Dynamic two factor added - over the air otp + totp

2024-09-09 12:21:22 +03:30 · 2024-09-09 12:21:22 +03:30 · b3e04457f6
commit b3e04457f6
parent 016219f1da
2 changed files with 36 additions and 1 deletions
--- a/authorization.proto
+++ b/authorization.proto
@ -25,4 +25,12 @@ service AuthorizationService {
  rpc UserUpdateBankInfo(UserUpdateBankInfoReq) returns (base.StatusRes) {}

  rpc GetUser(GetUserReq) returns (User) {}
+
+  // Two Factor Authentication
+  // For now it's only SMS-OTP - later will be Email-OTP or other methods can be added
+  // For HMAC-OTP there won't be a need to call this api
+  rpc SendTFAReq(TFAReq) returns (base.StatusRes) {}
+  // For HMAC-OTP an initialization step must be added to exchange keys
+  rpc InitTFAReq(InternalIAM) returns (TFAExRes) {}
+  rpc CheckTFACode(CheckTFAReq) returns (base.StatusRes) {}
 }
--- a/authorization_message.proto
+++ b/authorization_message.proto
@ -82,6 +82,7 @@ message IdReqWithIAM {
  InternalIAM iam = 2;
 }

+
 /*
   User
 */
@ -177,3 +178,29 @@ message BankInfo {
  string updated_at = 6;
  string created_at = 7;
 }
+
+/* Two Factor Authentication */
+message IdReqWithIAMAndTFA {
+  int64 id = 1;
+  InternalIAM iam = 2;
+  string tfa_code = 3;
+}
+message TFAReq {
+  InternalIAM iam = 1;
+  optional string mobile = 2;
+  optional string email = 3;
+  optional string reason = 4; // issued jwt reason -> can be login, redeem, withdrawal
+}
+
+// Two Factor Authentication Exchange Response
+message TFAExRes {
+  InternalIAM iam = 1;
+  string secret = 2;
+  string qrcode_base64 = 3;
+}
+message CheckTFAReq {
+  InternalIAM iam = 1;
+  string code = 2;
+  optional string algorithm = 3;
+  optional string reason = 4; // Can be later used as a lookup
+}