npm - @depup/otplib - Versions diffs - 13.3.0-depup.0 - Mend

@depup/otplib 13.3.0-depup.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (26) hide show

package/LICENSE +21 -0
package/README.md +25 -0
package/changes.json +5 -0
package/dist/class.cjs +2 -0
package/dist/class.cjs.map +1 -0
package/dist/class.d.cts +293 -0
package/dist/class.d.ts +293 -0
package/dist/class.js +2 -0
package/dist/class.js.map +1 -0
package/dist/functional.cjs +2 -0
package/dist/functional.cjs.map +1 -0
package/dist/functional.d.cts +234 -0
package/dist/functional.d.ts +234 -0
package/dist/functional.js +2 -0
package/dist/functional.js.map +1 -0
package/dist/index.cjs +2 -0
package/dist/index.cjs.map +1 -0
package/dist/index.d.cts +8 -0
package/dist/index.d.ts +8 -0
package/dist/index.js +2 -0
package/dist/index.js.map +1 -0
package/dist/metafile-cjs.json +1 -0
package/dist/metafile-esm.json +1 -0
package/dist/types-BBT_82HF.d.cts +122 -0
package/dist/types-BBT_82HF.d.ts +122 -0
package/package.json +108 -0

package/LICENSE ADDED Viewed

@@ -0,0 +1,21 @@
+MIT License
+Copyright (c) 2026 Gerald Yeo
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/README.md ADDED Viewed

@@ -0,0 +1,25 @@
+# @depup/otplib
+> Dependency-bumped version of [otplib](https://www.npmjs.com/package/otplib)
+Generated by [DepUp](https://github.com/depup/npm) -- all production
+dependencies bumped to latest versions.
+## Installation
+```bash
+npm install @depup/otplib
+```
+| Field | Value |
+|-------|-------|
+| Original | [otplib](https://www.npmjs.com/package/otplib) @ 13.3.0 |
+| Processed | 2026-03-19 |
+| Smoke test | failed |
+| Deps updated | 0 |
+---
+Source: https://github.com/depup/npm | Original: https://www.npmjs.com/package/otplib
+License inherited from the original package.

package/changes.json ADDED Viewed

@@ -0,0 +1,5 @@
+{
+  "bumped": {},
+  "timestamp": "2026-03-19T03:03:29.370Z",
+  "totalUpdated": 0
+}

package/dist/class.cjs ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ "use strict";var P=Object.defineProperty;var k=Object.getOwnPropertyDescriptor;var C=Object.getOwnPropertyNames;var D=Object.prototype.hasOwnProperty;var U=(r,e)=>{for(var t in e)P(r,t,{get:e[t],enumerable:!0})},B=(r,e,t,i)=>{if(e&&typeof e=="object"\|\|typeof e=="function")for(let a of C(e))!D.call(r,a)&&a!==t&&P(r,a,{get:()=>e[a],enumerable:!(i=k(e,a))\|\|i.enumerable});return r};var A=r=>B(P({},"__esModule",{value:!0}),r);var I={};U(I,{OTP:()=>S});module.exports=A(I);var O=require("@otplib/core");var V=require("@otplib/core"),c=require("@otplib/plugin-base32-scure"),l=require("@otplib/plugin-crypto-noble");function m(r){return{secret:r.secret,strategy:r.strategy??"totp",crypto:r.crypto??l.crypto,base32:r.base32??c.base32,algorithm:r.algorithm??"sha1",digits:r.digits??6,period:r.period??30,epoch:r.epoch??Math.floor(Date.now()/1e3),t0:r.t0??0,counter:r.counter,guardrails:r.guardrails??(0,V.createGuardrails)(),hooks:r.hooks}}function b(r){return{...m(r),token:r.token,epochTolerance:r.epochTolerance??0,counterTolerance:r.counterTolerance??0,afterTimeStep:r.afterTimeStep}}var T=require("@otplib/core"),u=require("@otplib/hotp"),y=require("@otplib/totp"),h=require("@otplib/uri");function f(r,e,t){if(r==="totp")return t.totp();if(r==="hotp"){if(e===void 0)throw new T.ConfigurationError("Counter is required for HOTP strategy. Example: { strategy: 'hotp', counter: 0 }");return t.hotp(e)}throw new T.ConfigurationError(`Unknown OTP strategy: ${r}. Valid strategies are 'totp' or 'hotp'.`)}function R(r){let{strategy:e="totp",issuer:t,label:i,secret:a,algorithm:o="sha1",digits:s=6,period:n=30,counter:p}=r;return f(e,p,{totp:()=>(0,h.generateTOTP)({issuer:t,label:i,secret:a,algorithm:o,digits:s,period:n}),hotp:g=>(0,h.generateHOTP)({issuer:t,label:i,secret:a,algorithm:o,digits:s,counter:g})})}async function G(r){let e=m(r),{secret:t,crypto:i,base32:a,algorithm:o,digits:s,hooks:n}=e,p={secret:t,crypto:i,base32:a,algorithm:o,digits:s,hooks:n};return f(e.strategy,e.counter,{totp:()=>(0,y.generate)({...p,period:e.period,epoch:e.epoch,t0:e.t0,guardrails:e.guardrails}),hotp:g=>(0,u.generate)({...p,counter:g,guardrails:e.guardrails})})}function H(r){let e=m(r),{secret:t,crypto:i,base32:a,algorithm:o,digits:s}=e,n={secret:t,crypto:i,base32:a,algorithm:o,digits:s};return f(e.strategy,e.counter,{totp:()=>(0,y.generateSync)({...n,period:e.period,epoch:e.epoch,t0:e.t0,guardrails:e.guardrails}),hotp:p=>(0,u.generateSync)({...n,counter:p,guardrails:e.guardrails})})}async function x(r){let e=b(r),{secret:t,token:i,crypto:a,base32:o,algorithm:s,digits:n,hooks:p}=e,g={secret:t,token:i,crypto:a,base32:o,algorithm:s,digits:n,hooks:p};return f(e.strategy,e.counter,{totp:()=>(0,y.verify)({...g,period:e.period,epoch:e.epoch,t0:e.t0,epochTolerance:e.epochTolerance,afterTimeStep:e.afterTimeStep,guardrails:e.guardrails}),hotp:d=>(0,u.verify)({...g,counter:d,counterTolerance:e.counterTolerance,guardrails:e.guardrails})})}function v(r){let e=b(r),{secret:t,token:i,crypto:a,base32:o,algorithm:s,digits:n,hooks:p}=e,g={secret:t,token:i,crypto:a,base32:o,algorithm:s,digits:n,hooks:p};return f(e.strategy,e.counter,{totp:()=>(0,y.verifySync)({...g,period:e.period,epoch:e.epoch,t0:e.t0,epochTolerance:e.epochTolerance,afterTimeStep:e.afterTimeStep,guardrails:e.guardrails}),hotp:d=>(0,u.verifySync)({...g,counter:d,counterTolerance:e.counterTolerance,guardrails:e.guardrails})})}var S=class{strategy;crypto;base32;guardrails;constructor(e={}){let{strategy:t="totp",crypto:i=l.crypto,base32:a=c.base32,guardrails:o}=e;this.strategy=t,this.crypto=i,this.base32=a,this.guardrails=(0,O.createGuardrails)(o)}getStrategy(){return this.strategy}generateSecret(e=20){return(0,O.generateSecret)({crypto:this.crypto,base32:this.base32,length:e})}async generate(e){return G({...e,strategy:this.strategy,crypto:this.crypto,base32:this.base32,guardrails:e.guardrails??this.guardrails})}generateSync(e){return H({...e,strategy:this.strategy,crypto:this.crypto,base32:this.base32,guardrails:e.guardrails??this.guardrails})}async verify(e){return x({...e,strategy:this.strategy,crypto:this.crypto,base32:this.base32,guardrails:e.guardrails??this.guardrails})}verifySync(e){return v({...e,strategy:this.strategy,crypto:this.crypto,base32:this.base32,guardrails:e.guardrails??this.guardrails})}generateURI(e){return R({...e,strategy:this.strategy})}};0&&(module.exports={OTP});
2	+ //# sourceMappingURL=class.cjs.map

package/dist/class.cjs.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"sources":["../src/class.ts","../src/defaults.ts","../src/functional.ts"],"sourcesContent":["/**\n * OTP Wrapper Class\n *\n * A unified class that dynamically handles TOTP and HOTP strategies.\n */\n\nimport { createGuardrails, generateSecret as generateSecretCore } from \"@otplib/core\";\n\nimport { defaultCrypto, defaultBase32 } from \"./defaults.js\";\nimport {\n generate as functionalGenerate,\n generateSync as functionalGenerateSync,\n verify as functionalVerify,\n verifySync as functionalVerifySync,\n generateURI as functionalGenerateURI,\n} from \"./functional.js\";\n\nimport type { OTPStrategy } from \"./functional.js\";\nimport type {\n CryptoPlugin,\n Digits,\n HashAlgorithm,\n Base32Plugin,\n OTPGuardrails,\n OTPHooks,\n} from \"@otplib/core\";\nimport type { VerifyResult as HOTPVerifyResult } from \"@otplib/hotp\";\nimport type { VerifyResult as TOTPVerifyResult } from \"@otplib/totp\";\n\n/**\n * Combined verify result that works for both TOTP and HOTP\n */\nexport type VerifyResult = TOTPVerifyResult | HOTPVerifyResult;\n\n/**\n * Options for the OTP class\n */\nexport type OTPClassOptions = {\n /**\n * OTP strategy to use\n * - 'totp': Time-based OTP (default)\n * - 'hotp': HMAC-based OTP\n */\n strategy?: OTPStrategy;\n\n /**\n * Crypto plugin to use (default: NobleCryptoPlugin)\n */\n crypto?: CryptoPlugin;\n\n /**\n * Base32 plugin to use (default: ScureBase32Plugin)\n */\n base32?: Base32Plugin;\n\n /**\n * Validation guardrails\n */\n guardrails?: OTPGuardrails;\n};\n\n/**\n * Options for generating a token with the OTP class\n */\nexport type OTPGenerateOptions = {\n /**\n * Base32-encoded secret key\n *\n * **Note**: By default, strings are assumed to be Base32 encoded.\n * If you have a raw string/passphrase, you must convert it to Uint8Array first.\n */\n secret: string | Uint8Array;\n\n /**\n * Hash algorithm (default: 'sha1')\n */\n algorithm?: HashAlgorithm;\n\n /**\n * Number of digits (default: 6)\n */\n digits?: Digits;\n\n /**\n * Current Unix epoch timestamp in seconds (default: now)\n * Used by TOTP strategy\n */\n epoch?: number;\n\n /**\n * Initial Unix time to start counting time steps (default: 0)\n * Used by TOTP strategy\n */\n t0?: number;\n\n /**\n * Time step in seconds (default: 30)\n * Used by TOTP strategy\n */\n period?: number;\n\n /**\n * Counter value\n * Used by HOTP strategy (required)\n */\n counter?: number;\n\n /**\n * Validation guardrails\n */\n guardrails?: OTPGuardrails;\n\n /**\n * Hooks for customizing token encoding and validation\n */\n hooks?: OTPHooks;\n};\n\n/**\n * Options for verifying a token with the OTP class\n */\nexport type OTPVerifyOptions = {\n /**\n * Base32-encoded secret key\n *\n * **Note**: By default, strings are assumed to be Base32 encoded.\n * If you have a raw string/passphrase, you must convert it to Uint8Array first.\n */\n secret: string | Uint8Array;\n\n /**\n * OTP code to verify\n */\n token: string;\n\n /**\n * Hash algorithm (default: 'sha1')\n */\n algorithm?: HashAlgorithm;\n\n /**\n * Number of digits (default: 6)\n */\n digits?: Digits;\n\n /**\n * Current Unix epoch timestamp in seconds (default: now)\n * Used by TOTP strategy\n */\n epoch?: number;\n\n /**\n * Initial Unix time to start counting time steps (default: 0)\n * Used by TOTP strategy\n */\n t0?: number;\n\n /**\n * Time step in seconds (default: 30)\n * Used by TOTP strategy\n */\n period?: number;\n\n /**\n * Counter value\n * Used by HOTP strategy (required)\n */\n counter?: number;\n\n /**\n * Time tolerance in seconds for TOTP verification (default: 0)\n * - Number: symmetric tolerance (same for past and future)\n * - Tuple [past, future]: asymmetric tolerance\n * Use [5, 0] for RFC-compliant past-only verification.\n */\n epochTolerance?: number | [number, number];\n\n /**\n * Counter tolerance for HOTP verification (default: 0)\n * - Number: creates look-ahead only tolerance [0, n]\n * - Tuple [past, future]: explicit window control\n */\n counterTolerance?: number | [number, number];\n\n /**\n * Minimum allowed TOTP time step for replay protection (optional)\n *\n * Rejects tokens with timeStep <= afterTimeStep.\n * Only used by TOTP strategy.\n */\n afterTimeStep?: number;\n\n /**\n * Validation guardrails\n */\n guardrails?: OTPGuardrails;\n\n /**\n * Hooks for customizing token encoding and validation\n */\n hooks?: OTPHooks;\n};\n\n/**\n * Options for generating URI with the OTP class\n */\nexport type OTPURIGenerateOptions = {\n /**\n * Issuer name (e.g., 'ACME Co')\n */\n issuer: string;\n\n /**\n * Label/Account name (e.g., 'john@example.com')\n */\n label: string;\n\n /**\n * Base32-encoded secret key\n *\n * **Note**: By default, strings are assumed to be Base32 encoded.\n * If you have a raw string/passphrase, you must convert it to Uint8Array first.\n */\n secret: string;\n\n /**\n * Hash algorithm (default: 'sha1')\n */\n algorithm?: HashAlgorithm;\n\n /**\n * Number of digits (default: 6)\n */\n digits?: Digits;\n\n /**\n * Time step in seconds (default: 30)\n * Used by TOTP strategy\n */\n period?: number;\n\n /**\n * Counter value (default: 0)\n * Used by HOTP strategy\n */\n counter?: number;\n};\n\n/**\n * OTP Class\n *\n * A wrapper class that dynamically handles TOTP and HOTP strategies.\n *\n * @example\n * ```ts\n * import { OTP } from 'otplib';\n *\n * // Create OTP instance with TOTP strategy (default)\n * const otp = new OTP({ strategy: 'totp' });\n *\n * // Generate and verify\n * const secret = otp.generateSecret();\n * const token = await otp.generate({ secret });\n * const result = await otp.verify({ secret, token });\n * ```\n *\n * @example With HOTP strategy\n * ```ts\n * import { OTP } from 'otplib';\n *\n * const otp = new OTP({ strategy: 'hotp' });\n * const token = await otp.generate({ secret: 'ABC123', counter: 0 });\n * ```\n *\n * @example Generating otpauth:// URI for authenticator apps\n * ```ts\n * import { OTP } from 'otplib';\n *\n * const otp = new OTP({ strategy: 'totp' });\n * const uri = otp.generateURI({\n * issuer: 'MyApp',\n * label: 'user@example.com',\n * secret: 'ABC123',\n * });\n * ```\n */\nexport class OTP {\n private readonly strategy: OTPStrategy;\n private readonly crypto: CryptoPlugin;\n private readonly base32: Base32Plugin;\n private readonly guardrails: OTPGuardrails;\n\n constructor(options: OTPClassOptions = {}) {\n const {\n strategy = \"totp\",\n crypto = defaultCrypto,\n base32 = defaultBase32,\n guardrails,\n } = options;\n\n this.strategy = strategy;\n this.crypto = crypto;\n this.base32 = base32;\n this.guardrails = createGuardrails(guardrails);\n }\n\n /**\n * Get the current strategy\n */\n getStrategy(): OTPStrategy {\n return this.strategy;\n }\n\n /**\n * Generate a random secret key\n *\n * @param length - Number of random bytes (default: 20)\n * @returns Base32-encoded secret key\n */\n generateSecret(length: number = 20): string {\n return generateSecretCore({ crypto: this.crypto, base32: this.base32, length });\n }\n\n /**\n * Generate an OTP token based on the configured strategy\n *\n * @param options - Generation options\n * @returns OTP code\n */\n async generate(options: OTPGenerateOptions): Promise<string> {\n return functionalGenerate({\n ...options,\n strategy: this.strategy,\n crypto: this.crypto,\n base32: this.base32,\n guardrails: options.guardrails ?? this.guardrails,\n });\n }\n\n /**\n * Generate an OTP token based on the configured strategy synchronously\n *\n * @param options - Generation options\n * @returns OTP code\n * @throws {HMACError} If the crypto plugin doesn't support sync operations\n */\n generateSync(options: OTPGenerateOptions): string {\n return functionalGenerateSync({\n ...options,\n strategy: this.strategy,\n crypto: this.crypto,\n base32: this.base32,\n guardrails: options.guardrails ?? this.guardrails,\n });\n }\n\n /**\n * Verify an OTP token based on the configured strategy\n *\n * @param options - Verification options\n * @returns Verification result with validity and optional delta\n */\n async verify(options: OTPVerifyOptions): Promise<VerifyResult> {\n return functionalVerify({\n ...options,\n strategy: this.strategy,\n crypto: this.crypto,\n base32: this.base32,\n guardrails: options.guardrails ?? this.guardrails,\n });\n }\n\n /**\n * Verify an OTP token based on the configured strategy synchronously\n *\n * @param options - Verification options\n * @returns Verification result with validity and optional delta\n * @throws {HMACError} If the crypto plugin doesn't support sync operations\n */\n verifySync(options: OTPVerifyOptions): VerifyResult {\n return functionalVerifySync({\n ...options,\n strategy: this.strategy,\n crypto: this.crypto,\n base32: this.base32,\n guardrails: options.guardrails ?? this.guardrails,\n });\n }\n\n /**\n * Generate an otpauth:// URI for QR code generation\n *\n * Supports both TOTP and HOTP strategies.\n *\n * @param options - URI generation options\n * @returns otpauth:// URI string\n */\n generateURI(options: OTPURIGenerateOptions): string {\n return functionalGenerateURI({\n ...options,\n strategy: this.strategy,\n });\n }\n}\n","/**\n * Default plugin instances\n *\n * Shared across functional and class APIs to ensure singleton behavior\n * and reduce memory overhead. Uses pre-instantiated frozen singletons\n * from the plugin packages.\n */\nimport { createGuardrails } from \"@otplib/core\";\nimport { base32 as defaultBase32 } from \"@otplib/plugin-base32-scure\";\nimport { crypto as defaultCrypto } from \"@otplib/plugin-crypto-noble\";\n\nimport type {\n OTPGenerateOptions,\n OTPVerifyOptions,\n OTPGenerateOptionsWithDefaults,\n OTPVerifyOptionsWithDefaults,\n} from \"./types.js\";\n\nexport { defaultCrypto, defaultBase32 };\n\nexport function normalizeGenerateOptions(\n options: OTPGenerateOptions,\n): OTPGenerateOptionsWithDefaults {\n return {\n secret: options.secret,\n strategy: options.strategy ?? \"totp\",\n crypto: options.crypto ?? defaultCrypto,\n base32: options.base32 ?? defaultBase32,\n algorithm: options.algorithm ?? \"sha1\",\n digits: options.digits ?? 6,\n period: options.period ?? 30,\n epoch: options.epoch ?? Math.floor(Date.now() / 1000),\n t0: options.t0 ?? 0,\n counter: options.counter,\n guardrails: options.guardrails ?? createGuardrails(),\n hooks: options.hooks,\n };\n}\n\nexport function normalizeVerifyOptions(options: OTPVerifyOptions): OTPVerifyOptionsWithDefaults {\n return {\n ...normalizeGenerateOptions(options),\n token: options.token,\n epochTolerance: options.epochTolerance ?? 0,\n counterTolerance: options.counterTolerance ?? 0,\n afterTimeStep: options.afterTimeStep,\n };\n}\n","import { generateSecret as generateSecretCore, ConfigurationError } from \"@otplib/core\";\nimport {\n generate as generateHOTP,\n generateSync as generateHOTPSync,\n verify as verifyHOTP,\n verifySync as verifyHOTPSync,\n} from \"@otplib/hotp\";\nimport {\n generate as generateTOTP,\n generateSync as generateTOTPSync,\n verify as verifyTOTP,\n verifySync as verifyTOTPSync,\n} from \"@otplib/totp\";\nimport { generateTOTP as generateTOTPURI, generateHOTP as generateHOTURI } from \"@otplib/uri\";\n\nimport {\n defaultCrypto,\n defaultBase32,\n normalizeGenerateOptions,\n normalizeVerifyOptions,\n} from \"./defaults.js\";\n\nimport type {\n OTPGenerateOptions,\n OTPVerifyOptions,\n OTPStrategy,\n StrategyHandlers,\n} from \"./types.js\";\nimport type { CryptoPlugin, Base32Plugin, Digits, HashAlgorithm } from \"@otplib/core\";\nimport type { VerifyResult as HOTPVerifyResult } from \"@otplib/hotp\";\nimport type { VerifyResult as TOTPVerifyResult } from \"@otplib/totp\";\n\nexport type { OTPStrategy };\n\nexport type VerifyResult = TOTPVerifyResult | HOTPVerifyResult;\n\nfunction executeByStrategy<T>(\n strategy: OTPStrategy,\n counter: number | undefined,\n handlers: StrategyHandlers<T>,\n): T {\n if (strategy === \"totp\") {\n return handlers.totp();\n }\n if (strategy === \"hotp\") {\n if (counter === undefined) {\n throw new ConfigurationError(\n \"Counter is required for HOTP strategy. Example: { strategy: 'hotp', counter: 0 }\",\n );\n }\n return handlers.hotp(counter);\n }\n throw new ConfigurationError(\n `Unknown OTP strategy: ${strategy}. Valid strategies are 'totp' or 'hotp'.`,\n );\n}\n\n/**\n * Generate a random secret key for use with OTP\n *\n * The secret is encoded in Base32 format for compatibility with\n * Google Authenticator and other authenticator apps.\n *\n * @param options - Secret generation options\n * @returns Base32-encoded secret key\n *\n * @example\n * ```ts\n * import { generateSecret } from 'otplib';\n *\n * const secret = generateSecret();\n * // Returns: 'JBSWY3DPEHPK3PXP'\n * ```\n *\n * @example With custom plugins\n * ```ts\n * import { generateSecret, NodeCryptoPlugin } from 'otplib';\n *\n * const secret = generateSecret({\n * crypto: new NodeCryptoPlugin(),\n * });\n * ```\n */\nexport function generateSecret(options?: {\n /**\n * Number of random bytes to generate (default: 20)\n * 20 bytes = 160 bits, which provides a good security margin\n */\n length?: number;\n\n /**\n * Crypto plugin to use (default: NobleCryptoPlugin)\n */\n crypto?: CryptoPlugin;\n\n /**\n * Base32 plugin to use (default: ScureBase32Plugin)\n */\n base32?: Base32Plugin;\n}): string {\n const { crypto = defaultCrypto, base32 = defaultBase32, length = 20 } = options || {};\n\n return generateSecretCore({ crypto, base32, length });\n}\n\n/**\n * Generate an otpauth:// URI for QR code generation\n *\n * This URI can be used to generate a QR code that can be scanned\n * by Google Authenticator and other authenticator apps.\n *\n * @param options - URI generation options\n * @returns otpauth:// URI string\n *\n * @example TOTP\n * ```ts\n * import { generateURI } from 'otplib';\n *\n * const uri = generateURI({\n * issuer: 'ACME Co',\n * label: 'john@example.com',\n * secret: 'JBSWY3DPEHPK3PXP',\n * });\n * // Returns: 'otpauth://totp/ACME%20Co:john%40example.com?secret=...'\n * ```\n *\n * @example HOTP\n * ```ts\n * import { generateURI } from 'otplib';\n *\n * const uri = generateURI({\n * strategy: 'hotp',\n * issuer: 'ACME Co',\n * label: 'john@example.com',\n * secret: 'JBSWY3DPEHPK3PXP',\n * counter: 5,\n * });\n * // Returns: 'otpauth://hotp/ACME%20Co:john%40example.com?secret=...&counter=5'\n * ```\n */\nexport function generateURI(options: {\n /**\n * OTP strategy to use (default: 'totp')\n */\n strategy?: OTPStrategy;\n issuer: string;\n label: string;\n /**\n * Base32-encoded secret key\n *\n * **Note**: By default, strings are assumed to be Base32 encoded.\n * If you have a raw string/passphrase, you must convert it to Uint8Array first.\n */\n secret: string;\n algorithm?: HashAlgorithm;\n digits?: Digits;\n period?: number;\n counter?: number;\n}): string {\n const {\n strategy = \"totp\",\n issuer,\n label,\n secret,\n algorithm = \"sha1\",\n digits = 6,\n period = 30,\n counter,\n } = options;\n\n return executeByStrategy(strategy, counter, {\n totp: () => generateTOTPURI({ issuer, label, secret, algorithm, digits, period }),\n hotp: (counter) => generateHOTURI({ issuer, label, secret, algorithm, digits, counter }),\n });\n}\n\n/**\n * Generate an OTP code\n *\n * Generates a one-time password based on the specified strategy.\n * - 'totp': Time-based OTP (default)\n * - 'hotp': HMAC-based OTP\n *\n * @param options - OTP generation options\n * @returns OTP code\n *\n * @example TOTP\n * ```ts\n * import { generate } from 'otplib';\n *\n * const token = await generate({\n * secret: 'JBSWY3DPEHPK3PXP',\n * });\n * // Returns: '123456'\n * ```\n *\n * @example HOTP\n * ```ts\n * import { generate } from 'otplib';\n *\n * const token = await generate({\n * secret: 'JBSWY3DPEHPK3PXP',\n * strategy: 'hotp',\n * counter: 0,\n * });\n * ```\n *\n * @example With custom plugins\n * ```ts\n * import { generate, NodeCryptoPlugin } from 'otplib';\n *\n * const token = await generate({\n * secret: 'JBSWY3DPEHPK3PXP',\n * crypto: new NodeCryptoPlugin(),\n * });\n * ```\n */\nexport async function generate(options: OTPGenerateOptions): Promise<string> {\n const opts = normalizeGenerateOptions(options);\n const { secret, crypto, base32, algorithm, digits, hooks } = opts;\n const commonOptions = { secret, crypto, base32, algorithm, digits, hooks };\n\n return executeByStrategy(opts.strategy, opts.counter, {\n totp: () =>\n generateTOTP({\n ...commonOptions,\n period: opts.period,\n epoch: opts.epoch,\n t0: opts.t0,\n guardrails: opts.guardrails,\n }),\n hotp: (counter) =>\n generateHOTP({\n ...commonOptions,\n counter,\n guardrails: opts.guardrails,\n }),\n });\n}\n\n/**\n * Generate an OTP code synchronously\n *\n * This is the synchronous version of {@link generate}. It requires a crypto\n * plugin that supports synchronous HMAC operations.\n *\n * @param options - OTP generation options\n * @returns OTP code\n * @throws {HMACError} If the crypto plugin doesn't support sync operations\n *\n * @example\n * ```ts\n * import { generateSync } from 'otplib';\n *\n * const token = generateSync({\n * secret: 'JBSWY3DPEHPK3PXP',\n * });\n * ```\n */\nexport function generateSync(options: OTPGenerateOptions): string {\n const opts = normalizeGenerateOptions(options);\n const { secret, crypto, base32, algorithm, digits } = opts;\n const commonOptions = { secret, crypto, base32, algorithm, digits };\n\n return executeByStrategy(opts.strategy, opts.counter, {\n totp: () =>\n generateTOTPSync({\n ...commonOptions,\n period: opts.period,\n epoch: opts.epoch,\n t0: opts.t0,\n guardrails: opts.guardrails,\n }),\n hotp: (counter) =>\n generateHOTPSync({\n ...commonOptions,\n counter,\n guardrails: opts.guardrails,\n }),\n });\n}\n\n/**\n * Verify an OTP code\n *\n * Verifies a provided OTP code against the expected value based on the strategy.\n * - 'totp': Time-based OTP (default, Google Authenticator compatible)\n * - 'hotp': HMAC-based OTP\n *\n * Uses constant-time comparison to prevent timing attacks.\n *\n * @param options - OTP verification options\n * @returns Verification result with validity and optional delta\n *\n * @example TOTP\n * ```ts\n * import { verify } from 'otplib';\n *\n * const result = await verify({\n * secret: 'JBSWY3DPEHPK3PXP',\n * token: '123456',\n * });\n * // Returns: { valid: true, delta: 0 }\n * ```\n *\n * @example HOTP\n * ```ts\n * import { verify } from 'otplib';\n *\n * const result = await verify({\n * secret: 'JBSWY3DPEHPK3PXP',\n * token: '123456',\n * strategy: 'hotp',\n * counter: 0,\n * });\n * ```\n *\n * @example With epochTolerance for TOTP\n * ```ts\n * import { verify, NodeCryptoPlugin } from 'otplib';\n *\n * const result = await verify({\n * secret: 'JBSWY3DPEHPK3PXP',\n * token: '123456',\n * epochTolerance: 30,\n * crypto: new NodeCryptoPlugin(),\n * });\n * ```\n */\nexport async function verify(options: OTPVerifyOptions): Promise<VerifyResult> {\n const opts = normalizeVerifyOptions(options);\n const { secret, token, crypto, base32, algorithm, digits, hooks } = opts;\n const commonOptions = { secret, token, crypto, base32, algorithm, digits, hooks };\n\n return executeByStrategy(opts.strategy, opts.counter, {\n totp: () =>\n verifyTOTP({\n ...commonOptions,\n period: opts.period,\n epoch: opts.epoch,\n t0: opts.t0,\n epochTolerance: opts.epochTolerance,\n afterTimeStep: opts.afterTimeStep,\n guardrails: opts.guardrails,\n }),\n hotp: (counter) =>\n verifyHOTP({\n ...commonOptions,\n counter,\n counterTolerance: opts.counterTolerance,\n guardrails: opts.guardrails,\n }),\n });\n}\n\n/**\n * Verify an OTP code synchronously\n *\n * This is the synchronous version of {@link verify}. It requires a crypto\n * plugin that supports synchronous HMAC operations.\n *\n * @param options - OTP verification options\n * @returns Verification result with validity and optional delta\n * @throws {HMACError} If the crypto plugin doesn't support sync operations\n *\n * @example\n * ```ts\n * import { verifySync } from 'otplib';\n *\n * const result = verifySync({\n * secret: 'JBSWY3DPEHPK3PXP',\n * token: '123456',\n * });\n * ```\n */\nexport function verifySync(options: OTPVerifyOptions): VerifyResult {\n const opts = normalizeVerifyOptions(options);\n const { secret, token, crypto, base32, algorithm, digits, hooks } = opts;\n const commonOptions = { secret, token, crypto, base32, algorithm, digits, hooks };\n\n return executeByStrategy(opts.strategy, opts.counter, {\n totp: () =>\n verifyTOTPSync({\n ...commonOptions,\n period: opts.period,\n epoch: opts.epoch,\n t0: opts.t0,\n epochTolerance: opts.epochTolerance,\n afterTimeStep: opts.afterTimeStep,\n guardrails: opts.guardrails,\n }),\n hotp: (counter) =>\n verifyHOTPSync({\n ...commonOptions,\n counter,\n counterTolerance: opts.counterTolerance,\n guardrails: opts.guardrails,\n }),\n });\n}\n"],"mappings":"yaAAA,IAAAA,EAAA,GAAAC,EAAAD,EAAA,SAAAE,IAAA,eAAAC,EAAAH,GAMA,IAAAI,EAAuE,wBCCvE,IAAAC,EAAiC,wBACjCC,EAAwC,uCACxCC,EAAwC,uCAWjC,SAASC,EACdC,EACgC,CAChC,MAAO,CACL,OAAQA,EAAQ,OAChB,SAAUA,EAAQ,UAAY,OAC9B,OAAQA,EAAQ,QAAU,EAAAC,OAC1B,OAAQD,EAAQ,QAAU,EAAAE,OAC1B,UAAWF,EAAQ,WAAa,OAChC,OAAQA,EAAQ,QAAU,EAC1B,OAAQA,EAAQ,QAAU,GAC1B,MAAOA,EAAQ,OAAS,KAAK,MAAM,KAAK,IAAI,EAAI,GAAI,EACpD,GAAIA,EAAQ,IAAM,EAClB,QAASA,EAAQ,QACjB,WAAYA,EAAQ,eAAc,oBAAiB,EACnD,MAAOA,EAAQ,KACjB,CACF,CAEO,SAASG,EAAuBH,EAAyD,CAC9F,MAAO,CACL,GAAGD,EAAyBC,CAAO,EACnC,MAAOA,EAAQ,MACf,eAAgBA,EAAQ,gBAAkB,EAC1C,iBAAkBA,EAAQ,kBAAoB,EAC9C,cAAeA,EAAQ,aACzB,CACF,CC/CA,IAAAI,EAAyE,wBACzEC,EAKO,wBACPC,EAKO,wBACPC,EAAgF,uBAuBhF,SAASC,EACPC,EACAC,EACAC,EACG,CACH,GAAIF,IAAa,OACf,OAAOE,EAAS,KAAK,EAEvB,GAAIF,IAAa,OAAQ,CACvB,GAAIC,IAAY,OACd,MAAM,IAAI,qBACR,kFACF,EAEF,OAAOC,EAAS,KAAKD,CAAO,CAC9B,CACA,MAAM,IAAI,qBACR,yBAAyBD,CAAQ,0CACnC,CACF,CAqFO,SAASG,EAAYC,EAkBjB,CACT,GAAM,CACJ,SAAAC,EAAW,OACX,OAAAC,EACA,MAAAC,EACA,OAAAC,EACA,UAAAC,EAAY,OACZ,OAAAC,EAAS,EACT,OAAAC,EAAS,GACT,QAAAC,CACF,EAAIR,EAEJ,OAAOS,EAAkBR,EAAUO,EAAS,CAC1C,KAAM,OAAM,EAAAE,cAAgB,CAAE,OAAAR,EAAQ,MAAAC,EAAO,OAAAC,EAAQ,UAAAC,EAAW,OAAAC,EAAQ,OAAAC,CAAO,CAAC,EAChF,KAAOC,MAAY,EAAAG,cAAe,CAAE,OAAAT,EAAQ,MAAAC,EAAO,OAAAC,EAAQ,UAAAC,EAAW,OAAAC,EAAQ,QAAAE,CAAQ,CAAC,CACzF,CAAC,CACH,CA2CA,eAAsBI,EAASZ,EAA8C,CAC3E,IAAMa,EAAOC,EAAyBd,CAAO,EACvC,CAAE,OAAAI,EAAQ,OAAAW,EAAQ,OAAAC,EAAQ,UAAAX,EAAW,OAAAC,EAAQ,MAAAW,CAAM,EAAIJ,EACvDK,EAAgB,CAAE,OAAAd,EAAQ,OAAAW,EAAQ,OAAAC,EAAQ,UAAAX,EAAW,OAAAC,EAAQ,MAAAW,CAAM,EAEzE,OAAOR,EAAkBI,EAAK,SAAUA,EAAK,QAAS,CACpD,KAAM,OACJ,EAAAM,UAAa,CACX,GAAGD,EACH,OAAQL,EAAK,OACb,MAAOA,EAAK,MACZ,GAAIA,EAAK,GACT,WAAYA,EAAK,UACnB,CAAC,EACH,KAAOL,MACL,EAAAY,UAAa,CACX,GAAGF,EACH,QAAAV,EACA,WAAYK,EAAK,UACnB,CAAC,CACL,CAAC,CACH,CAqBO,SAASQ,EAAarB,EAAqC,CAChE,IAAMa,EAAOC,EAAyBd,CAAO,EACvC,CAAE,OAAAI,EAAQ,OAAAW,EAAQ,OAAAC,EAAQ,UAAAX,EAAW,OAAAC,CAAO,EAAIO,EAChDK,EAAgB,CAAE,OAAAd,EAAQ,OAAAW,EAAQ,OAAAC,EAAQ,UAAAX,EAAW,OAAAC,CAAO,EAElE,OAAOG,EAAkBI,EAAK,SAAUA,EAAK,QAAS,CACpD,KAAM,OACJ,EAAAS,cAAiB,CACf,GAAGJ,EACH,OAAQL,EAAK,OACb,MAAOA,EAAK,MACZ,GAAIA,EAAK,GACT,WAAYA,EAAK,UACnB,CAAC,EACH,KAAOL,MACL,EAAAe,cAAiB,CACf,GAAGL,EACH,QAAAV,EACA,WAAYK,EAAK,UACnB,CAAC,CACL,CAAC,CACH,CAiDA,eAAsBW,EAAOxB,EAAkD,CAC7E,IAAMa,EAAOY,EAAuBzB,CAAO,EACrC,CAAE,OAAAI,EAAQ,MAAAsB,EAAO,OAAAX,EAAQ,OAAAC,EAAQ,UAAAX,EAAW,OAAAC,EAAQ,MAAAW,CAAM,EAAIJ,EAC9DK,EAAgB,CAAE,OAAAd,EAAQ,MAAAsB,EAAO,OAAAX,EAAQ,OAAAC,EAAQ,UAAAX,EAAW,OAAAC,EAAQ,MAAAW,CAAM,EAEhF,OAAOR,EAAkBI,EAAK,SAAUA,EAAK,QAAS,CACpD,KAAM,OACJ,EAAAc,QAAW,CACT,GAAGT,EACH,OAAQL,EAAK,OACb,MAAOA,EAAK,MACZ,GAAIA,EAAK,GACT,eAAgBA,EAAK,eACrB,cAAeA,EAAK,cACpB,WAAYA,EAAK,UACnB,CAAC,EACH,KAAOL,MACL,EAAAoB,QAAW,CACT,GAAGV,EACH,QAAAV,EACA,iBAAkBK,EAAK,iBACvB,WAAYA,EAAK,UACnB,CAAC,CACL,CAAC,CACH,CAsBO,SAASgB,EAAW7B,EAAyC,CAClE,IAAMa,EAAOY,EAAuBzB,CAAO,EACrC,CAAE,OAAAI,EAAQ,MAAAsB,EAAO,OAAAX,EAAQ,OAAAC,EAAQ,UAAAX,EAAW,OAAAC,EAAQ,MAAAW,CAAM,EAAIJ,EAC9DK,EAAgB,CAAE,OAAAd,EAAQ,MAAAsB,EAAO,OAAAX,EAAQ,OAAAC,EAAQ,UAAAX,EAAW,OAAAC,EAAQ,MAAAW,CAAM,EAEhF,OAAOR,EAAkBI,EAAK,SAAUA,EAAK,QAAS,CACpD,KAAM,OACJ,EAAAiB,YAAe,CACb,GAAGZ,EACH,OAAQL,EAAK,OACb,MAAOA,EAAK,MACZ,GAAIA,EAAK,GACT,eAAgBA,EAAK,eACrB,cAAeA,EAAK,cACpB,WAAYA,EAAK,UACnB,CAAC,EACH,KAAOL,MACL,EAAAuB,YAAe,CACb,GAAGb,EACH,QAAAV,EACA,iBAAkBK,EAAK,iBACvB,WAAYA,EAAK,UACnB,CAAC,CACL,CAAC,CACH,CFjHO,IAAMmB,EAAN,KAAU,CACE,SACA,OACA,OACA,WAEjB,YAAYC,EAA2B,CAAC,EAAG,CACzC,GAAM,CACJ,SAAAC,EAAW,OACX,OAAAC,EAAS,EAAAC,OACT,OAAAC,EAAS,EAAAC,OACT,WAAAC,CACF,EAAIN,EAEJ,KAAK,SAAWC,EAChB,KAAK,OAASC,EACd,KAAK,OAASE,EACd,KAAK,cAAa,oBAAiBE,CAAU,CAC/C,CAKA,aAA2B,CACzB,OAAO,KAAK,QACd,CAQA,eAAeC,EAAiB,GAAY,CAC1C,SAAO,EAAAC,gBAAmB,CAAE,OAAQ,KAAK,OAAQ,OAAQ,KAAK,OAAQ,OAAAD,CAAO,CAAC,CAChF,CAQA,MAAM,SAASP,EAA8C,CAC3D,OAAOS,EAAmB,CACxB,GAAGT,EACH,SAAU,KAAK,SACf,OAAQ,KAAK,OACb,OAAQ,KAAK,OACb,WAAYA,EAAQ,YAAc,KAAK,UACzC,CAAC,CACH,CASA,aAAaA,EAAqC,CAChD,OAAOU,EAAuB,CAC5B,GAAGV,EACH,SAAU,KAAK,SACf,OAAQ,KAAK,OACb,OAAQ,KAAK,OACb,WAAYA,EAAQ,YAAc,KAAK,UACzC,CAAC,CACH,CAQA,MAAM,OAAOA,EAAkD,CAC7D,OAAOW,EAAiB,CACtB,GAAGX,EACH,SAAU,KAAK,SACf,OAAQ,KAAK,OACb,OAAQ,KAAK,OACb,WAAYA,EAAQ,YAAc,KAAK,UACzC,CAAC,CACH,CASA,WAAWA,EAAyC,CAClD,OAAOY,EAAqB,CAC1B,GAAGZ,EACH,SAAU,KAAK,SACf,OAAQ,KAAK,OACb,OAAQ,KAAK,OACb,WAAYA,EAAQ,YAAc,KAAK,UACzC,CAAC,CACH,CAUA,YAAYA,EAAwC,CAClD,OAAOa,EAAsB,CAC3B,GAAGb,EACH,SAAU,KAAK,QACjB,CAAC,CACH,CACF","names":["class_exports","__export","OTP","__toCommonJS","import_core","import_core","import_plugin_base32_scure","import_plugin_crypto_noble","normalizeGenerateOptions","options","defaultCrypto","defaultBase32","normalizeVerifyOptions","import_core","import_hotp","import_totp","import_uri","executeByStrategy","strategy","counter","handlers","generateURI","options","strategy","issuer","label","secret","algorithm","digits","period","counter","executeByStrategy","generateTOTPURI","generateHOTURI","generate","opts","normalizeGenerateOptions","crypto","base32","hooks","commonOptions","generateTOTP","generateHOTP","generateSync","generateTOTPSync","generateHOTPSync","verify","normalizeVerifyOptions","token","verifyTOTP","verifyHOTP","verifySync","verifyTOTPSync","verifyHOTPSync","OTP","options","strategy","crypto","defaultCrypto","base32","defaultBase32","guardrails","length","generateSecretCore","generate","generateSync","verify","verifySync","generateURI"]}

package/dist/class.d.cts ADDED Viewed

@@ -0,0 +1,293 @@
+import { b as OTPStrategy } from './types-BBT_82HF.cjs';
+import { CryptoPlugin, Base32Plugin, OTPGuardrails, HashAlgorithm, Digits, OTPHooks } from '@otplib/core';
+import { VerifyResult as VerifyResult$2 } from '@otplib/hotp';
+import { VerifyResult as VerifyResult$1 } from '@otplib/totp';
+/**
+ * OTP Wrapper Class
+ *
+ * A unified class that dynamically handles TOTP and HOTP strategies.
+ */
+/**
+ * Combined verify result that works for both TOTP and HOTP
+ */
+type VerifyResult = VerifyResult$1 | VerifyResult$2;
+/**
+ * Options for the OTP class
+ */
+type OTPClassOptions = {
+    /**
+     * OTP strategy to use
+     * - 'totp': Time-based OTP (default)
+     * - 'hotp': HMAC-based OTP
+     */
+    strategy?: OTPStrategy;
+    /**
+     * Crypto plugin to use (default: NobleCryptoPlugin)
+     */
+    crypto?: CryptoPlugin;
+    /**
+     * Base32 plugin to use (default: ScureBase32Plugin)
+     */
+    base32?: Base32Plugin;
+    /**
+     * Validation guardrails
+     */
+    guardrails?: OTPGuardrails;
+};
+/**
+ * Options for generating a token with the OTP class
+ */
+type OTPGenerateOptions = {
+    /**
+     * Base32-encoded secret key
+     *
+     * **Note**: By default, strings are assumed to be Base32 encoded.
+     * If you have a raw string/passphrase, you must convert it to Uint8Array first.
+     */
+    secret: string | Uint8Array;
+    /**
+     * Hash algorithm (default: 'sha1')
+     */
+    algorithm?: HashAlgorithm;
+    /**
+     * Number of digits (default: 6)
+     */
+    digits?: Digits;
+    /**
+     * Current Unix epoch timestamp in seconds (default: now)
+     * Used by TOTP strategy
+     */
+    epoch?: number;
+    /**
+     * Initial Unix time to start counting time steps (default: 0)
+     * Used by TOTP strategy
+     */
+    t0?: number;
+    /**
+     * Time step in seconds (default: 30)
+     * Used by TOTP strategy
+     */
+    period?: number;
+    /**
+     * Counter value
+     * Used by HOTP strategy (required)
+     */
+    counter?: number;
+    /**
+     * Validation guardrails
+     */
+    guardrails?: OTPGuardrails;
+    /**
+     * Hooks for customizing token encoding and validation
+     */
+    hooks?: OTPHooks;
+};
+/**
+ * Options for verifying a token with the OTP class
+ */
+type OTPVerifyOptions = {
+    /**
+     * Base32-encoded secret key
+     *
+     * **Note**: By default, strings are assumed to be Base32 encoded.
+     * If you have a raw string/passphrase, you must convert it to Uint8Array first.
+     */
+    secret: string | Uint8Array;
+    /**
+     * OTP code to verify
+     */
+    token: string;
+    /**
+     * Hash algorithm (default: 'sha1')
+     */
+    algorithm?: HashAlgorithm;
+    /**
+     * Number of digits (default: 6)
+     */
+    digits?: Digits;
+    /**
+     * Current Unix epoch timestamp in seconds (default: now)
+     * Used by TOTP strategy
+     */
+    epoch?: number;
+    /**
+     * Initial Unix time to start counting time steps (default: 0)
+     * Used by TOTP strategy
+     */
+    t0?: number;
+    /**
+     * Time step in seconds (default: 30)
+     * Used by TOTP strategy
+     */
+    period?: number;
+    /**
+     * Counter value
+     * Used by HOTP strategy (required)
+     */
+    counter?: number;
+    /**
+     * Time tolerance in seconds for TOTP verification (default: 0)
+     * - Number: symmetric tolerance (same for past and future)
+     * - Tuple [past, future]: asymmetric tolerance
+     *   Use [5, 0] for RFC-compliant past-only verification.
+     */
+    epochTolerance?: number | [number, number];
+    /**
+     * Counter tolerance for HOTP verification (default: 0)
+     * - Number: creates look-ahead only tolerance [0, n]
+     * - Tuple [past, future]: explicit window control
+     */
+    counterTolerance?: number | [number, number];
+    /**
+     * Minimum allowed TOTP time step for replay protection (optional)
+     *
+     * Rejects tokens with timeStep <= afterTimeStep.
+     * Only used by TOTP strategy.
+     */
+    afterTimeStep?: number;
+    /**
+     * Validation guardrails
+     */
+    guardrails?: OTPGuardrails;
+    /**
+     * Hooks for customizing token encoding and validation
+     */
+    hooks?: OTPHooks;
+};
+/**
+ * Options for generating URI with the OTP class
+ */
+type OTPURIGenerateOptions = {
+    /**
+     * Issuer name (e.g., 'ACME Co')
+     */
+    issuer: string;
+    /**
+     * Label/Account name (e.g., 'john@example.com')
+     */
+    label: string;
+    /**
+     * Base32-encoded secret key
+     *
+     * **Note**: By default, strings are assumed to be Base32 encoded.
+     * If you have a raw string/passphrase, you must convert it to Uint8Array first.
+     */
+    secret: string;
+    /**
+     * Hash algorithm (default: 'sha1')
+     */
+    algorithm?: HashAlgorithm;
+    /**
+     * Number of digits (default: 6)
+     */
+    digits?: Digits;
+    /**
+     * Time step in seconds (default: 30)
+     * Used by TOTP strategy
+     */
+    period?: number;
+    /**
+     * Counter value (default: 0)
+     * Used by HOTP strategy
+     */
+    counter?: number;
+};
+/**
+ * OTP Class
+ *
+ * A wrapper class that dynamically handles TOTP and HOTP strategies.
+ *
+ * @example
+ * ```ts
+ * import { OTP } from 'otplib';
+ *
+ * // Create OTP instance with TOTP strategy (default)
+ * const otp = new OTP({ strategy: 'totp' });
+ *
+ * // Generate and verify
+ * const secret = otp.generateSecret();
+ * const token = await otp.generate({ secret });
+ * const result = await otp.verify({ secret, token });
+ * ```
+ *
+ * @example With HOTP strategy
+ * ```ts
+ * import { OTP } from 'otplib';
+ *
+ * const otp = new OTP({ strategy: 'hotp' });
+ * const token = await otp.generate({ secret: 'ABC123', counter: 0 });
+ * ```
+ *
+ * @example Generating otpauth:// URI for authenticator apps
+ * ```ts
+ * import { OTP } from 'otplib';
+ *
+ * const otp = new OTP({ strategy: 'totp' });
+ * const uri = otp.generateURI({
+ *   issuer: 'MyApp',
+ *   label: 'user@example.com',
+ *   secret: 'ABC123',
+ * });
+ * ```
+ */
+declare class OTP {
+    private readonly strategy;
+    private readonly crypto;
+    private readonly base32;
+    private readonly guardrails;
+    constructor(options?: OTPClassOptions);
+    /**
+     * Get the current strategy
+     */
+    getStrategy(): OTPStrategy;
+    /**
+     * Generate a random secret key
+     *
+     * @param length - Number of random bytes (default: 20)
+     * @returns Base32-encoded secret key
+     */
+    generateSecret(length?: number): string;
+    /**
+     * Generate an OTP token based on the configured strategy
+     *
+     * @param options - Generation options
+     * @returns OTP code
+     */
+    generate(options: OTPGenerateOptions): Promise<string>;
+    /**
+     * Generate an OTP token based on the configured strategy synchronously
+     *
+     * @param options - Generation options
+     * @returns OTP code
+     * @throws {HMACError} If the crypto plugin doesn't support sync operations
+     */
+    generateSync(options: OTPGenerateOptions): string;
+    /**
+     * Verify an OTP token based on the configured strategy
+     *
+     * @param options - Verification options
+     * @returns Verification result with validity and optional delta
+     */
+    verify(options: OTPVerifyOptions): Promise<VerifyResult>;
+    /**
+     * Verify an OTP token based on the configured strategy synchronously
+     *
+     * @param options - Verification options
+     * @returns Verification result with validity and optional delta
+     * @throws {HMACError} If the crypto plugin doesn't support sync operations
+     */
+    verifySync(options: OTPVerifyOptions): VerifyResult;
+    /**
+     * Generate an otpauth:// URI for QR code generation
+     *
+     * Supports both TOTP and HOTP strategies.
+     *
+     * @param options - URI generation options
+     * @returns otpauth:// URI string
+     */
+    generateURI(options: OTPURIGenerateOptions): string;
+}
+export { OTP, type OTPClassOptions, type OTPGenerateOptions, type OTPURIGenerateOptions, type OTPVerifyOptions, type VerifyResult };