RubyGems - rotp - Versions diffs - 2.0.0 → 2.1.0 - Mend

rotp 2.0.0 → 2.1.0

Files changed (26) hide show

checksums.yaml +4 -4
data/.gitignore +0 -1
data/.travis.yml +2 -0
data/CHANGELOG.md +61 -0
data/Gemfile +1 -1
data/Gemfile.lock +75 -0
data/Guardfile +14 -0
data/README.md +118 -0
data/Rakefile +0 -1
data/bin/rotp +7 -0
data/lib/rotp/arguments.rb +89 -0
data/lib/rotp/cli.rb +56 -0
data/lib/rotp/version.rb +1 -1
data/rotp.gemspec +4 -7
data/spec/lib/rotp/arguments_spec.rb +88 -0
data/spec/lib/rotp/base32_spec.rb +49 -0
data/spec/lib/rotp/cli_spec.rb +29 -0
data/spec/lib/rotp/hotp_spec.rb +142 -0
data/spec/lib/rotp/totp_spec.rb +235 -0
data/spec/spec_helper.rb +9 -7
metadata +54 -26
data/.rspec +0 -3
data/README.markdown +0 -163
data/spec/base_spec.rb +0 -27
data/spec/hotp_spec.rb +0 -66
data/spec/totp_spec.rb +0 -115

data/spec/spec_helper.rb CHANGED Viewed

@@ -1,11 +1,13 @@
-require 'rubygems'
-require 'bundler/setup'
-require 'timecop'
-require 'rspec'
-require 'rspec/autorun'
 require 'rotp'
+require 'timecop'
 RSpec.configure do |config|
-  # some (optional) config here
+  config.disable_monkey_patching!
+  config.raise_errors_for_deprecations!
+  config.color = true
+  config.fail_fast = true
+  config.before do
+    Timecop.return
+  end
 end

metadata CHANGED Viewed

@@ -1,71 +1,89 @@
 --- !ruby/object:Gem::Specification
 name: rotp
 version: !ruby/object:Gem::Version
-  version: 2.0.0
+  version: 2.1.0
 platform: ruby
 authors:
 - Mark Percival
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2014-07-22 00:00:00.000000000 Z
+date: 2015-01-26 00:00:00.000000000 Z
 dependencies:
+- !ruby/object:Gem::Dependency
+  name: guard-rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 4.5.0
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 4.5.0
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: 10.1.0
+        version: 10.4.2
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: 10.1.0
+        version: 10.4.2
 - !ruby/object:Gem::Dependency
   name: rspec
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: 2.13.0
+        version: 3.1.0
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: 2.13.0
+        version: 3.1.0
 - !ruby/object:Gem::Dependency
   name: timecop
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - '>='
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 0.7.1
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - '>='
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 0.7.1
 description: Works for both HOTP and TOTP, and includes QR Code provisioning
 email:
 - mark@markpercival.us
-executables: []
+executables:
+- rotp
 extensions: []
 extra_rdoc_files: []
 files:
-- .gitignore
-- .rspec
-- .travis.yml
+- ".gitignore"
+- ".travis.yml"
+- CHANGELOG.md
 - Gemfile
+- Gemfile.lock
+- Guardfile
 - LICENSE
-- README.markdown
+- README.md
 - Rakefile
+- bin/rotp
 - doc/ROTP/HOTP.html
 - doc/ROTP/OTP.html
 - doc/ROTP/TOTP.html
@@ -85,16 +103,20 @@ files:
 - doc/method_list.html
 - doc/top-level-namespace.html
 - lib/rotp.rb
+- lib/rotp/arguments.rb
 - lib/rotp/base32.rb
+- lib/rotp/cli.rb
 - lib/rotp/hotp.rb
 - lib/rotp/otp.rb
 - lib/rotp/totp.rb
 - lib/rotp/version.rb
 - rotp.gemspec
-- spec/base_spec.rb
-- spec/hotp_spec.rb
+- spec/lib/rotp/arguments_spec.rb
+- spec/lib/rotp/base32_spec.rb
+- spec/lib/rotp/cli_spec.rb
+- spec/lib/rotp/hotp_spec.rb
+- spec/lib/rotp/totp_spec.rb
 - spec/spec_helper.rb
-- spec/totp_spec.rb
 homepage: http://github.com/mdp/rotp
 licenses:
 - MIT
@@ -105,18 +127,24 @@ require_paths:
 - lib
 required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
-  - - '>='
+  - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
-  - - '>='
+  - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
 rubyforge_project: rotp
-rubygems_version: 2.0.2
+rubygems_version: 2.4.5
 signing_key:
 specification_version: 4
 summary: A Ruby library for generating and verifying one time passwords
-test_files: []
+test_files:
+- spec/lib/rotp/arguments_spec.rb
+- spec/lib/rotp/base32_spec.rb
+- spec/lib/rotp/cli_spec.rb
+- spec/lib/rotp/hotp_spec.rb
+- spec/lib/rotp/totp_spec.rb
+- spec/spec_helper.rb

data/.rspec DELETED Viewed

@@ -1,3 +0,0 @@
-# /.rspec
---format nested
---color

data/README.markdown DELETED Viewed

@@ -1,163 +0,0 @@
-# ROTP - The Ruby One Time Password Library
-[![Build Status](https://secure.travis-ci.org/mdp/rotp.png)](http://travis-ci.org/mdp/rotp)
-A ruby library for generating one time passwords (HOTP & TOTP) according to [ RFC 4226 ](http://tools.ietf.org/html/rfc4226) and [ RFC 6238 ](http://tools.ietf.org/html/rfc6238)
-This is compatible with Google Authenticator apps available for Android and iPhone, and now in use on GMail
-## Quick overview of using One Time Passwords on your phone
-* OTP's involve a shared secret, stored both on the phone and the server
-* OTP's can be generated on a phone without internet connectivity (AT&T mode)
-* OTP's should always be used as a second factor of authentication (if your phone is lost, your account is still secured with a password)
-* Google Authenticator allows you to store multiple OTP secrets and provision those using a QR Code (no more typing in the secret)
-## Dependencies
-* OpenSSL
-## Installation
-    gem install rotp
-## Use
-### Time based OTP's
-    totp = ROTP::TOTP.new("base32secret3232")
-    totp.now # => "492039"
-    # OTP verified for current time
-    totp.verify("492039") # => true
-    sleep 30
-    totp.verify("492039") # => false
-### Counter based OTP's
-    hotp = ROTP::HOTP.new("base32secretkey3232")
-    hotp.at(0) # => "260182"
-    hotp.at(1) # => "055283"
-    hotp.at(1401) # => "316439"
-    # OTP verified with a counter
-    totp.verify("316439", 1401) # => true
-    totp.verify("316439", 1402) # => false
-### Generating a Base32 Secret key
-    ROTP::Base32.random_base32 # returns a 16 character base32 secret. Compatible with Google Authenticator
-### Google Authenticator Compatible
-The library works with the Google Authenticator iPhone and Android app, and also
-includes the ability to generate provisioning URI's for use with the QR Code scanner
-built into the app.
-    totp.provisioning_uri("alice@google.com") # => 'otpauth://totp/alice@google.com?secret=JBSWY3DPEHPK3PXP'
-    hotp.provisioning_uri("alice@google.com", 0) # => 'otpauth://hotp/alice@google.com?secret=JBSWY3DPEHPK3PXP&counter=0'
-This can then be rendered as a QR Code which can then be scanned and added to the users
-list of OTP credentials.
-#### Working example
-Scan the following barcode with your phone, using Google Authenticator
-![QR Code for OTP](http://chart.apis.google.com/chart?cht=qr&chs=250x250&chl=otpauth%3A%2F%2Ftotp%2Falice%40google.com%3Fsecret%3DJBSWY3DPEHPK3PXP)
-Now run the following and compare the output
-    require 'rubygems'
-    require 'rotp'
-    totp = ROTP::TOTP.new("JBSWY3DPEHPK3PXP")
-    p "Current OTP: #{totp.now}"
-### Testing
-    bundle install
-    bundle exec rspec spec/*
-### Contributors
-    git shortlog -s -n
-        47  Mark Percival
-        6  David Vrensk
-        1  Guillaume Rose
-        1  Micah Gates
-        1  Michael Brodhead & Shai Rosenfeld
-        1  Nathan Reynolds
-        1  Shai Rosenfeld
-        1  Shai Rosenfeld & Michael Brodhead
-### Changelog
-#### 2.0.0
-- Move to only comparing string OTP's.
-#### 1.7.1
-- Revert to former API
-#### 1.7.0
-- Move to only comparing string OTP's. See mdp/rotp/issues/32 - Moved to 2.0.0
-#### 1.6.1
-- Remove deprecation warning in Ruby 2.1.0 (@ylansegal)
-- Add Ruby 2.0 and 2.1 to Travis
-#### 1.6.0
-- Add verify_with_retries to HOTP
-- Fix 'cgi' require and global DEFAULT_INTERVAL
-#### 1.5.0
-- Add support for "issuer" parameter on provisioning url
-- Add support for "period/interval" parameter on provisioning url
-#### 1.4.6
-- Revert to previous Base32
-#### 1.4.5
-- Fix and test correct implementation of Base32
-#### 1.4.4
-- Fix issue with base32 decoding of strings in a length that's not a multiple of 8
-#### 1.4.3
-- Bugfix on padding
-#### 1.4.2
-- Better padding options (Pad the output with leading 0's)
-#### 1.4.1
-- Clean up drift logic
-#### 1.4.0
-- Added clock drift support via 'verify_with_drift' for TOTP
-####1.3.0
-- Added support for Ruby 1.9.x
-- Removed dependency on Base32
-### License
-MIT Licensed
-### See also:
-Python port PYOTP by [Nathan Reynolds](https://github.com/nathforge) - [https://github.com/nathforge/pyotp](https://github.com/nathforge/pyotp)
-PHP port OTPHP by [Le Lag](https://github.com/lelag) - [https://github.com/lelag/otphp](https://github.com/lelag/otphp)

data/spec/base_spec.rb DELETED Viewed

@@ -1,27 +0,0 @@
-require File.dirname(__FILE__) + '/spec_helper'
-describe "the Base32 implementation" do
-  it "should be 16 characters by default" do
-    ROTP::Base32.random_base32.length.should == 16
-    ROTP::Base32.random_base32.should match /\A[a-z2-7]+\z/
-  end
-  it "should be allow a specific length" do
-    ROTP::Base32.random_base32(32).length.should == 32
-  end
-  it "raise a sane error on a bad decode" do
-    expect { ROTP::Base32.decode("4BCDEFG234BCDEF1") }.to \
-      raise_error(ROTP::Base32::Base32Error, "Invalid Base32 Character - '1'")
-  end
-  it "should correctly decode a string" do
-    ROTP::Base32.decode("F").unpack('H*').first.should == "28"
-    ROTP::Base32.decode("23").unpack('H*').first.should == "d6"
-    ROTP::Base32.decode("234").unpack('H*').first.should == "d6f8"
-    ROTP::Base32.decode("234A").unpack('H*').first.should == "d6f800"
-    ROTP::Base32.decode("234B").unpack('H*').first.should == "d6f810"
-    ROTP::Base32.decode("234BCD").unpack('H*').first.should == "d6f8110c"
-    ROTP::Base32.decode("234BCDE").unpack('H*').first.should == "d6f8110c80"
-    ROTP::Base32.decode("234BCDEFG").unpack('H*').first.should == "d6f8110c8530"
-    ROTP::Base32.decode("234BCDEFG234BCDEFG").unpack('H*').first.should == "d6f8110c8536b7c0886429"
-  end
-end

data/spec/hotp_spec.rb DELETED Viewed

@@ -1,66 +0,0 @@
-require 'spec_helper'
-describe ROTP::HOTP do
-  before(:all) { @counter = 1234 }
-  subject { ROTP::HOTP.new('a' * 32) }
-  it "should generate a string OTP given a count" do
-    subject.at(@counter).should == "161024"
-  end
-  it "should generate a number if padding is set to false" do
-    subject.at(@counter, false).should == 161024
-  end
-  it "should not verify a number" do
-    expect {
-      subject.verify(161024, @counter)
-    }.to raise_error
-  end
-  it "should verify a string" do
-    subject.verify("161024", @counter).should be_true
-  end
-  it "should output its provisioning URI" do
-    url = subject.provisioning_uri('mark@percival')
-    params = CGI::parse(URI::parse(url).query)
-    url.should match(/otpauth:\/\/hotp.+/)
-    params["secret"].first.should == "a" * 32
-  end
-  context "with retries" do
-    it "should verify that retry is a valid number" do
-      subject.verify_with_retries("161024", @counter, -1).should be_false
-      subject.verify_with_retries("161024", @counter, 0).should be_false
-    end
-    it "should verify up to the total number of retries and return the counter" do
-      subject.verify_with_retries("161024", @counter - 10, 10).should == @counter
-    end
-    it "should verify that retry is a valid number" do
-      subject.verify_with_retries("161024", @counter - 20, 10).should be_false
-    end
-  end
-end
-describe "HOTP example values from the rfc" do
-  it "should match the RFC" do
-    # 12345678901234567890 in Base32
-    # GEZDGNBVGY3TQOJQGEZDGNBVGY3TQOJQ
-    hotp = ROTP::HOTP.new("GEZDGNBVGY3TQOJQGEZDGNBVGY3TQOJQ")
-    hotp.at(0).should ==("755224")
-    hotp.at(1).should ==("287082")
-    hotp.at(2).should ==("359152")
-    hotp.at(3).should ==("969429")
-    hotp.at(4).should ==("338314")
-    hotp.at(5).should ==("254676")
-    hotp.at(6).should ==("287922")
-    hotp.at(7).should ==("162583")
-    hotp.at(8).should ==("399871")
-    hotp.at(9).should ==("520489")
-  end
-  it "should verify an OTP and not allow reuse" do
-    hotp = ROTP::HOTP.new("GEZDGNBVGY3TQOJQGEZDGNBVGY3TQOJQ")
-    hotp.verify("520489", 9).should be_true
-    hotp.verify("520489", 10).should be_false
-  end
-end

data/spec/totp_spec.rb DELETED Viewed

@@ -1,115 +0,0 @@
-require 'spec_helper'
-describe ROTP::TOTP do
-  before(:all) { @now = Time.utc(2012,1,1) }
-  subject { ROTP::TOTP.new("JBSWY3DPEHPK3PXP") }
-  it "should generate a number given a number" do
-    subject.at(@now, false).should == 68212
-  end
-  it "should generate a number as a padded string by default" do
-    subject.at(@now).should == "068212"
-  end
-  # Users of the lib
-  it "should not verify a number" do
-    expect {
-      subject.verify(68212, @now)
-    }.to raise_error
-  end
-  it "should not verify an unpadded string" do
-    subject.verify("68212", @now).should be_false
-  end
-  it "should verify a string" do
-    subject.verify("068212", @now).should be_true
-  end
-  it "should output its provisioning URI" do
-    url = subject.provisioning_uri('mark@percival')
-    params = CGI::parse(URI::parse(url).query)
-    url.should match(/otpauth:\/\/totp.+/)
-    params["secret"].first.should == "JBSWY3DPEHPK3PXP"
-  end
-  context  "with issuer" do
-    subject { ROTP::TOTP.new("JBSWY3DPEHPK3PXP", :issuer => "FooCo") }
-    it "should output its provisioning URI with issuer" do
-      url = subject.provisioning_uri('mark@percival')
-      params = CGI::parse(URI::parse(url).query)
-      url.should match(/otpauth:\/\/totp.+/)
-      params["secret"].first.should == "JBSWY3DPEHPK3PXP"
-      params["issuer"].first.should == "FooCo"
-    end
-  end
-  context  "with non default interval" do
-    subject { ROTP::TOTP.new("JBSWY3DPEHPK3PXP", :interval => 60) }
-    it "should output its provisioning URI with issuer" do
-      url = subject.provisioning_uri('mark@percival')
-      params = CGI::parse(URI::parse(url).query)
-      url.should match(/otpauth:\/\/totp.+/)
-      params["secret"].first.should == "JBSWY3DPEHPK3PXP"
-      params["period"].first.should == "60"
-    end
-  end
-  context "with drift" do
-    it "should verify a number" do
-      subject.verify_with_drift("068212", 0, @now).should be_true
-    end
-    it "should verify a string" do
-      subject.verify_with_drift("068212", 0, @now).should be_true
-    end
-    it "should verify a slightly old number" do
-      subject.verify_with_drift(subject.at(@now - 30), 60, @now).should be_true
-    end
-    it "should verify a slightly new number" do
-      subject.verify_with_drift(subject.at(@now + 60), 60, @now).should be_true
-    end
-    it "should reject a number that is outside the allowed drift" do
-      subject.verify_with_drift(subject.at(@now - 60), 30, @now).should be_false
-    end
-    context "with drift that is not a multiple of the TOTP interval" do
-      it "should verify a slightly old number" do
-        subject.verify_with_drift(subject.at(@now - 45), 45, @now).should be_true
-      end
-      it "should verify a slightly new number" do
-        subject.verify_with_drift(subject.at(@now + 40), 40, @now).should be_true
-      end
-    end
-  end
-end
-describe "TOTP example values from the documented output" do
-  it "should match the RFC" do
-    totp = ROTP::TOTP.new("GEZDGNBVGY3TQOJQGEZDGNBVGY3TQOJQ")
-    totp.at(1111111111).should ==("050471")
-    totp.at(1234567890).should ==("005924")
-    totp.at(2000000000).should ==("279037")
-  end
-  it "should match the Google Authenticator output" do
-    totp = ROTP::TOTP.new("wrn3pqx5uqxqvnqr")
-    Timecop.freeze(Time.at(1297553958)) do
-      totp.now.should ==("102705")
-    end
-  end
-  it "should match Dropbox 26 char secret output" do
-    totp = ROTP::TOTP.new("tjtpqea6a42l56g5eym73go2oa")
-    Timecop.freeze(Time.at(1378762454)) do
-      totp.now.should ==("747864")
-    end
-  end
-  it "should validate a time based OTP" do
-    totp = ROTP::TOTP.new("wrn3pqx5uqxqvnqr")
-    Timecop.freeze(Time.at(1297553958)) do
-      totp.verify("102705").should be_true
-    end
-    Timecop.freeze(Time.at(1297553958 + 30)) do
-      totp.verify("102705").should be_false
-    end
-  end
-end