1056:
---------------------------------
Summary: Add support for tracking the time drift between guacamole
and TOTP-tokens
Key: GUACAMOLE-1056
URL: https://issues.apache.org/jira/browse/GUACAMOLE-1056
Project: Guacamole
Issue Type: Improvement
Components: guacamole-auth-totp
Reporter: Stefan
Tokens/Display cards which generate codes directly on the device have an
internal clock. According our investigates it seams to be normal that a time
drift of 2 second per week seems to be in a common range. At some point the
time drift of these token is to high so the TOTP- extensions rejects the
generated codes. Because it is not possible to correct the on an easy way, we
will add a tracking of this time drift.
We added a new attribute for storing the value of the time drift next to the
TOTP-Key. The module will accept 3 codes, one previous, one on time and one in
the future. Depending on the accepted code the value will be decremented
(previous) or incremented (future) or unchanged (on time).
The changed code will follow the next days.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
