rotp 2.1.1 → 6.2.2

data/spec/lib/rotp/totp_spec.rb

@@ -1,66 +1,58 @@
 require 'spec_helper'
 
+TEST_TIME = Time.utc 2016, 9, 23, 9 # 2016-09-23 09:00:00 UTC
+TEST_TOKEN = '082630'.freeze
+
 RSpec.describe ROTP::TOTP do
-  let(:now)   { Time.utc 2012,1,1 }
-  let(:token) { '068212' }
+  let(:now)   { TEST_TIME }
+  let(:token) { TEST_TOKEN }
   let(:totp)  { ROTP::TOTP.new 'JBSWY3DPEHPK3PXP' }
 
   describe '#at' do
-    context 'with padding' do
-      let(:token) { totp.at now }
+    let(:token) { totp.at now }
 
-      it 'is a string number' do
-        expect(token).to eq '068212'
-      end
-    end
-
-    context 'without padding' do
-      let(:token) { totp.at now, false }
-
-      it 'is an integer' do
-        expect(token).to eq 68212
-      end
+    it 'is a string number' do
+      expect(token).to eq TEST_TOKEN
     end
 
     context 'RFC compatibility' do
       let(:totp) { ROTP::TOTP.new('GEZDGNBVGY3TQOJQGEZDGNBVGY3TQOJQ') }
 
       it 'matches the RFC documentation examples' do
-        expect(totp.at 1111111111).to eq '050471'
-        expect(totp.at 1234567890).to eq '005924'
-        expect(totp.at 2000000000).to eq '279037'
+        expect(totp.at(1_111_111_111)).to eq '050471'
+        expect(totp.at(1_234_567_890)).to eq '005924'
+        expect(totp.at(2_000_000_000)).to eq '279037'
       end
-
     end
   end
 
   describe '#verify' do
-    let(:verification) { totp.verify token, now }
+    let(:verification) { totp.verify token, at: now }
 
     context 'numeric token' do
-      let(:token) { 68212 }
+      let(:token) { 82_630 }
 
-      it 'raises an error' do
-        expect { verification }.to raise_error
+      it 'raises an error with an integer' do
+        expect { verification }.to raise_error(ArgumentError)
       end
     end
 
     context 'unpadded string token' do
-      let(:token) { '68212' }
+      let(:token) { '82630' }
 
-      it 'is false' do
+      it 'fails to verify' do
         expect(verification).to be_falsey
       end
     end
 
     context 'correctly padded string token' do
-      it 'is true' do
+      it 'verifies' do
         expect(verification).to be_truthy
       end
     end
 
     context 'RFC compatibility' do
-      let(:totp)  { ROTP::TOTP.new 'wrn3pqx5uqxqvnqr' }
+      let(:totp) { ROTP::TOTP.new 'wrn3pqx5uqxqvnqr' }
 
       before do
         Timecop.freeze now
@@ -68,146 +60,173 @@ RSpec.describe ROTP::TOTP do
 
       context 'correct time based OTP' do
         let(:token) { '102705' }
-        let(:now)   { Time.at 1297553958 }
+        let(:now)   { Time.at 1_297_553_958 }
 
-        it 'is true' do
+        it 'verifies' do
           expect(totp.verify('102705')).to be_truthy
         end
       end
 
       context 'wrong time based OTP' do
-        it 'is false' do
+        it 'fails to verify' do
           expect(totp.verify('102705')).to be_falsey
         end
       end
     end
-  end
-
-  describe '#provisioning_uri' do
-    let(:uri)    { totp.provisioning_uri('mark@percival') }
-    let(:params) { CGI::parse URI::parse(uri).query }
-
-    context 'without issuer' do
-      it 'has the correct format' do
-        expect(uri).to match %r{\Aotpauth:\/\/totp.+}
+    context 'invalidating reused tokens' do
+      let(:verification) do
+        totp.verify token,
+                    after: after,
+                    at: now
       end
+      let(:after) { nil }
 
-      it 'includes the secret as parameter' do
-        expect(params['secret'].first).to eq 'JBSWY3DPEHPK3PXP'
-      end
-    end
-
-    context 'with issuer' do
-      let(:totp)  { ROTP::TOTP.new 'JBSWY3DPEHPK3PXP', issuer: 'FooCo' }
-
-      it 'has the correct format' do
-        expect(uri).to match %r{\Aotpauth:\/\/totp.+}
-      end
-
-      it 'includes the secret as parameter' do
-        expect(params['secret'].first).to eq 'JBSWY3DPEHPK3PXP'
-      end
-
-      it 'includes the issuer as parameter' do
-        expect(params['issuer'].first).to eq 'FooCo'
-      end
-    end
-
-    context 'with custom interval' do
-      let(:totp)  { ROTP::TOTP.new 'JBSWY3DPEHPK3PXP', interval: 60 }
-
-      it 'has the correct format' do
-        expect(uri).to match %r{\Aotpauth:\/\/totp.+}
-      end
+      context 'passing in the `after` timestamp' do
+        let(:after) do
+          totp.verify TEST_TOKEN, after: nil, at: now
+        end
 
-      it 'includes the secret as parameter' do
-        expect(params['secret'].first).to eq 'JBSWY3DPEHPK3PXP'
-      end
+        it 'returns a timecode' do
+          expect(after).to be_kind_of(Integer)
+          expect(after).to be_within(30).of(now.to_i)
+        end
 
-      it 'includes the interval as period parameter' do
-        expect(params['period'].first).to eq '60'
+        context 'reusing same token' do
+          it 'is false' do
+            expect(verification).to be_falsy
+          end
+        end
       end
     end
   end
 
-  describe '#verify_with_drift' do
-    let(:verification) { totp.verify_with_drift token, drift, now }
-    let(:drift) { 0 }
-
-    context 'numeric token' do
-      let(:token) { 68212 }
+  def get_timecodes(at, b, a)
+    # Test the private method
+    totp.send('get_timecodes', at, b, a)
+  end
 
-      it 'raises an error' do
-        # In the "old" specs this was not tested due to a typo. What is the expected behavior here?
-        expect { verification }.to raise_error
-      end
+  describe 'drifting timecodes' do
+    it 'should get timecodes behind' do
+      expect(get_timecodes(TEST_TIME + 15, 15, 0)).to eq([49_154_040])
+      expect(get_timecodes(TEST_TIME, 15, 0)).to eq([49_154_039, 49_154_040])
+      expect(get_timecodes(TEST_TIME, 40, 0)).to eq([49_154_038, 49_154_039, 49_154_040])
+      expect(get_timecodes(TEST_TIME, 90, 0)).to eq([49_154_037, 49_154_038, 49_154_039, 49_154_040])
     end
-
-    context 'unpadded string token' do
-      let(:token) { '68212' }
-
-      it 'is false' do
-        # Not sure whether this should be tested. It didn't exist in the "old" specs
-        expect(verification).to be_falsey
-      end
+    it 'should get timecodes ahead' do
+      expect(get_timecodes(TEST_TIME, 0, 15)).to eq([49_154_040])
+      expect(get_timecodes(TEST_TIME + 15, 0, 15)).to eq([49_154_040, 49_154_041])
+      expect(get_timecodes(TEST_TIME, 0, 30)).to eq([49_154_040, 49_154_041])
+      expect(get_timecodes(TEST_TIME, 0, 70)).to eq([49_154_040, 49_154_041, 49_154_042])
+      expect(get_timecodes(TEST_TIME, 0, 90)).to eq([49_154_040, 49_154_041, 49_154_042, 49_154_043])
     end
-
-    context 'correctly padded string token' do
-      let(:token) { '068212' }
-
-      it 'is true' do
-        expect(verification).to be_truthy
-      end
+    it 'should get timecodes behind and ahead' do
+      expect(get_timecodes(TEST_TIME, 30, 30)).to eq([49_154_039, 49_154_040, 49_154_041])
+      expect(get_timecodes(TEST_TIME, 60, 60)).to eq([49_154_038, 49_154_039, 49_154_040, 49_154_041, 49_154_042])
     end
+  end
 
-    context 'slightly old number' do
-      let(:token) { totp.at now - 30 }
-      let(:drift) { 60 }
+  describe '#verify with drift' do
+    let(:verification) { totp.verify token, drift_ahead: drift_ahead, drift_behind: drift_behind, at: now }
+    let(:drift_ahead) { 0 }
+    let(:drift_behind) { 0 }
 
-      it 'is true' do
+    context 'with an old OTP' do
+      let(:token) { totp.at TEST_TIME - 30 } # Previous token at 2016-09-23 08:59:30 UTC
+      let(:drift_behind) { 15 }
+
+      # Tested at 2016-09-23 09:00:00 UTC, and with drift back to 2016-09-23 08:59:45 UTC
+      # This would therefore include 2 intervals
+      it 'inside of drift range' do
         expect(verification).to be_truthy
       end
-    end
 
-    context 'slightly new number' do
-      let(:token) { totp.at now + 60 }
-      let(:drift) { 60 }
+      # Tested at 2016-09-23 09:00:20 UTC, and with drift back to 2016-09-23 09:00:05 UTC
+      # This only includes 1 interval, therefore only the current token is valid
+      context 'outside of drift range' do
+        let(:now)   { TEST_TIME + 20 }
 
-      it 'is true' do
-        expect(verification).to be_truthy
+        it 'is nil' do
+          expect(verification).to be_nil
+        end
       end
     end
 
-    context 'outside of drift range' do
-      let(:token) { totp.at now - 60 }
-      let(:drift) { 30 }
+    context 'with a future OTP' do
+      let(:token) { totp.at TEST_TIME + 30 } # The next valid token - 2016-09-23 09:00:30 UTC
+      let(:drift_ahead) { 15 }
 
-      it 'is false' do
+      # Tested at 2016-09-23 09:00:00 UTC, and ahead to 2016-09-23 09:00:15 UTC
+      # This only includes 1 interval, therefore only the current token is valid
+      it 'outside of drift range' do
         expect(verification).to be_falsey
       end
+      # Tested at 2016-09-23 09:00:20 UTC, and with drift ahead to 2016-09-23 09:00:35 UTC
+      # This would therefore include 2 intervals
+      context 'inside of drift range' do
+        let(:now) { TEST_TIME + 20 }
+
+        it 'is true' do
+          expect(verification).to be_truthy
+        end
+      end
     end
+  end
 
-    context 'drift is not multiple of TOTP interval' do
-      context 'slightly old number' do
-        let(:token) { totp.at now - 45 }
-        let(:drift) { 45 }
+  describe '#verify with drift and prevent token reuse' do
+    let(:verification) { totp.verify token, drift_ahead: drift_ahead, drift_behind: drift_behind, after: after, at: now }
+    let(:drift_ahead) { 0 }
+    let(:drift_behind) { 0 }
+    let(:after) { nil }
+
+    context 'with the `after` timestamp set' do
+      context 'older token' do
+        let(:token) { totp.at TEST_TIME - 30 }
+        let(:drift_behind) { 15 }
 
         it 'is true' do
           expect(verification).to be_truthy
+          expect(verification).to eq((TEST_TIME - 30).to_i)
+        end
+
+        context 'after it has been used' do
+          let(:after) do
+            totp.verify token, after: nil, at: now, drift_behind: drift_behind
+          end
+          it 'is false' do
+            expect(verification).to be_falsey
+          end
         end
       end
 
-      context 'slightly new number' do
-        let(:token) { totp.at now + 40 }
-        let(:drift) { 40 }
+      context 'newer token' do
+        let(:token) { totp.at TEST_TIME + 30 }
+        let(:drift_ahead) { 15 }
+        let(:now) { TEST_TIME + 15 }
 
         it 'is true' do
           expect(verification).to be_truthy
+          expect(verification).to eq((TEST_TIME + 30).to_i)
+        end
+
+        context 'after it has been used' do
+          let(:after) do
+            totp.verify token, after: nil, at: now, drift_ahead: drift_ahead
+          end
+          it 'is false' do
+            expect(verification).to be_falsey
+          end
         end
       end
     end
   end
 
+  describe '#provisioning_uri' do
+    it 'accepts the account name' do
+      expect(totp.provisioning_uri('mark@percival'))
+        .to eq 'otpauth://totp/mark%40percival?secret=JBSWY3DPEHPK3PXP'
+    end
+  end
+
   describe '#now' do
     before do
       Timecop.freeze now
@@ -215,7 +234,7 @@ RSpec.describe ROTP::TOTP do
 
     context 'Google Authenticator' do
       let(:totp) { ROTP::TOTP.new 'wrn3pqx5uqxqvnqr' }
-      let(:now)  { Time.at 1297553958 }
+      let(:now)  { Time.at 1_297_553_958 }
 
       it 'matches the known output' do
         expect(totp.now).to eq '102705'
@@ -224,12 +243,11 @@ RSpec.describe ROTP::TOTP do
 
     context 'Dropbox 26 char secret output' do
       let(:totp) { ROTP::TOTP.new 'tjtpqea6a42l56g5eym73go2oa' }
-      let(:now)  { Time.at 1378762454 }
+      let(:now)  { Time.at 1_378_762_454 }
 
       it 'matches the known output' do
         expect(totp.now).to eq '747864'
       end
     end
   end
-
 end

data/spec/spec_helper.rb

@@ -1,3 +1,8 @@
+require 'simplecov'
+SimpleCov.start do
+  add_filter '/spec/'
+end
+
 require 'rotp'
 require 'timecop'
 
@@ -11,3 +16,5 @@ RSpec.configure do |config|
     Timecop.return
   end
 end
+
+require_relative '../lib/rotp'

metadata

@@ -1,71 +1,71 @@
 --- !ruby/object:Gem::Specification
 name: rotp
 version: !ruby/object:Gem::Version
-  version: 2.1.1
+  version: 6.2.2
 platform: ruby
 authors:
 - Mark Percival
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2015-06-03 00:00:00.000000000 Z
+date: 2022-12-13 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
-  name: guard-rspec
+  name: rake
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '4.5'
+        version: '13.0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '4.5'
+        version: '13.0'
 - !ruby/object:Gem::Dependency
-  name: rake
+  name: rspec
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '10.4'
+        version: '3.5'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '10.4'
+        version: '3.5'
 - !ruby/object:Gem::Dependency
-  name: rspec
+  name: simplecov
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '3.1'
+        version: '0.12'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '3.1'
+        version: '0.12'
 - !ruby/object:Gem::Dependency
   name: timecop
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.7'
+        version: '0.8'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.7'
+        version: '0.8'
 description: Works for both HOTP and TOTP, and includes QR Code provisioning
 email:
 - mark@markpercival.us
@@ -74,40 +74,28 @@ executables:
 extensions: []
 extra_rdoc_files: []
 files:
+- ".devcontainer/Dockerfile"
+- ".devcontainer/devcontainer.json"
+- ".dockerignore"
+- ".github/workflows/test.yaml"
 - ".gitignore"
-- ".travis.yml"
 - CHANGELOG.md
+- Dockerfile-2.3
+- Dockerfile-2.7
+- Dockerfile-3.0-rc
 - Gemfile
-- Gemfile.lock
 - Guardfile
 - LICENSE
 - README.md
-- Rakefile
 - bin/rotp
-- doc/ROTP/HOTP.html
-- doc/ROTP/OTP.html
-- doc/ROTP/TOTP.html
-- doc/Rotp.html
-- doc/_index.html
-- doc/class_list.html
-- doc/css/common.css
-- doc/css/full_list.css
-- doc/css/style.css
-- doc/file.README.html
-- doc/file_list.html
-- doc/frames.html
-- doc/index.html
-- doc/js/app.js
-- doc/js/full_list.js
-- doc/js/jquery.js
-- doc/method_list.html
-- doc/top-level-namespace.html
+- docker-compose.yml
 - lib/rotp.rb
 - lib/rotp/arguments.rb
 - lib/rotp/base32.rb
 - lib/rotp/cli.rb
 - lib/rotp/hotp.rb
 - lib/rotp/otp.rb
+- lib/rotp/otp/uri.rb
 - lib/rotp/totp.rb
 - lib/rotp/version.rb
 - rotp.gemspec
@@ -115,9 +103,10 @@ files:
 - spec/lib/rotp/base32_spec.rb
 - spec/lib/rotp/cli_spec.rb
 - spec/lib/rotp/hotp_spec.rb
+- spec/lib/rotp/otp/uri_spec.rb
 - spec/lib/rotp/totp_spec.rb
 - spec/spec_helper.rb
-homepage: http://github.com/mdp/rotp
+homepage: https://github.com/mdp/rotp
 licenses:
 - MIT
 metadata: {}
@@ -129,22 +118,15 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: '0'
+      version: '2.3'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubyforge_project: rotp
-rubygems_version: 2.2.2
+rubygems_version: 3.3.26
 signing_key: 
 specification_version: 4
 summary: A Ruby library for generating and verifying one time passwords
-test_files:
-- spec/lib/rotp/arguments_spec.rb
-- spec/lib/rotp/base32_spec.rb
-- spec/lib/rotp/cli_spec.rb
-- spec/lib/rotp/hotp_spec.rb
-- spec/lib/rotp/totp_spec.rb
-- spec/spec_helper.rb
+test_files: []

data/.travis.yml

@@ -1,7 +0,0 @@
-language: ruby
-rvm:
-  - 2.1.0
-  - 2.0.0
-  - 1.9.3
-script:
-  - bundle exec rspec

data/Gemfile.lock

@@ -1,75 +0,0 @@
-PATH
-  remote: .
-  specs:
-    rotp (2.1.0)
-
-GEM
-  remote: http://rubygems.org/
-  specs:
-    celluloid (0.16.0)
-      timers (~> 4.0.0)
-    coderay (1.1.0)
-    diff-lcs (1.2.5)
-    ffi (1.9.6)
-    formatador (0.2.5)
-    guard (2.11.1)
-      formatador (>= 0.2.4)
-      listen (~> 2.7)
-      lumberjack (~> 1.0)
-      nenv (~> 0.1)
-      notiffany (~> 0.0)
-      pry (>= 0.9.12)
-      shellany (~> 0.0)
-      thor (>= 0.18.1)
-    guard-compat (1.2.0)
-    guard-rspec (4.5.0)
-      guard (~> 2.1)
-      guard-compat (~> 1.1)
-      rspec (>= 2.99.0, < 4.0)
-    hitimes (1.2.2)
-    listen (2.8.5)
-      celluloid (>= 0.15.2)
-      rb-fsevent (>= 0.9.3)
-      rb-inotify (>= 0.9)
-    lumberjack (1.0.9)
-    method_source (0.8.2)
-    nenv (0.1.1)
-    notiffany (0.0.3)
-      nenv (~> 0.1)
-      shellany (~> 0.0)
-    pry (0.10.1)
-      coderay (~> 1.1.0)
-      method_source (~> 0.8.1)
-      slop (~> 3.4)
-    rake (10.4.2)
-    rb-fsevent (0.9.4)
-    rb-inotify (0.9.5)
-      ffi (>= 0.5.0)
-    rspec (3.1.0)
-      rspec-core (~> 3.1.0)
-      rspec-expectations (~> 3.1.0)
-      rspec-mocks (~> 3.1.0)
-    rspec-core (3.1.7)
-      rspec-support (~> 3.1.0)
-    rspec-expectations (3.1.2)
-      diff-lcs (>= 1.2.0, < 2.0)
-      rspec-support (~> 3.1.0)
-    rspec-mocks (3.1.3)
-      rspec-support (~> 3.1.0)
-    rspec-support (3.1.2)
-    shellany (0.0.1)
-    slop (3.6.0)
-    thor (0.19.1)
-    timecop (0.7.1)
-    timers (4.0.1)
-      hitimes
-
-PLATFORMS
-  ruby
-
-DEPENDENCIES
-  guard-rspec (~> 4.5.0)
-  rake (~> 10.4.2)
-  rotp!
-  rspec (~> 3.1.0)
-  timecop (~> 0.7.1)

data/Rakefile

@@ -1,9 +0,0 @@
-require 'bundler'
-Bundler::GemHelper.install_tasks
-require "rspec/core/rake_task" 
-
-RSpec::Core::RakeTask.new(:rspec) do |spec|
-  spec.pattern = 'spec/**/*_spec.rb'
-end
-
-task :default => :rspec