A web server that gets requests containing an authentication token, a machine uuid and an encrypted user id. The token is verified with a specific algorithm. The implementation of this algorithm is supplied. The algorithm takes a public key and the token as input and returns a token generator id, time and a counter, when authentication succeeds. The counter is compared to the last counter seen for this token generator, the time is compared to the actual time. I the token is greater and the time difference is in a specific range overall authentication succeeds. I this case the web server returns the encrypted password.
Token generators are registered to the server via a specific dialog. In this dialog the server is provided with a generated token, the id of the token generator , the public key of the token generator and a password for revoking the registration.
User accounts are registered to the web server in a specific HTTP request. It consists of the id of the token generator, the encrypted user id, the encrypted password and the uuid of the machine registering the token.
An authentication request consists of the uuid of the machine, the encrypted user id and the generated token, if successful it returns the encrypted password, if not successful it returns an error.
There are also requests for unregistering a token generator for a user id, a user id and a complete machine.
A machine can register additional token generators for a specific user id after registering the first token generator, leaving out the encrypted password.
The web server saves per machine the uuid of the machine and the https client certificate used for authentication.
The web server saves per token generator, the id of the token generator, the public key of the token generator and the revocation password.
Also the web server saves the valid combinations of machine uuid, encrypted user id and token generator id.
The web server is built using the Laravel Framework ([login to view URL]).
• laravel framework