rotp 4.0.0 → 4.0.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 681041e122df89a1947016e02fd7c11e3102ffc3eed78c1dcdcb5056af116afd
-  data.tar.gz: 0333b10d91241c31b7fb2b3b5b7bd0d99f0e02b471ce0d10dc5961ae98cb89d7
+  metadata.gz: 72d869e33ff8ede2ef4233ed0398b730a1fc14e2b764295b090492bed133c4fc
+  data.tar.gz: 5ee5f47d3cee494762fcaaabb4dff1dfc247bab7faa0207fc6a3b7ff7b672f05
 SHA512:
-  metadata.gz: a7454a2072e7f6b4cabd84338b2c9b1d06363102230d2c93bd244f0a486004b6363e9cd50aece371c951ae68798a6cc109798948c11034f679030bfd7106e464
-  data.tar.gz: 18e79a2ca2a61d9b6a2dd902744e344fe1be9b7f4ac2c3d4674d6c83929f69b2395d794c9d9081115678fbfc81599f50a07cf8b287ce1c7f8ed05dcee4322e13
+  metadata.gz: 42c5bb89a97375204c3198dd9d07080f4728162307c9b99eb6f7c46152bfa8aa21d7e02699fc911c9991ef6ae17c9465f2c8e438bf223b2097cbc9b72766912b
+  data.tar.gz: 45dc82dd282328c5e3651a5b660ac327c1d10f07b7ca21025139fbe3edf418b661e1b67648081027e04ea9bce639195ec21d44ada7d6af9ac607984e8fcda47b

data/CHANGELOG.md

@@ -1,5 +1,14 @@
 ### Changelog
 
+### 4.0.2
+
+- Fix gemspec requirment for Addressable
+
+### 4.0.1
+
+- Rubocop for style fixes
+- Replace deprecated URI.encode with Addressable's version
+
 #### 4.0.0
 
 - Simplify API

data/Guardfile

@@ -1,5 +1,5 @@
 guard :rspec, cmd: 'bundle exec rspec --format progress' do
-  require "guard/rspec/dsl"
+  require 'guard/rspec/dsl'
   dsl = Guard::RSpec::Dsl.new(self)
 
   # RSpec files

data/README.md

@@ -21,7 +21,7 @@ Many websites use this for [multi-factor authentication](https://www.youtube.com
   - `verify` now takes options for `drift` and `after`
   - `verify` returns a timestamp if true, nil if false
 - Dropping support for Ruby < 2.0
-- Docs for 3.x can be found [here](https://github.com/mdp/rotp/tree/v3.3.0)
+- Docs for 3.x can be found [here](https://github.com/mdp/rotp/tree/v3.x)
 
 ## Installation
 

data/Rakefile

@@ -1,9 +1,9 @@
 require 'bundler'
 Bundler::GemHelper.install_tasks
-require "rspec/core/rake_task" 
+require 'rspec/core/rake_task'
 
 RSpec::Core::RakeTask.new(:rspec) do |spec|
   spec.pattern = 'spec/**/*_spec.rb'
 end
 
-task :default => :rspec
+task default: :rspec

data/bin/rotp

@@ -1,6 +1,6 @@
 #!/usr/bin/env ruby
 
-$: << File.expand_path('../../lib', __FILE__)
+$LOAD_PATH << File.expand_path('../lib', __dir__)
 require 'rotp'
 require 'rotp/cli'
 

data/lib/rotp.rb

@@ -1,5 +1,5 @@
 require 'cgi'
-require 'uri'
+require 'addressable'
 require 'securerandom'
 require 'openssl'
 require 'rotp/base32'
@@ -7,6 +7,5 @@ require 'rotp/otp'
 require 'rotp/hotp'
 require 'rotp/totp'
 
-
 module ROTP
 end

data/lib/rotp/arguments.rb

@@ -3,7 +3,6 @@ require 'ostruct'
 
 module ROTP
   class Arguments
-
     def initialize(filename, arguments)
       @filename = filename
       @arguments = Array(arguments)
@@ -32,11 +31,11 @@ module ROTP
 
     def parse
       return options!.mode = :help if arguments.empty?
-      parser.parse arguments
 
+      parser.parse arguments
     rescue OptionParser::InvalidOption => exception
       options!.mode = :help
-      options!.warnings = red(exception.message +  '. Try --help for help.')
+      options!.warnings = red(exception.message + '. Try --help for help.')
     end
 
     def parser
@@ -83,7 +82,5 @@ module ROTP
     def red(string)
       "\033[31m#{string}\033[0m"
     end
-
   end
 end
-

data/lib/rotp/base32.rb

@@ -1,21 +1,21 @@
 module ROTP
   class Base32
     class Base32Error < RuntimeError; end
-    CHARS = "abcdefghijklmnopqrstuvwxyz234567".each_char.to_a
+    CHARS = 'abcdefghijklmnopqrstuvwxyz234567'.each_char.to_a
 
     class << self
       def decode(str)
-        str = str.tr('=','')
+        str = str.tr('=', '')
         output = []
         str.scan(/.{1,8}/).each do |block|
-          char_array = decode_block(block).map{|c| c.chr}
+          char_array = decode_block(block).map(&:chr)
           output << char_array
         end
         output.join
       end
 
-      def random_base32(length=32)
-        b32 = String.new
+      def random_base32(length = 32)
+        b32 = ''
         SecureRandom.random_bytes(length).each_byte do |b|
           b32 << CHARS[b % 32]
         end
@@ -26,25 +26,27 @@ module ROTP
 
       def decode_block(block)
         length = block.scan(/[^=]/).length
-        quints = block.each_char.map {|c| decode_quint(c)}
+        quints = block.each_char.map { |c| decode_quint(c) }
         bytes = []
         bytes[0] = (quints[0] << 3) + (quints[1] ? quints[1] >> 2 : 0)
         return bytes if length < 3
+
         bytes[1] = ((quints[1] & 3) << 6) + (quints[2] << 1) + (quints[3] ? quints[3] >> 4 : 0)
         return bytes if length < 4
+
         bytes[2] = ((quints[3] & 15) << 4) + (quints[4] ? quints[4] >> 1 : 0)
         return bytes if length < 6
+
         bytes[3] = ((quints[4] & 1) << 7) + (quints[5] << 2) + (quints[6] ? quints[6] >> 3 : 0)
         return bytes if length < 7
+
         bytes[4] = ((quints[6] & 7) << 5) + (quints[7] || 0)
         bytes
       end
 
       def decode_quint(q)
-        CHARS.index(q.downcase) or raise(Base32Error, "Invalid Base32 Character - '#{q}'")
+        CHARS.index(q.downcase) || raise(Base32Error, "Invalid Base32 Character - '#{q}'")
       end
-
     end
-
   end
 end

data/lib/rotp/cli.rb

@@ -16,10 +16,10 @@ module ROTP
     # :nocov:
 
     def errors
-      if [:time, :hmac].include?(options.mode)
+      if %i[time hmac].include?(options.mode)
         if options.secret.to_s == ''
           red 'You must also specify a --secret. Try --help for help.'
-        elsif options.secret.to_s.chars.any? { |c| ROTP::Base32::CHARS.index(c.downcase) == nil }
+        elsif options.secret.to_s.chars.any? { |c| ROTP::Base32::CHARS.index(c.downcase).nil? }
           red 'Secret must be in RFC4648 Base32 format - http://en.wikipedia.org/wiki/Base32#RFC_4648_Base32_alphabet'
         end
       end
@@ -48,6 +48,5 @@ module ROTP
     def red(string)
       "\033[31m#{string}\033[0m"
     end
-
   end
 end

data/lib/rotp/hotp.rb

@@ -12,10 +12,10 @@ module ROTP
     # @param counter [Integer] the counter of the OTP
     # @param retries [Integer] number of counters to incrementally retry
     def verify(otp, counter, retries: 0)
-      counters = (counter..counter+retries).to_a
-      counters.find { |c|
-        super(otp, self.at(c))
-      }
+      counters = (counter..counter + retries).to_a
+      counters.find do |c|
+        super(otp, at(c))
+      end
     end
 
     # Returns the provisioning URI for the OTP
@@ -24,15 +24,13 @@ module ROTP
     # @param [String] name of the account
     # @param [Integer] initial_count starting counter value, defaults to 0
     # @return [String] provisioning uri
-    def provisioning_uri(name, initial_count=0)
+    def provisioning_uri(name, initial_count = 0)
       params = {
         secret: secret,
         counter: initial_count,
         digits: digits == DEFAULT_DIGITS ? nil : digits
       }
-      encode_params("otpauth://hotp/#{URI.encode(name)}", params)
+      encode_params("otpauth://hotp/#{Addressable::URI.escape(name)}", params)
     end
-
   end
-
 end

data/lib/rotp/otp.rb

@@ -13,7 +13,7 @@ module ROTP
     # @returns [OTP] OTP instantiation
     def initialize(s, options = {})
       @digits = options[:digits] || DEFAULT_DIGITS
-      @digest = options[:digest] || "sha1"
+      @digest = options[:digest] || 'sha1'
       @secret = s
     end
 
@@ -30,17 +30,18 @@ module ROTP
 
       offset = hmac[-1].ord & 0xf
       code = (hmac[offset].ord & 0x7f) << 24 |
-        (hmac[offset + 1].ord & 0xff) << 16 |
-        (hmac[offset + 2].ord & 0xff) << 8 |
-        (hmac[offset + 3].ord & 0xff)
-      (code % 10 ** digits).to_s.rjust(digits, '0')
+             (hmac[offset + 1].ord & 0xff) << 16 |
+             (hmac[offset + 2].ord & 0xff) << 8 |
+             (hmac[offset + 3].ord & 0xff)
+      (code % 10**digits).to_s.rjust(digits, '0')
     end
 
     private
 
     def verify(input, generated)
-      raise ArgumentError, "`otp` should be a String" unless
+      raise ArgumentError, '`otp` should be a String' unless
           input.is_a?(String)
+
       time_constant_compare(input, generated)
     end
 
@@ -54,24 +55,22 @@ module ROTP
     #
     def int_to_bytestring(int, padding = 8)
       unless int >= 0
-        raise ArgumentError, "#int_to_bytestring requires a positive number"
+        raise ArgumentError, '#int_to_bytestring requires a positive number'
       end
 
       result = []
       until int == 0
         result << (int & 0xFF).chr
-        int >>=  8
+        int >>= 8
       end
       result.reverse.join.rjust(padding, 0.chr)
     end
 
     # A very simple param encoder
     def encode_params(uri, params)
-      params_str = String.new("?")
-      params.each do |k,v|
-        if v
-          params_str << "#{k}=#{CGI::escape(v.to_s)}&"
-        end
+      params_str = String.new('?')
+      params.each do |k, v|
+        params_str << "#{k}=#{CGI.escape(v.to_s)}&" if v
       end
       params_str.chop!
       uri + params_str
@@ -80,11 +79,11 @@ module ROTP
     # constant-time compare the strings
     def time_constant_compare(a, b)
       return false if a.empty? || b.empty? || a.bytesize != b.bytesize
+
       l = a.unpack "C#{a.bytesize}"
       res = 0
       b.each_byte { |byte| res |= byte ^ l.shift }
       res == 0
     end
-
   end
 end

data/lib/rotp/totp.rb

@@ -1,7 +1,6 @@
 module ROTP
   DEFAULT_INTERVAL = 30
   class TOTP < OTP
-
     attr_reader :interval, :issuer
 
     # @option options [Integer] interval (30) the time interval in seconds for OTP
@@ -21,7 +20,7 @@ module ROTP
 
     # Generate the current time OTP
     # @return [Integer] the OTP as an integer
-    def now()
+    def now
       generate_otp(timecode(Time.now))
     end
 
@@ -40,20 +39,15 @@ module ROTP
     def verify(otp, drift_ahead: 0, drift_behind: 0, after: nil, at: Time.now)
       timecodes = get_timecodes(at, drift_behind, drift_ahead)
 
-      if after
-        timecodes = timecodes.select { |t| t > timecode(after) }
-      end
+      timecodes = timecodes.select { |t| t > timecode(after) } if after
 
       result = nil
-      timecodes.each { |t|
-        if (super(otp, self.generate_otp(t)))
-          result = t * interval
-        end
-      }
-      return result
+      timecodes.each do |t|
+        result = t * interval if super(otp, generate_otp(t))
+      end
+      result
     end
 
-
     # Returns the provisioning URI for the OTP
     # This can then be encoded in a QR Code and used
     # to provision the Google Authenticator app
@@ -64,15 +58,15 @@ module ROTP
       # https://github.com/google/google-authenticator/wiki/Key-Uri-Format
       # For compatibility the issuer appears both before that account name and also in the
       # query string.
-      issuer_string = issuer.nil? ? "" : "#{URI.encode(issuer)}:"
+      issuer_string = issuer.nil? ? '' : "#{Addressable::URI.escape(issuer)}:"
       params = {
         secret: secret,
         period: interval == 30 ? nil : interval,
         issuer: issuer,
         digits: digits == DEFAULT_DIGITS ? nil : digits,
-        algorithm: digest.upcase == 'SHA1' ? nil : digest.upcase,
+        algorithm: digest.casecmp('SHA1').zero? ? nil : digest.upcase
       }
-      encode_params("otpauth://totp/#{issuer_string}#{URI.encode(name)}", params)
+      encode_params("otpauth://totp/#{issuer_string}#{Addressable::URI.escape(name)}", params)
     end
 
     private
@@ -82,20 +76,18 @@ module ROTP
       now = timeint(at)
       timecode_start = timecode(now - drift_behind)
       timecode_end = timecode(now + drift_ahead)
-      return (timecode_start..timecode_end).step(1).to_a
+      (timecode_start..timecode_end).step(1).to_a
     end
 
     # Ensure UTC int
     def timeint(time)
-      unless time.class == Time
-        return time.to_i
-      end
-      return time.utc.to_i
+      return time.to_i unless time.class == Time
+
+      time.utc.to_i
     end
 
     def timecode(time)
-      return timeint(time) / interval
+      timeint(time) / interval
     end
-
   end
 end

data/lib/rotp/version.rb

@@ -1,3 +1,3 @@
 module ROTP
-  VERSION = "4.0.0"
+  VERSION = '4.0.2'.freeze
 end

data/rotp.gemspec

@@ -1,26 +1,27 @@
-# -*- encoding: utf-8 -*-
-require "./lib/rotp/version"
+require './lib/rotp/version'
 
 Gem::Specification.new do |s|
-  s.name        = "rotp"
+  s.name        = 'rotp'
   s.version     = ROTP::VERSION
   s.platform    = Gem::Platform::RUBY
-  s.license     = "MIT"
-  s.authors     = ["Mark Percival"]
-  s.email       = ["mark@markpercival.us"]
-  s.homepage    = "http://github.com/mdp/rotp"
-  s.summary     = %q{A Ruby library for generating and verifying one time passwords}
-  s.description = %q{Works for both HOTP and TOTP, and includes QR Code provisioning}
+  s.license     = 'MIT'
+  s.authors     = ['Mark Percival']
+  s.email       = ['mark@markpercival.us']
+  s.homepage    = 'http://github.com/mdp/rotp'
+  s.summary     = 'A Ruby library for generating and verifying one time passwords'
+  s.description = 'Works for both HOTP and TOTP, and includes QR Code provisioning'
 
-  s.rubyforge_project = "rotp"
+  s.rubyforge_project = 'rotp'
 
   s.files         = `git ls-files`.split("\n")
   s.test_files    = `git ls-files -- {test,spec,features}/*`.split("\n")
-  s.executables   = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
-  s.require_paths = ["lib"]
+  s.executables   = `git ls-files -- bin/*`.split("\n").map { |f| File.basename(f) }
+  s.require_paths = ['lib']
+
+  s.add_runtime_dependency 'addressable', '~> 2.5'
 
   s.add_development_dependency 'rake', '~> 10.5'
   s.add_development_dependency 'rspec', '~> 3.5'
-  s.add_development_dependency 'timecop', '~> 0.8'
   s.add_development_dependency 'simplecov', '~> 0.12'
+  s.add_development_dependency 'timecop', '~> 0.8'
 end

data/spec/lib/rotp/arguments_spec.rb

@@ -24,7 +24,7 @@ RSpec.describe ROTP::Arguments do
   end
 
   context 'unknown arguments' do
-    let(:argv) { %w(--does-not-exist -xyz) }
+    let(:argv) { %w[--does-not-exist -xyz] }
 
     describe '#options' do
       it 'is in help mode' do
@@ -48,7 +48,7 @@ RSpec.describe ROTP::Arguments do
   end
 
   context 'asking for help' do
-    let(:argv) { %w(--help) }
+    let(:argv) { %w[--help] }
 
     describe '#options' do
       it 'is in help mode' do
@@ -58,7 +58,7 @@ RSpec.describe ROTP::Arguments do
   end
 
   context 'generating a counter based secret' do
-    let(:argv) { %w(--hmac --secret s3same) }
+    let(:argv) { %w[--hmac --secret s3same] }
 
     describe '#options' do
       it 'is in hmac mode' do
@@ -72,7 +72,7 @@ RSpec.describe ROTP::Arguments do
   end
 
   context 'generating a counter based secret' do
-    let(:argv) { %w(--time --secret s3same) }
+    let(:argv) { %w[--time --secret s3same] }
 
     describe '#options' do
       it 'is in hmac mode' do
@@ -86,7 +86,7 @@ RSpec.describe ROTP::Arguments do
   end
 
   context 'generating a time based secret' do
-    let(:argv) { %w(--secret s3same) }
+    let(:argv) { %w[--secret s3same] }
 
     describe '#options' do
       it 'is in time mode' do
@@ -98,5 +98,4 @@ RSpec.describe ROTP::Arguments do
       end
     end
   end
-
 end

data/spec/lib/rotp/base32_spec.rb

@@ -1,7 +1,6 @@
 require 'spec_helper'
 
 RSpec.describe ROTP::Base32 do
-
   describe '.random_base32' do
     context 'without arguments' do
       let(:base32) { ROTP::Base32.random_base32 }
@@ -10,8 +9,8 @@ RSpec.describe ROTP::Base32 do
         expect(base32.length).to eq 32
       end
 
-      it 'is hexadecimal' do
-        expect(base32).to match %r{\A[a-z2-7]+\z}
+      it 'is base32 charset' do
+        expect(base32).to match(/\A[a-z2-7]+\z/)
       end
     end
 

data/spec/lib/rotp/cli_spec.rb

@@ -4,14 +4,14 @@ require 'rotp/cli'
 RSpec.describe ROTP::CLI do
   let(:cli)    { described_class.new('executable', argv) }
   let(:output) { cli.output }
-  let(:now)    { Time.utc 2012,1,1 }
+  let(:now)    { Time.utc 2012, 1, 1 }
 
   before do
     Timecop.freeze now
   end
 
   context 'generating a TOTP' do
-    let(:argv) { %w(--secret JBSWY3DPEHPK3PXP) }
+    let(:argv) { %w[--secret JBSWY3DPEHPK3PXP] }
 
     it 'prints the corresponding token' do
       expect(output).to eq '068212'
@@ -19,7 +19,7 @@ RSpec.describe ROTP::CLI do
   end
 
   context 'generating a TOTP with no secret' do
-    let(:argv) { %W(--time --secret) }
+    let(:argv) { %w[--time --secret] }
 
     it 'prints the corresponding token' do
       expect(output).to match 'You must also specify a --secret'
@@ -27,7 +27,7 @@ RSpec.describe ROTP::CLI do
   end
 
   context 'generating a TOTP with bad base32 secret' do
-    let(:argv) { %W(--time --secret #{'1' * 32}) }
+    let(:argv) { %W[--time --secret #{'1' * 32}] }
 
     it 'prints the corresponding token' do
       expect(output).to match 'Secret must be in RFC4648 Base32 format'
@@ -35,7 +35,7 @@ RSpec.describe ROTP::CLI do
   end
 
   context 'trying to generate an unsupport type' do
-    let(:argv) { %W(--notreal --secret #{'a' * 32}) }
+    let(:argv) { %W[--notreal --secret #{'a' * 32}] }
 
     it 'prints the corresponding token' do
       expect(output).to match 'invalid option: --notreal'
@@ -43,11 +43,10 @@ RSpec.describe ROTP::CLI do
   end
 
   context 'generating a HOTP' do
-    let(:argv) { %W(--hmac --secret #{'a' * 32} --counter 1234) }
+    let(:argv) { %W[--hmac --secret #{'a' * 32} --counter 1234] }
 
     it 'prints the corresponding token' do
       expect(output).to eq '161024'
     end
   end
-
 end

data/spec/lib/rotp/hotp_spec.rb

@@ -14,6 +14,12 @@ RSpec.describe ROTP::HOTP do
       end
     end
 
+    context 'invalid counter' do
+      it 'raises an error' do
+        expect { hotp.at(-123_456) }.to raise_error(ArgumentError)
+      end
+    end
+
     context 'RFC compatibility' do
       let(:hotp) { ROTP::HOTP.new('GEZDGNBVGY3TQOJQGEZDGNBVGY3TQOJQ') }
 
@@ -31,7 +37,6 @@ RSpec.describe ROTP::HOTP do
         expect(hotp.at(8)).to eq '399871'
         expect(hotp.at(9)).to eq '520489'
       end
-
     end
   end
 
@@ -39,7 +44,7 @@ RSpec.describe ROTP::HOTP do
     let(:verification) { hotp.verify token, counter }
 
     context 'numeric token' do
-      let(:token) { 161024 }
+      let(:token) { 161_024 }
 
       it 'raises an error' do
         expect { verification }.to raise_error(ArgumentError)
@@ -62,7 +67,7 @@ RSpec.describe ROTP::HOTP do
       end
     end
     describe 'with retries' do
-      let(:verification) { hotp.verify token, counter, retries:retries }
+      let(:verification) { hotp.verify token, counter, retries: retries }
 
       context 'counter outside than retries' do
         let(:counter) { 1223 }
@@ -104,7 +109,7 @@ RSpec.describe ROTP::HOTP do
 
   describe '#provisioning_uri' do
     let(:uri)    { hotp.provisioning_uri('mark@percival') }
-    let(:params) { CGI::parse URI::parse(uri).query }
+    let(:params) { CGI.parse URI.parse(uri).query }
 
     it 'has the correct format' do
       expect(uri).to match %r{\Aotpauth:\/\/hotp.+}
@@ -128,5 +133,4 @@ RSpec.describe ROTP::HOTP do
       end
     end
   end
-
 end

data/spec/lib/rotp/totp_spec.rb

@@ -1,7 +1,7 @@
 require 'spec_helper'
 
-TEST_TIME = Time.utc 2016,9,23,9 # 2016-09-23 09:00:00 UTC
-TEST_TOKEN = "082630"
+TEST_TIME = Time.utc 2016, 9, 23, 9 # 2016-09-23 09:00:00 UTC
+TEST_TOKEN = '082630'.freeze
 
 RSpec.describe ROTP::TOTP do
   let(:now)   { TEST_TIME }
@@ -19,11 +19,10 @@ RSpec.describe ROTP::TOTP do
       let(:totp) { ROTP::TOTP.new('GEZDGNBVGY3TQOJQGEZDGNBVGY3TQOJQ') }
 
       it 'matches the RFC documentation examples' do
-        expect(totp.at 1111111111).to eq '050471'
-        expect(totp.at 1234567890).to eq '005924'
-        expect(totp.at 2000000000).to eq '279037'
+        expect(totp.at(1_111_111_111)).to eq '050471'
+        expect(totp.at(1_234_567_890)).to eq '005924'
+        expect(totp.at(2_000_000_000)).to eq '279037'
       end
-
     end
   end
 
@@ -31,7 +30,7 @@ RSpec.describe ROTP::TOTP do
     let(:verification) { totp.verify token, at: now }
 
     context 'numeric token' do
-      let(:token) { 82630 }
+      let(:token) { 82_630 }
 
       it 'raises an error with an integer' do
         expect { verification }.to raise_error(ArgumentError)
@@ -53,7 +52,7 @@ RSpec.describe ROTP::TOTP do
     end
 
     context 'RFC compatibility' do
-      let(:totp)  { ROTP::TOTP.new 'wrn3pqx5uqxqvnqr' }
+      let(:totp) { ROTP::TOTP.new 'wrn3pqx5uqxqvnqr' }
 
       before do
         Timecop.freeze now
@@ -61,7 +60,7 @@ RSpec.describe ROTP::TOTP do
 
       context 'correct time based OTP' do
         let(:token) { '102705' }
-        let(:now)   { Time.at 1297553958 }
+        let(:now)   { Time.at 1_297_553_958 }
 
         it 'verifies' do
           expect(totp.verify('102705')).to be_truthy
@@ -75,17 +74,17 @@ RSpec.describe ROTP::TOTP do
       end
     end
     context 'invalidating reused tokens' do
-      let(:verification) {
+      let(:verification) do
         totp.verify token,
-        after: after,
-        at: now
-      }
+                    after: after,
+                    at: now
+      end
       let(:after) { nil }
 
       context 'passing in the `after` timestamp' do
-        let(:after) {
+        let(:after) do
           totp.verify TEST_TOKEN, after: nil, at: now
-        }
+        end
 
         it 'returns a timecode' do
           expect(after).to be_kind_of(Integer)
@@ -106,23 +105,23 @@ RSpec.describe ROTP::TOTP do
     totp.send('get_timecodes', at, b, a)
   end
 
-  describe "drifting timecodes" do
+  describe 'drifting timecodes' do
     it 'should get timecodes behind' do
-      expect(get_timecodes(TEST_TIME+15, 15, 0)).to eq([49154040])
-      expect(get_timecodes(TEST_TIME, 15, 0)).to eq([49154039, 49154040])
-      expect(get_timecodes(TEST_TIME, 40, 0)).to eq([49154038, 49154039, 49154040])
-      expect(get_timecodes(TEST_TIME, 90, 0)).to eq([49154037, 49154038, 49154039, 49154040])
+      expect(get_timecodes(TEST_TIME + 15, 15, 0)).to eq([49_154_040])
+      expect(get_timecodes(TEST_TIME, 15, 0)).to eq([49_154_039, 49_154_040])
+      expect(get_timecodes(TEST_TIME, 40, 0)).to eq([49_154_038, 49_154_039, 49_154_040])
+      expect(get_timecodes(TEST_TIME, 90, 0)).to eq([49_154_037, 49_154_038, 49_154_039, 49_154_040])
     end
     it 'should get timecodes ahead' do
-      expect(get_timecodes(TEST_TIME, 0, 15)).to eq([49154040])
-      expect(get_timecodes(TEST_TIME+15, 0, 15)).to eq([49154040, 49154041])
-      expect(get_timecodes(TEST_TIME, 0, 30)).to eq([49154040, 49154041])
-      expect(get_timecodes(TEST_TIME, 0, 70)).to eq([49154040, 49154041, 49154042])
-      expect(get_timecodes(TEST_TIME, 0, 90)).to eq([49154040, 49154041, 49154042, 49154043])
+      expect(get_timecodes(TEST_TIME, 0, 15)).to eq([49_154_040])
+      expect(get_timecodes(TEST_TIME + 15, 0, 15)).to eq([49_154_040, 49_154_041])
+      expect(get_timecodes(TEST_TIME, 0, 30)).to eq([49_154_040, 49_154_041])
+      expect(get_timecodes(TEST_TIME, 0, 70)).to eq([49_154_040, 49_154_041, 49_154_042])
+      expect(get_timecodes(TEST_TIME, 0, 90)).to eq([49_154_040, 49_154_041, 49_154_042, 49_154_043])
     end
     it 'should get timecodes behind and ahead' do
-      expect(get_timecodes(TEST_TIME, 30, 30)).to eq([49154039, 49154040, 49154041])
-      expect(get_timecodes(TEST_TIME, 60, 60)).to eq([49154038, 49154039, 49154040, 49154041, 49154042])
+      expect(get_timecodes(TEST_TIME, 30, 30)).to eq([49_154_039, 49_154_040, 49_154_041])
+      expect(get_timecodes(TEST_TIME, 60, 60)).to eq([49_154_038, 49_154_039, 49_154_040, 49_154_041, 49_154_042])
     end
   end
 
@@ -131,7 +130,6 @@ RSpec.describe ROTP::TOTP do
     let(:drift_ahead) { 0 }
     let(:drift_behind) { 0 }
 
-
     context 'with an old OTP' do
       let(:token) { totp.at TEST_TIME - 30 } # Previous token at 2016-09-23 08:59:30 UTC
       let(:drift_behind) { 15 }
@@ -151,7 +149,6 @@ RSpec.describe ROTP::TOTP do
           expect(verification).to be_nil
         end
       end
-
     end
 
     context 'with a future OTP' do
@@ -166,14 +163,13 @@ RSpec.describe ROTP::TOTP do
       # Tested at 2016-09-23 09:00:20 UTC, and with drift ahead to 2016-09-23 09:00:35 UTC
       # This would therefore include 2 intervals
       context 'inside of drift range' do
-        let(:now)   { TEST_TIME + 20 }
+        let(:now) { TEST_TIME + 20 }
 
         it 'is true' do
           expect(verification).to be_truthy
         end
       end
     end
-
   end
 
   describe '#verify with drift and prevent token reuse' do
@@ -183,7 +179,6 @@ RSpec.describe ROTP::TOTP do
     let(:after) { nil }
 
     context 'with the `after` timestamp set' do
-
       context 'older token' do
         let(:token) { totp.at TEST_TIME - 30 }
         let(:drift_behind) { 15 }
@@ -194,14 +189,13 @@ RSpec.describe ROTP::TOTP do
         end
 
         context 'after it has been used' do
-          let(:after) {
+          let(:after) do
             totp.verify token, after: nil, at: now, drift_behind: drift_behind
-          }
+          end
           it 'is false' do
             expect(verification).to be_falsey
           end
         end
-
       end
 
       context 'newer token' do
@@ -215,21 +209,20 @@ RSpec.describe ROTP::TOTP do
         end
 
         context 'after it has been used' do
-          let(:after) {
+          let(:after) do
             totp.verify token, after: nil, at: now, drift_ahead: drift_ahead
-          }
+          end
           it 'is false' do
             expect(verification).to be_falsey
           end
         end
-
       end
     end
   end
 
   describe '#provisioning_uri' do
     let(:uri)    { totp.provisioning_uri('mark@percival') }
-    let(:params) { CGI::parse URI::parse(uri).query }
+    let(:params) { CGI.parse URI.parse(uri).query }
 
     context 'without issuer' do
       it 'has the correct format' do
@@ -302,7 +295,6 @@ RSpec.describe ROTP::TOTP do
         expect(params['algorithm'].first).to eq 'SHA256'
       end
     end
-
   end
 
   describe '#now' do
@@ -312,7 +304,7 @@ RSpec.describe ROTP::TOTP do
 
     context 'Google Authenticator' do
       let(:totp) { ROTP::TOTP.new 'wrn3pqx5uqxqvnqr' }
-      let(:now)  { Time.at 1297553958 }
+      let(:now)  { Time.at 1_297_553_958 }
 
       it 'matches the known output' do
         expect(totp.now).to eq '102705'
@@ -321,12 +313,11 @@ RSpec.describe ROTP::TOTP do
 
     context 'Dropbox 26 char secret output' do
       let(:totp) { ROTP::TOTP.new 'tjtpqea6a42l56g5eym73go2oa' }
-      let(:now)  { Time.at 1378762454 }
+      let(:now)  { Time.at 1_378_762_454 }
 
       it 'matches the known output' do
         expect(totp.now).to eq '747864'
       end
     end
   end
-
 end

data/spec/spec_helper.rb

@@ -1,6 +1,6 @@
 require 'simplecov'
 SimpleCov.start do
-  add_filter "/spec/"
+  add_filter '/spec/'
 end
 
 require 'rotp'
@@ -17,5 +17,4 @@ RSpec.configure do |config|
   end
 end
 
-
 require_relative '../lib/rotp'

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: rotp
 version: !ruby/object:Gem::Version
-  version: 4.0.0
+  version: 4.0.2
 platform: ruby
 authors:
 - Mark Percival
@@ -10,6 +10,20 @@ bindir: bin
 cert_chain: []
 date: 2018-11-01 00:00:00.000000000 Z
 dependencies:
+- !ruby/object:Gem::Dependency
+  name: addressable
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.5'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.5'
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement
@@ -39,33 +53,33 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '3.5'
 - !ruby/object:Gem::Dependency
-  name: timecop
+  name: simplecov
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.8'
+        version: '0.12'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.8'
+        version: '0.12'
 - !ruby/object:Gem::Dependency
-  name: simplecov
+  name: timecop
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.12'
+        version: '0.8'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.12'
+        version: '0.8'
 description: Works for both HOTP and TOTP, and includes QR Code provisioning
 email:
 - mark@markpercival.us