Does nuxeo offers OTP(one time password) for nuxeo rest service authentication?
I have read that nuxeo offers DIGEST_AUTH, WEBDAV_BASIC_AUTH, ANONYMOUS_AUTH
Whiler for Rest Service we add a plugin.
<urlPatterns> <url>(.*)/api/v.*</url> </urlPatterns> <replacementChain> <plugin>AUTOMATION_BASIC_AUTH</plugin> <plugin>TOKEN_AUTH</plugin> </replacementChain> </specificAuthenticationChain>
I thre any possibility to add a plugin for OTP authentication.
Hi! I tried to take some time to look into this. I'm going to take a guess that you looked at this page to find out about the mentioned authentications (DIGEST_AUTH, WEBDAV_BASIC_AUTH, ANONYMOUS_AUTH).
As for your question, I'm not sure if OTP authentication is used. I've been trying to find other examples of plugins used for the RestAPI specificAuthenticationChain extension, but haven't found any that use other auths. When looking on my own local copy of nuxeo, this is already setup in the file directory (While in the nuxeo root directory): nxserver/web/root.war/modules/org.nuxeo.ecm.platform.restapi.server/OSGI-INF/auth-contrib.xml
Here that code snippet in your question is already established in nuxeo to use TOKEN_AUTH and AUTOMATION_BASIC_AUTH.
The only other alternative I can think of is to do a java approach to handling a one-time password, if you're looking at this for password retrieval. Nuxeo has 2 blog posts on customizing this process with these: https://www.nuxeo.com/blog/monday-dev-heaven-add-forgotten-password-functionality-nuxeo-part-12/ https://www.nuxeo.com/blog/monday-dev-heaven-add-forgotten-password-functionality-nuxeo-part-22/