validateChallengeResponse method
bool
validateChallengeResponse(
{ - required ChallengeCommand challenge,
- required DeviceCommand command,
- required String secret,
})
Implementation
@protected
bool validateChallengeResponse({
required ChallengeCommand challenge,
required DeviceCommand command,
required String secret,
}) {
var result = false;
if (command is ChallengeResponseCommand) {
if (command.commandId == challenge.id) {
if ((DateTime.now().millisecondsSinceEpoch -
challenge.timestamp.millisecondsSinceEpoch)
.abs() >
300000) {
// more than 5 minutes on either side of the clock, go away.
logger.info(
'[AUTHENTICATE]: rejecting due to expired challenge response.',
);
} else {
final signature = DriverSignatureHelper().createSignature(
secret,
[
challenge.salt,
challenge.timestamp.millisecondsSinceEpoch.toString(),
],
);
if (signature == command.signature) {
result = true;
} else {
logger.info(
'[CHALLENGE]: challenge response has invalid signature',
);
}
}
}
}
return result;
}