RubyGems - active_model_otp - Versions diffs - 2.2.0 → 2.3.0 - Mend

active_model_otp 2.2.0 → 2.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (11) hide show

checksums.yaml +4 -4
data/.github/workflows/active_model_otp.yml +43 -0
data/README.md +22 -0
data/lib/active_model/one_time_password.rb +37 -12
data/lib/active_model/otp/version.rb +1 -1
data/test/models/default_interval_user.rb +5 -0
data/test/models/interval_user.rb +5 -0
data/test/one_time_password_test.rb +20 -0
data/test/schema.rb +16 -0
metadata +7 -3
data/.travis.yml +0 -43

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: bdc023d65f130fca41bde8f20a7094e587c7940240ae5b36778e54d2efcf76ac
-  data.tar.gz: 1dab4dd23328538a3a3c8d9a712b9a16d01673b3d997538169126966c653cdf6
+  metadata.gz: 2a57a05fda7ae2023dc877a96228e00e5dbca948bc8d17c1058232a42086e285
+  data.tar.gz: 9d3a965117edbf33fb77585126be84e2fd44b613bbbc435c74627b198b87ee5f
 SHA512:
-  metadata.gz: f896afd30554da73cff730f4277aefe8805b4cbb3da0bf550039b14b8d4611374498b1cf4b0eae2fe80d7a35bdaafdc0ae1558ffbdea3f2f708d2334a81e1af2
-  data.tar.gz: 0d3b2a4fe8d0e26e9c06bd71e471bcabf4a048f1f1bd531691c0afbc5feda757147ca045ddedec34e587240b0b1337960a9248c0340e6f57ec5d7057cec776ea
+  metadata.gz: 847accabdd4eff2942a917f497197b3be90bb5cf9e9caefb0cd753635994e3bb8b730aab0d9387aa13c4e929793816333d094b620037a8f9c002a7cc3f3ebdcb
+  data.tar.gz: 6a47a8a378bdb2d9155a165e503f672b5c57576c7f9d4fdef271767422a2d9804a141252707cb0181b02c36a91024d1867b9114cdbc95e475c2e4b292f750b65

data/.github/workflows/active_model_otp.yml ADDED Viewed

@@ -0,0 +1,43 @@
+name: Active Model OTP
+on:
+  push:
+    branches: [main]
+  pull_request:
+    types: [opened, synchronize, reopened, edited]
+jobs:
+  ci:
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        gemfile: [rails_4.2, rails_5.0, rails_5.1, rails_5.2, rails_6.0, rails_6.1]
+        ruby-version: [2.3, 2.4, 2.5, 2.6, 2.7, 3.0]
+        exclude:
+          - { gemfile: rails_6.0, ruby-version: 2.3 }
+          - { gemfile: rails_6.1, ruby-version: 2.3 }
+          - { gemfile: rails_6.0, ruby-version: 2.4 }
+          - { gemfile: rails_6.1, ruby-version: 2.4 }
+          - { gemfile: rails_4.2, ruby-version: 2.7 }
+          - { gemfile: rails_4.2, ruby-version: 3.0 }
+          - { gemfile: rails_5.0, ruby-version: 3.0 }
+          - { gemfile: rails_5.1, ruby-version: 3.0 }
+          - { gemfile: rails_5.2, ruby-version: 3.0 }
+    env:
+      BUNDLE_GEMFILE: gemfiles/${{ matrix.gemfile }}.gemfile
+    steps:
+      - uses: actions/checkout@v2
+      - name: Install Ruby ${{ matrix.ruby-version }}
+        uses: ruby/setup-ruby@v1
+        with:
+          ruby-version: ${{ matrix.ruby-version }}
+      - name: Install dependencies
+        run: bundle install
+      - name: Run tests with Ruby ${{ matrix.ruby-version }} and Gemfile ${{ matrix.gemfile }}
+        run: bundle exec rake

data/README.md CHANGED Viewed

@@ -213,6 +213,28 @@ user.provisioning_uri(nil, issuer: 'MYAPP') #=> 'otpauth://totp/hello@heapsource
 This can then be rendered as a QR Code which can be scanned and added to the users list of OTP credentials.
+### Setting up a customer interval
+If you define a custom interval for TOTP codes, just as `has_one_time_password interval: 10` (for example), remember to include the interval also in `provisioning_uri` method. If not defined, the default value is 30 seconds (according to ROTP gem: https://github.com/mdp/rotp/blob/master/lib/rotp/totp.rb#L9)
+```ruby
+class User < ApplicationRecord
+  has_one_time_password interval: 10 # the interval value is in seconds
+end
+user = User.new
+user.provisioning_uri("hello", interval: 10) # => 'otpauth://totp/hello?secret=2z6hxkdwi3uvrnpn&period=10'
+# This code snippet generates OTP codes that expires every 10 seconds.
+```
+**Note**: Only some authenticator apps are compatible with custom `period` of tokens, for more details check these links:
+- https://labanskoller.se/blog/2019/07/11/many-common-mobile-authenticator-apps-accept-qr-codes-for-modes-they-dont-support
+- https://www.ibm.com/docs/en/sva/9.0.7?topic=authentication-configuring-totp-one-time-password-mechanism
+So, be careful and aware when using custom intervals/periods for your TOTP codes beyond the default 30 seconds :)
 ### Working example
 Scan the following barcode with your phone, using Google Authenticator

data/lib/active_model/one_time_password.rb CHANGED Viewed

@@ -2,25 +2,42 @@ module ActiveModel
   module OneTimePassword
     extend ActiveSupport::Concern
+    OTP_DEFAULT_COLUMN_NAME = 'otp_secret_key'.freeze
+    OTP_DEFAULT_COUNTER_COLUMN_NAME = 'otp_counter'.freeze
+    OTP_DEFAULT_BACKUP_CODES_COLUMN_NAME = 'otp_backup_codes'.freeze
+    OTP_DEFAULT_DIGITS = 6
+    OTP_DEFAULT_BACKUP_CODES_COUNT = 12
+    OTP_COUNTER_ENABLED_BY_DEFAULT = false
+    OTP_BACKUP_CODES_ENABLED_BY_DEFAULT = false
     module ClassMethods
       def has_one_time_password(options = {})
         cattr_accessor :otp_column_name, :otp_counter_column_name,
                        :otp_backup_codes_column_name
         class_attribute :otp_digits, :otp_counter_based,
-                        :otp_backup_codes_count, :otp_one_time_backup_codes
-        self.otp_column_name = (options[:column_name] || "otp_secret_key").to_s
-        self.otp_digits = options[:length] || 6
-        self.otp_counter_based = (options[:counter_based] || false)
-        self.otp_counter_column_name = (options[:counter_column_name] || "otp_counter").to_s
+                        :otp_backup_codes_count, :otp_one_time_backup_codes,
+                        :otp_interval
+        self.otp_column_name = (
+          options[:column_name] || OTP_DEFAULT_COLUMN_NAME
+        ).to_s
+        self.otp_digits = options[:length] || OTP_DEFAULT_DIGITS
+        self.otp_counter_based = (
+          options[:counter_based] || OTP_COUNTER_ENABLED_BY_DEFAULT
+        )
+        self.otp_counter_column_name = (
+          options[:counter_column_name] || OTP_DEFAULT_COUNTER_COLUMN_NAME
+        ).to_s
+        self.otp_interval = options[:interval]
         self.otp_backup_codes_column_name = (
-          options[:backup_codes_column_name] || 'otp_backup_codes'
+          options[:backup_codes_column_name] ||
+          OTP_DEFAULT_BACKUP_CODES_COLUMN_NAME
         ).to_s
-        self.otp_backup_codes_count = options[:backup_codes_count] || 12
+        self.otp_backup_codes_count = (
+          options[:backup_codes_count] || OTP_DEFAULT_BACKUP_CODES_COUNT
+        )
         self.otp_one_time_backup_codes = (
-          options[:one_time_backup_codes] || false
+          options[:one_time_backup_codes] || OTP_BACKUP_CODES_ENABLED_BY_DEFAULT
         )
         include InstanceMethodsOnActivation
@@ -144,7 +161,11 @@ module ActiveModel
       end
       def authenticate_totp(code, options = {})
-        totp = ROTP::TOTP.new(otp_column, digits: otp_digits)
+        totp = ROTP::TOTP.new(
+          otp_column,
+          digits: otp_digits,
+          interval: otp_interval
+        )
         if (drift = options[:drift])
           totp.verify(code, drift_behind: drift)
         else
@@ -166,7 +187,11 @@ module ActiveModel
                else
                  options
                end
-        ROTP::TOTP.new(otp_column, digits: otp_digits).at(time)
+        ROTP::TOTP.new(
+          otp_column,
+          digits: otp_digits,
+          interval: otp_interval
+        ).at(time)
       end
       def authenticate_backup_code(code)

data/lib/active_model/otp/version.rb CHANGED Viewed

@@ -1,5 +1,5 @@
 module ActiveModel
   module Otp
-    VERSION = "2.2.0".freeze
+    VERSION = '2.3.0'.freeze
   end
 end

data/test/models/default_interval_user.rb ADDED Viewed

@@ -0,0 +1,5 @@
+# frozen_string_literal: true
+class DefaultIntervalUser < ActiveRecord::Base
+  has_one_time_password interval: 500
+end

data/test/models/interval_user.rb ADDED Viewed

@@ -0,0 +1,5 @@
+# frozen_string_literal: true
+class IntervalUser < ActiveRecord::Base
+  has_one_time_password interval: 2
+end

data/test/one_time_password_test.rb CHANGED Viewed

@@ -162,4 +162,24 @@ class OtpTest < MiniTest::Test
   def test_otp_random_secret
     assert_match(/^.{32}$/, @user.class.otp_random_secret)
   end
+  def test_otp_interval
+    @interval_user = IntervalUser.new
+    @interval_user.email = 'roberto@heapsource.com'
+    @interval_user.run_callbacks :create
+    otp_code = @interval_user.otp_code
+    2.times { assert_match(otp_code, @interval_user.otp_code) }
+    sleep 5
+    refute_match(otp_code, @interval_user.otp_code)
+  end
+  def test_otp_default_interval
+    @default_interval_user = DefaultIntervalUser.new
+    @default_interval_user.email = 'roberto@heapsource.com'
+    @default_interval_user.run_callbacks :create
+    otp_code = @default_interval_user.otp_code
+    2.times { assert_match(otp_code, @default_interval_user.otp_code) }
+    sleep 5
+    assert_match(otp_code, @default_interval_user.otp_code)
+  end
 end

data/test/schema.rb CHANGED Viewed

@@ -8,4 +8,20 @@ ActiveRecord::Schema.define do
     t.string :otp_secret_key
     t.timestamps
   end
+  create_table :interval_users, force: true do |t|
+    t.string :key
+    t.string :email
+    t.integer :otp_counter
+    t.string :otp_secret_key
+    t.timestamps
+  end
+  create_table :default_interval_users, force: true do |t|
+    t.string :key
+    t.string :email
+    t.integer :otp_counter
+    t.string :otp_secret_key
+    t.timestamps
+  end
 end

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: active_model_otp
 version: !ruby/object:Gem::Version
-  version: 2.2.0
+  version: 2.3.0
 platform: ruby
 authors:
 - Guillermo Iguaran
@@ -10,7 +10,7 @@ authors:
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2021-05-30 00:00:00.000000000 Z
+date: 2021-06-22 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activemodel
@@ -120,8 +120,8 @@ executables: []
 extensions: []
 extra_rdoc_files: []
 files:
+- ".github/workflows/active_model_otp.yml"
 - ".gitignore"
-- ".travis.yml"
 - Appraisals
 - CHANGELOG.md
 - Gemfile
@@ -139,6 +139,8 @@ files:
 - lib/active_model/otp/version.rb
 - lib/active_model_otp.rb
 - test/models/activerecord_user.rb
+- test/models/default_interval_user.rb
+- test/models/interval_user.rb
 - test/models/member.rb
 - test/models/opt_in_two_factor.rb
 - test/models/user.rb
@@ -171,6 +173,8 @@ specification_version: 4
 summary: Adds methods to set and authenticate against one time passwords.
 test_files:
 - test/models/activerecord_user.rb
+- test/models/default_interval_user.rb
+- test/models/interval_user.rb
 - test/models/member.rb
 - test/models/opt_in_two_factor.rb
 - test/models/user.rb

data/.travis.yml DELETED Viewed

@@ -1,43 +0,0 @@
-rvm:
-  - 2.3
-  - 2.4
-  - 2.5
-  - 2.6
-  - 2.7
-  - 3.0
-  - ruby-head
-gemfile:
-  - gemfiles/rails_4.2.gemfile
-  - gemfiles/rails_5.0.gemfile
-  - gemfiles/rails_5.1.gemfile
-  - gemfiles/rails_5.2.gemfile
-  - gemfiles/rails_6.0.gemfile
-  - gemfiles/rails_6.1.gemfile
-matrix:
-  exclude:
-    - rvm: 2.3
-      gemfile: gemfiles/rails_6.0.gemfile
-    - rvm: 2.3
-      gemfile: gemfiles/rails_6.1.gemfile
-    - rvm: 2.4
-      gemfile: gemfiles/rails_6.0.gemfile
-    - rvm: 2.4
-      gemfile: gemfiles/rails_6.1.gemfile
-    - rvm: 2.7
-      gemfile: gemfiles/rails_4.2.gemfile
-    - rvm: 3.0
-      gemfile: gemfiles/rails_4.2.gemfile
-    - rvm: 3.0
-      gemfile: gemfiles/rails_5.0.gemfile
-    - rvm: 3.0
-      gemfile: gemfiles/rails_5.1.gemfile
-    - rvm: 3.0
-      gemfile: gemfiles/rails_5.2.gemfile
-  fast_finish: true
-  allow_failures:
-    - rvm: ruby-head
-# include:
-#   - rvm: jruby
-#     env: JRUBY_OPTS="--1.9 --server -Xcext.enabled=true"
-notifications:
-  email: false