Google Authenticator Verification iRule (TMOS v11.1+ optimized)

Problem this snippet solves: Hi Folks, the provided iRule contains a TMOS v11.1+ compatible fork of the already existing and very lovely Google Authenticator verification iRules here on CodeShare....

Updated Jun 06, 2023

Version 2.0

application delivery

base32

BIG-IP Access Policy Manager (APM)

MVP

My name is Kai Wilke and I'm working as a Principal Consultant for IT-Security at itacs GmbH - a German consulting company specialized in Microsoft Security cloud solutions, F5 customizations as well as for classic IT-Consulting. You can find additional information about me and my work here: https://devcentral.f5.com/articles/q-a-with-itacs-gmbhs-kai-wilke-devcentrals-featured-member-for-february-24890

View Profile

Stanislas_Piro2

Cumulonimbus

Nov 03, 2016

another solution is to create the range of allowed clock in RULE_INIT

set static::ga_allowed_clock_skew_units 10
set static::ga_allowed_clock_range {0}
for {set i 1} {$i < $static::ga_allowed_clock_skew_units} {incr i} {
    lappend static::ga_allowed_clock_range -$i
    lappend static::ga_allowed_clock_range $i
}

then, use only one loop on this list:

foreach x $static::ga_allowed_clock_range {
    ...code...
}

Google Authenticator Verification iRule (TMOS v11.1+ optimized)

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS