otp 0.0.9 → 0.0.10

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (12) hide show
  1. checksums.yaml +4 -4
  2. data/.rubocop.yml +2 -2
  3. data/README.md +4 -4
  4. data/lib/otp/base.rb +24 -21
  5. data/lib/otp/hotp.rb +5 -6
  6. data/lib/otp/totp.rb +5 -6
  7. data/lib/otp/uri.rb +22 -46
  8. data/lib/otp/utils.rb +16 -3
  9. data/lib/otp/version.rb +1 -1
  10. data/test/test_base.rb +46 -11
  11. data/test/test_uri.rb +59 -3
  12. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 032b0bd99d66d97d8281cd5006409b1f482c2314
4
- data.tar.gz: ca0320a12fe5d73c907e8cd445dac6fd0219112f
3
+ metadata.gz: 81f98da9bacd6750a761f89590463ed0777b2b1d
4
+ data.tar.gz: 710bb562bde9f46efcdf89f5e9777839ba8dbf37
5
5
  SHA512:
6
- metadata.gz: f60da46723a92855571fcabbf0b8e0ad264093822516ebdd9d152181cb102280c92a3ce97a499b9bf661aac9adf6ff2694e2ae02294eb39d2e6d1be70d3eb8ed
7
- data.tar.gz: 8d90aba69fd87db84b94a3b0a374f817a8566d970be4820e868f16a1098b81e8de188247bc9b29c4f811a0e4779bb1c8cc43907aef5fc1b4fd974a7fd68e28bb
6
+ metadata.gz: a5921f7970174fafc13b4ce15de85f94772ae958338bab7645d9a5804e61b45a6e8ef1666e0a18075dfabb47e52d8356f6fe7a03575d6ac472b5471052a7c755
7
+ data.tar.gz: 85f05deafa16e5232185255572003d7c3c477ada47079dcd393262983694030f24cc7e540e54d503c4f19f132aee103b1cb5c3b277301efd771cb42f56adbd2c
data/.rubocop.yml CHANGED
@@ -39,8 +39,8 @@ Style/FormatString:
39
39
  Style/EachWithObject:
40
40
  Enabled: false
41
41
 
42
- Metrics/AbcSize:
43
- Max: 20
42
+ #Metrics/AbcSize:
43
+ # Max: 20
44
44
 
45
45
  Metrics/MethodLength:
46
46
  Max: 30
data/README.md CHANGED
@@ -47,11 +47,11 @@ You can use the last and post option parameters to verify several generations, i
47
47
 
48
48
  TOTP and HOTP algorithm details can be referred at the following URLs.
49
49
 
50
- * HOTP: An HMAC-Based One-Time Password Algorithm - http://tools.ietf.org/html/rfc4226
51
- * TOTP: Time-Based One-Time Password Algorithm - http://tools.ietf.org/html/rfc6238
50
+ * [HOTP: An HMAC-Based One-Time Password Algorithm](http://tools.ietf.org/html/rfc4226)
51
+ * [TOTP: Time-Based One-Time Password Algorithm](http://tools.ietf.org/html/rfc6238)
52
52
 
53
53
  In the OTP URI format, the value of "secret" is encoded with BASE32 algorithm.
54
54
  The Format details are described in the document of Google Authenticator.
55
55
 
56
- * The Base16, Base32, and Base64 Data Encodings - http://tools.ietf.org/html/rfc4648
57
- * Google Authenticator Key URI format - https://github.com/google/google-authenticator/wiki/Key-Uri-Format
56
+ * [The Base16, Base32, and Base64 Data Encodings](http://tools.ietf.org/html/rfc4648)
57
+ * [Google Authenticator Key URI format](https://github.com/google/google-authenticator/wiki/Key-Uri-Format)
data/lib/otp/base.rb CHANGED
@@ -9,9 +9,7 @@ module OTP
9
9
  DEFAULT_DIGITS = 6
10
10
  DEFAULT_ALGORITHM = "SHA1"
11
11
 
12
- attr_accessor :secret
13
- attr_accessor :algorithm
14
- attr_accessor :digits
12
+ attr_accessor :secret, :algorithm, :digits
15
13
  attr_accessor :issuer, :accountname
16
14
 
17
15
  def initialize(secret=nil, algorithm=nil, digits=nil)
@@ -21,24 +19,23 @@ module OTP
21
19
  end
22
20
 
23
21
  def new_secret(num_bytes=10)
24
- s = (0...num_bytes).map{ Random.rand(256).chr }.join
25
- self.secret = OTP::Base32.encode(s)
22
+ self.raw_secret = OpenSSL::Random.random_bytes(num_bytes)
26
23
  end
27
24
 
28
- def moving_factor
29
- raise NotImplementedError
25
+ def raw_secret=(bytes)
26
+ self.secret = OTP::Base32.encode(bytes)
30
27
  end
31
28
 
32
- def otp(generation=0)
33
- hash = hmac(algorithm, OTP::Base32.decode(secret),
34
- pack_int64(moving_factor+generation))
35
- return truncate(hash)
29
+ def raw_secret
30
+ return OTP::Base32.decode(secret)
31
+ end
32
+
33
+ def moving_factor
34
+ raise NotImplementedError
36
35
  end
37
36
 
38
37
  def password(generation=0)
39
- pw = (otp(generation) % (10 ** digits)).to_s
40
- pw = "0" + pw while pw.length < digits
41
- return pw
38
+ return otp(algorithm, raw_secret, moving_factor+generation, digits)
42
39
  end
43
40
 
44
41
  def verify(given_pw, last:0, post:0)
@@ -48,18 +45,24 @@ module OTP
48
45
  return (-last..post).any?{|i| compare(password(i), given_pw) }
49
46
  end
50
47
 
51
- ## URI related methods
52
-
53
48
  def to_uri
54
- OTP::URI.format(self)
49
+ return OTP::URI.format(self)
55
50
  end
56
51
 
57
- def type_specific_uri_params
58
- raise NotImplementedError
52
+ def uri_params
53
+ params = {}
54
+ params[:secret] = secret
55
+ params[:issuer] = issuer if issuer
56
+ params[:algorithm] = algorithm if algorithm != DEFAULT_ALGORITHM
57
+ params[:digits] = digits if digits != DEFAULT_DIGITS
58
+ return params
59
59
  end
60
60
 
61
- def extract_type_specific_uri_params(query)
62
- raise NotImplementedError
61
+ def extract_uri_params(params)
62
+ self.secret = params["secret"]
63
+ self.issuer = issuer || params["issuer"]
64
+ self.algorithm = params["algorithm"] || algorithm
65
+ self.digits = (params["digits"] || digits).to_i
63
66
  end
64
67
  end
65
68
  end
data/lib/otp/hotp.rb CHANGED
@@ -13,14 +13,13 @@ module OTP
13
13
  return count
14
14
  end
15
15
 
16
- def type_specific_uri_params
17
- return {count: count}
16
+ def uri_params
17
+ return super.merge(count: count)
18
18
  end
19
19
 
20
- def extract_type_specific_uri_params(query)
21
- if value = query["count"]
22
- self.count = value.to_i
23
- end
20
+ def extract_uri_params(params)
21
+ super
22
+ self.count = (params["count"] || count).to_i
24
23
  end
25
24
  end
26
25
  end
data/lib/otp/totp.rb CHANGED
@@ -16,16 +16,15 @@ module OTP
16
16
  return (time || Time.now).to_i / period
17
17
  end
18
18
 
19
- def type_specific_uri_params
20
- params = {}
19
+ def uri_params
20
+ params = super
21
21
  params["period"] = period if period != DEFAULT_PERIOD
22
22
  return params
23
23
  end
24
24
 
25
- def extract_type_specific_uri_params(query)
26
- if value = query["period"]
27
- self.period = value.to_i
28
- end
25
+ def extract_uri_params(params)
26
+ super
27
+ self.period = (params["period"] || period).to_i
29
28
  end
30
29
  end
31
30
  end
data/lib/otp/uri.rb CHANGED
@@ -2,29 +2,23 @@ require "uri"
2
2
 
3
3
  module OTP
4
4
  module URI
5
- module_function
5
+ SCHEME = "otpauth"
6
6
 
7
- SCHEME = "othauth"
7
+ module_function
8
8
 
9
9
  def parse(uri_string)
10
10
  uri = ::URI.parse(uri_string)
11
- raise "URI scheme not match: #{uri.scheme}" unless uri.scheme != SCHEME
12
- otp = otp_class(uri).new
13
- m = %r{/(?:([^:]*): *)?(.+)}.match(::URI.decode(uri.path))
11
+ if uri.scheme.downcase != SCHEME
12
+ raise "URI scheme not match: #{uri.scheme}"
13
+ end
14
+ otp = type_to_class(uri).new
15
+ unless m = %r{/(?:([^:]*): *)?(.+)}.match(::URI.decode(uri.path))
16
+ raise "account name must be present: #{uri_string}"
17
+ end
14
18
  otp.issuer = m[1] if m[1]
15
19
  otp.accountname = m[2]
16
20
  query = Hash[::URI.decode_www_form(uri.query)]
17
- otp.secret = query["secret"]
18
- if value = query["algorithm"]
19
- otp.algorithm = value
20
- end
21
- if value = query["issuer"]
22
- otp.issuer = value
23
- end
24
- if value = query["digits"]
25
- otp.digits = value.to_i
26
- end
27
- otp.extract_type_specific_uri_params(query)
21
+ otp.extract_uri_params(query)
28
22
  return otp
29
23
  end
30
24
 
@@ -32,41 +26,23 @@ module OTP
32
26
  raise "secret must be set" if otp.secret.nil?
33
27
  raise "accountname must be set" if otp.accountname.nil?
34
28
  typename = otp.class.name.split("::")[-1].downcase
35
- label = otp.issuer ? "#{otp.issuer}:#{otp.accountname}" : otp.accountname
36
- params = pickup_params(otp)
37
- return "otpauth://%s/%s?%s" % [
29
+ label = otp.accountname.dup
30
+ label.prepend("#{otp.issuer}:") if otp.issuer
31
+ return "%s://%s/%s?%s" % [
32
+ SCHEME,
38
33
  ::URI.encode(typename),
39
34
  ::URI.encode(label),
40
- ::URI.encode_www_form(params)
35
+ ::URI.encode_www_form(otp.uri_params)
41
36
  ]
42
37
  end
43
38
 
44
- def otp_class(uri)
45
- case uri.host.upcase
46
- when "HOTP"
47
- OTP::HOTP
48
- when "TOTP"
49
- OTP::TOTP
50
- else
51
- raise "unknown OTP type: #{uri.host}"
52
- end
53
- end
54
-
55
- def pickup_params(otp)
56
- param_spec = [
57
- [:secret, nil],
58
- [:issuer, nil],
59
- [:algorithm, OTP::Base::DEFAULT_ALGORITHM],
60
- [:digits, OTP::Base::DEFAULT_DIGITS],
61
- ]
62
- params = param_spec.reduce({}) do |h, (name, default)|
63
- value = otp.send(name)
64
- if value && value != default
65
- h[name] = value
66
- end
67
- h
68
- end
69
- return params.merge(otp.type_specific_uri_params)
39
+ def type_to_class(uri)
40
+ klass = OTP.const_get(uri.host.upcase)
41
+ raise unless klass.is_a?(Class)
42
+ raise unless klass.ancestors.include?(OTP::Base)
43
+ return klass
44
+ rescue
45
+ raise "unknown OTP type: #{uri.host}"
70
46
  end
71
47
  end
72
48
  end
data/lib/otp/utils.rb CHANGED
@@ -4,6 +4,13 @@ module OTP
4
4
  module Utils
5
5
  private
6
6
 
7
+ def otp(algorithm, secret, moving_factor, digits)
8
+ message = pack_int64(moving_factor)
9
+ digest = hmac(algorithm, secret, message)
10
+ num = pickup(digest)
11
+ return truncate(num, digits)
12
+ end
13
+
7
14
  def pack_int64(i)
8
15
  return [i >> 32 & 0xffffffff, i & 0xffffffff].pack("NN")
9
16
  end
@@ -14,12 +21,18 @@ module OTP
14
21
  return mac.digest
15
22
  end
16
23
 
17
- def truncate(hash)
18
- offset = hash[-1].ord & 0xf
19
- binary = hash[offset, 4]
24
+ def pickup(digest)
25
+ offset = digest[-1].ord & 0xf
26
+ binary = digest[offset, 4]
20
27
  return binary.unpack("N")[0] & 0x7fffffff
21
28
  end
22
29
 
30
+ def truncate(num, digits)
31
+ pw = (num % (10 ** digits)).to_s
32
+ pw.prepend("0") while pw.length < digits
33
+ return pw
34
+ end
35
+
23
36
  def compare(a, b)
24
37
  return a.to_i == b.to_i
25
38
  end
data/lib/otp/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module OTP
2
- VERSION = "0.0.9"
2
+ VERSION = "0.0.10"
3
3
  end
data/test/test_base.rb CHANGED
@@ -1,25 +1,60 @@
1
1
  require_relative "helper"
2
2
 
3
3
  class TestBase < Test::Unit::TestCase
4
- def test_base
4
+ def test_new_secret
5
5
  otp = OTP::Base.new
6
+
6
7
  otp.new_secret(20)
8
+ assert_equal(20, otp.raw_secret.length)
7
9
  assert_equal(32, otp.secret.length)
10
+
8
11
  otp.new_secret(40)
12
+ assert_equal(40, otp.raw_secret.length)
9
13
  assert_equal(64, otp.secret.length)
10
14
  end
11
15
 
12
- def test_methods_expected_to_be_override
16
+ def test_secret
17
+ otp = OTP::Base.new
18
+
19
+ otp.secret = nil
20
+ assert_nil(otp.secret)
21
+ assert_nil(otp.raw_secret)
22
+
23
+ otp.secret = ""
24
+ assert_equal("", otp.secret)
25
+ assert_equal("", otp.raw_secret)
26
+
27
+ otp.secret = "MZXW6YTBOI======"
28
+ assert_equal("MZXW6YTBOI======", otp.secret)
29
+ assert_equal("foobar", otp.raw_secret)
30
+
31
+ otp.secret = "MZXW6YTBOI"
32
+ assert_equal("MZXW6YTBOI", otp.secret)
33
+ assert_equal("foobar", otp.raw_secret)
34
+ end
35
+
36
+ def test_raw_secret
37
+ otp = OTP::Base.new
38
+
39
+ otp.raw_secret = nil
40
+ assert_nil(otp.secret)
41
+ assert_nil(otp.raw_secret)
42
+
43
+ otp.raw_secret = ""
44
+ assert_equal("", otp.secret)
45
+ assert_equal("", otp.raw_secret)
46
+
47
+ otp.raw_secret = "foobarbaz"
48
+ assert_equal("MZXW6YTBOJRGC6Q=", otp.secret)
49
+ assert_equal("foobarbaz", otp.raw_secret)
50
+ end
51
+
52
+ def test_moving_factor
13
53
  base = OTP::Base.new
54
+ hotp = OTP::HOTP.new
14
55
  totp = OTP::TOTP.new
15
-
16
- [
17
- [:moving_factor, ],
18
- [:type_specific_uri_params, ],
19
- [:extract_type_specific_uri_params, {}],
20
- ].each do |m, *args|
21
- assert_raise(NotImplementedError){ base.send(m, *args) }
22
- assert_nothing_raised{ totp.send(m, *args) }
23
- end
56
+ assert_raise(NotImplementedError){ base.moving_factor }
57
+ assert_nothing_raised{ hotp.moving_factor }
58
+ assert_nothing_raised{ totp.moving_factor }
24
59
  end
25
60
  end
data/test/test_uri.rb CHANGED
@@ -7,17 +7,45 @@ class TestURI < Test::Unit::TestCase
7
7
  assert_equal("account@example.com", otp.accountname)
8
8
  assert_equal(nil, otp.issuer)
9
9
 
10
+ uri = "otpauth://totp/account@example.com?secret=GEZDGNBVGY3TQOJQGEZDGNBVGY3TQOJQ&issuer=Foo"
11
+ otp = OTP::URI.parse(uri)
12
+ assert_equal("account@example.com", otp.accountname)
13
+ assert_equal("Foo", otp.issuer)
14
+
10
15
  uri = "otpauth://totp/My%20Company:%20%20account@example.com?secret=GEZDGNBVGY3TQOJQGEZDGNBVGY3TQOJQ"
11
16
  otp = OTP::URI.parse(uri)
12
17
  assert_equal("account@example.com", otp.accountname)
13
18
  assert_equal("My Company", otp.issuer)
14
19
 
15
- uri = "otpauth://totp/My%20Company:%20%20account@example.com?secret=GEZDGNBVGY3TQOJQGEZDGNBVGY3TQOJQ"
20
+ uri = "otpauth://totp/My%20Company:%20%20account@example.com?secret=GEZDGNBVGY3TQOJQGEZDGNBVGY3TQOJQ&issuer=Foo"
16
21
  otp = OTP::URI.parse(uri)
17
22
  assert_equal("account@example.com", otp.accountname)
18
23
  assert_equal("My Company", otp.issuer)
19
24
  end
20
25
 
26
+ def test_totp_simple
27
+ secret = OTP::Base32.encode("12345678901234567890")
28
+ totp = OTP::TOTP.new
29
+ totp.secret = secret
30
+ totp.accountname = "account@example.com"
31
+ uri = totp.to_uri
32
+ assert_not_match(/algorithm=/, uri)
33
+ assert_not_match(/digits=/, uri)
34
+ assert_not_match(/issuer=/, uri)
35
+ assert_not_match(/period=/, uri)
36
+
37
+ otp = OTP::URI.parse(uri)
38
+ assert_equal(OTP::TOTP, otp.class)
39
+ assert_equal(secret, otp.secret)
40
+ assert_equal("SHA1", otp.algorithm)
41
+ assert_equal(6, otp.digits)
42
+ assert_equal(30, otp.period)
43
+ assert_equal("account@example.com", otp.accountname)
44
+ assert_equal(nil, otp.issuer)
45
+ totp.time = otp.time = Time.now
46
+ assert_equal(otp.password, totp.password)
47
+ end
48
+
21
49
  def test_totp
22
50
  secret = OTP::Base32.encode("12345678901234567890")
23
51
  totp = OTP::TOTP.new
@@ -41,6 +69,28 @@ class TestURI < Test::Unit::TestCase
41
69
  assert_equal(otp.password, totp.password)
42
70
  end
43
71
 
72
+ def test_hotp_simple
73
+ secret = OTP::Base32.encode("12345678901234567890")
74
+ hotp = OTP::HOTP.new
75
+ hotp.secret = secret
76
+ hotp.accountname = "account@example.com"
77
+ uri = hotp.to_uri
78
+ assert_not_match(/algorithm=/, uri)
79
+ assert_not_match(/digits=/, uri)
80
+ assert_not_match(/issuer=/, uri)
81
+ assert_match(/count=0/, uri)
82
+
83
+ otp = OTP::URI.parse(uri)
84
+ assert_equal(OTP::HOTP, otp.class)
85
+ assert_equal(secret, otp.secret)
86
+ assert_equal("SHA1", otp.algorithm)
87
+ assert_equal(6, otp.digits)
88
+ assert_equal(0, otp.count)
89
+ assert_equal("account@example.com", otp.accountname)
90
+ assert_equal(nil, otp.issuer)
91
+ assert_equal(otp.password, hotp.password)
92
+ end
93
+
44
94
  def test_hotp
45
95
  secret = OTP::Base32.encode("12345678901234567890")
46
96
  hotp = OTP::HOTP.new
@@ -64,7 +114,13 @@ class TestURI < Test::Unit::TestCase
64
114
  end
65
115
 
66
116
  def test_parse_invalid
67
- assert_raise(RuntimeError){ OTP::URI.parse("http://www.netlab.jp") }
68
- assert_raise(RuntimeError){ OTP::URI.parse("otpauth://foo") }
117
+ e = assert_raise(RuntimeError){ OTP::URI.parse("http://www.netlab.jp") }
118
+ assert_match(/URI scheme not match/, e.message)
119
+ e = assert_raise(RuntimeError){ OTP::URI.parse("otpauth://foo") }
120
+ assert_match(/unknown OTP type/, e.message)
121
+ e = assert_raise(RuntimeError){ OTP::URI.parse("otpauth://version") }
122
+ assert_match(/unknown OTP type/, e.message)
123
+ e = assert_raise(RuntimeError){ OTP::URI.parse("otpauth://totp/") }
124
+ assert_match(/account name must be present/, e.message)
69
125
  end
70
126
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: otp
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.0.9
4
+ version: 0.0.10
5
5
  platform: ruby
6
6
  authors:
7
7
  - Yuuzou Gotou
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2015-06-08 00:00:00.000000000 Z
11
+ date: 2015-06-09 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: bundler