Event-based credential

The sample code lets you perform the following tasks to manage an event-based credential:
Provisioning the credential
The following sample code provisions an authentication-based credential. After successful provisioning, the authentication credential object is returned to the mobile application. The credential object can then be used to generate the security code.
The Credential prefix (QAME) provided in this sample are trial production account-specific values. Contact your Symantec representative for production values when you are ready to move to production implementation.
//Pass activationCode and the credential prefix to createEventBasedCredential() //factory method CredentialFactory.createEventBasedCredential(getApplicationContext(), testListener, 12345678, QAME); //testListener refers to instance of NetworkListener. testListener = new NetworkListener(){ public void onReceiveResponse(MVIPException vipExp, CredentialInterface credIRef){ if(vipExp == null) Credential credObject = credIRef; } }
This sample code performs the following functions:
  • Asynchronously initiates the Authentication Credential provisioning through
    VIP
    Services with an activation code and the credential prefix.
  • Returns the credential object (
    credObject
    ) as part of the provisioning response to the
    NetworkListener
    callback method
    onReceiveResponse ()
Saving the credential
The following sample saves the credential object into the mobile device in encrypted form:
// Get the credential object and adds the credential object to an ArrayList of //credential interface. // Saves the data on the mobile device ArrayList<CredentialInterface> credentialArray=new ArrayList<CredentialInterface>(); if (credObject != null){ Vault repository = Vault.getInstance(activityContext); try { credentialArray.add((Credential) credObject); status = repository.storeCredential(credentialArray); } catch (MVIPException exception){ // Catch and handle exception } }
This sample code performs the following functions:
  • Gets the credential object that is specified when the credential is provisioned, and adds it to an ArrayList of credential interfaces.
  • Saves the data on the mobile device vault
    If you do not use the Vault interface that Symantec provides, you must first convert the Credential object to the JSON format using the to
    JSON
    API. Then, store it in the mobile device vault.
Restoring the credential and generating a security code
The following sample code retrieves the data from the mobile device, regenerates the credential object, and generates a security code.
// restore values from storage. Vault vault = Vault.getInstance(activityContext); String credentialId = null; ArrayList<CredentialInterface> mCredentials = null; try { mCredentials = vault.retrieveCredential(credentialId); } catch (MVIPException exception){ // Catch and handle exception } String code=null; try { code = mCredentials.get(0).getSecurityCode(activityContext); } catch (MVIPException exception){ // Catch and handle exception }
This sample code performs the following functions:
  • Retrieves the serialized encrypted credential object that was saved earlier
  • Calls
    getSecurityCode
    on the first element in the
    ArrayList
    returned from the
    retrieveCredential
    method. This call obtains the next sequential security code from the credential.
    The call to
    retrieveCredential
    with a
    credentialId
    returns an
    ArrayList
    that contains the credential with the given
    credentialId
    . In the case that a
    credentialId
    is passed as null to the
    retrieveCredential
    method, then an
    ArrayList
    of all the credentials that are stored in the vault are returned.
  • For troubleshooting purposes, you can have this call return a map of the credential event counter, credential ID, and current timestamp information, along with the security code, by using the
    getSecurityCodeDebug
    call in place of the
    getSecurityCode
    call:
    Map<String,String> credentialDetails=null; String code=null; try { credentialDetails = ((CredentialEventBased)mCredentials.get(0)).getSecurityCodeDebug(activityContext); code = credentialDetails.get("securityCode"); } catch (MVIPException exception){ // Catch and handle exception }
    The
    getSecurityCodeDebug
    call returns a map containing the following keys:
    • securityCode
      : The next sequential security code
    • credentialID
      : The credential ID
    • currentTime
      : The current timestamp from the device
    • currentCounter
      : The current count of security codes for this credential. The count is incremented each time a security code is generated for an event-based credential.
If you do not use the Vault interface that Symantec provides, you must reconstruct the credential object from the JSON stored in the vault (non-Symantec) using the constructor for the credential. Then, call the
getSecurityCode
method on the credential object. After the security code is generated, you must store the credential object in your vault. Storing the credential object ensures that your updated credential counter value is preserved.