onetime-totp 1.0.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: dc3fd60991cff4658e421a6ae1c94d8976f8473442c7d1e480f242647cc2639f
+  data.tar.gz: 41467f12ee65a75c97e2ba5074f1d3fd8708a1c36a640a27f84a9fc1e1c97079
+SHA512:
+  metadata.gz: 5f8e414491afa3ba4b0183ddc6b3e981aa6b2cbc73db1ee2b7a694033596be35d8a97c47e348ac2efd923ea2a6da8478ba9fec9057aeb65929c33372c5e8bbed
+  data.tar.gz: 9569c0a21c52a6b9618805bcc8a9326c9f3e0ae9a90c0f34ad04c83283b56607042cbb9fa7ce80af669acfaacf5b35d8c23355df3c41a0687af33a4a76d38c79

data/lib/onetime.rb

@@ -0,0 +1,130 @@
+################################################################################
+#                                                                              #
+#   OneTime password generator - 2020 fboccacini@gmail.com <Fabio Boccacini>   #
+#   v1.0                                                                       #
+#                                                                              #
+################################################################################
+
+require 'openssl'
+require 'base64'
+require 'base32'
+require 'json'
+require 'net/https'
+
+class OneTime
+
+  attr_accessor :step, :encryption, :length
+  attr_reader :password, :secret, :generation_time
+
+  def initialize(secret, length: 6, step: 30, encryption: 'SHA512')
+
+    @secret = secret
+    @length = length
+    @step = step
+    @encryption = encryption
+    self.generate
+
+  end
+
+  def generate(time: Time.now,
+                length: self.length,
+                step: self.step,
+                encryption: self.encryption,
+                reset: false)
+
+    begin
+
+      # If reset is true nil the generation time
+      @generation_time = time.clone if reset == true || @generation_time.nil?
+
+      # Binary key from time / step
+      rounded_step = (time.to_f - @generation_time.to_f).floor / step
+      key = ['%0.16x' % (rounded_step).to_s(16).hex].pack('H*')
+
+      # Convert secret's non base32 char to base32 and back to string
+      data = Base32.decode(Base32.encode(self.secret))
+
+      # Get initial HMAC hash
+      hash = OpenSSL::HMAC.digest(encryption.downcase, data, key)
+
+      # Dynamic truncation:
+      # Get the last for bit of the last byte of the hash
+      offset = hash[hash.length - 1].ord & 0xf
+
+      # Get the for bytes pointed by the offset
+      hash = hash[offset .. offset + 3].bytes
+
+      # Get new hash
+      truncated_hash = ((hash[0] & 0x7f) << 24) |
+                       ((hash[1] & 0xff) << 16) |
+                       ((hash[2] & 0xff) <<  8) |
+                       (hash[3] & 0xff)
+
+      # Get actual password
+      @password = "%0.#{length}d" % (truncated_hash % (10 ** length));
+
+      return self.password
+
+    rescue Exception => e
+      puts e.message
+      # puts e.backtrace.join("\n")
+      return nil
+    end
+
+  end
+
+  def verify(password, time: Time.now,
+                      length: self.length,
+                      step: self.step,
+                      encryption: self.encryption)
+
+    # verify a password correctness for a given time
+    begin
+
+      return self.generate(time: time,
+                          length: length,
+                          step: step,
+                          encryption: encryption) == password
+
+    rescue Exception => e
+      puts e.message
+      # puts e.backtrace.join("\n")
+      return false
+    end
+
+  end
+
+  def call_service(url, user, payload, content_type: 'application/json', accept: '*/*')
+
+    begin
+
+      self.generate if self.password.nil?
+
+      # Base64 encode authentication for the header
+      auth = Base64.strict_encode64("#{user}:#{self.password}".encode("ASCII"))
+
+      # Prep uri and headers
+      uri = URI.parse(url)
+      headers = {
+          'Authorization' => "Basic #{auth}",
+          'Content-Type' => content_type,
+          'Accept' => accept
+        }
+
+      # Create request
+      request = Net::HTTP.new(uri.host, uri.port)
+      request.use_ssl = true
+
+      # Send request
+      return request.post(uri.path, payload.to_json, headers)
+    rescue Exception => e
+      puts e.message
+      # puts e.backtrace.join("\n")
+      return nil
+    end
+
+  end
+
+
+
+end

metadata

@@ -0,0 +1,59 @@
+--- !ruby/object:Gem::Specification
+name: onetime-totp
+version: !ruby/object:Gem::Version
+  version: 1.0.0
+platform: ruby
+authors:
+- Fabio Boccacini
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2020-05-27 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: base32
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.3'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.3'
+description: |-
+  A TOTP generator, that includes validation, generation and send methods.
+      See https://github.com/fboccacini/onetime-totp for reference and usage.
+email: fboccacini@gmail.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- lib/onetime.rb
+homepage: https://github.com/fboccacini/onetime-totp
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubygems_version: 3.0.3
+signing_key: 
+specification_version: 4
+summary: Time-based One Time Password (TOTP) generator.
+test_files: []