RubyGems - rotp - Versions diffs - 1.3.3 → 1.4.0 - Mend

rotp 1.3.3 → 1.4.0

Files changed (10) hide show

data/Gemfile CHANGED Viewed

@@ -1,4 +1,2 @@
 source "http://rubygems.org"
 gemspec
-gem 'rspec'
-gem 'timecop'

data/README.markdown CHANGED Viewed

@@ -44,7 +44,7 @@ This is compatible with Google Authenticator apps available for Android and iPho
 ### Generating a Base32 Secret key
-    ROTP.random_base32 # returns a 16 character base32 secret. Compatible with Google Authenticator
+    ROTP::Base32.random_base32 # returns a 16 character base32 secret. Compatible with Google Authenticator
 ### Google Authenticator Compatible
@@ -71,17 +71,29 @@ Now run the following and compare the output
     totp = ROTP::TOTP.new("JBSWY3DPEHPK3PXP")
     p "Current OTP: #{totp.now}"
+### Testing
+    bundle install
+    bundle exec rspec spec/*
 ### Contributors
     git shortlog -s -n
-        31  Mark Percival
-         3  David Vrensk
-         1  Micah Gates
+        37  Mark Percival
+         5  David Vrensk
          1  Nathan Reynolds
+         1  Shai Rosenfeld
+         1  Shai Rosenfeld & Michael Brodhead
+         1  Michael Brodhead & Shai Rosenfeld
+         1  Micah Gates
 ### Changelog
+#### 1.4.0
+- Added clock drift support via 'verify_with_drift' for TOTP
 ####1.3.0
 - Added support for Ruby 1.9.x

data/Rakefile CHANGED Viewed

@@ -1,12 +1,10 @@
 require 'bundler'
 Bundler::GemHelper.install_tasks
-require 'rake/testtask'
+require "rspec/core/rake_task"
-require 'rake/testtask'
-Rake::TestTask.new(:test) do |test|
-  test.libs << 'lib' << 'test' << '.'
-  test.pattern = 'test/**/test_*.rb'
-  test.verbose = true
+RSpec::Core::RakeTask.new(:rspec) do |spec|
+  spec.pattern = 'spec/**/*_spec.rb'
+  spec.rspec_opts = ['-cfs --backtrace']
 end
-task :default => :test
+task :default => :rspec

data/lib/rotp/totp.rb CHANGED Viewed

@@ -32,6 +32,16 @@ module ROTP
       super(otp, self.at(time))
     end
+    # Verifies the OTP passed in against the current time OTP
+    # and adjacent intervals up to +drift+.
+    # @param [String/Integer] otp the OTP to check against
+    # @param [Integer] drift the number of seconds that the client
+    #     and server are allowed to drift apart
+    def verify_with_drift(otp, drift, time = Time.now)
+      drift_intervals = drift / interval
+      (-drift_intervals..drift_intervals).any? { |n|  verify(otp, time + n * interval) }
+    end
     # Returns the provisioning URI for the OTP
     # This can then be encoded in a QR Code and used
     # to provision the Google Authenticator app
@@ -44,8 +54,7 @@ module ROTP
     private
     def timecode(time)
-      i = time.utc.to_i * 1000
-      i / (interval * 1000)
+      time.utc.to_i / interval
     end
   end

data/lib/rotp/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module ROTP
-  VERSION = "1.3.3"
+  VERSION = "1.4.0"
 end

data/rotp.gemspec CHANGED Viewed

@@ -19,4 +19,8 @@ Gem::Specification.new do |s|
   s.test_files    = `git ls-files -- {test,spec,features}/*`.split("\n")
   s.executables   = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
   s.require_paths = ["lib"]
+  s.add_development_dependency('rspec')
+  s.add_development_dependency('timecop')
+  s.add_development_dependency('rake')
 end

data/spec/base_spec.rb CHANGED Viewed

@@ -1,4 +1,4 @@
-require 'spec_helper'
+require File.dirname(__FILE__) + '/spec_helper'
 describe "generating a random base32 secret" do
   it "should be 16 characters by default" do

data/spec/spec_helper.rb CHANGED Viewed

@@ -1,6 +1,8 @@
 require 'rubygems'
 require 'bundler/setup'
 require 'timecop'
+require 'rspec'
+require 'rspec/autorun'
 require 'rotp'

data/spec/totp_spec.rb CHANGED Viewed

@@ -14,4 +14,22 @@ describe ROTP::TOTP do
   it "should verify a string" do
     subject.verify("160864", @now).should be_true
   end
+  context "with drift" do
+    it "should verify a number" do
+      subject.verify_with_drift(160864, 0, @now).should be_true
+    end
+    it "should verify a string" do
+      subject.verify_with_drift("160864", 0, @now).should be_true
+    end
+    it "should verify a slightly old number" do
+      subject.verify_with_drift(subject.at(@now - 30), 60, @now).should be_true
+    end
+    it "should verify a slightly new number" do
+      subject.verify_with_drift(subject.at(@now - 60), 60, @now).should be_true
+    end
+    it "should reject a number that is outside the allowed drift" do
+      subject.verify_with_drift(subject.at(@now - 60), 30, @now).should be_false
+    end
+  end
 end

metadata CHANGED Viewed

@@ -1,13 +1,13 @@
 --- !ruby/object:Gem::Specification
 name: rotp
 version: !ruby/object:Gem::Version
-  hash: 29
+  hash: 7
   prerelease:
   segments:
   - 1
-  - 3
-  - 3
-  version: 1.3.3
+  - 4
+  - 0
+  version: 1.4.0
 platform: ruby
 authors:
 - Mark Percival
@@ -15,9 +15,50 @@ autorequire:
 bindir: bin
 cert_chain: []
-date: 2012-05-19 00:00:00 Z
-dependencies: []
+date: 2012-05-20 00:00:00 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: rspec
+  prerelease: false
+  requirement: &id001 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        hash: 3
+        segments:
+        - 0
+        version: "0"
+  type: :development
+  version_requirements: *id001
+- !ruby/object:Gem::Dependency
+  name: timecop
+  prerelease: false
+  requirement: &id002 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        hash: 3
+        segments:
+        - 0
+        version: "0"
+  type: :development
+  version_requirements: *id002
+- !ruby/object:Gem::Dependency
+  name: rake
+  prerelease: false
+  requirement: &id003 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        hash: 3
+        segments:
+        - 0
+        version: "0"
+  type: :development
+  version_requirements: *id003
 description: Works for both HOTP and TOTP, and includes QR Code provisioning
 email:
 - mark@markpercival.us