RubyGems - devise-two-factor - Versions diffs - 4.0.0 → 4.1.1 - Mend

devise-two-factor 4.0.0 → 4.1.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of devise-two-factor might be problematic. Click here for more details.

Files changed (28) hide show

checksums.yaml +4 -4
checksums.yaml.gz.sig +0 -0
data/.github/workflows/ci.yml +51 -0
data/Appraisals +16 -6
data/CHANGELOG.md +12 -0
data/README.md +18 -1
data/certs/tinfoil-cacert.pem +12 -12
data/certs/tinfoilsecurity-gems-cert.pem +14 -14
data/devise-two-factor.gemspec +3 -3
data/gemfiles/rails_6.0.gemfile +8 -0
data/gemfiles/rails_6.1.gemfile +8 -0
data/gemfiles/rails_7.0.gemfile +8 -0
data/lib/devise_two_factor/models/two_factor_authenticatable.rb +7 -1
data/lib/devise_two_factor/spec_helpers/two_factor_authenticatable_shared_examples.rb +41 -0
data/lib/devise_two_factor/spec_helpers.rb +6 -0
data/lib/devise_two_factor/version.rb +1 -1
data/spec/devise/models/two_factor_authenticatable_spec.rb +19 -3
data/spec/spec_helper.rb +0 -2
data.tar.gz.sig +0 -0
metadata +48 -46
metadata.gz.sig +0 -0
data/.travis.yml +0 -46
data/gemfiles/rails_6_0.gemfile +0 -8
/data/gemfiles/{rails_4_1.gemfile → rails_4.1.gemfile} +0 -0
/data/gemfiles/{rails_4_2.gemfile → rails_4.2.gemfile} +0 -0
/data/gemfiles/{rails_5_0.gemfile → rails_5.0.gemfile} +0 -0
/data/gemfiles/{rails_5_1.gemfile → rails_5.1.gemfile} +0 -0
/data/gemfiles/{rails_5_2.gemfile → rails_5.2.gemfile} +0 -0

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 33ab6513476203a5a4135af19c1f3bbddeeed83fb2ed8bf3a74c2afe2e74be9b
-  data.tar.gz: 16068a92b6b20aa06108cb0e3cd294dc5c98c19563311d024dcfc7e0573030ad
+  metadata.gz: 787116f2d8fd1e2ef5a6e663c0a3ed5a65ca6110a491f44d2de5eb1a985da516
+  data.tar.gz: f379bef9da0239c3697fe14dad33ba6c662ecfd2b6bcc3ab54fb184f75a970d4
 SHA512:
-  metadata.gz: 258cd2abf3bc9beb80c0f9fc596b33055efa24ca53177847fbab5a38b80a220e322a2739303b30128c356000dabd708bcc77e835dacecee2e3c9fe51b66c2b33
-  data.tar.gz: 940c49c9b2cbea4832ee8f66c39b26c1c6ad45d09dc054cf0c54d0be823219e18ad4ef7ca12dc388e2eec319534be0d880b5f9d3e2eb5fcace86ce6b9008e960
+  metadata.gz: 23b55432e9df42fa8723db98cd38abe641656ed05ce6f5d9e5d7ee1a1179624ba7212209c460a7ff4b16d4f14347b11c69750d795e7ff9f56513e93af651c619
+  data.tar.gz: ce784140d65f12c6e46a51d86ed8e97edc6b98e706f276160e67f95bccf615c308a5cf273bd54ad71788b61e5dac92f9676c4e67ebfdd81c83584fa71e0bb509

checksums.yaml.gz.sig CHANGED Viewed

Binary file

data/.github/workflows/ci.yml ADDED Viewed

@@ -0,0 +1,51 @@
+name: CI
+on:
+  push:
+    branches:
+      - main
+  pull_request:
+jobs:
+  tests:
+    runs-on: ubuntu-latest
+    strategy:
+      fail-fast: false
+      matrix:
+        # Due to https://github.com/actions/runner/issues/849, we should quote versions
+        ruby: ['2.3', '2.4', '2.5', '2.6', '2.7', '3.0', 'truffleruby-head']
+        rails: ['4.1', '4.2', '5.0', '5.1', '5.2', '6.0', '6.1', '7.0']
+        exclude:
+          - { ruby: '2.3', rails: '7.0' }
+          - { ruby: '2.4', rails: '7.0' }
+          - { ruby: '2.5', rails: '7.0' }
+          - { ruby: '2.6', rails: '7.0' }
+          - { ruby: '2.3', rails: '6.0' }
+          - { ruby: '2.3', rails: '6.1' }
+          - { ruby: '2.4', rails: '6.0' }
+          - { ruby: '2.4', rails: '6.1' }
+          - { ruby: '2.7', rails: '4.1' }
+          - { ruby: '2.7', rails: '4.2' }
+          - { ruby: '3.0', rails: '4.1' }
+          - { ruby: '3.0', rails: '4.2' }
+          - { ruby: 'truffleruby-head', rails: '4.1' }
+          - { ruby: 'truffleruby-head', rails: '4.2' }
+    name: Ruby ${{ matrix.ruby }}, Rails ${{ matrix.rails }}
+    env: # $BUNDLE_GEMFILE must be set at the job level, so it is set for all steps
+      BUNDLE_GEMFILE: ${{ github.workspace }}/gemfiles/rails_${{ matrix.rails }}.gemfile
+    steps:
+      - uses: actions/checkout@v2
+      - name: Set up Ruby
+        uses: ruby/setup-ruby@v1
+        with:
+          ruby-version: ${{ matrix.ruby }}
+          bundler-cache: true
+      - name: Print versions
+        continue-on-error: true
+        run: |
+          ruby --version
+          bundle --version
+          echo "RubyGems version `gem --version`"
+          bundle exec rails --version
+      - name: Run tests
+        run: bundle exec rake

data/Appraisals CHANGED Viewed

@@ -1,29 +1,39 @@
-appraise "rails-4-1" do
+appraise "rails-4.1" do
   gem 'railties', '~> 4.1'
   gem 'activesupport', '~> 4.1'
 end
-appraise "rails-4-2" do
+appraise "rails-4.2" do
   gem 'railties', '~> 4.2'
   gem 'activesupport', '~> 4.2'
 end
-appraise "rails-5-0" do
+appraise "rails-5.0" do
   gem 'railties', '~> 5.0'
   gem 'activesupport', '~> 5.0'
 end
-appraise "rails-5-1" do
+appraise "rails-5.1" do
   gem 'railties', '~> 5.1'
   gem 'activesupport', '~> 5.1'
 end
-appraise "rails-5-2" do
+appraise "rails-5.2" do
   gem 'railties', '~> 5.2'
   gem 'activesupport', '~> 5.2'
 end
-appraise "rails-6-0" do
+appraise "rails-6.0" do
   gem 'railties', '~> 6.0'
   gem 'activesupport', '~> 6.0'
 end
+appraise "rails-6.1" do
+  gem 'railties', '~> 6.1'
+  gem 'activesupport', '~> 6.1'
+end
+appraise "rails-7.0" do
+  gem 'railties', '~> 7.0'
+  gem 'activesupport', '~> 7.0'
+end

data/CHANGELOG.md CHANGED Viewed

@@ -2,7 +2,19 @@
 ## Unreleased
+## 4.0.2
+- Add Rails 7.0 support
+- Renew signing certificate
+- Use `after` option of TOTP#verify for additional timestamp verification
+## 4.0.1
+- Convert CI from Travis CI to Github Actions ([#198](https://github.com/tinfoil/devise-two-factor/pull/198))
+- Fix ActiveSupport::Testing::TimeHelpers require in shared examples ([#191](https://github.com/tinfoil/devise-two-factor/pull/191))
+- Accept whitespace in provided codes ([#195](https://github.com/tinfoil/devise-two-factor/pull/195))
+- Add Truffleruby head to CI ([#200](https://github.com/tinfoil/devise-two-factor/pull/200))
 ## 4.0.0
+- [breaking] Drop support for Ruby <= 2.2
 - Update ROTP
 - Add Rails 6.1 support
 - Remove timecop dependency

data/README.md CHANGED Viewed

@@ -1,7 +1,7 @@
 # Devise-Two-Factor Authentication
 By [Tinfoil Security](https://www.tinfoilsecurity.com/) (acq. [Synopsys](https://www.synopsys.com/) 2020). Interested in [working with us](https://www.synopsys.com/careers.html)? We're hiring!
-[![Build Status](https://travis-ci.org/tinfoil/devise-two-factor.svg?branch=master)](https://travis-ci.org/tinfoil/devise-two-factor)
+![Build Status](https://github.com/tinfoil/devise-two-factor/actions/workflows/ci.yml/badge.svg)
 Devise-Two-Factor is a minimalist extension to Devise which offers support for two-factor authentication, through the [TOTP](https://en.wikipedia.org/wiki/Time-based_One-Time_Password) scheme. It:
@@ -239,3 +239,20 @@ require 'devise_two_factor/spec_helpers'
 it_behaves_like "two_factor_authenticatable"
 it_behaves_like "two_factor_backupable"
 ```
+## Troubleshooting
+If you are using Rails 4.x and Ruby >= 2.7, you may get an error like
+```
+An error occurred while loading ./spec/devise/models/two_factor_authenticatable_spec.rb.
+Failure/Error: require 'devise'
+NoMethodError:
+  undefined method `new' for BigDecimal:Class
+```
+see https://github.com/ruby/bigdecimal#which-version-should-you-select and https://github.com/ruby/bigdecimal/issues/127
+for more details, but you should be able to solve this
+by explicitly requiring an older version of bigdecimal in your gemfile like
+```
+gem "bigdecimal", "~> 1.4"
+```

data/certs/tinfoil-cacert.pem CHANGED Viewed

@@ -3,7 +3,7 @@ MIIHSjCCBTKgAwIBAgIJAK2u0LojMCNgMA0GCSqGSIb3DQEBBQUAMIGcMQswCQYD
 VQQGEwJVUzELMAkGA1UECBMCQ0ExEjAQBgNVBAcTCVBhbG8gQWx0bzEfMB0GA1UE
 ChMWVGluZm9pbCBTZWN1cml0eSwgSW5jLjEfMB0GA1UEAxMWVGluZm9pbCBTZWN1
 cml0eSwgSW5jLjEqMCgGCSqGSIb3DQEJARYbc3VwcG9ydEB0aW5mb2lsc2VjdXJp
-dHkuY29tMB4XDTExMTIyNzA1MDc0N1oXDTIxMTIyNDA1MDc0N1owgZwxCzAJBgNV
+dHkuY29tMB4XDTIxMDkwOTE4MjIwMFoXDTI1MDkwOTE4MjIwMFowgZwxCzAJBgNV
 BAYTAlVTMQswCQYDVQQIEwJDQTESMBAGA1UEBxMJUGFsbyBBbHRvMR8wHQYDVQQK
 ExZUaW5mb2lsIFNlY3VyaXR5LCBJbmMuMR8wHQYDVQQDExZUaW5mb2lsIFNlY3Vy
 aXR5LCBJbmMuMSowKAYJKoZIhvcNAQkBFhtzdXBwb3J0QHRpbmZvaWxzZWN1cml0
@@ -27,15 +27,15 @@ c3VwcG9ydEB0aW5mb2lsc2VjdXJpdHkuY29tggkAra7QuiMwI2AwDwYDVR0TAQH/
 BAUwAwEB/zARBglghkgBhvhCAQEEBAMCAQYwCQYDVR0SBAIwADArBglghkgBhvhC
 AQ0EHhYcVGlueUNBIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTAmBgNVHREEHzAdgRtz
 dXBwb3J0QHRpbmZvaWxzZWN1cml0eS5jb20wDgYDVR0PAQH/BAQDAgEGMA0GCSqG
-SIb3DQEBBQUAA4ICAQAD7nsmdg1vStFTi8/P2rgSFxlXxZT0aaVVB1bFBe/m5phb
-MjvKQ7VAuiFZxEp3oBNdXTi4FzT1QjhRKdlYMgKZQnU+XDLLIYuoi+atxr5qGD4B
-m58eCGO6ZEutVs3Z7s63UOm5rG0zJ+IEWh8VHMvxgSwiX88QyJuhOtqeiKhIeSGZ
-2/qGGMWgsScnPg3J/ZVOIKUn/4ljEDlC64Gh5Zz5PZUbGSXPMhdYbSD3EknDvEGA
-omYW4jlPMeK3GJgwAZu9yWC8hHGFpiMca/6W0W622cg7MX+CByOd+24dvWFnOHur
-NHBqI+kZo/7Sjdm8x7TWEOz9Rfh5RPMeVNRTj4iq0B6GzfaecT3Yn8y7HTRRiWns
-IYpP+iHCFYnZhDZsFi4ccKqxKtj6BGmhLf00FuNpgkvrsU3cXrhidkCaYGYj1SME
-1CMfy0PPKVDpDKeFb6y0NvLf4d57vi99dZAvSJEO18rrNEHN2VUfCKRPA/mBSMLY
-RxKWAby1YVT/8iC9JWix9yvgsEUtTLyOFxLGtgj3PRiQSvbNe/jK4G9WAIFe6R9E
-9+HUO2owcmyFXyU3rC/z/lBfDP+2pIRFdUVRGlYCMeUqR08PXpfva5+NQz21fC69
-FPRMZvXh70ntnFaWAq+j6NCss+AauC8ckECiQsTgbzJvJd6C3mJXYHkNCQODhg==
+SIb3DQEBBQUAA4ICAQBZy4JJSmwLuO0nZbdr4tJeVS2P8bcGi6PzAcdzVfwzjp6n
+5qf8m4O8my4lnJieom0GrWSHQoPY1Yur4hEoZbugKO9DWZL3dTiGcrgw0TbQ6Gtq
+TTPatW3LA21qFJwvohSvLqPdmZuM+H9g49sdl2kNTDVI6iUyMYuNpL14aPKPGBFo
+o7UjciT1h7JtJl9b/fXrbPeRHBwpZXWeipiPGv/OZW5KnOsNlUkTquS7Zj4ETkIC
+6mVtmsLvq+YwFthFyMU37pXwYxcmqRmH6lX+XC6AVW5oO4GBmG+Zr/Z+h5Cih5ca
+/mX88RkO+dGTjw1IdxKmxOqKL62OBATKrTDJ/scsmRptynA4TunYW+7ikOpDbPfL
+l18aleLISlcgWJg/Czf2nmBqAClPLnhV8qxWsvt58MQQ/Jpoggvpl8EG1PylWiBS
+Kc/4Ad/FKQFpTzXUgDg2kV07npVjYbBzA5p4ZSWSlflFu93jb9gg2+qtnRSImVCZ
+nQjZdsv8hebElPAIbtJjSnoH1Kz2ucYLakdF1UMKnpp1PVREtuKPz/foU9KUHs0z
+dWRALx8cWG4uKK9AIEUlVdGKfX0Wj0qFK0KGxl3f3jObud5Agwue2EPKWwUzEGUh
+Iqp60gNw3vBdKHw4dh1bfcbXWnRDL+OQPuOFZeMWgu1QmeHeuggYtYtRg7V5Kg==
 -----END CERTIFICATE-----

data/certs/tinfoilsecurity-gems-cert.pem CHANGED Viewed

@@ -1,9 +1,9 @@
 -----BEGIN CERTIFICATE-----
-MIIGADCCA+igAwIBAgIIP4wV6YA6CO0wDQYJKoZIhvcNAQENBQAwgZwxCzAJBgNV
+MIIGADCCA+igAwIBAgIIHIF9ta6cW3YwDQYJKoZIhvcNAQENBQAwgZwxCzAJBgNV
 BAYTAlVTMQswCQYDVQQIEwJDQTESMBAGA1UEBxMJUGFsbyBBbHRvMR8wHQYDVQQK
 ExZUaW5mb2lsIFNlY3VyaXR5LCBJbmMuMR8wHQYDVQQDExZUaW5mb2lsIFNlY3Vy
 aXR5LCBJbmMuMSowKAYJKoZIhvcNAQkBFhtzdXBwb3J0QHRpbmZvaWxzZWN1cml0
-eS5jb20wHhcNMjEwNDA4MTUxODAwWhcNMjExMjI0MDUwNzAwWjCBiDELMAkGA1UE
+eS5jb20wHhcNMjIwMzIyMjI1MzAwWhcNMjUwOTA5MTgyMjAwWjCBiDELMAkGA1UE
 BhMCVVMxCzAJBgNVBAgTAkNBMR8wHQYDVQQKExZUaW5mb2lsIFNlY3VyaXR5LCBJ
 bmMuMR0wGwYDVQQDExR0aW5mb2lsc2VjdXJpdHktZ2VtczEsMCoGCSqGSIb3DQEJ
 ARYdZW5naW5lZXJzQHRpbmZvaWxzZWN1cml0eS5jb20wggIiMA0GCSqGSIb3DQEB
@@ -20,16 +20,16 @@ WgpUq+q23PFkt1gIBi/4tGvzsLZye25QU2Y+XLzldCNm+DyRFXZ+Q+bK33IveUeU
 WEOv4T1qTXHAOypyzmgodVRG/PrlsSMOBfE515kG1mDMGjRcCpEtlskgxUbf7qM7
 hQIDAQABo1gwVjAJBgNVHRMEAjAAMEkGA1UdHwRCMEAwPqA8oDqGOGh0dHBzOi8v
 d3d3LnRpbmZvaWxzZWN1cml0eS5jb20vc2VjdXJpdHkvcmV2b2NhdGlvbl9saXN0
-MA0GCSqGSIb3DQEBDQUAA4ICAQB4p1yL6e/38Dmf5HdZoSJzQ7AcM+jrD0LdMC1V
-H0Y107JzZWvIB2aWH4tw4+SKGTr52OvyGFLpBv5jsWUUFssuAV971T1x41kWJSYt
-tnljNguSrH6ah/pDravLxi+JGQXMBRXhkdvQKbFOfutSe9HEuZLiWUYNDYM17XJq
-WmG+QhNgXliXgu4AQg+8vb1rDbu/G491GEuxbwaLyyKG8X+P5mYTBbMQbTgJkNfX
-elpmFtqivFaEHs3evVGEEZRQhe8i5V0Ak2c4Or1ap/pZQf3hUIkZbw7HumyZYNWi
-VJDMpObUyucv6++TNW8bAI5Oip8DGeYKibPsJ0IfYxMmRC3BmY1E3IIvAdsUHTcq
-WapfQlX732+mfx/gSBpuZhdwEqjWj0xPj6l9DjQrGuhUEijfucKqyY3F280OYM1b
-2zG6cwVmh5IeR9nVv0i2KNkoc2zC8tcGpjfBBuDdXZCpow54DRJU4qQ6S0lH5ojs
-aQHEEIQ9/STv9TKuc4KlMUey8W6L0Zw+xFWnkLeygaMps1PhPokSbrABQsB4C10Q
-QSG/Dvvw438W/2sb9aR+skGh1oNAwJiFhLNaNALfkSXRtU16gLMPBJCi2Xqyco7V
-Wh4SFQHrAbuglSi0nYgFm2SxYf/r6JRKxhVkwo8wxRiV8rDZj7WmzQoZK4GHj1u6
-LXXw3g==
+MA0GCSqGSIb3DQEBDQUAA4ICAQAiYF/m2ny/mxFvBVxHfdYuzybhCvsEUd+TSnoe
+mqOWntY3sxCOaY0aGOMB4vyg9G+oP/kT4m63sD4uQxeuU7WOjaG2smCSS5q+PSWS
+v63gILqPamjSyP/Om864EA6YlvVQ7nPXhVDEaiBt3iliefJGmb0wWSbbDCmq3aMb
+WTLuax/IeY6MjJi20LutIcuz+VX8OxlA1hSpgAToMz3xrhA8fPt5UkKhkDkPFYBF
+5htKVipyijChWsXyt33YM2qGaavTEXzxza1I99PGNRKxUMvbSMas4YaLqkBpQSc+
+mcrLWYPiXWsePGu+j08AypE2Ubp4AOSZJN9rBBGotC3gofipo+K/sBiOM9xXI76Q
+0HYOxXPa7D7UQQG1R9i0rcxmf9qepIVYCldmqVkKKDizcDo5UI9lRiLFjDyQhn6l
+YFY9bPQ4lKTK5Jr3M6+dV7fHxLhqXyMGs1905IUb7qvB7Bq/f0qJfC0JZuY/qdn2
+lL0SeFKOVsjErtobh3u8p8j2USkc8uJgIANHpXEMEExdp899CV/eVjh3TpAR7E6T
+mg7Q9Hi6Hh8z+Le9iR4I49vPEWDQEvj35IT6VfwU79UfIOlX+DkW8fFkPbaut3Se
+vqIDv6JBG9I16h/HhchntKfM58MI1bNZFBSdZqYOJiL8JIjP8HNIk76Y366ppG29
+EhBYYg==
 -----END CERTIFICATE-----

data/devise-two-factor.gemspec CHANGED Viewed

@@ -21,9 +21,9 @@ Gem::Specification.new do |s|
   s.test_files    = `git ls-files -- spec/*`.split("\n")
   s.require_paths = ['lib']
-  s.add_runtime_dependency 'railties',       '< 6.2'
-  s.add_runtime_dependency 'activesupport',  '< 6.2'
-  s.add_runtime_dependency 'attr_encrypted', '>= 1.3', '< 4', '!= 2'
+  s.add_runtime_dependency 'railties',       '~> 7.0'
+  s.add_runtime_dependency 'activesupport',  '~> 7.0'
+  s.add_runtime_dependency 'attr_encrypted', '>= 1.3', '< 5', '!= 2'
   s.add_runtime_dependency 'devise',         '~> 4.0'
   s.add_runtime_dependency 'rotp',           '~> 6.0'

data/gemfiles/rails_6.0.gemfile ADDED Viewed

@@ -0,0 +1,8 @@
+# This file was generated by Appraisal
+source "https://rubygems.org"
+gem "railties", "~> 6.0"
+gem "activesupport", "~> 6.0"
+gemspec path: "../"

data/gemfiles/rails_6.1.gemfile ADDED Viewed

@@ -0,0 +1,8 @@
+# This file was generated by Appraisal
+source "https://rubygems.org"
+gem "railties", "~> 6.1"
+gem "activesupport", "~> 6.1"
+gemspec path: "../"

data/gemfiles/rails_7.0.gemfile ADDED Viewed

@@ -0,0 +1,8 @@
+# This file was generated by Appraisal
+source "https://rubygems.org"
+gem "railties", "~> 7.0"
+gem "activesupport", "~> 7.0"
+gemspec path: "../"

data/lib/devise_two_factor/models/two_factor_authenticatable.rb CHANGED Viewed

@@ -35,7 +35,13 @@ module Devise
         return false unless code.present? && otp_secret.present?
         totp = otp(otp_secret)
-        if totp.verify(code, drift_behind: self.class.otp_allowed_drift, drift_ahead: self.class.otp_allowed_drift)
+        if self.consumed_timestep
+          # reconstruct the timestamp of the last consumed timestep
+          after_timestamp = self.consumed_timestep * otp.interval
+        end
+        if totp.verify(code.gsub(/\s+/, ""), drift_behind: self.class.otp_allowed_drift, drift_ahead: self.class.otp_allowed_drift, after: after_timestamp)
           return consume_otp!
         end

data/lib/devise_two_factor/spec_helpers/two_factor_authenticatable_shared_examples.rb CHANGED Viewed

@@ -66,6 +66,42 @@ RSpec.shared_examples 'two_factor_authenticatable' do
           expect(subject.validate_and_consume_otp!(consumed_otp)).to be false
         end
       end
+      context 'given a valid OTP used multiple times within the allowed drift' do
+        let(:consumed_otp) { ROTP::TOTP.new(otp_secret).at(Time.now) }
+        before do
+          subject.validate_and_consume_otp!(consumed_otp)
+        end
+        context 'after the otp interval' do
+          before do
+            travel_to(subject.otp.interval.seconds.from_now)
+          end
+          it 'fails to validate' do
+            expect(subject.validate_and_consume_otp!(consumed_otp)).to be false
+          end
+        end
+      end
+      context 'given a valid OTP used multiple times within the allowed drift after a subsequent login' do
+        let(:consumed_otp) { ROTP::TOTP.new(otp_secret).at(Time.now - subject.class.otp_allowed_drift) }
+        before do
+          travel_to(subject.class.otp_allowed_drift.seconds.ago)
+          subject.validate_and_consume_otp!(consumed_otp)
+        end
+        context 'after the otp interval' do
+          it 'fails to validate' do
+            travel_to(subject.class.otp_allowed_drift.seconds.from_now)
+            next_otp = ROTP::TOTP.new(otp_secret).at(Time.now)
+            expect(subject.validate_and_consume_otp!(next_otp)).to be true
+            expect(subject.validate_and_consume_otp!(consumed_otp)).to be false
+          end
+        end
+      end
     end
     it 'validates a precisely correct OTP' do
@@ -73,6 +109,11 @@ RSpec.shared_examples 'two_factor_authenticatable' do
       expect(subject.validate_and_consume_otp!(otp)).to be true
     end
+    it 'validates a precisely correct OTP with whitespace' do
+      otp = ROTP::TOTP.new(otp_secret).at(Time.now)
+      expect(subject.validate_and_consume_otp!(otp.split("").join(" "))).to be true
+    end
     it 'fails a nil OTP value' do
       otp = nil
       expect(subject.validate_and_consume_otp!(otp)).to be false

data/lib/devise_two_factor/spec_helpers.rb CHANGED Viewed

@@ -1,2 +1,8 @@
+require 'active_support/testing/time_helpers'
 require 'devise_two_factor/spec_helpers/two_factor_authenticatable_shared_examples'
 require 'devise_two_factor/spec_helpers/two_factor_backupable_shared_examples'
+RSpec.configure do |config|
+  config.include ActiveSupport::Testing::TimeHelpers
+end

data/lib/devise_two_factor/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module DeviseTwoFactor
-  VERSION = '4.0.0'.freeze
+  VERSION = '4.1.1'.freeze
 end

data/spec/devise/models/two_factor_authenticatable_spec.rb CHANGED Viewed

@@ -64,15 +64,31 @@ describe ::Devise::Models::TwoFactorAuthenticatable do
     describe 'otp_secret options' do
       it 'should be of the key' do
-        expect(subject.encrypted_attributes[:otp_secret][:key]).to eq('test-key'*8)
+        if attr_encrypted_is_rails_seven_compatible?
+          expect(subject.attr_encrypted_encrypted_attributes[:otp_secret][:key]).to eq('test-key'*8)
+        else
+          expect(subject.encrypted_attributes[:otp_secret][:key]).to eq('test-key'*8)
+        end
       end
       it 'should be of the mode' do
-        expect(subject.encrypted_attributes[:otp_secret][:mode]).to eq(:per_attribute_iv_and_salt)
+        if attr_encrypted_is_rails_seven_compatible?
+          expect(subject.attr_encrypted_encrypted_attributes[:otp_secret][:mode]).to eq(:per_attribute_iv_and_salt)
+        else
+          expect(subject.encrypted_attributes[:otp_secret][:mode]).to eq(:per_attribute_iv_and_salt)
+        end
       end
       it 'should be of the mode' do
-        expect(subject.encrypted_attributes[:otp_secret][:algorithm]).to eq('aes-256-cbc')
+        if attr_encrypted_is_rails_seven_compatible?
+          expect(subject.attr_encrypted_encrypted_attributes[:otp_secret][:algorithm]).to eq('aes-256-cbc')
+        else
+          expect(subject.encrypted_attributes[:otp_secret][:algorithm]).to eq('aes-256-cbc')
+        end
+      end
+      def attr_encrypted_is_rails_seven_compatible?
+        Gem::Version.new(AttrEncrypted::Version.string) >= Gem::Version.new('4.0.0')
       end
     end
   end

data/spec/spec_helper.rb CHANGED Viewed

@@ -21,13 +21,11 @@ require 'rspec'
 require 'faker'
 require 'devise-two-factor'
 require 'devise_two_factor/spec_helpers'
-require 'active_support/testing/time_helpers'
 # Requires supporting files with custom matchers and macros, etc,
 # in ./support/ and its subdirectories.
 Dir["#{File.dirname(__FILE__)}/support/**/*.rb"].each {|f| require f}
 RSpec.configure do |config|
-  config.include ActiveSupport::Testing::TimeHelpers
   config.order = 'random'
 end

data.tar.gz.sig CHANGED Viewed

Binary file

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: devise-two-factor
 version: !ruby/object:Gem::Version
-  version: 4.0.0
+  version: 4.1.1
 platform: ruby
 authors:
 - Shane Wilton
@@ -14,7 +14,7 @@ cert_chain:
   VQQGEwJVUzELMAkGA1UECBMCQ0ExEjAQBgNVBAcTCVBhbG8gQWx0bzEfMB0GA1UE
   ChMWVGluZm9pbCBTZWN1cml0eSwgSW5jLjEfMB0GA1UEAxMWVGluZm9pbCBTZWN1
   cml0eSwgSW5jLjEqMCgGCSqGSIb3DQEJARYbc3VwcG9ydEB0aW5mb2lsc2VjdXJp
-  dHkuY29tMB4XDTExMTIyNzA1MDc0N1oXDTIxMTIyNDA1MDc0N1owgZwxCzAJBgNV
+  dHkuY29tMB4XDTIxMDkwOTE4MjIwMFoXDTI1MDkwOTE4MjIwMFowgZwxCzAJBgNV
   BAYTAlVTMQswCQYDVQQIEwJDQTESMBAGA1UEBxMJUGFsbyBBbHRvMR8wHQYDVQQK
   ExZUaW5mb2lsIFNlY3VyaXR5LCBJbmMuMR8wHQYDVQQDExZUaW5mb2lsIFNlY3Vy
   aXR5LCBJbmMuMSowKAYJKoZIhvcNAQkBFhtzdXBwb3J0QHRpbmZvaWxzZWN1cml0
@@ -38,25 +38,25 @@ cert_chain:
   BAUwAwEB/zARBglghkgBhvhCAQEEBAMCAQYwCQYDVR0SBAIwADArBglghkgBhvhC
   AQ0EHhYcVGlueUNBIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTAmBgNVHREEHzAdgRtz
   dXBwb3J0QHRpbmZvaWxzZWN1cml0eS5jb20wDgYDVR0PAQH/BAQDAgEGMA0GCSqG
-  SIb3DQEBBQUAA4ICAQAD7nsmdg1vStFTi8/P2rgSFxlXxZT0aaVVB1bFBe/m5phb
-  MjvKQ7VAuiFZxEp3oBNdXTi4FzT1QjhRKdlYMgKZQnU+XDLLIYuoi+atxr5qGD4B
-  m58eCGO6ZEutVs3Z7s63UOm5rG0zJ+IEWh8VHMvxgSwiX88QyJuhOtqeiKhIeSGZ
-  2/qGGMWgsScnPg3J/ZVOIKUn/4ljEDlC64Gh5Zz5PZUbGSXPMhdYbSD3EknDvEGA
-  omYW4jlPMeK3GJgwAZu9yWC8hHGFpiMca/6W0W622cg7MX+CByOd+24dvWFnOHur
-  NHBqI+kZo/7Sjdm8x7TWEOz9Rfh5RPMeVNRTj4iq0B6GzfaecT3Yn8y7HTRRiWns
-  IYpP+iHCFYnZhDZsFi4ccKqxKtj6BGmhLf00FuNpgkvrsU3cXrhidkCaYGYj1SME
-  1CMfy0PPKVDpDKeFb6y0NvLf4d57vi99dZAvSJEO18rrNEHN2VUfCKRPA/mBSMLY
-  RxKWAby1YVT/8iC9JWix9yvgsEUtTLyOFxLGtgj3PRiQSvbNe/jK4G9WAIFe6R9E
-  9+HUO2owcmyFXyU3rC/z/lBfDP+2pIRFdUVRGlYCMeUqR08PXpfva5+NQz21fC69
-  FPRMZvXh70ntnFaWAq+j6NCss+AauC8ckECiQsTgbzJvJd6C3mJXYHkNCQODhg==
+  SIb3DQEBBQUAA4ICAQBZy4JJSmwLuO0nZbdr4tJeVS2P8bcGi6PzAcdzVfwzjp6n
+  5qf8m4O8my4lnJieom0GrWSHQoPY1Yur4hEoZbugKO9DWZL3dTiGcrgw0TbQ6Gtq
+  TTPatW3LA21qFJwvohSvLqPdmZuM+H9g49sdl2kNTDVI6iUyMYuNpL14aPKPGBFo
+  o7UjciT1h7JtJl9b/fXrbPeRHBwpZXWeipiPGv/OZW5KnOsNlUkTquS7Zj4ETkIC
+  6mVtmsLvq+YwFthFyMU37pXwYxcmqRmH6lX+XC6AVW5oO4GBmG+Zr/Z+h5Cih5ca
+  /mX88RkO+dGTjw1IdxKmxOqKL62OBATKrTDJ/scsmRptynA4TunYW+7ikOpDbPfL
+  l18aleLISlcgWJg/Czf2nmBqAClPLnhV8qxWsvt58MQQ/Jpoggvpl8EG1PylWiBS
+  Kc/4Ad/FKQFpTzXUgDg2kV07npVjYbBzA5p4ZSWSlflFu93jb9gg2+qtnRSImVCZ
+  nQjZdsv8hebElPAIbtJjSnoH1Kz2ucYLakdF1UMKnpp1PVREtuKPz/foU9KUHs0z
+  dWRALx8cWG4uKK9AIEUlVdGKfX0Wj0qFK0KGxl3f3jObud5Agwue2EPKWwUzEGUh
+  Iqp60gNw3vBdKHw4dh1bfcbXWnRDL+OQPuOFZeMWgu1QmeHeuggYtYtRg7V5Kg==
   -----END CERTIFICATE-----
 - |
   -----BEGIN CERTIFICATE-----
-  MIIGADCCA+igAwIBAgIIP4wV6YA6CO0wDQYJKoZIhvcNAQENBQAwgZwxCzAJBgNV
+  MIIGADCCA+igAwIBAgIIHIF9ta6cW3YwDQYJKoZIhvcNAQENBQAwgZwxCzAJBgNV
   BAYTAlVTMQswCQYDVQQIEwJDQTESMBAGA1UEBxMJUGFsbyBBbHRvMR8wHQYDVQQK
   ExZUaW5mb2lsIFNlY3VyaXR5LCBJbmMuMR8wHQYDVQQDExZUaW5mb2lsIFNlY3Vy
   aXR5LCBJbmMuMSowKAYJKoZIhvcNAQkBFhtzdXBwb3J0QHRpbmZvaWxzZWN1cml0
-  eS5jb20wHhcNMjEwNDA4MTUxODAwWhcNMjExMjI0MDUwNzAwWjCBiDELMAkGA1UE
+  eS5jb20wHhcNMjIwMzIyMjI1MzAwWhcNMjUwOTA5MTgyMjAwWjCBiDELMAkGA1UE
   BhMCVVMxCzAJBgNVBAgTAkNBMR8wHQYDVQQKExZUaW5mb2lsIFNlY3VyaXR5LCBJ
   bmMuMR0wGwYDVQQDExR0aW5mb2lsc2VjdXJpdHktZ2VtczEsMCoGCSqGSIb3DQEJ
   ARYdZW5naW5lZXJzQHRpbmZvaWxzZWN1cml0eS5jb20wggIiMA0GCSqGSIb3DQEB
@@ -73,49 +73,49 @@ cert_chain:
   WEOv4T1qTXHAOypyzmgodVRG/PrlsSMOBfE515kG1mDMGjRcCpEtlskgxUbf7qM7
   hQIDAQABo1gwVjAJBgNVHRMEAjAAMEkGA1UdHwRCMEAwPqA8oDqGOGh0dHBzOi8v
   d3d3LnRpbmZvaWxzZWN1cml0eS5jb20vc2VjdXJpdHkvcmV2b2NhdGlvbl9saXN0
-  MA0GCSqGSIb3DQEBDQUAA4ICAQB4p1yL6e/38Dmf5HdZoSJzQ7AcM+jrD0LdMC1V
-  H0Y107JzZWvIB2aWH4tw4+SKGTr52OvyGFLpBv5jsWUUFssuAV971T1x41kWJSYt
-  tnljNguSrH6ah/pDravLxi+JGQXMBRXhkdvQKbFOfutSe9HEuZLiWUYNDYM17XJq
-  WmG+QhNgXliXgu4AQg+8vb1rDbu/G491GEuxbwaLyyKG8X+P5mYTBbMQbTgJkNfX
-  elpmFtqivFaEHs3evVGEEZRQhe8i5V0Ak2c4Or1ap/pZQf3hUIkZbw7HumyZYNWi
-  VJDMpObUyucv6++TNW8bAI5Oip8DGeYKibPsJ0IfYxMmRC3BmY1E3IIvAdsUHTcq
-  WapfQlX732+mfx/gSBpuZhdwEqjWj0xPj6l9DjQrGuhUEijfucKqyY3F280OYM1b
-  2zG6cwVmh5IeR9nVv0i2KNkoc2zC8tcGpjfBBuDdXZCpow54DRJU4qQ6S0lH5ojs
-  aQHEEIQ9/STv9TKuc4KlMUey8W6L0Zw+xFWnkLeygaMps1PhPokSbrABQsB4C10Q
-  QSG/Dvvw438W/2sb9aR+skGh1oNAwJiFhLNaNALfkSXRtU16gLMPBJCi2Xqyco7V
-  Wh4SFQHrAbuglSi0nYgFm2SxYf/r6JRKxhVkwo8wxRiV8rDZj7WmzQoZK4GHj1u6
-  LXXw3g==
+  MA0GCSqGSIb3DQEBDQUAA4ICAQAiYF/m2ny/mxFvBVxHfdYuzybhCvsEUd+TSnoe
+  mqOWntY3sxCOaY0aGOMB4vyg9G+oP/kT4m63sD4uQxeuU7WOjaG2smCSS5q+PSWS
+  v63gILqPamjSyP/Om864EA6YlvVQ7nPXhVDEaiBt3iliefJGmb0wWSbbDCmq3aMb
+  WTLuax/IeY6MjJi20LutIcuz+VX8OxlA1hSpgAToMz3xrhA8fPt5UkKhkDkPFYBF
+  5htKVipyijChWsXyt33YM2qGaavTEXzxza1I99PGNRKxUMvbSMas4YaLqkBpQSc+
+  mcrLWYPiXWsePGu+j08AypE2Ubp4AOSZJN9rBBGotC3gofipo+K/sBiOM9xXI76Q
+  0HYOxXPa7D7UQQG1R9i0rcxmf9qepIVYCldmqVkKKDizcDo5UI9lRiLFjDyQhn6l
+  YFY9bPQ4lKTK5Jr3M6+dV7fHxLhqXyMGs1905IUb7qvB7Bq/f0qJfC0JZuY/qdn2
+  lL0SeFKOVsjErtobh3u8p8j2USkc8uJgIANHpXEMEExdp899CV/eVjh3TpAR7E6T
+  mg7Q9Hi6Hh8z+Le9iR4I49vPEWDQEvj35IT6VfwU79UfIOlX+DkW8fFkPbaut3Se
+  vqIDv6JBG9I16h/HhchntKfM58MI1bNZFBSdZqYOJiL8JIjP8HNIk76Y366ppG29
+  EhBYYg==
   -----END CERTIFICATE-----
-date: 2021-04-08 00:00:00.000000000 Z
+date: 2023-10-12 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: railties
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "<"
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '6.2'
+        version: '7.0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "<"
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '6.2'
+        version: '7.0'
 - !ruby/object:Gem::Dependency
   name: activesupport
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "<"
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '6.2'
+        version: '7.0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "<"
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '6.2'
+        version: '7.0'
 - !ruby/object:Gem::Dependency
   name: attr_encrypted
   requirement: !ruby/object:Gem::Requirement
@@ -128,7 +128,7 @@ dependencies:
         version: '2'
     - - "<"
       - !ruby/object:Gem::Version
-        version: '4'
+        version: '5'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
@@ -141,7 +141,7 @@ dependencies:
         version: '2'
     - - "<"
       - !ruby/object:Gem::Version
-        version: '4'
+        version: '5'
 - !ruby/object:Gem::Dependency
   name: devise
   requirement: !ruby/object:Gem::Requirement
@@ -260,9 +260,9 @@ executables: []
 extensions: []
 extra_rdoc_files: []
 files:
+- ".github/workflows/ci.yml"
 - ".gitignore"
 - ".rspec"
-- ".travis.yml"
 - Appraisals
 - CHANGELOG.md
 - CONTRIBUTING.md
@@ -274,12 +274,14 @@ files:
 - certs/tinfoil-cacert.pem
 - certs/tinfoilsecurity-gems-cert.pem
 - devise-two-factor.gemspec
-- gemfiles/rails_4_1.gemfile
-- gemfiles/rails_4_2.gemfile
-- gemfiles/rails_5_0.gemfile
-- gemfiles/rails_5_1.gemfile
-- gemfiles/rails_5_2.gemfile
-- gemfiles/rails_6_0.gemfile
+- gemfiles/rails_4.1.gemfile
+- gemfiles/rails_4.2.gemfile
+- gemfiles/rails_5.0.gemfile
+- gemfiles/rails_5.1.gemfile
+- gemfiles/rails_5.2.gemfile
+- gemfiles/rails_6.0.gemfile
+- gemfiles/rails_6.1.gemfile
+- gemfiles/rails_7.0.gemfile
 - lib/devise-two-factor.rb
 - lib/devise_two_factor/models.rb
 - lib/devise_two_factor/models/two_factor_authenticatable.rb
@@ -314,7 +316,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.0.3
+rubygems_version: 3.0.3.1
 signing_key:
 specification_version: 4
 summary: Barebones two-factor authentication with Devise

metadata.gz.sig CHANGED Viewed

Binary file

data/.travis.yml DELETED Viewed

@@ -1,46 +0,0 @@
-sudo: false
-language: ruby
-cache: bundler
-before_install:
-  - gem i rubygems-update -v '<3' && update_rubygems
-  - gem update bundler
-gemfile:
-  - Gemfile
-  - gemfiles/rails_4_1.gemfile
-  - gemfiles/rails_4_2.gemfile
-  - gemfiles/rails_5_0.gemfile
-  - gemfiles/rails_5_1.gemfile
-  - gemfiles/rails_5_2.gemfile
-  - gemfiles/rails_6_0.gemfile
-rvm:
-  - "2.1"
-  - "2.2"
-  - "2.3.4"
-  - "2.4.0"
-  - "2.4.1"
-  - "2.5"
-  - "2.6"
-matrix:
-  exclude:
-    - rvm: "2.1"
-      gemfile: gemfiles/rails_5_0.gemfile
-    - rvm: "2.2"
-      gemfile: gemfiles/rails_5_0.gemfile
-    - rvm: "2.1"
-      gemfile: gemfiles/rails_5_1.gemfile
-    - rvm: "2.2"
-      gemfile: gemfiles/rails_5_1.gemfile
-    - rvm: "2.1"
-      gemfile: gemfiles/rails_5_2.gemfile
-    - rvm: "2.2"
-      gemfile: gemfiles/rails_5_2.gemfile
-    - rvm: "2.1"
-      gemfile: gemfiles/rails_6_0.gemfile
-    - rvm: "2.2"
-      gemfile: gemfiles/rails_6_0.gemfile
-    - rvm: "2.3.4"
-      gemfile: gemfiles/rails_6_0.gemfile
-    - rvm: "2.4.0"
-      gemfile: gemfiles/rails_6_0.gemfile
-    - rvm: "2.4.1"
-      gemfile: gemfiles/rails_6_0.gemfile

data/gemfiles/rails_6_0.gemfile DELETED Viewed

@@ -1,8 +0,0 @@
-# This file was generated by Appraisal
-source "https://rubygems.org"
-gem "railties", "~> 6.0.0.rc2"
-gem "activesupport", "~> 6.0.0.rc2"
-gemspec path: "../"

/data/gemfiles/{rails_4_1.gemfile → rails_4.1.gemfile} RENAMED Viewed

File without changes

/data/gemfiles/{rails_4_2.gemfile → rails_4.2.gemfile} RENAMED Viewed

File without changes

/data/gemfiles/{rails_5_0.gemfile → rails_5.0.gemfile} RENAMED Viewed

File without changes

/data/gemfiles/{rails_5_1.gemfile → rails_5.1.gemfile} RENAMED Viewed

File without changes

/data/gemfiles/{rails_5_2.gemfile → rails_5.2.gemfile} RENAMED Viewed

File without changes