active_model_otp 1.2.0 → 2.0.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: a53fb4e15fa9408222f26928a84d9b1f67919b86
-  data.tar.gz: f436275d42c9e8e78c074809be7cbc06da3e9c16
+SHA256:
+  metadata.gz: 4f10c7c77b302adbd5a02bb37378c46eafd0d6aaf53f2f5ec7ac069bd888ab07
+  data.tar.gz: 2572cac964589cc665f0a0dbaacaa7ca8fc226cef62ebeb122e591c487b6278d
 SHA512:
-  metadata.gz: 4c409cf8191c2511f7f7c984d0b2623463f65a835e5b86d6cec3dd59b9f91836f8a5d5308b164d328c773dbebe76c51e0c9ae0503048bc81e8326280d57a2379
-  data.tar.gz: 2b69f18d93545ea5e0e41bc3bc10930887f2f7f1b95dbee947b6e9eed256cc5b78f80014fa7e11e2f3d271f204ccf5dad9b412f9c1193404dcda64478e1d116a
+  metadata.gz: e78abb140e71aca80842a896ef02abad3df97be46b57e096056b8480c150aa5c8c633725cb8d0aaa49eaf9e26b5846741ac9eb6b99a963f59a7b835e88101605
+  data.tar.gz: 9d7d0fef52db81c831a728808b5768714fcbc64df126a65832a9ed86769379e4ee007f894193183a536ba2d1ea32343f77537fb732bd84de2168e75b02202bef

data/.gitignore

@@ -16,3 +16,4 @@ test/tmp
 test/version_tmp
 tmp
 .ruby-version
+gemfiles/*.lock

data/.travis.yml

@@ -1,10 +1,26 @@
 rvm:
-  - 1.9.3
-  - 2.0.0
-  - 2.1
+  - 2.3
+  - 2.4
+  - 2.5
+  - 2.6
+  - ruby-head
+gemfile:
+  - gemfiles/rails_4.2.gemfile
+  - gemfiles/rails_5.0.gemfile
+  - gemfiles/rails_5.1.gemfile
+  - gemfiles/rails_5.2.gemfile
+  - gemfiles/rails_6.0.0.rc1.gemfile
 matrix:
-  include:
-    - rvm: jruby
-      env: JRUBY_OPTS="--1.9 --server -Xcext.enabled=true"
+  exclude:
+    - rvm: 2.3
+      gemfile: gemfiles/rails_6.0.0.rc1.gemfile
+    - rvm: 2.4
+      gemfile: gemfiles/rails_6.0.0.rc1.gemfile
+  fast_finish: true
+  allow_failures:
+    - rvm: ruby-head
+# include:
+#   - rvm: jruby
+#     env: JRUBY_OPTS="--1.9 --server -Xcext.enabled=true"
 notifications:
   email: false

data/Appraisals

@@ -0,0 +1,25 @@
+appraise "rails-4.2" do
+  gem "activemodel", "~> 4.2"
+end
+
+appraise "rails-5.0" do
+  gem "activemodel", "~> 5.0"
+  gem "activemodel-serializers-xml"
+end
+
+appraise "rails-5.1" do
+  gem "activemodel", "~> 5.1"
+  gem "activemodel-serializers-xml"
+end
+
+appraise "rails-5.2" do
+  gem "activemodel", "~> 5.2"
+  gem "activemodel-serializers-xml"
+end
+
+appraise "rails-6.0.0.rc1" do
+  gem "activerecord", "6.0.0.rc1"
+  gem "activemodel", "6.0.0.rc1"
+  gem "activemodel-serializers-xml"
+  gem "sqlite3", "~> 1.4"
+end

data/CHANGELOG.md

@@ -1,17 +1,17 @@
-#v1.2.0
+# v1.2.0
 - Added Counter based OTP (HOTP) (@ResultsMayVary ) https://github.com/heapsource/active_model_otp/pull/19
 - Adding options to provisioning uri, so we can include issuer (@doon) https://github.com/heapsource/active_model_otp/pull/15
 
-#v1.1.0
+# v1.1.0
 - Add function to re-geterante the OTP secret (@TikiTDO) https://github.com/heapsource/active_model_otp/pull/14
 - Added option to pass OTP length (@shivanibhanwal) https://github.com/heapsource/active_model_otp/pull/13
 
-#v1.0.0
+# v1.0.0
 - Avoid overriding predefined otp_column value when initializing resource (Ilan Stern) https://github.com/heapsource/active_model_otp/pull/10
 - Pad OTP codes with less than 6 digits (Johan Brissmyr) https://github.com/heapsource/active_model_otp/pull/7
 - Get rid of deprecation warnings in Rails 4.1 (Nick DeMonner)
 
-#v0.1.0
+# v0.1.0
 - OTP codes can be in 5 or 6 digits (André Luis Leal Cardoso Junior)
 - Require 'cgi', rotp needs it for encoding parameters (André Luis Leal Cardoso Junior)
 - Change column name for otp secret key (robertomiranda)

data/LICENSE.txt

@@ -1,4 +1,4 @@
-Copyright (c) 2013 Guillermo Iguaran, Roberto Miranda, Firebase.co
+Copyright (c) 2013-2019 Roberto Miranda, Guillermo Iguaran and contributors.
 
 MIT License
 

data/README.md

@@ -1,12 +1,15 @@
 [![Build Status](https://travis-ci.org/heapsource/active_model_otp.png)](https://travis-ci.org/heapsource/active_model_otp)
 [![Gem Version](https://badge.fury.io/rb/active_model_otp.svg)](http://badge.fury.io/rb/active_model_otp)
-[![Dependency Status](https://gemnasium.com/heapsource/active_model_otp.svg)](https://gemnasium.com/heapsource/active_model_otp)
-[![Code Climate](https://codeclimate.com/github/heapsource/active_model_otp/badges/gpa.svg)](https://codeclimate.com/github/heapsource/active_model_otp)
+[![Reviewed by Hound](https://img.shields.io/badge/Reviewed_by-Hound-8E64B0.svg)](https://houndci.com)
 
 
 # ActiveModel::Otp
 
-**ActiveModel::Otp** makes adding **Two Factor Authentication** (TFA) to a model simple. Let's see what's required to get AMo::Otp working in our Application, using Rails 4.0 (AMo::Otp is also compatible with Rails 3.x versions). We're going to use a User model and some authentication to do it. Inspired by AM::SecurePassword
+**ActiveModel::Otp** makes adding **Two Factor Authentication** (TFA) to a model simple. Let's see what's required to get AMo::Otp working in our Application, using Rails 5.0 (AMo::Otp is also compatible with Rails 4.x versions). We're going to use a User model and try to add options provided by **ActiveMOdel::Otp**. Inspired by AM::SecurePassword
+
+## Dependencies
+
+* [ROTP](https://github.com/mdp/rotp) 5.0 or higher
 
 ## Installation
 
@@ -36,27 +39,27 @@ rails g migration AddOtpSecretKeyToUsers otp_secret_key:string
 We’ll then need to run rake db:migrate to update the users table in the database. The next step is to update the model code. We need to use has_one_time_password to make it use TFA.
 
 ```ruby
-class User < ActiveRecord::Base
+class User < ApplicationRecord
   has_one_time_password
 end
 ```
 
 Note: If you're adding this to an existing user model you'll need to generate *otp_secret_key* with a migration like:
 ```ruby
-User.all.each { |user| user.update_attribute(:otp_secret_key, ROTP::Base32.random_base32) }
+User.find_each { |user| user.update_attribute(:otp_secret_key, User.otp_random_secret) }
 ```
 
 To use a custom column to store the secret key field you can use the column_name option. It is also possible to generate codes with a specified length.
 
 ```ruby
-class User < ActiveRecord::Base
+class User < ApplicationRecord
   has_one_time_password column_name: :my_otp_secret_column, length: 4
 end
 ```
 
 ## Usage
 
-The has_one_time_password statement provides to the model some useful methods in order to implement our TFA system. AMo:Otp generates one time passwords according to [TOTP RFC 6238](http://tools.ietf.org/html/rfc4226) and the [HOTP RFC 4226](http://tools.ietf.org/html/rfc4226). This is compatible with Google Authenticator apps available for Android and iPhone, and now in use on GMail.
+The has_one_time_password statement provides to the model some useful methods in order to implement our TFA system. AMo:Otp generates one time passwords according to [TOTP RFC 6238](https://tools.ietf.org/html/rfc6238) and the [HOTP RFC 4226](https://www.ietf.org/rfc/rfc4226). This is compatible with Google Authenticator apps available for Android and iPhone, and now in use on GMail.
 
 The otp_secret_key is saved automatically when an object is created,
 
@@ -76,9 +79,6 @@ user.otp_code # => '850738'
 
 # Override current time
 user.otp_code(time: Time.now + 3600) # => '317438'
-
-# Don't zero-pad to six digits
-user.otp_code(padding: false) # => '438'
 ```
 
 ### Authenticating using a code
@@ -108,10 +108,15 @@ rails g migration AddCounterForOtpToUsers otp_counter:integer
       create    db/migrate/20130707010931_add_counter_for_otp_to_users.rb
 ```
 
+Set default value for otp_counter to 0.
+```ruby
+change_column :users, :otp_counter, :integer, default: 0
+```
+
 In addition set the counter flag option to true
 
 ```ruby
-class User < ActiveRecord::Base
+class User < ApplicationRecord
   has_one_time_password counter_based: true
 end
 ```
@@ -119,7 +124,7 @@ end
 And for a custom counter column
 
 ```ruby
-class User < ActiveRecord::Base
+class User < ApplicationRecord
   has_one_time_password counter_based: true, counter_column_name: :my_otp_secret_counter_column
 end
 ```
@@ -154,6 +159,10 @@ user.provisioning_uri # => 'otpauth://totp/hello@heapsource.com?secret=2z6hxkdwi
 
 # Use a custom field to generate the provisioning_url
 user.provisioning_uri("hello") # => 'otpauth://totp/hello?secret=2z6hxkdwi3uvrnpn'
+
+# You can customize the generated url, by passing a hash of Options
+# `:issuer` lets you set the Issuer name in Google Authenticator, so it doesn't show as a blank entry.
+user.provisioning_uri(nil, issuer: 'MYAPP') #=> 'otpauth://totp/hello@heapsource.com?secret=2z6hxkdwi3uvrnpn&issuer=MYAPP'
 ```
 
 This can then be rendered as a QR Code which can be scanned and added to the users list of OTP credentials.
@@ -168,6 +177,7 @@ Now run the following and compare the output
 
 ```ruby
 require "active_model_otp"
+
 class User
   extend ActiveModel::Callbacks
   include ActiveModel::Validations
@@ -178,6 +188,7 @@ class User
 
   has_one_time_password
 end
+
 user = User.new
 user.email = 'roberto@heapsource.com'
 user.otp_secret_key = "2z6hxkdwi3uvrnpn"
@@ -187,10 +198,10 @@ puts "Current code #{user.otp_code}"
 **Note:** otp_secret_key must be generated using RFC 3548 base32 key strings (for compatilibity with google authenticator)
 
 ### Useful Examples
-
+- [Drifting Ruby Tutorial](https://www.driftingruby.com/episodes/two-factor-authentication)
 - [Generate QR code with rqrcode gem](https://github.com/heapsource/active_model_otp/wiki/Generate-QR-code-with-rqrcode-gem)
 - Generating QR Code with Google Charts API
-- [Sendind code via email with Twilio](https://github.com/heapsource/active_model_otp/wiki/Send-code-via-Twilio-SMS)
+- [Sending code via SMS with Twilio](https://github.com/heapsource/active_model_otp/wiki/Send-code-via-Twilio-SMS)
 - [Using with Mongoid](https://github.com/heapsource/active_model_otp/wiki/Using-with-Mongoid)
 
 ## Contributing

data/active_model_otp.gemspec

@@ -8,7 +8,7 @@ Gem::Specification.new do |spec|
   spec.version       = ActiveModel::Otp::VERSION
   spec.authors       = ["Guillermo Iguaran", "Roberto Miranda", "Heapsource"]
   spec.email         = ["guilleiguaran@gmail.com", "rjmaltamar@gmail.com", "hello@firebase.co"]
-  spec.description   = %q{Adds methods to set and authenticate against one time passwords. Inspired in AM::SecurePassword"}
+  spec.description   = %q{Adds methods to set and authenticate against one time passwords 2FA(Two factor Authentication). Inspired in AM::SecurePassword"}
   spec.summary       = "Adds methods to set and authenticate against one time passwords."
   spec.homepage      = ""
   spec.license       = "MIT"
@@ -19,9 +19,16 @@ Gem::Specification.new do |spec|
   spec.require_paths = ["lib"]
 
   spec.add_dependency "activemodel"
-  spec.add_dependency "rotp"
+  spec.add_dependency "rotp", "~> 5.0.0"
 
-  spec.add_development_dependency "bundler", "~> 1.3"
+  spec.add_development_dependency "activerecord"
   spec.add_development_dependency "rake"
   spec.add_development_dependency "minitest", "~> 5.4.2"
+  spec.add_development_dependency "appraisal"
+
+  if RUBY_PLATFORM == "java"
+    spec.add_development_dependency "activerecord-jdbcsqlite3-adapter"
+  else
+    spec.add_development_dependency "sqlite3", "~> 1.3.6"
+  end
 end

data/gemfiles/rails_4.2.gemfile

@@ -0,0 +1,7 @@
+# This file was generated by Appraisal
+
+source "https://rubygems.org"
+
+gem "activemodel", "~> 4.2"
+
+gemspec path: "../"

data/gemfiles/rails_5.0.gemfile

@@ -0,0 +1,8 @@
+# This file was generated by Appraisal
+
+source "https://rubygems.org"
+
+gem "activemodel", "~> 5.0"
+gem "activemodel-serializers-xml"
+
+gemspec path: "../"

data/gemfiles/rails_5.1.gemfile

@@ -0,0 +1,8 @@
+# This file was generated by Appraisal
+
+source "https://rubygems.org"
+
+gem "activemodel", "~> 5.1"
+gem "activemodel-serializers-xml"
+
+gemspec path: "../"

data/gemfiles/rails_5.2.gemfile

@@ -0,0 +1,8 @@
+# This file was generated by Appraisal
+
+source "https://rubygems.org"
+
+gem "activemodel", "~> 5.2"
+gem "activemodel-serializers-xml"
+
+gemspec path: "../"

data/gemfiles/rails_6.0.0.rc1.gemfile

@@ -0,0 +1,10 @@
+# This file was generated by Appraisal
+
+source "https://rubygems.org"
+
+gem "activerecord", "6.0.0.rc1"
+gem "activemodel", "6.0.0.rc1"
+gem "activemodel-serializers-xml"
+gem "sqlite3", "~> 1.4"
+
+gemspec path: "../"

data/lib/active_model/one_time_password.rb

@@ -3,7 +3,6 @@ module ActiveModel
     extend ActiveSupport::Concern
 
     module ClassMethods
-
       def has_one_time_password(options = {})
         cattr_accessor :otp_column_name, :otp_counter_column_name
         class_attribute :otp_digits, :otp_counter_based
@@ -12,9 +11,7 @@ module ActiveModel
         self.otp_digits = options[:length] || 6
 
         self.otp_counter_based = (options[:counter_based] || false)
-        self.otp_counter_column_name = (
-          options[:counter_column_name] || "otp_counter"
-          ).to_s
+        self.otp_counter_column_name = (options[:counter_column_name] || "otp_counter").to_s
 
         include InstanceMethodsOnActivation
 
@@ -29,11 +26,17 @@ module ActiveModel
           end
         end
       end
+
+      # Defaults to 160 bit long secret
+      # (meaning a 32 character long base32 secret)
+      def otp_random_secret(length = 20)
+        ROTP::Base32.random(length)
+      end
     end
 
     module InstanceMethodsOnActivation
       def otp_regenerate_secret
-        self.otp_column = ROTP::Base32.random_base32
+        self.otp_column = self.class.otp_random_secret
       end
 
       def otp_regenerate_counter
@@ -46,13 +49,13 @@ module ActiveModel
           result = hotp.verify(code, otp_counter)
           if result && options[:auto_increment]
             self.otp_counter += 1
-            save if !new_record?
+            save if respond_to?(:new_record) && !new_record?
           end
           result
         else
           totp = ROTP::TOTP.new(otp_column, digits: otp_digits)
           if drift = options[:drift]
-            totp.verify_with_drift(code, drift)
+            totp.verify(code, drift_behind: drift)
           else
             totp.verify(code)
           end
@@ -63,23 +66,22 @@ module ActiveModel
         if otp_counter_based
           if options[:auto_increment]
             self.otp_counter += 1
-            save if !new_record?
+            save if respond_to?(:new_record) && !new_record?
           end
           ROTP::HOTP.new(otp_column, digits: otp_digits).at(self.otp_counter)
         else
           if options.is_a? Hash
             time = options.fetch(:time, Time.now)
-            padding = options.fetch(:padding, true)
           else
             time = options
-            padding = true
           end
-          ROTP::TOTP.new(otp_column, digits: otp_digits).at(time, padding)
+          ROTP::TOTP.new(otp_column, digits: otp_digits).at(time)
         end
       end
 
       def provisioning_uri(account = nil, options = {})
         account ||= self.email if self.respond_to?(:email)
+        account ||= ""
 
         if otp_counter_based
           ROTP::HOTP.new(otp_column, options).provisioning_uri(account)
@@ -89,19 +91,34 @@ module ActiveModel
       end
 
       def otp_column
-        self.send(self.class.otp_column_name)
+        self.public_send(self.class.otp_column_name)
       end
 
       def otp_column=(attr)
-        self.send("#{self.class.otp_column_name}=", attr)
+        self.public_send("#{self.class.otp_column_name}=", attr)
       end
 
       def otp_counter
-        self.send(self.class.otp_counter_column_name)
+        if self.class.otp_counter_column_name != "otp_counter"
+          self.public_send(self.class.otp_counter_column_name)
+        else
+          super
+        end
       end
 
       def otp_counter=(attr)
-        self.send("#{self.class.otp_counter_column_name}=", attr)
+        if self.class.otp_counter_column_name != "otp_counter"
+          self.public_send("#{self.class.otp_counter_column_name}=", attr)
+        else
+          super
+        end
+      end
+
+      def serializable_hash(options = nil)
+        options ||= {}
+        options[:except] = Array(options[:except])
+        options[:except] << self.class.otp_column_name
+        super(options)
       end
     end
   end

data/lib/active_model/otp/version.rb

@@ -1,5 +1,5 @@
 module ActiveModel
   module Otp
-    VERSION = "1.2.0"
+    VERSION = "2.0.1"
   end
 end

data/test/models/activerecord_user.rb

@@ -0,0 +1,3 @@
+class ActiverecordUser < ActiveRecord::Base
+  has_one_time_password counter_based: true
+end

data/test/models/member.rb

@@ -0,0 +1,10 @@
+class Member
+  extend ActiveModel::Callbacks
+  include ActiveModel::Validations
+  include ActiveModel::OneTimePassword
+
+  define_model_callbacks :create
+  attr_accessor :otp_secret_key, :otp_counter, :email
+
+  has_one_time_password counter_based: true
+end

data/test/models/user.rb

@@ -1,5 +1,7 @@
 class User
   extend ActiveModel::Callbacks
+  include ActiveModel::Serializers::JSON
+  include ActiveModel::Serializers::Xml
   include ActiveModel::Validations
   include ActiveModel::OneTimePassword
 
@@ -7,4 +9,7 @@ class User
   attr_accessor :otp_secret_key, :email
 
   has_one_time_password
+  def attributes
+    { "otp_secret_key" => otp_secret_key, "email" => email }
+  end
 end

data/test/one_time_password_test.rb

@@ -9,17 +9,46 @@ class OtpTest < MiniTest::Unit::TestCase
     @visitor = Visitor.new
     @visitor.email = 'roberto@heapsource.com'
     @visitor.run_callbacks :create
+
+    @member = Member.new
+    @member.email = nil
+    @member.run_callbacks :create
+
+    @ar_user = ActiverecordUser.new
+    @ar_user.email = 'roberto@heapsource.com'
+    @ar_user.run_callbacks :create
   end
 
   def test_authenticate_with_otp
     code = @user.otp_code
-
     assert @user.authenticate_otp(code)
 
     code = @visitor.otp_code
     assert @visitor.authenticate_otp(code)
   end
 
+  def test_counter_based_otp
+    code = @member.otp_code
+    assert @member.authenticate_otp(code)
+    assert @member.authenticate_otp(code, auto_increment: true)
+    assert !@member.authenticate_otp(code)
+    @member.otp_counter -= 1
+    assert @member.authenticate_otp(code)
+    assert code == @member.otp_code
+    assert code != @member.otp_code(auto_increment: true)
+  end
+
+  def test_counter_based_otp_active_record
+    code = @ar_user.otp_code
+    assert @ar_user.authenticate_otp(code)
+    assert @ar_user.authenticate_otp(code, auto_increment: true)
+    assert !@ar_user.authenticate_otp(code)
+    @ar_user.otp_counter -= 1
+    assert @ar_user.authenticate_otp(code)
+    assert code == @ar_user.otp_code
+    assert code != @ar_user.otp_code(auto_increment: true)
+  end
+
   def test_authenticate_with_otp_when_drift_is_allowed
     code = @user.otp_code(Time.now - 30)
     assert @user.authenticate_otp(code, drift: 60)
@@ -34,38 +63,32 @@ class OtpTest < MiniTest::Unit::TestCase
   end
 
   def test_otp_code_with_specific_length
-    assert_match(/^\d{4}$/, @visitor.otp_code(time: 2160, padding: true).to_s)
-    assert_operator(@visitor.otp_code(time: 2160, padding: false).to_s.length, :<= , 4)
+    assert_match(/^\d{4}$/, @visitor.otp_code(2160).to_s)
+    assert_operator(@visitor.otp_code(2160).to_s.length, :<=, 4)
   end
 
   def test_otp_code_without_specific_length
-   assert_match(/^\d{6}$/, @user.otp_code(time: 2160, padding: true).to_s)
-   assert_operator(@user.otp_code(time: 2160, padding: false).to_s.length, :<= , 6)
-  end
-
-  def test_otp_code_padding
-    @user.otp_column = 'kw5jhligwqaiw7jc'
-    assert_match(/^\d{6}$/, @user.otp_code(time: 2160, padding: true).to_s)
-    # Modified this spec as it is not guranteed that without padding we will always
-    # get a 3 digit number
-    assert_operator(@user.otp_code(time: 2160, padding: false).to_s.length, :<= , 6)
+    assert_match(/^\d{6}$/, @user.otp_code(2160).to_s)
+    assert_operator(@user.otp_code(2160).to_s.length, :<=, 6)
   end
 
   def test_provisioning_uri_with_provided_account
-    assert_match %r{otpauth://totp/roberto\?secret=\w{16}}, @user.provisioning_uri("roberto")
-    assert_match %r{otpauth://totp/roberto\?secret=\w{16}}, @visitor.provisioning_uri("roberto")
+    assert_match %r{^otpauth://totp/roberto\?secret=\w{32}$}, @user.provisioning_uri("roberto")
+    assert_match %r{^otpauth://totp/roberto\?secret=\w{32}$}, @visitor.provisioning_uri("roberto")
+    assert_match %r{^otpauth://hotp/roberto\?secret=\w{32}&counter=0$}, @member.provisioning_uri("roberto")
   end
 
   def test_provisioning_uri_with_email_field
-    assert_match %r{otpauth://totp/roberto@heapsource\.com\?secret=\w{16}}, @user.provisioning_uri
-    assert_match %r{otpauth://totp/roberto@heapsource\.com\?secret=\w{16}}, @visitor.provisioning_uri
+    assert_match %r{^otpauth://totp/roberto@heapsource\.com\?secret=\w{32}$}, @user.provisioning_uri
+    assert_match %r{^otpauth://totp/roberto@heapsource\.com\?secret=\w{32}$}, @visitor.provisioning_uri
+    assert_match %r{^otpauth://hotp/\?secret=\w{32}&counter=0$}, @member.provisioning_uri
   end
 
   def test_provisioning_uri_with_options
-    assert_match  %r{otpauth://totp/roberto@heapsource\.com\?issuer=Example&secret=\w{16}},@user.provisioning_uri(nil,issuer: "Example")
-    assert_match %r{otpauth://totp/roberto@heapsource\.com\?issuer=Example&secret=\w{16}}, @visitor.provisioning_uri(nil,issuer: "Example")
-    assert_match %r{otpauth://totp/roberto\?issuer=Example&secret=\w{16}}, @user.provisioning_uri("roberto", issuer: "Example")
-    assert_match %r{otpauth://totp/roberto\?issuer=Example&secret=\w{16}}, @visitor.provisioning_uri("roberto", issuer: "Example")
+    assert_match %r{^otpauth://totp/Example\:roberto@heapsource\.com\?secret=\w{32}&issuer=Example$}, @user.provisioning_uri(nil, issuer: "Example")
+    assert_match %r{^otpauth://totp/Example\:roberto@heapsource\.com\?secret=\w{32}&issuer=Example$}, @visitor.provisioning_uri(nil, issuer: "Example")
+    assert_match %r{^otpauth://totp/Example\:roberto\?secret=\w{32}&issuer=Example$}, @user.provisioning_uri("roberto", issuer: "Example")
+    assert_match %r{^otpauth://totp/Example\:roberto\?secret=\w{32}&issuer=Example$}, @visitor.provisioning_uri("roberto", issuer: "Example")
   end
 
   def test_regenerate_otp
@@ -73,4 +96,13 @@ class OtpTest < MiniTest::Unit::TestCase
     @user.otp_regenerate_secret
     assert secret != @user.otp_column
   end
+
+  def test_hide_secret_key_in_serialize
+    refute_match(/otp_secret_key/, @user.to_json)
+    refute_match(/otp_secret_key/, @user.to_xml)
+  end
+
+  def test_otp_random_secret
+    assert_match /^.{32}$/, @user.class.otp_random_secret
+  end
 end

data/test/schema.rb

@@ -0,0 +1,11 @@
+ActiveRecord::Schema.define do
+  self.verbose = false
+
+  create_table :activerecord_users, force: true do |t|
+    t.string :key
+    t.string :email
+    t.integer :otp_counter
+    t.string :otp_secret_key
+    t.timestamps
+  end
+end

data/test/test_helper.rb

@@ -8,5 +8,14 @@ require "rubygems"
 require "active_model_otp"
 require "minitest/autorun"
 require "minitest/unit"
+require "active_record"
+
+begin
+  require "activemodel-serializers-xml"
+rescue LoadError
+end
+
+ActiveRecord::Base.establish_connection adapter: "sqlite3", database: ":memory:"
+load "#{ File.dirname(__FILE__) }/schema.rb"
 
 Dir["models/*.rb"].each {|file| require file }

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: active_model_otp
 version: !ruby/object:Gem::Version
-  version: 1.2.0
+  version: 2.0.1
 platform: ruby
 authors:
 - Guillermo Iguaran
@@ -10,7 +10,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2015-02-26 00:00:00.000000000 Z
+date: 2019-06-07 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activemodel
@@ -28,12 +28,40 @@ dependencies:
         version: '0'
 - !ruby/object:Gem::Dependency
   name: rotp
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 5.0.0
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 5.0.0
+- !ruby/object:Gem::Dependency
+  name: activerecord
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
         version: '0'
-  type: :runtime
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
@@ -41,21 +69,21 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: bundler
+  name: minitest
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.3'
+        version: 5.4.2
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.3'
+        version: 5.4.2
 - !ruby/object:Gem::Dependency
-  name: rake
+  name: appraisal
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -69,21 +97,21 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: minitest
+  name: sqlite3
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 5.4.2
+        version: 1.3.6
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 5.4.2
-description: Adds methods to set and authenticate against one time passwords. Inspired
-  in AM::SecurePassword"
+        version: 1.3.6
+description: Adds methods to set and authenticate against one time passwords 2FA(Two
+  factor Authentication). Inspired in AM::SecurePassword"
 email:
 - guilleiguaran@gmail.com
 - rjmaltamar@gmail.com
@@ -94,18 +122,27 @@ extra_rdoc_files: []
 files:
 - ".gitignore"
 - ".travis.yml"
+- Appraisals
 - CHANGELOG.md
 - Gemfile
 - LICENSE.txt
 - README.md
 - Rakefile
 - active_model_otp.gemspec
+- gemfiles/rails_4.2.gemfile
+- gemfiles/rails_5.0.gemfile
+- gemfiles/rails_5.1.gemfile
+- gemfiles/rails_5.2.gemfile
+- gemfiles/rails_6.0.0.rc1.gemfile
 - lib/active_model/one_time_password.rb
 - lib/active_model/otp/version.rb
 - lib/active_model_otp.rb
+- test/models/activerecord_user.rb
+- test/models/member.rb
 - test/models/user.rb
 - test/models/visitor.rb
 - test/one_time_password_test.rb
+- test/schema.rb
 - test/test_helper.rb
 homepage: ''
 licenses:
@@ -126,13 +163,15 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubyforge_project: 
-rubygems_version: 2.2.2
+rubygems_version: 3.0.1
 signing_key: 
 specification_version: 4
 summary: Adds methods to set and authenticate against one time passwords.
 test_files:
+- test/models/activerecord_user.rb
+- test/models/member.rb
 - test/models/user.rb
 - test/models/visitor.rb
 - test/one_time_password_test.rb
+- test/schema.rb
 - test/test_helper.rb