rotp 1.4.3 → 1.4.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.markdown +27 -10
- data/lib/rotp/base32.rb +1 -2
- data/lib/rotp/version.rb +1 -1
- data/spec/base_spec.rb +6 -0
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: f8ce74f1100ad298f8af11595abb6af79b90de7f
|
|
4
|
+
data.tar.gz: 9777ea4074be03cad417c708c7b4caeb955b91ae
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 8fd962693e60b864efd2f3d5d0dde1526abfb42c1b617052d0e36328ef2bdc791a6c9c14906069f9f8f10f201fb2281b9b9d69d4b3e0cdd77c3c2e500869cc0d
|
|
7
|
+
data.tar.gz: 48728cbfb67d418e9e1d2b21370c28a4eb9a94bc0c18bedf34d7b7dea320468274d07879f89bb33dba65e292a77069afa28dcd7774422cb5a1694c8919d29130
|
data/README.markdown
CHANGED
|
@@ -8,9 +8,9 @@ This is compatible with Google Authenticator apps available for Android and iPho
|
|
|
8
8
|
## Quick overview of using One Time Passwords on your phone
|
|
9
9
|
|
|
10
10
|
* OTP's involve a shared secret, stored both on the phone and the server
|
|
11
|
-
* OTP's can be generated on a phone without internet connectivity(AT&T mode)
|
|
12
|
-
* OTP's should always be used as a second factor of authentication(if your phone is lost,
|
|
13
|
-
* Google Authenticator allows you to store multiple OTP secrets and provision those using a QR Code(no more typing in the secret)
|
|
11
|
+
* OTP's can be generated on a phone without internet connectivity (AT&T mode)
|
|
12
|
+
* OTP's should always be used as a second factor of authentication (if your phone is lost, your account is still secured with a password)
|
|
13
|
+
* Google Authenticator allows you to store multiple OTP secrets and provision those using a QR Code (no more typing in the secret)
|
|
14
14
|
|
|
15
15
|
## Dependencies
|
|
16
16
|
|
|
@@ -81,16 +81,33 @@ Now run the following and compare the output
|
|
|
81
81
|
|
|
82
82
|
git shortlog -s -n
|
|
83
83
|
|
|
84
|
-
|
|
85
|
-
|
|
86
|
-
|
|
87
|
-
|
|
88
|
-
|
|
89
|
-
|
|
90
|
-
|
|
84
|
+
47 Mark Percival
|
|
85
|
+
6 David Vrensk
|
|
86
|
+
1 Guillaume Rose
|
|
87
|
+
1 Micah Gates
|
|
88
|
+
1 Michael Brodhead & Shai Rosenfeld
|
|
89
|
+
1 Nathan Reynolds
|
|
90
|
+
1 Shai Rosenfeld
|
|
91
|
+
1 Shai Rosenfeld & Michael Brodhead
|
|
91
92
|
|
|
92
93
|
### Changelog
|
|
93
94
|
|
|
95
|
+
#### 1.4.4
|
|
96
|
+
|
|
97
|
+
- Fix issue with base32 decoding of strings in a length that's not a multiple of 8
|
|
98
|
+
|
|
99
|
+
#### 1.4.3
|
|
100
|
+
|
|
101
|
+
- Bugfix on padding
|
|
102
|
+
|
|
103
|
+
#### 1.4.2
|
|
104
|
+
|
|
105
|
+
- Better padding options (Pad the output with leading 0's)
|
|
106
|
+
|
|
107
|
+
#### 1.4.1
|
|
108
|
+
|
|
109
|
+
- Clean up drift logic
|
|
110
|
+
|
|
94
111
|
#### 1.4.0
|
|
95
112
|
|
|
96
113
|
- Added clock drift support via 'verify_with_drift' for TOTP
|
data/lib/rotp/base32.rb
CHANGED
|
@@ -5,7 +5,7 @@ module ROTP
|
|
|
5
5
|
class << self
|
|
6
6
|
def decode(str)
|
|
7
7
|
output = []
|
|
8
|
-
str.scan(/.{8}/).each do |block|
|
|
8
|
+
str.scan(/.{1,8}/).each do |block|
|
|
9
9
|
char_array = decode_block(block).map{|c| c.chr}
|
|
10
10
|
output << char_array
|
|
11
11
|
end
|
|
@@ -23,7 +23,6 @@ module ROTP
|
|
|
23
23
|
private
|
|
24
24
|
|
|
25
25
|
def decode_block(block)
|
|
26
|
-
return 0 unless (block.bytesize % 8 == 0) || (block.bytesize == 0)
|
|
27
26
|
length = block.scan(/[^=]/).length
|
|
28
27
|
quints = block.each_char.map {|c| decode_quint(c)}
|
|
29
28
|
bytes = []
|
data/lib/rotp/version.rb
CHANGED
data/spec/base_spec.rb
CHANGED
|
@@ -51,6 +51,12 @@ describe "TOTP example values from the rfc" do
|
|
|
51
51
|
totp.now.should ==(102705)
|
|
52
52
|
end
|
|
53
53
|
end
|
|
54
|
+
it "should match Dropbox 26 char secret output" do
|
|
55
|
+
totp = ROTP::TOTP.new("tjtpqea6a42l56g5eym73go2oa")
|
|
56
|
+
Timecop.freeze(Time.at(1378762454)) do
|
|
57
|
+
totp.now.should ==(747864)
|
|
58
|
+
end
|
|
59
|
+
end
|
|
54
60
|
it "should validate a time based OTP" do
|
|
55
61
|
totp = ROTP::TOTP.new("wrn3pqx5uqxqvnqr")
|
|
56
62
|
Timecop.freeze(Time.at(1297553958)) do
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: rotp
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.4.
|
|
4
|
+
version: 1.4.4
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Mark Percival
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2013-09-
|
|
11
|
+
date: 2013-09-09 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: rake
|