npm - @depup/otplib - Versions diffs - 13.3.0-depup.0 - Mend

@depup/otplib 13.3.0-depup.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (26) hide show

package/LICENSE +21 -0
package/README.md +25 -0
package/changes.json +5 -0
package/dist/class.cjs +2 -0
package/dist/class.cjs.map +1 -0
package/dist/class.d.cts +293 -0
package/dist/class.d.ts +293 -0
package/dist/class.js +2 -0
package/dist/class.js.map +1 -0
package/dist/functional.cjs +2 -0
package/dist/functional.cjs.map +1 -0
package/dist/functional.d.cts +234 -0
package/dist/functional.d.ts +234 -0
package/dist/functional.js +2 -0
package/dist/functional.js.map +1 -0
package/dist/index.cjs +2 -0
package/dist/index.cjs.map +1 -0
package/dist/index.d.cts +8 -0
package/dist/index.d.ts +8 -0
package/dist/index.js +2 -0
package/dist/index.js.map +1 -0
package/dist/metafile-cjs.json +1 -0
package/dist/metafile-esm.json +1 -0
package/dist/types-BBT_82HF.d.cts +122 -0
package/dist/types-BBT_82HF.d.ts +122 -0
package/package.json +108 -0

package/dist/functional.d.ts ADDED Viewed

@@ -0,0 +1,234 @@
+import { a as OTPGenerateOptions, b as OTPStrategy, c as OTPVerifyOptions } from './types-BBT_82HF.js';
+import { CryptoPlugin, Base32Plugin, HashAlgorithm, Digits } from '@otplib/core';
+import { VerifyResult as VerifyResult$2 } from '@otplib/hotp';
+import { VerifyResult as VerifyResult$1 } from '@otplib/totp';
+type VerifyResult = VerifyResult$1 | VerifyResult$2;
+/**
+ * Generate a random secret key for use with OTP
+ *
+ * The secret is encoded in Base32 format for compatibility with
+ * Google Authenticator and other authenticator apps.
+ *
+ * @param options - Secret generation options
+ * @returns Base32-encoded secret key
+ *
+ * @example
+ * ```ts
+ * import { generateSecret } from 'otplib';
+ *
+ * const secret = generateSecret();
+ * // Returns: 'JBSWY3DPEHPK3PXP'
+ * ```
+ *
+ * @example With custom plugins
+ * ```ts
+ * import { generateSecret, NodeCryptoPlugin } from 'otplib';
+ *
+ * const secret = generateSecret({
+ *   crypto: new NodeCryptoPlugin(),
+ * });
+ * ```
+ */
+declare function generateSecret(options?: {
+    /**
+     * Number of random bytes to generate (default: 20)
+     * 20 bytes = 160 bits, which provides a good security margin
+     */
+    length?: number;
+    /**
+     * Crypto plugin to use (default: NobleCryptoPlugin)
+     */
+    crypto?: CryptoPlugin;
+    /**
+     * Base32 plugin to use (default: ScureBase32Plugin)
+     */
+    base32?: Base32Plugin;
+}): string;
+/**
+ * Generate an otpauth:// URI for QR code generation
+ *
+ * This URI can be used to generate a QR code that can be scanned
+ * by Google Authenticator and other authenticator apps.
+ *
+ * @param options - URI generation options
+ * @returns otpauth:// URI string
+ *
+ * @example TOTP
+ * ```ts
+ * import { generateURI } from 'otplib';
+ *
+ * const uri = generateURI({
+ *   issuer: 'ACME Co',
+ *   label: 'john@example.com',
+ *   secret: 'JBSWY3DPEHPK3PXP',
+ * });
+ * // Returns: 'otpauth://totp/ACME%20Co:john%40example.com?secret=...'
+ * ```
+ *
+ * @example HOTP
+ * ```ts
+ * import { generateURI } from 'otplib';
+ *
+ * const uri = generateURI({
+ *   strategy: 'hotp',
+ *   issuer: 'ACME Co',
+ *   label: 'john@example.com',
+ *   secret: 'JBSWY3DPEHPK3PXP',
+ *   counter: 5,
+ * });
+ * // Returns: 'otpauth://hotp/ACME%20Co:john%40example.com?secret=...&counter=5'
+ * ```
+ */
+declare function generateURI(options: {
+    /**
+     * OTP strategy to use (default: 'totp')
+     */
+    strategy?: OTPStrategy;
+    issuer: string;
+    label: string;
+    /**
+     * Base32-encoded secret key
+     *
+     * **Note**: By default, strings are assumed to be Base32 encoded.
+     * If you have a raw string/passphrase, you must convert it to Uint8Array first.
+     */
+    secret: string;
+    algorithm?: HashAlgorithm;
+    digits?: Digits;
+    period?: number;
+    counter?: number;
+}): string;
+/**
+ * Generate an OTP code
+ *
+ * Generates a one-time password based on the specified strategy.
+ * - 'totp': Time-based OTP (default)
+ * - 'hotp': HMAC-based OTP
+ *
+ * @param options - OTP generation options
+ * @returns OTP code
+ *
+ * @example TOTP
+ * ```ts
+ * import { generate } from 'otplib';
+ *
+ * const token = await generate({
+ *   secret: 'JBSWY3DPEHPK3PXP',
+ * });
+ * // Returns: '123456'
+ * ```
+ *
+ * @example HOTP
+ * ```ts
+ * import { generate } from 'otplib';
+ *
+ * const token = await generate({
+ *   secret: 'JBSWY3DPEHPK3PXP',
+ *   strategy: 'hotp',
+ *   counter: 0,
+ * });
+ * ```
+ *
+ * @example With custom plugins
+ * ```ts
+ * import { generate, NodeCryptoPlugin } from 'otplib';
+ *
+ * const token = await generate({
+ *   secret: 'JBSWY3DPEHPK3PXP',
+ *   crypto: new NodeCryptoPlugin(),
+ * });
+ * ```
+ */
+declare function generate(options: OTPGenerateOptions): Promise<string>;
+/**
+ * Generate an OTP code synchronously
+ *
+ * This is the synchronous version of {@link generate}. It requires a crypto
+ * plugin that supports synchronous HMAC operations.
+ *
+ * @param options - OTP generation options
+ * @returns OTP code
+ * @throws {HMACError} If the crypto plugin doesn't support sync operations
+ *
+ * @example
+ * ```ts
+ * import { generateSync } from 'otplib';
+ *
+ * const token = generateSync({
+ *   secret: 'JBSWY3DPEHPK3PXP',
+ * });
+ * ```
+ */
+declare function generateSync(options: OTPGenerateOptions): string;
+/**
+ * Verify an OTP code
+ *
+ * Verifies a provided OTP code against the expected value based on the strategy.
+ * - 'totp': Time-based OTP (default, Google Authenticator compatible)
+ * - 'hotp': HMAC-based OTP
+ *
+ * Uses constant-time comparison to prevent timing attacks.
+ *
+ * @param options - OTP verification options
+ * @returns Verification result with validity and optional delta
+ *
+ * @example TOTP
+ * ```ts
+ * import { verify } from 'otplib';
+ *
+ * const result = await verify({
+ *   secret: 'JBSWY3DPEHPK3PXP',
+ *   token: '123456',
+ * });
+ * // Returns: { valid: true, delta: 0 }
+ * ```
+ *
+ * @example HOTP
+ * ```ts
+ * import { verify } from 'otplib';
+ *
+ * const result = await verify({
+ *   secret: 'JBSWY3DPEHPK3PXP',
+ *   token: '123456',
+ *   strategy: 'hotp',
+ *   counter: 0,
+ * });
+ * ```
+ *
+ * @example With epochTolerance for TOTP
+ * ```ts
+ * import { verify, NodeCryptoPlugin } from 'otplib';
+ *
+ * const result = await verify({
+ *   secret: 'JBSWY3DPEHPK3PXP',
+ *   token: '123456',
+ *   epochTolerance: 30,
+ *   crypto: new NodeCryptoPlugin(),
+ * });
+ * ```
+ */
+declare function verify(options: OTPVerifyOptions): Promise<VerifyResult>;
+/**
+ * Verify an OTP code synchronously
+ *
+ * This is the synchronous version of {@link verify}. It requires a crypto
+ * plugin that supports synchronous HMAC operations.
+ *
+ * @param options - OTP verification options
+ * @returns Verification result with validity and optional delta
+ * @throws {HMACError} If the crypto plugin doesn't support sync operations
+ *
+ * @example
+ * ```ts
+ * import { verifySync } from 'otplib';
+ *
+ * const result = verifySync({
+ *   secret: 'JBSWY3DPEHPK3PXP',
+ *   token: '123456',
+ * });
+ * ```
+ */
+declare function verifySync(options: OTPVerifyOptions): VerifyResult;
+export { OTPStrategy, type VerifyResult, generate, generateSecret, generateSync, generateURI, verify, verifySync };

package/dist/functional.js ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ import{generateSecret as h,ConfigurationError as m}from"@otplib/core";import{generate as d,generateSync as P,verify as S,verifySync as V}from"@otplib/hotp";import{generate as b,generateSync as x,verify as H,verifySync as R}from"@otplib/totp";import{generateTOTP as k,generateHOTP as v}from"@otplib/uri";import{createGuardrails as O}from"@otplib/core";import{base32 as y}from"@otplib/plugin-base32-scure";import{crypto as f}from"@otplib/plugin-crypto-noble";function u(t){return{secret:t.secret,strategy:t.strategy??"totp",crypto:t.crypto??f,base32:t.base32??y,algorithm:t.algorithm??"sha1",digits:t.digits??6,period:t.period??30,epoch:t.epoch??Math.floor(Date.now()/1e3),t0:t.t0??0,counter:t.counter,guardrails:t.guardrails??O(),hooks:t.hooks}}function T(t){return{...u(t),token:t.token,epochTolerance:t.epochTolerance??0,counterTolerance:t.counterTolerance??0,afterTimeStep:t.afterTimeStep}}function g(t,e,r){if(t==="totp")return r.totp();if(t==="hotp"){if(e===void 0)throw new m("Counter is required for HOTP strategy. Example: { strategy: 'hotp', counter: 0 }");return r.hotp(e)}throw new m(`Unknown OTP strategy: ${t}. Valid strategies are 'totp' or 'hotp'.`)}function j(t){let{crypto:e=f,base32:r=y,length:o=20}=t\|\|{};return h({crypto:e,base32:r,length:o})}function A(t){let{strategy:e="totp",issuer:r,label:o,secret:a,algorithm:i="sha1",digits:n=6,period:s=30,counter:p}=t;return g(e,p,{totp:()=>k({issuer:r,label:o,secret:a,algorithm:i,digits:n,period:s}),hotp:c=>v({issuer:r,label:o,secret:a,algorithm:i,digits:n,counter:c})})}async function E(t){let e=u(t),{secret:r,crypto:o,base32:a,algorithm:i,digits:n,hooks:s}=e,p={secret:r,crypto:o,base32:a,algorithm:i,digits:n,hooks:s};return g(e.strategy,e.counter,{totp:()=>b({...p,period:e.period,epoch:e.epoch,t0:e.t0,guardrails:e.guardrails}),hotp:c=>d({...p,counter:c,guardrails:e.guardrails})})}function q(t){let e=u(t),{secret:r,crypto:o,base32:a,algorithm:i,digits:n}=e,s={secret:r,crypto:o,base32:a,algorithm:i,digits:n};return g(e.strategy,e.counter,{totp:()=>x({...s,period:e.period,epoch:e.epoch,t0:e.t0,guardrails:e.guardrails}),hotp:p=>P({...s,counter:p,guardrails:e.guardrails})})}async function M(t){let e=T(t),{secret:r,token:o,crypto:a,base32:i,algorithm:n,digits:s,hooks:p}=e,c={secret:r,token:o,crypto:a,base32:i,algorithm:n,digits:s,hooks:p};return g(e.strategy,e.counter,{totp:()=>H({...c,period:e.period,epoch:e.epoch,t0:e.t0,epochTolerance:e.epochTolerance,afterTimeStep:e.afterTimeStep,guardrails:e.guardrails}),hotp:l=>S({...c,counter:l,counterTolerance:e.counterTolerance,guardrails:e.guardrails})})}function $(t){let e=T(t),{secret:r,token:o,crypto:a,base32:i,algorithm:n,digits:s,hooks:p}=e,c={secret:r,token:o,crypto:a,base32:i,algorithm:n,digits:s,hooks:p};return g(e.strategy,e.counter,{totp:()=>R({...c,period:e.period,epoch:e.epoch,t0:e.t0,epochTolerance:e.epochTolerance,afterTimeStep:e.afterTimeStep,guardrails:e.guardrails}),hotp:l=>V({...c,counter:l,counterTolerance:e.counterTolerance,guardrails:e.guardrails})})}export{E as generate,j as generateSecret,q as generateSync,A as generateURI,M as verify,$ as verifySync};
2	+ //# sourceMappingURL=functional.js.map

package/dist/functional.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"sources":["../src/functional.ts","../src/defaults.ts"],"sourcesContent":["import { generateSecret as generateSecretCore, ConfigurationError } from \"@otplib/core\";\nimport {\n generate as generateHOTP,\n generateSync as generateHOTPSync,\n verify as verifyHOTP,\n verifySync as verifyHOTPSync,\n} from \"@otplib/hotp\";\nimport {\n generate as generateTOTP,\n generateSync as generateTOTPSync,\n verify as verifyTOTP,\n verifySync as verifyTOTPSync,\n} from \"@otplib/totp\";\nimport { generateTOTP as generateTOTPURI, generateHOTP as generateHOTURI } from \"@otplib/uri\";\n\nimport {\n defaultCrypto,\n defaultBase32,\n normalizeGenerateOptions,\n normalizeVerifyOptions,\n} from \"./defaults.js\";\n\nimport type {\n OTPGenerateOptions,\n OTPVerifyOptions,\n OTPStrategy,\n StrategyHandlers,\n} from \"./types.js\";\nimport type { CryptoPlugin, Base32Plugin, Digits, HashAlgorithm } from \"@otplib/core\";\nimport type { VerifyResult as HOTPVerifyResult } from \"@otplib/hotp\";\nimport type { VerifyResult as TOTPVerifyResult } from \"@otplib/totp\";\n\nexport type { OTPStrategy };\n\nexport type VerifyResult = TOTPVerifyResult | HOTPVerifyResult;\n\nfunction executeByStrategy<T>(\n strategy: OTPStrategy,\n counter: number | undefined,\n handlers: StrategyHandlers<T>,\n): T {\n if (strategy === \"totp\") {\n return handlers.totp();\n }\n if (strategy === \"hotp\") {\n if (counter === undefined) {\n throw new ConfigurationError(\n \"Counter is required for HOTP strategy. Example: { strategy: 'hotp', counter: 0 }\",\n );\n }\n return handlers.hotp(counter);\n }\n throw new ConfigurationError(\n `Unknown OTP strategy: ${strategy}. Valid strategies are 'totp' or 'hotp'.`,\n );\n}\n\n/**\n * Generate a random secret key for use with OTP\n *\n * The secret is encoded in Base32 format for compatibility with\n * Google Authenticator and other authenticator apps.\n *\n * @param options - Secret generation options\n * @returns Base32-encoded secret key\n *\n * @example\n * ```ts\n * import { generateSecret } from 'otplib';\n *\n * const secret = generateSecret();\n * // Returns: 'JBSWY3DPEHPK3PXP'\n * ```\n *\n * @example With custom plugins\n * ```ts\n * import { generateSecret, NodeCryptoPlugin } from 'otplib';\n *\n * const secret = generateSecret({\n * crypto: new NodeCryptoPlugin(),\n * });\n * ```\n */\nexport function generateSecret(options?: {\n /**\n * Number of random bytes to generate (default: 20)\n * 20 bytes = 160 bits, which provides a good security margin\n */\n length?: number;\n\n /**\n * Crypto plugin to use (default: NobleCryptoPlugin)\n */\n crypto?: CryptoPlugin;\n\n /**\n * Base32 plugin to use (default: ScureBase32Plugin)\n */\n base32?: Base32Plugin;\n}): string {\n const { crypto = defaultCrypto, base32 = defaultBase32, length = 20 } = options || {};\n\n return generateSecretCore({ crypto, base32, length });\n}\n\n/**\n * Generate an otpauth:// URI for QR code generation\n *\n * This URI can be used to generate a QR code that can be scanned\n * by Google Authenticator and other authenticator apps.\n *\n * @param options - URI generation options\n * @returns otpauth:// URI string\n *\n * @example TOTP\n * ```ts\n * import { generateURI } from 'otplib';\n *\n * const uri = generateURI({\n * issuer: 'ACME Co',\n * label: 'john@example.com',\n * secret: 'JBSWY3DPEHPK3PXP',\n * });\n * // Returns: 'otpauth://totp/ACME%20Co:john%40example.com?secret=...'\n * ```\n *\n * @example HOTP\n * ```ts\n * import { generateURI } from 'otplib';\n *\n * const uri = generateURI({\n * strategy: 'hotp',\n * issuer: 'ACME Co',\n * label: 'john@example.com',\n * secret: 'JBSWY3DPEHPK3PXP',\n * counter: 5,\n * });\n * // Returns: 'otpauth://hotp/ACME%20Co:john%40example.com?secret=...&counter=5'\n * ```\n */\nexport function generateURI(options: {\n /**\n * OTP strategy to use (default: 'totp')\n */\n strategy?: OTPStrategy;\n issuer: string;\n label: string;\n /**\n * Base32-encoded secret key\n *\n * **Note**: By default, strings are assumed to be Base32 encoded.\n * If you have a raw string/passphrase, you must convert it to Uint8Array first.\n */\n secret: string;\n algorithm?: HashAlgorithm;\n digits?: Digits;\n period?: number;\n counter?: number;\n}): string {\n const {\n strategy = \"totp\",\n issuer,\n label,\n secret,\n algorithm = \"sha1\",\n digits = 6,\n period = 30,\n counter,\n } = options;\n\n return executeByStrategy(strategy, counter, {\n totp: () => generateTOTPURI({ issuer, label, secret, algorithm, digits, period }),\n hotp: (counter) => generateHOTURI({ issuer, label, secret, algorithm, digits, counter }),\n });\n}\n\n/**\n * Generate an OTP code\n *\n * Generates a one-time password based on the specified strategy.\n * - 'totp': Time-based OTP (default)\n * - 'hotp': HMAC-based OTP\n *\n * @param options - OTP generation options\n * @returns OTP code\n *\n * @example TOTP\n * ```ts\n * import { generate } from 'otplib';\n *\n * const token = await generate({\n * secret: 'JBSWY3DPEHPK3PXP',\n * });\n * // Returns: '123456'\n * ```\n *\n * @example HOTP\n * ```ts\n * import { generate } from 'otplib';\n *\n * const token = await generate({\n * secret: 'JBSWY3DPEHPK3PXP',\n * strategy: 'hotp',\n * counter: 0,\n * });\n * ```\n *\n * @example With custom plugins\n * ```ts\n * import { generate, NodeCryptoPlugin } from 'otplib';\n *\n * const token = await generate({\n * secret: 'JBSWY3DPEHPK3PXP',\n * crypto: new NodeCryptoPlugin(),\n * });\n * ```\n */\nexport async function generate(options: OTPGenerateOptions): Promise<string> {\n const opts = normalizeGenerateOptions(options);\n const { secret, crypto, base32, algorithm, digits, hooks } = opts;\n const commonOptions = { secret, crypto, base32, algorithm, digits, hooks };\n\n return executeByStrategy(opts.strategy, opts.counter, {\n totp: () =>\n generateTOTP({\n ...commonOptions,\n period: opts.period,\n epoch: opts.epoch,\n t0: opts.t0,\n guardrails: opts.guardrails,\n }),\n hotp: (counter) =>\n generateHOTP({\n ...commonOptions,\n counter,\n guardrails: opts.guardrails,\n }),\n });\n}\n\n/**\n * Generate an OTP code synchronously\n *\n * This is the synchronous version of {@link generate}. It requires a crypto\n * plugin that supports synchronous HMAC operations.\n *\n * @param options - OTP generation options\n * @returns OTP code\n * @throws {HMACError} If the crypto plugin doesn't support sync operations\n *\n * @example\n * ```ts\n * import { generateSync } from 'otplib';\n *\n * const token = generateSync({\n * secret: 'JBSWY3DPEHPK3PXP',\n * });\n * ```\n */\nexport function generateSync(options: OTPGenerateOptions): string {\n const opts = normalizeGenerateOptions(options);\n const { secret, crypto, base32, algorithm, digits } = opts;\n const commonOptions = { secret, crypto, base32, algorithm, digits };\n\n return executeByStrategy(opts.strategy, opts.counter, {\n totp: () =>\n generateTOTPSync({\n ...commonOptions,\n period: opts.period,\n epoch: opts.epoch,\n t0: opts.t0,\n guardrails: opts.guardrails,\n }),\n hotp: (counter) =>\n generateHOTPSync({\n ...commonOptions,\n counter,\n guardrails: opts.guardrails,\n }),\n });\n}\n\n/**\n * Verify an OTP code\n *\n * Verifies a provided OTP code against the expected value based on the strategy.\n * - 'totp': Time-based OTP (default, Google Authenticator compatible)\n * - 'hotp': HMAC-based OTP\n *\n * Uses constant-time comparison to prevent timing attacks.\n *\n * @param options - OTP verification options\n * @returns Verification result with validity and optional delta\n *\n * @example TOTP\n * ```ts\n * import { verify } from 'otplib';\n *\n * const result = await verify({\n * secret: 'JBSWY3DPEHPK3PXP',\n * token: '123456',\n * });\n * // Returns: { valid: true, delta: 0 }\n * ```\n *\n * @example HOTP\n * ```ts\n * import { verify } from 'otplib';\n *\n * const result = await verify({\n * secret: 'JBSWY3DPEHPK3PXP',\n * token: '123456',\n * strategy: 'hotp',\n * counter: 0,\n * });\n * ```\n *\n * @example With epochTolerance for TOTP\n * ```ts\n * import { verify, NodeCryptoPlugin } from 'otplib';\n *\n * const result = await verify({\n * secret: 'JBSWY3DPEHPK3PXP',\n * token: '123456',\n * epochTolerance: 30,\n * crypto: new NodeCryptoPlugin(),\n * });\n * ```\n */\nexport async function verify(options: OTPVerifyOptions): Promise<VerifyResult> {\n const opts = normalizeVerifyOptions(options);\n const { secret, token, crypto, base32, algorithm, digits, hooks } = opts;\n const commonOptions = { secret, token, crypto, base32, algorithm, digits, hooks };\n\n return executeByStrategy(opts.strategy, opts.counter, {\n totp: () =>\n verifyTOTP({\n ...commonOptions,\n period: opts.period,\n epoch: opts.epoch,\n t0: opts.t0,\n epochTolerance: opts.epochTolerance,\n afterTimeStep: opts.afterTimeStep,\n guardrails: opts.guardrails,\n }),\n hotp: (counter) =>\n verifyHOTP({\n ...commonOptions,\n counter,\n counterTolerance: opts.counterTolerance,\n guardrails: opts.guardrails,\n }),\n });\n}\n\n/**\n * Verify an OTP code synchronously\n *\n * This is the synchronous version of {@link verify}. It requires a crypto\n * plugin that supports synchronous HMAC operations.\n *\n * @param options - OTP verification options\n * @returns Verification result with validity and optional delta\n * @throws {HMACError} If the crypto plugin doesn't support sync operations\n *\n * @example\n * ```ts\n * import { verifySync } from 'otplib';\n *\n * const result = verifySync({\n * secret: 'JBSWY3DPEHPK3PXP',\n * token: '123456',\n * });\n * ```\n */\nexport function verifySync(options: OTPVerifyOptions): VerifyResult {\n const opts = normalizeVerifyOptions(options);\n const { secret, token, crypto, base32, algorithm, digits, hooks } = opts;\n const commonOptions = { secret, token, crypto, base32, algorithm, digits, hooks };\n\n return executeByStrategy(opts.strategy, opts.counter, {\n totp: () =>\n verifyTOTPSync({\n ...commonOptions,\n period: opts.period,\n epoch: opts.epoch,\n t0: opts.t0,\n epochTolerance: opts.epochTolerance,\n afterTimeStep: opts.afterTimeStep,\n guardrails: opts.guardrails,\n }),\n hotp: (counter) =>\n verifyHOTPSync({\n ...commonOptions,\n counter,\n counterTolerance: opts.counterTolerance,\n guardrails: opts.guardrails,\n }),\n });\n}\n","/**\n * Default plugin instances\n *\n * Shared across functional and class APIs to ensure singleton behavior\n * and reduce memory overhead. Uses pre-instantiated frozen singletons\n * from the plugin packages.\n */\nimport { createGuardrails } from \"@otplib/core\";\nimport { base32 as defaultBase32 } from \"@otplib/plugin-base32-scure\";\nimport { crypto as defaultCrypto } from \"@otplib/plugin-crypto-noble\";\n\nimport type {\n OTPGenerateOptions,\n OTPVerifyOptions,\n OTPGenerateOptionsWithDefaults,\n OTPVerifyOptionsWithDefaults,\n} from \"./types.js\";\n\nexport { defaultCrypto, defaultBase32 };\n\nexport function normalizeGenerateOptions(\n options: OTPGenerateOptions,\n): OTPGenerateOptionsWithDefaults {\n return {\n secret: options.secret,\n strategy: options.strategy ?? \"totp\",\n crypto: options.crypto ?? defaultCrypto,\n base32: options.base32 ?? defaultBase32,\n algorithm: options.algorithm ?? \"sha1\",\n digits: options.digits ?? 6,\n period: options.period ?? 30,\n epoch: options.epoch ?? Math.floor(Date.now() / 1000),\n t0: options.t0 ?? 0,\n counter: options.counter,\n guardrails: options.guardrails ?? createGuardrails(),\n hooks: options.hooks,\n };\n}\n\nexport function normalizeVerifyOptions(options: OTPVerifyOptions): OTPVerifyOptionsWithDefaults {\n return {\n ...normalizeGenerateOptions(options),\n token: options.token,\n epochTolerance: options.epochTolerance ?? 0,\n counterTolerance: options.counterTolerance ?? 0,\n afterTimeStep: options.afterTimeStep,\n };\n}\n"],"mappings":"AAAA,OAAS,kBAAkBA,EAAoB,sBAAAC,MAA0B,eACzE,OACE,YAAYC,EACZ,gBAAgBC,EAChB,UAAUC,EACV,cAAcC,MACT,eACP,OACE,YAAYC,EACZ,gBAAgBC,EAChB,UAAUC,EACV,cAAcC,MACT,eACP,OAAS,gBAAgBC,EAAiB,gBAAgBC,MAAsB,cCNhF,OAAS,oBAAAC,MAAwB,eACjC,OAAS,UAAUC,MAAqB,8BACxC,OAAS,UAAUC,MAAqB,8BAWjC,SAASC,EACdC,EACgC,CAChC,MAAO,CACL,OAAQA,EAAQ,OAChB,SAAUA,EAAQ,UAAY,OAC9B,OAAQA,EAAQ,QAAUC,EAC1B,OAAQD,EAAQ,QAAUE,EAC1B,UAAWF,EAAQ,WAAa,OAChC,OAAQA,EAAQ,QAAU,EAC1B,OAAQA,EAAQ,QAAU,GAC1B,MAAOA,EAAQ,OAAS,KAAK,MAAM,KAAK,IAAI,EAAI,GAAI,EACpD,GAAIA,EAAQ,IAAM,EAClB,QAASA,EAAQ,QACjB,WAAYA,EAAQ,YAAcG,EAAiB,EACnD,MAAOH,EAAQ,KACjB,CACF,CAEO,SAASI,EAAuBJ,EAAyD,CAC9F,MAAO,CACL,GAAGD,EAAyBC,CAAO,EACnC,MAAOA,EAAQ,MACf,eAAgBA,EAAQ,gBAAkB,EAC1C,iBAAkBA,EAAQ,kBAAoB,EAC9C,cAAeA,EAAQ,aACzB,CACF,CDXA,SAASK,EACPC,EACAC,EACAC,EACG,CACH,GAAIF,IAAa,OACf,OAAOE,EAAS,KAAK,EAEvB,GAAIF,IAAa,OAAQ,CACvB,GAAIC,IAAY,OACd,MAAM,IAAIE,EACR,kFACF,EAEF,OAAOD,EAAS,KAAKD,CAAO,CAC9B,CACA,MAAM,IAAIE,EACR,yBAAyBH,CAAQ,0CACnC,CACF,CA4BO,SAASI,EAAeC,EAgBpB,CACT,GAAM,CAAE,OAAAC,EAASC,EAAe,OAAAC,EAASC,EAAe,OAAAC,EAAS,EAAG,EAAIL,GAAW,CAAC,EAEpF,OAAOM,EAAmB,CAAE,OAAAL,EAAQ,OAAAE,EAAQ,OAAAE,CAAO,CAAC,CACtD,CAqCO,SAASE,EAAYP,EAkBjB,CACT,GAAM,CACJ,SAAAL,EAAW,OACX,OAAAa,EACA,MAAAC,EACA,OAAAC,EACA,UAAAC,EAAY,OACZ,OAAAC,EAAS,EACT,OAAAC,EAAS,GACT,QAAAjB,CACF,EAAII,EAEJ,OAAON,EAAkBC,EAAUC,EAAS,CAC1C,KAAM,IAAMkB,EAAgB,CAAE,OAAAN,EAAQ,MAAAC,EAAO,OAAAC,EAAQ,UAAAC,EAAW,OAAAC,EAAQ,OAAAC,CAAO,CAAC,EAChF,KAAOjB,GAAYmB,EAAe,CAAE,OAAAP,EAAQ,MAAAC,EAAO,OAAAC,EAAQ,UAAAC,EAAW,OAAAC,EAAQ,QAAAhB,CAAQ,CAAC,CACzF,CAAC,CACH,CA2CA,eAAsBoB,EAAShB,EAA8C,CAC3E,IAAMiB,EAAOC,EAAyBlB,CAAO,EACvC,CAAE,OAAAU,EAAQ,OAAAT,EAAQ,OAAAE,EAAQ,UAAAQ,EAAW,OAAAC,EAAQ,MAAAO,CAAM,EAAIF,EACvDG,EAAgB,CAAE,OAAAV,EAAQ,OAAAT,EAAQ,OAAAE,EAAQ,UAAAQ,EAAW,OAAAC,EAAQ,MAAAO,CAAM,EAEzE,OAAOzB,EAAkBuB,EAAK,SAAUA,EAAK,QAAS,CACpD,KAAM,IACJI,EAAa,CACX,GAAGD,EACH,OAAQH,EAAK,OACb,MAAOA,EAAK,MACZ,GAAIA,EAAK,GACT,WAAYA,EAAK,UACnB,CAAC,EACH,KAAOrB,GACL0B,EAAa,CACX,GAAGF,EACH,QAAAxB,EACA,WAAYqB,EAAK,UACnB,CAAC,CACL,CAAC,CACH,CAqBO,SAASM,EAAavB,EAAqC,CAChE,IAAMiB,EAAOC,EAAyBlB,CAAO,EACvC,CAAE,OAAAU,EAAQ,OAAAT,EAAQ,OAAAE,EAAQ,UAAAQ,EAAW,OAAAC,CAAO,EAAIK,EAChDG,EAAgB,CAAE,OAAAV,EAAQ,OAAAT,EAAQ,OAAAE,EAAQ,UAAAQ,EAAW,OAAAC,CAAO,EAElE,OAAOlB,EAAkBuB,EAAK,SAAUA,EAAK,QAAS,CACpD,KAAM,IACJO,EAAiB,CACf,GAAGJ,EACH,OAAQH,EAAK,OACb,MAAOA,EAAK,MACZ,GAAIA,EAAK,GACT,WAAYA,EAAK,UACnB,CAAC,EACH,KAAOrB,GACL6B,EAAiB,CACf,GAAGL,EACH,QAAAxB,EACA,WAAYqB,EAAK,UACnB,CAAC,CACL,CAAC,CACH,CAiDA,eAAsBS,EAAO1B,EAAkD,CAC7E,IAAMiB,EAAOU,EAAuB3B,CAAO,EACrC,CAAE,OAAAU,EAAQ,MAAAkB,EAAO,OAAA3B,EAAQ,OAAAE,EAAQ,UAAAQ,EAAW,OAAAC,EAAQ,MAAAO,CAAM,EAAIF,EAC9DG,EAAgB,CAAE,OAAAV,EAAQ,MAAAkB,EAAO,OAAA3B,EAAQ,OAAAE,EAAQ,UAAAQ,EAAW,OAAAC,EAAQ,MAAAO,CAAM,EAEhF,OAAOzB,EAAkBuB,EAAK,SAAUA,EAAK,QAAS,CACpD,KAAM,IACJY,EAAW,CACT,GAAGT,EACH,OAAQH,EAAK,OACb,MAAOA,EAAK,MACZ,GAAIA,EAAK,GACT,eAAgBA,EAAK,eACrB,cAAeA,EAAK,cACpB,WAAYA,EAAK,UACnB,CAAC,EACH,KAAOrB,GACLkC,EAAW,CACT,GAAGV,EACH,QAAAxB,EACA,iBAAkBqB,EAAK,iBACvB,WAAYA,EAAK,UACnB,CAAC,CACL,CAAC,CACH,CAsBO,SAASc,EAAW/B,EAAyC,CAClE,IAAMiB,EAAOU,EAAuB3B,CAAO,EACrC,CAAE,OAAAU,EAAQ,MAAAkB,EAAO,OAAA3B,EAAQ,OAAAE,EAAQ,UAAAQ,EAAW,OAAAC,EAAQ,MAAAO,CAAM,EAAIF,EAC9DG,EAAgB,CAAE,OAAAV,EAAQ,MAAAkB,EAAO,OAAA3B,EAAQ,OAAAE,EAAQ,UAAAQ,EAAW,OAAAC,EAAQ,MAAAO,CAAM,EAEhF,OAAOzB,EAAkBuB,EAAK,SAAUA,EAAK,QAAS,CACpD,KAAM,IACJe,EAAe,CACb,GAAGZ,EACH,OAAQH,EAAK,OACb,MAAOA,EAAK,MACZ,GAAIA,EAAK,GACT,eAAgBA,EAAK,eACrB,cAAeA,EAAK,cACpB,WAAYA,EAAK,UACnB,CAAC,EACH,KAAOrB,GACLqC,EAAe,CACb,GAAGb,EACH,QAAAxB,EACA,iBAAkBqB,EAAK,iBACvB,WAAYA,EAAK,UACnB,CAAC,CACL,CAAC,CACH","names":["generateSecretCore","ConfigurationError","generateHOTP","generateHOTPSync","verifyHOTP","verifyHOTPSync","generateTOTP","generateTOTPSync","verifyTOTP","verifyTOTPSync","generateTOTPURI","generateHOTURI","createGuardrails","defaultBase32","defaultCrypto","normalizeGenerateOptions","options","defaultCrypto","defaultBase32","createGuardrails","normalizeVerifyOptions","executeByStrategy","strategy","counter","handlers","ConfigurationError","generateSecret","options","crypto","defaultCrypto","base32","defaultBase32","length","generateSecretCore","generateURI","issuer","label","secret","algorithm","digits","period","generateTOTPURI","generateHOTURI","generate","opts","normalizeGenerateOptions","hooks","commonOptions","generateTOTP","generateHOTP","generateSync","generateTOTPSync","generateHOTPSync","verify","normalizeVerifyOptions","token","verifyTOTP","verifyHOTP","verifySync","verifyTOTPSync","verifyHOTPSync"]}

package/dist/index.cjs ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ "use strict";var H=Object.defineProperty;var I=Object.getOwnPropertyDescriptor;var w=Object.getOwnPropertyNames;var j=Object.prototype.hasOwnProperty;var z=(t,e)=>{for(var r in e)H(t,r,{get:e[r],enumerable:!0})},W=(t,e,r,o)=>{if(e&&typeof e=="object"\|\|typeof e=="function")for(let a of w(e))!j.call(t,a)&&a!==r&&H(t,a,{get:()=>e[a],enumerable:!(o=I(e,a))\|\|o.enumerable});return t};var E=t=>W(H({},"__esModule",{value:!0}),t);var F={};z(F,{HOTP:()=>U.HOTP,NobleCryptoPlugin:()=>A.NobleCryptoPlugin,OTP:()=>R,ScureBase32Plugin:()=>D.ScureBase32Plugin,TOTP:()=>B.TOTP,createGuardrails:()=>l.createGuardrails,generate:()=>d,generateSecret:()=>k,generateSync:()=>b,generateURI:()=>P,stringToBytes:()=>l.stringToBytes,verify:()=>S,verifySync:()=>V,wrapResult:()=>l.wrapResult,wrapResultAsync:()=>l.wrapResultAsync});module.exports=E(F);var O=require("@otplib/core"),u=require("@otplib/hotp"),g=require("@otplib/totp"),h=require("@otplib/uri");var C=require("@otplib/core"),c=require("@otplib/plugin-base32-scure"),f=require("@otplib/plugin-crypto-noble");function m(t){return{secret:t.secret,strategy:t.strategy??"totp",crypto:t.crypto??f.crypto,base32:t.base32??c.base32,algorithm:t.algorithm??"sha1",digits:t.digits??6,period:t.period??30,epoch:t.epoch??Math.floor(Date.now()/1e3),t0:t.t0??0,counter:t.counter,guardrails:t.guardrails??(0,C.createGuardrails)(),hooks:t.hooks}}function v(t){return{...m(t),token:t.token,epochTolerance:t.epochTolerance??0,counterTolerance:t.counterTolerance??0,afterTimeStep:t.afterTimeStep}}function T(t,e,r){if(t==="totp")return r.totp();if(t==="hotp"){if(e===void 0)throw new O.ConfigurationError("Counter is required for HOTP strategy. Example: { strategy: 'hotp', counter: 0 }");return r.hotp(e)}throw new O.ConfigurationError(`Unknown OTP strategy: ${t}. Valid strategies are 'totp' or 'hotp'.`)}function k(t){let{crypto:e=f.crypto,base32:r=c.base32,length:o=20}=t\|\|{};return(0,O.generateSecret)({crypto:e,base32:r,length:o})}function P(t){let{strategy:e="totp",issuer:r,label:o,secret:a,algorithm:i="sha1",digits:s=6,period:n=30,counter:p}=t;return T(e,p,{totp:()=>(0,h.generateTOTP)({issuer:r,label:o,secret:a,algorithm:i,digits:s,period:n}),hotp:y=>(0,h.generateHOTP)({issuer:r,label:o,secret:a,algorithm:i,digits:s,counter:y})})}async function d(t){let e=m(t),{secret:r,crypto:o,base32:a,algorithm:i,digits:s,hooks:n}=e,p={secret:r,crypto:o,base32:a,algorithm:i,digits:s,hooks:n};return T(e.strategy,e.counter,{totp:()=>(0,g.generate)({...p,period:e.period,epoch:e.epoch,t0:e.t0,guardrails:e.guardrails}),hotp:y=>(0,u.generate)({...p,counter:y,guardrails:e.guardrails})})}function b(t){let e=m(t),{secret:r,crypto:o,base32:a,algorithm:i,digits:s}=e,n={secret:r,crypto:o,base32:a,algorithm:i,digits:s};return T(e.strategy,e.counter,{totp:()=>(0,g.generateSync)({...n,period:e.period,epoch:e.epoch,t0:e.t0,guardrails:e.guardrails}),hotp:p=>(0,u.generateSync)({...n,counter:p,guardrails:e.guardrails})})}async function S(t){let e=v(t),{secret:r,token:o,crypto:a,base32:i,algorithm:s,digits:n,hooks:p}=e,y={secret:r,token:o,crypto:a,base32:i,algorithm:s,digits:n,hooks:p};return T(e.strategy,e.counter,{totp:()=>(0,g.verify)({...y,period:e.period,epoch:e.epoch,t0:e.t0,epochTolerance:e.epochTolerance,afterTimeStep:e.afterTimeStep,guardrails:e.guardrails}),hotp:x=>(0,u.verify)({...y,counter:x,counterTolerance:e.counterTolerance,guardrails:e.guardrails})})}function V(t){let e=v(t),{secret:r,token:o,crypto:a,base32:i,algorithm:s,digits:n,hooks:p}=e,y={secret:r,token:o,crypto:a,base32:i,algorithm:s,digits:n,hooks:p};return T(e.strategy,e.counter,{totp:()=>(0,g.verifySync)({...y,period:e.period,epoch:e.epoch,t0:e.t0,epochTolerance:e.epochTolerance,afterTimeStep:e.afterTimeStep,guardrails:e.guardrails}),hotp:x=>(0,u.verifySync)({...y,counter:x,counterTolerance:e.counterTolerance,guardrails:e.guardrails})})}var G=require("@otplib/core");var R=class{strategy;crypto;base32;guardrails;constructor(e={}){let{strategy:r="totp",crypto:o=f.crypto,base32:a=c.base32,guardrails:i}=e;this.strategy=r,this.crypto=o,this.base32=a,this.guardrails=(0,G.createGuardrails)(i)}getStrategy(){return this.strategy}generateSecret(e=20){return(0,G.generateSecret)({crypto:this.crypto,base32:this.base32,length:e})}async generate(e){return d({...e,strategy:this.strategy,crypto:this.crypto,base32:this.base32,guardrails:e.guardrails??this.guardrails})}generateSync(e){return b({...e,strategy:this.strategy,crypto:this.crypto,base32:this.base32,guardrails:e.guardrails??this.guardrails})}async verify(e){return S({...e,strategy:this.strategy,crypto:this.crypto,base32:this.base32,guardrails:e.guardrails??this.guardrails})}verifySync(e){return V({...e,strategy:this.strategy,crypto:this.crypto,base32:this.base32,guardrails:e.guardrails??this.guardrails})}generateURI(e){return P({...e,strategy:this.strategy})}};var U=require("@otplib/hotp"),B=require("@otplib/totp"),l=require("@otplib/core"),A=require("@otplib/plugin-crypto-noble"),D=require("@otplib/plugin-base32-scure");0&&(module.exports={HOTP,NobleCryptoPlugin,OTP,ScureBase32Plugin,TOTP,createGuardrails,generate,generateSecret,generateSync,generateURI,stringToBytes,verify,verifySync,wrapResult,wrapResultAsync});
2	+ //# sourceMappingURL=index.cjs.map

package/dist/index.cjs.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"sources":["../src/index.ts","../src/functional.ts","../src/defaults.ts","../src/class.ts"],"sourcesContent":["export type {\n OTPAuthOptions,\n TOTPOptions,\n OTPGenerateOptions as OTPFunctionalOptions,\n OTPVerifyOptions as OTPVerifyFunctionalOptions,\n} from \"./types.js\";\n\nexport {\n generateSecret,\n generateURI,\n generate,\n generateSync,\n verify,\n verifySync,\n type OTPStrategy,\n} from \"./functional.js\";\n\nexport {\n OTP,\n type OTPClassOptions,\n type OTPGenerateOptions,\n type OTPVerifyOptions,\n type OTPURIGenerateOptions,\n} from \"./class.js\";\n\nexport type {\n Base32Plugin,\n CryptoPlugin,\n HashAlgorithm,\n OTPResult,\n OTPGuardrails,\n OTPGuardrailsConfig,\n} from \"@otplib/core\";\nexport type { VerifyResult } from \"@otplib/totp\";\n\nexport { HOTP } from \"@otplib/hotp\";\nexport { TOTP } from \"@otplib/totp\";\n\nexport { createGuardrails, stringToBytes, wrapResult, wrapResultAsync } from \"@otplib/core\";\n\n// Default Plugins\nexport { NobleCryptoPlugin } from \"@otplib/plugin-crypto-noble\";\nexport { ScureBase32Plugin } from \"@otplib/plugin-base32-scure\";\n","import { generateSecret as generateSecretCore, ConfigurationError } from \"@otplib/core\";\nimport {\n generate as generateHOTP,\n generateSync as generateHOTPSync,\n verify as verifyHOTP,\n verifySync as verifyHOTPSync,\n} from \"@otplib/hotp\";\nimport {\n generate as generateTOTP,\n generateSync as generateTOTPSync,\n verify as verifyTOTP,\n verifySync as verifyTOTPSync,\n} from \"@otplib/totp\";\nimport { generateTOTP as generateTOTPURI, generateHOTP as generateHOTURI } from \"@otplib/uri\";\n\nimport {\n defaultCrypto,\n defaultBase32,\n normalizeGenerateOptions,\n normalizeVerifyOptions,\n} from \"./defaults.js\";\n\nimport type {\n OTPGenerateOptions,\n OTPVerifyOptions,\n OTPStrategy,\n StrategyHandlers,\n} from \"./types.js\";\nimport type { CryptoPlugin, Base32Plugin, Digits, HashAlgorithm } from \"@otplib/core\";\nimport type { VerifyResult as HOTPVerifyResult } from \"@otplib/hotp\";\nimport type { VerifyResult as TOTPVerifyResult } from \"@otplib/totp\";\n\nexport type { OTPStrategy };\n\nexport type VerifyResult = TOTPVerifyResult | HOTPVerifyResult;\n\nfunction executeByStrategy<T>(\n strategy: OTPStrategy,\n counter: number | undefined,\n handlers: StrategyHandlers<T>,\n): T {\n if (strategy === \"totp\") {\n return handlers.totp();\n }\n if (strategy === \"hotp\") {\n if (counter === undefined) {\n throw new ConfigurationError(\n \"Counter is required for HOTP strategy. Example: { strategy: 'hotp', counter: 0 }\",\n );\n }\n return handlers.hotp(counter);\n }\n throw new ConfigurationError(\n `Unknown OTP strategy: ${strategy}. Valid strategies are 'totp' or 'hotp'.`,\n );\n}\n\n/**\n * Generate a random secret key for use with OTP\n *\n * The secret is encoded in Base32 format for compatibility with\n * Google Authenticator and other authenticator apps.\n *\n * @param options - Secret generation options\n * @returns Base32-encoded secret key\n *\n * @example\n * ```ts\n * import { generateSecret } from 'otplib';\n *\n * const secret = generateSecret();\n * // Returns: 'JBSWY3DPEHPK3PXP'\n * ```\n *\n * @example With custom plugins\n * ```ts\n * import { generateSecret, NodeCryptoPlugin } from 'otplib';\n *\n * const secret = generateSecret({\n * crypto: new NodeCryptoPlugin(),\n * });\n * ```\n */\nexport function generateSecret(options?: {\n /**\n * Number of random bytes to generate (default: 20)\n * 20 bytes = 160 bits, which provides a good security margin\n */\n length?: number;\n\n /**\n * Crypto plugin to use (default: NobleCryptoPlugin)\n */\n crypto?: CryptoPlugin;\n\n /**\n * Base32 plugin to use (default: ScureBase32Plugin)\n */\n base32?: Base32Plugin;\n}): string {\n const { crypto = defaultCrypto, base32 = defaultBase32, length = 20 } = options || {};\n\n return generateSecretCore({ crypto, base32, length });\n}\n\n/**\n * Generate an otpauth:// URI for QR code generation\n *\n * This URI can be used to generate a QR code that can be scanned\n * by Google Authenticator and other authenticator apps.\n *\n * @param options - URI generation options\n * @returns otpauth:// URI string\n *\n * @example TOTP\n * ```ts\n * import { generateURI } from 'otplib';\n *\n * const uri = generateURI({\n * issuer: 'ACME Co',\n * label: 'john@example.com',\n * secret: 'JBSWY3DPEHPK3PXP',\n * });\n * // Returns: 'otpauth://totp/ACME%20Co:john%40example.com?secret=...'\n * ```\n *\n * @example HOTP\n * ```ts\n * import { generateURI } from 'otplib';\n *\n * const uri = generateURI({\n * strategy: 'hotp',\n * issuer: 'ACME Co',\n * label: 'john@example.com',\n * secret: 'JBSWY3DPEHPK3PXP',\n * counter: 5,\n * });\n * // Returns: 'otpauth://hotp/ACME%20Co:john%40example.com?secret=...&counter=5'\n * ```\n */\nexport function generateURI(options: {\n /**\n * OTP strategy to use (default: 'totp')\n */\n strategy?: OTPStrategy;\n issuer: string;\n label: string;\n /**\n * Base32-encoded secret key\n *\n * **Note**: By default, strings are assumed to be Base32 encoded.\n * If you have a raw string/passphrase, you must convert it to Uint8Array first.\n */\n secret: string;\n algorithm?: HashAlgorithm;\n digits?: Digits;\n period?: number;\n counter?: number;\n}): string {\n const {\n strategy = \"totp\",\n issuer,\n label,\n secret,\n algorithm = \"sha1\",\n digits = 6,\n period = 30,\n counter,\n } = options;\n\n return executeByStrategy(strategy, counter, {\n totp: () => generateTOTPURI({ issuer, label, secret, algorithm, digits, period }),\n hotp: (counter) => generateHOTURI({ issuer, label, secret, algorithm, digits, counter }),\n });\n}\n\n/**\n * Generate an OTP code\n *\n * Generates a one-time password based on the specified strategy.\n * - 'totp': Time-based OTP (default)\n * - 'hotp': HMAC-based OTP\n *\n * @param options - OTP generation options\n * @returns OTP code\n *\n * @example TOTP\n * ```ts\n * import { generate } from 'otplib';\n *\n * const token = await generate({\n * secret: 'JBSWY3DPEHPK3PXP',\n * });\n * // Returns: '123456'\n * ```\n *\n * @example HOTP\n * ```ts\n * import { generate } from 'otplib';\n *\n * const token = await generate({\n * secret: 'JBSWY3DPEHPK3PXP',\n * strategy: 'hotp',\n * counter: 0,\n * });\n * ```\n *\n * @example With custom plugins\n * ```ts\n * import { generate, NodeCryptoPlugin } from 'otplib';\n *\n * const token = await generate({\n * secret: 'JBSWY3DPEHPK3PXP',\n * crypto: new NodeCryptoPlugin(),\n * });\n * ```\n */\nexport async function generate(options: OTPGenerateOptions): Promise<string> {\n const opts = normalizeGenerateOptions(options);\n const { secret, crypto, base32, algorithm, digits, hooks } = opts;\n const commonOptions = { secret, crypto, base32, algorithm, digits, hooks };\n\n return executeByStrategy(opts.strategy, opts.counter, {\n totp: () =>\n generateTOTP({\n ...commonOptions,\n period: opts.period,\n epoch: opts.epoch,\n t0: opts.t0,\n guardrails: opts.guardrails,\n }),\n hotp: (counter) =>\n generateHOTP({\n ...commonOptions,\n counter,\n guardrails: opts.guardrails,\n }),\n });\n}\n\n/**\n * Generate an OTP code synchronously\n *\n * This is the synchronous version of {@link generate}. It requires a crypto\n * plugin that supports synchronous HMAC operations.\n *\n * @param options - OTP generation options\n * @returns OTP code\n * @throws {HMACError} If the crypto plugin doesn't support sync operations\n *\n * @example\n * ```ts\n * import { generateSync } from 'otplib';\n *\n * const token = generateSync({\n * secret: 'JBSWY3DPEHPK3PXP',\n * });\n * ```\n */\nexport function generateSync(options: OTPGenerateOptions): string {\n const opts = normalizeGenerateOptions(options);\n const { secret, crypto, base32, algorithm, digits } = opts;\n const commonOptions = { secret, crypto, base32, algorithm, digits };\n\n return executeByStrategy(opts.strategy, opts.counter, {\n totp: () =>\n generateTOTPSync({\n ...commonOptions,\n period: opts.period,\n epoch: opts.epoch,\n t0: opts.t0,\n guardrails: opts.guardrails,\n }),\n hotp: (counter) =>\n generateHOTPSync({\n ...commonOptions,\n counter,\n guardrails: opts.guardrails,\n }),\n });\n}\n\n/**\n * Verify an OTP code\n *\n * Verifies a provided OTP code against the expected value based on the strategy.\n * - 'totp': Time-based OTP (default, Google Authenticator compatible)\n * - 'hotp': HMAC-based OTP\n *\n * Uses constant-time comparison to prevent timing attacks.\n *\n * @param options - OTP verification options\n * @returns Verification result with validity and optional delta\n *\n * @example TOTP\n * ```ts\n * import { verify } from 'otplib';\n *\n * const result = await verify({\n * secret: 'JBSWY3DPEHPK3PXP',\n * token: '123456',\n * });\n * // Returns: { valid: true, delta: 0 }\n * ```\n *\n * @example HOTP\n * ```ts\n * import { verify } from 'otplib';\n *\n * const result = await verify({\n * secret: 'JBSWY3DPEHPK3PXP',\n * token: '123456',\n * strategy: 'hotp',\n * counter: 0,\n * });\n * ```\n *\n * @example With epochTolerance for TOTP\n * ```ts\n * import { verify, NodeCryptoPlugin } from 'otplib';\n *\n * const result = await verify({\n * secret: 'JBSWY3DPEHPK3PXP',\n * token: '123456',\n * epochTolerance: 30,\n * crypto: new NodeCryptoPlugin(),\n * });\n * ```\n */\nexport async function verify(options: OTPVerifyOptions): Promise<VerifyResult> {\n const opts = normalizeVerifyOptions(options);\n const { secret, token, crypto, base32, algorithm, digits, hooks } = opts;\n const commonOptions = { secret, token, crypto, base32, algorithm, digits, hooks };\n\n return executeByStrategy(opts.strategy, opts.counter, {\n totp: () =>\n verifyTOTP({\n ...commonOptions,\n period: opts.period,\n epoch: opts.epoch,\n t0: opts.t0,\n epochTolerance: opts.epochTolerance,\n afterTimeStep: opts.afterTimeStep,\n guardrails: opts.guardrails,\n }),\n hotp: (counter) =>\n verifyHOTP({\n ...commonOptions,\n counter,\n counterTolerance: opts.counterTolerance,\n guardrails: opts.guardrails,\n }),\n });\n}\n\n/**\n * Verify an OTP code synchronously\n *\n * This is the synchronous version of {@link verify}. It requires a crypto\n * plugin that supports synchronous HMAC operations.\n *\n * @param options - OTP verification options\n * @returns Verification result with validity and optional delta\n * @throws {HMACError} If the crypto plugin doesn't support sync operations\n *\n * @example\n * ```ts\n * import { verifySync } from 'otplib';\n *\n * const result = verifySync({\n * secret: 'JBSWY3DPEHPK3PXP',\n * token: '123456',\n * });\n * ```\n */\nexport function verifySync(options: OTPVerifyOptions): VerifyResult {\n const opts = normalizeVerifyOptions(options);\n const { secret, token, crypto, base32, algorithm, digits, hooks } = opts;\n const commonOptions = { secret, token, crypto, base32, algorithm, digits, hooks };\n\n return executeByStrategy(opts.strategy, opts.counter, {\n totp: () =>\n verifyTOTPSync({\n ...commonOptions,\n period: opts.period,\n epoch: opts.epoch,\n t0: opts.t0,\n epochTolerance: opts.epochTolerance,\n afterTimeStep: opts.afterTimeStep,\n guardrails: opts.guardrails,\n }),\n hotp: (counter) =>\n verifyHOTPSync({\n ...commonOptions,\n counter,\n counterTolerance: opts.counterTolerance,\n guardrails: opts.guardrails,\n }),\n });\n}\n","/**\n * Default plugin instances\n *\n * Shared across functional and class APIs to ensure singleton behavior\n * and reduce memory overhead. Uses pre-instantiated frozen singletons\n * from the plugin packages.\n */\nimport { createGuardrails } from \"@otplib/core\";\nimport { base32 as defaultBase32 } from \"@otplib/plugin-base32-scure\";\nimport { crypto as defaultCrypto } from \"@otplib/plugin-crypto-noble\";\n\nimport type {\n OTPGenerateOptions,\n OTPVerifyOptions,\n OTPGenerateOptionsWithDefaults,\n OTPVerifyOptionsWithDefaults,\n} from \"./types.js\";\n\nexport { defaultCrypto, defaultBase32 };\n\nexport function normalizeGenerateOptions(\n options: OTPGenerateOptions,\n): OTPGenerateOptionsWithDefaults {\n return {\n secret: options.secret,\n strategy: options.strategy ?? \"totp\",\n crypto: options.crypto ?? defaultCrypto,\n base32: options.base32 ?? defaultBase32,\n algorithm: options.algorithm ?? \"sha1\",\n digits: options.digits ?? 6,\n period: options.period ?? 30,\n epoch: options.epoch ?? Math.floor(Date.now() / 1000),\n t0: options.t0 ?? 0,\n counter: options.counter,\n guardrails: options.guardrails ?? createGuardrails(),\n hooks: options.hooks,\n };\n}\n\nexport function normalizeVerifyOptions(options: OTPVerifyOptions): OTPVerifyOptionsWithDefaults {\n return {\n ...normalizeGenerateOptions(options),\n token: options.token,\n epochTolerance: options.epochTolerance ?? 0,\n counterTolerance: options.counterTolerance ?? 0,\n afterTimeStep: options.afterTimeStep,\n };\n}\n","/**\n * OTP Wrapper Class\n *\n * A unified class that dynamically handles TOTP and HOTP strategies.\n */\n\nimport { createGuardrails, generateSecret as generateSecretCore } from \"@otplib/core\";\n\nimport { defaultCrypto, defaultBase32 } from \"./defaults.js\";\nimport {\n generate as functionalGenerate,\n generateSync as functionalGenerateSync,\n verify as functionalVerify,\n verifySync as functionalVerifySync,\n generateURI as functionalGenerateURI,\n} from \"./functional.js\";\n\nimport type { OTPStrategy } from \"./functional.js\";\nimport type {\n CryptoPlugin,\n Digits,\n HashAlgorithm,\n Base32Plugin,\n OTPGuardrails,\n OTPHooks,\n} from \"@otplib/core\";\nimport type { VerifyResult as HOTPVerifyResult } from \"@otplib/hotp\";\nimport type { VerifyResult as TOTPVerifyResult } from \"@otplib/totp\";\n\n/**\n * Combined verify result that works for both TOTP and HOTP\n */\nexport type VerifyResult = TOTPVerifyResult | HOTPVerifyResult;\n\n/**\n * Options for the OTP class\n */\nexport type OTPClassOptions = {\n /**\n * OTP strategy to use\n * - 'totp': Time-based OTP (default)\n * - 'hotp': HMAC-based OTP\n */\n strategy?: OTPStrategy;\n\n /**\n * Crypto plugin to use (default: NobleCryptoPlugin)\n */\n crypto?: CryptoPlugin;\n\n /**\n * Base32 plugin to use (default: ScureBase32Plugin)\n */\n base32?: Base32Plugin;\n\n /**\n * Validation guardrails\n */\n guardrails?: OTPGuardrails;\n};\n\n/**\n * Options for generating a token with the OTP class\n */\nexport type OTPGenerateOptions = {\n /**\n * Base32-encoded secret key\n *\n * **Note**: By default, strings are assumed to be Base32 encoded.\n * If you have a raw string/passphrase, you must convert it to Uint8Array first.\n */\n secret: string | Uint8Array;\n\n /**\n * Hash algorithm (default: 'sha1')\n */\n algorithm?: HashAlgorithm;\n\n /**\n * Number of digits (default: 6)\n */\n digits?: Digits;\n\n /**\n * Current Unix epoch timestamp in seconds (default: now)\n * Used by TOTP strategy\n */\n epoch?: number;\n\n /**\n * Initial Unix time to start counting time steps (default: 0)\n * Used by TOTP strategy\n */\n t0?: number;\n\n /**\n * Time step in seconds (default: 30)\n * Used by TOTP strategy\n */\n period?: number;\n\n /**\n * Counter value\n * Used by HOTP strategy (required)\n */\n counter?: number;\n\n /**\n * Validation guardrails\n */\n guardrails?: OTPGuardrails;\n\n /**\n * Hooks for customizing token encoding and validation\n */\n hooks?: OTPHooks;\n};\n\n/**\n * Options for verifying a token with the OTP class\n */\nexport type OTPVerifyOptions = {\n /**\n * Base32-encoded secret key\n *\n * **Note**: By default, strings are assumed to be Base32 encoded.\n * If you have a raw string/passphrase, you must convert it to Uint8Array first.\n */\n secret: string | Uint8Array;\n\n /**\n * OTP code to verify\n */\n token: string;\n\n /**\n * Hash algorithm (default: 'sha1')\n */\n algorithm?: HashAlgorithm;\n\n /**\n * Number of digits (default: 6)\n */\n digits?: Digits;\n\n /**\n * Current Unix epoch timestamp in seconds (default: now)\n * Used by TOTP strategy\n */\n epoch?: number;\n\n /**\n * Initial Unix time to start counting time steps (default: 0)\n * Used by TOTP strategy\n */\n t0?: number;\n\n /**\n * Time step in seconds (default: 30)\n * Used by TOTP strategy\n */\n period?: number;\n\n /**\n * Counter value\n * Used by HOTP strategy (required)\n */\n counter?: number;\n\n /**\n * Time tolerance in seconds for TOTP verification (default: 0)\n * - Number: symmetric tolerance (same for past and future)\n * - Tuple [past, future]: asymmetric tolerance\n * Use [5, 0] for RFC-compliant past-only verification.\n */\n epochTolerance?: number | [number, number];\n\n /**\n * Counter tolerance for HOTP verification (default: 0)\n * - Number: creates look-ahead only tolerance [0, n]\n * - Tuple [past, future]: explicit window control\n */\n counterTolerance?: number | [number, number];\n\n /**\n * Minimum allowed TOTP time step for replay protection (optional)\n *\n * Rejects tokens with timeStep <= afterTimeStep.\n * Only used by TOTP strategy.\n */\n afterTimeStep?: number;\n\n /**\n * Validation guardrails\n */\n guardrails?: OTPGuardrails;\n\n /**\n * Hooks for customizing token encoding and validation\n */\n hooks?: OTPHooks;\n};\n\n/**\n * Options for generating URI with the OTP class\n */\nexport type OTPURIGenerateOptions = {\n /**\n * Issuer name (e.g., 'ACME Co')\n */\n issuer: string;\n\n /**\n * Label/Account name (e.g., 'john@example.com')\n */\n label: string;\n\n /**\n * Base32-encoded secret key\n *\n * **Note**: By default, strings are assumed to be Base32 encoded.\n * If you have a raw string/passphrase, you must convert it to Uint8Array first.\n */\n secret: string;\n\n /**\n * Hash algorithm (default: 'sha1')\n */\n algorithm?: HashAlgorithm;\n\n /**\n * Number of digits (default: 6)\n */\n digits?: Digits;\n\n /**\n * Time step in seconds (default: 30)\n * Used by TOTP strategy\n */\n period?: number;\n\n /**\n * Counter value (default: 0)\n * Used by HOTP strategy\n */\n counter?: number;\n};\n\n/**\n * OTP Class\n *\n * A wrapper class that dynamically handles TOTP and HOTP strategies.\n *\n * @example\n * ```ts\n * import { OTP } from 'otplib';\n *\n * // Create OTP instance with TOTP strategy (default)\n * const otp = new OTP({ strategy: 'totp' });\n *\n * // Generate and verify\n * const secret = otp.generateSecret();\n * const token = await otp.generate({ secret });\n * const result = await otp.verify({ secret, token });\n * ```\n *\n * @example With HOTP strategy\n * ```ts\n * import { OTP } from 'otplib';\n *\n * const otp = new OTP({ strategy: 'hotp' });\n * const token = await otp.generate({ secret: 'ABC123', counter: 0 });\n * ```\n *\n * @example Generating otpauth:// URI for authenticator apps\n * ```ts\n * import { OTP } from 'otplib';\n *\n * const otp = new OTP({ strategy: 'totp' });\n * const uri = otp.generateURI({\n * issuer: 'MyApp',\n * label: 'user@example.com',\n * secret: 'ABC123',\n * });\n * ```\n */\nexport class OTP {\n private readonly strategy: OTPStrategy;\n private readonly crypto: CryptoPlugin;\n private readonly base32: Base32Plugin;\n private readonly guardrails: OTPGuardrails;\n\n constructor(options: OTPClassOptions = {}) {\n const {\n strategy = \"totp\",\n crypto = defaultCrypto,\n base32 = defaultBase32,\n guardrails,\n } = options;\n\n this.strategy = strategy;\n this.crypto = crypto;\n this.base32 = base32;\n this.guardrails = createGuardrails(guardrails);\n }\n\n /**\n * Get the current strategy\n */\n getStrategy(): OTPStrategy {\n return this.strategy;\n }\n\n /**\n * Generate a random secret key\n *\n * @param length - Number of random bytes (default: 20)\n * @returns Base32-encoded secret key\n */\n generateSecret(length: number = 20): string {\n return generateSecretCore({ crypto: this.crypto, base32: this.base32, length });\n }\n\n /**\n * Generate an OTP token based on the configured strategy\n *\n * @param options - Generation options\n * @returns OTP code\n */\n async generate(options: OTPGenerateOptions): Promise<string> {\n return functionalGenerate({\n ...options,\n strategy: this.strategy,\n crypto: this.crypto,\n base32: this.base32,\n guardrails: options.guardrails ?? this.guardrails,\n });\n }\n\n /**\n * Generate an OTP token based on the configured strategy synchronously\n *\n * @param options - Generation options\n * @returns OTP code\n * @throws {HMACError} If the crypto plugin doesn't support sync operations\n */\n generateSync(options: OTPGenerateOptions): string {\n return functionalGenerateSync({\n ...options,\n strategy: this.strategy,\n crypto: this.crypto,\n base32: this.base32,\n guardrails: options.guardrails ?? this.guardrails,\n });\n }\n\n /**\n * Verify an OTP token based on the configured strategy\n *\n * @param options - Verification options\n * @returns Verification result with validity and optional delta\n */\n async verify(options: OTPVerifyOptions): Promise<VerifyResult> {\n return functionalVerify({\n ...options,\n strategy: this.strategy,\n crypto: this.crypto,\n base32: this.base32,\n guardrails: options.guardrails ?? this.guardrails,\n });\n }\n\n /**\n * Verify an OTP token based on the configured strategy synchronously\n *\n * @param options - Verification options\n * @returns Verification result with validity and optional delta\n * @throws {HMACError} If the crypto plugin doesn't support sync operations\n */\n verifySync(options: OTPVerifyOptions): VerifyResult {\n return functionalVerifySync({\n ...options,\n strategy: this.strategy,\n crypto: this.crypto,\n base32: this.base32,\n guardrails: options.guardrails ?? this.guardrails,\n });\n }\n\n /**\n * Generate an otpauth:// URI for QR code generation\n *\n * Supports both TOTP and HOTP strategies.\n *\n * @param options - URI generation options\n * @returns otpauth:// URI string\n */\n generateURI(options: OTPURIGenerateOptions): string {\n return functionalGenerateURI({\n ...options,\n strategy: this.strategy,\n });\n }\n}\n"],"mappings":"yaAAA,IAAAA,EAAA,GAAAC,EAAAD,EAAA,mEAAAE,EAAA,+GAAAC,EAAA,mBAAAC,EAAA,iBAAAC,EAAA,gBAAAC,EAAA,6CAAAC,EAAA,eAAAC,EAAA,mFAAAC,EAAAT,GCAA,IAAAU,EAAyE,wBACzEC,EAKO,wBACPC,EAKO,wBACPC,EAAgF,uBCNhF,IAAAC,EAAiC,wBACjCC,EAAwC,uCACxCC,EAAwC,uCAWjC,SAASC,EACdC,EACgC,CAChC,MAAO,CACL,OAAQA,EAAQ,OAChB,SAAUA,EAAQ,UAAY,OAC9B,OAAQA,EAAQ,QAAU,EAAAC,OAC1B,OAAQD,EAAQ,QAAU,EAAAE,OAC1B,UAAWF,EAAQ,WAAa,OAChC,OAAQA,EAAQ,QAAU,EAC1B,OAAQA,EAAQ,QAAU,GAC1B,MAAOA,EAAQ,OAAS,KAAK,MAAM,KAAK,IAAI,EAAI,GAAI,EACpD,GAAIA,EAAQ,IAAM,EAClB,QAASA,EAAQ,QACjB,WAAYA,EAAQ,eAAc,oBAAiB,EACnD,MAAOA,EAAQ,KACjB,CACF,CAEO,SAASG,EAAuBH,EAAyD,CAC9F,MAAO,CACL,GAAGD,EAAyBC,CAAO,EACnC,MAAOA,EAAQ,MACf,eAAgBA,EAAQ,gBAAkB,EAC1C,iBAAkBA,EAAQ,kBAAoB,EAC9C,cAAeA,EAAQ,aACzB,CACF,CDXA,SAASI,EACPC,EACAC,EACAC,EACG,CACH,GAAIF,IAAa,OACf,OAAOE,EAAS,KAAK,EAEvB,GAAIF,IAAa,OAAQ,CACvB,GAAIC,IAAY,OACd,MAAM,IAAI,qBACR,kFACF,EAEF,OAAOC,EAAS,KAAKD,CAAO,CAC9B,CACA,MAAM,IAAI,qBACR,yBAAyBD,CAAQ,0CACnC,CACF,CA4BO,SAASG,EAAeC,EAgBpB,CACT,GAAM,CAAE,OAAAC,EAAS,EAAAC,OAAe,OAAAC,EAAS,EAAAC,OAAe,OAAAC,EAAS,EAAG,EAAIL,GAAW,CAAC,EAEpF,SAAO,EAAAM,gBAAmB,CAAE,OAAAL,EAAQ,OAAAE,EAAQ,OAAAE,CAAO,CAAC,CACtD,CAqCO,SAASE,EAAYP,EAkBjB,CACT,GAAM,CACJ,SAAAJ,EAAW,OACX,OAAAY,EACA,MAAAC,EACA,OAAAC,EACA,UAAAC,EAAY,OACZ,OAAAC,EAAS,EACT,OAAAC,EAAS,GACT,QAAAhB,CACF,EAAIG,EAEJ,OAAOL,EAAkBC,EAAUC,EAAS,CAC1C,KAAM,OAAM,EAAAiB,cAAgB,CAAE,OAAAN,EAAQ,MAAAC,EAAO,OAAAC,EAAQ,UAAAC,EAAW,OAAAC,EAAQ,OAAAC,CAAO,CAAC,EAChF,KAAOhB,MAAY,EAAAkB,cAAe,CAAE,OAAAP,EAAQ,MAAAC,EAAO,OAAAC,EAAQ,UAAAC,EAAW,OAAAC,EAAQ,QAAAf,CAAQ,CAAC,CACzF,CAAC,CACH,CA2CA,eAAsBmB,EAAShB,EAA8C,CAC3E,IAAMiB,EAAOC,EAAyBlB,CAAO,EACvC,CAAE,OAAAU,EAAQ,OAAAT,EAAQ,OAAAE,EAAQ,UAAAQ,EAAW,OAAAC,EAAQ,MAAAO,CAAM,EAAIF,EACvDG,EAAgB,CAAE,OAAAV,EAAQ,OAAAT,EAAQ,OAAAE,EAAQ,UAAAQ,EAAW,OAAAC,EAAQ,MAAAO,CAAM,EAEzE,OAAOxB,EAAkBsB,EAAK,SAAUA,EAAK,QAAS,CACpD,KAAM,OACJ,EAAAI,UAAa,CACX,GAAGD,EACH,OAAQH,EAAK,OACb,MAAOA,EAAK,MACZ,GAAIA,EAAK,GACT,WAAYA,EAAK,UACnB,CAAC,EACH,KAAOpB,MACL,EAAAyB,UAAa,CACX,GAAGF,EACH,QAAAvB,EACA,WAAYoB,EAAK,UACnB,CAAC,CACL,CAAC,CACH,CAqBO,SAASM,EAAavB,EAAqC,CAChE,IAAMiB,EAAOC,EAAyBlB,CAAO,EACvC,CAAE,OAAAU,EAAQ,OAAAT,EAAQ,OAAAE,EAAQ,UAAAQ,EAAW,OAAAC,CAAO,EAAIK,EAChDG,EAAgB,CAAE,OAAAV,EAAQ,OAAAT,EAAQ,OAAAE,EAAQ,UAAAQ,EAAW,OAAAC,CAAO,EAElE,OAAOjB,EAAkBsB,EAAK,SAAUA,EAAK,QAAS,CACpD,KAAM,OACJ,EAAAO,cAAiB,CACf,GAAGJ,EACH,OAAQH,EAAK,OACb,MAAOA,EAAK,MACZ,GAAIA,EAAK,GACT,WAAYA,EAAK,UACnB,CAAC,EACH,KAAOpB,MACL,EAAA4B,cAAiB,CACf,GAAGL,EACH,QAAAvB,EACA,WAAYoB,EAAK,UACnB,CAAC,CACL,CAAC,CACH,CAiDA,eAAsBS,EAAO1B,EAAkD,CAC7E,IAAMiB,EAAOU,EAAuB3B,CAAO,EACrC,CAAE,OAAAU,EAAQ,MAAAkB,EAAO,OAAA3B,EAAQ,OAAAE,EAAQ,UAAAQ,EAAW,OAAAC,EAAQ,MAAAO,CAAM,EAAIF,EAC9DG,EAAgB,CAAE,OAAAV,EAAQ,MAAAkB,EAAO,OAAA3B,EAAQ,OAAAE,EAAQ,UAAAQ,EAAW,OAAAC,EAAQ,MAAAO,CAAM,EAEhF,OAAOxB,EAAkBsB,EAAK,SAAUA,EAAK,QAAS,CACpD,KAAM,OACJ,EAAAY,QAAW,CACT,GAAGT,EACH,OAAQH,EAAK,OACb,MAAOA,EAAK,MACZ,GAAIA,EAAK,GACT,eAAgBA,EAAK,eACrB,cAAeA,EAAK,cACpB,WAAYA,EAAK,UACnB,CAAC,EACH,KAAOpB,MACL,EAAAiC,QAAW,CACT,GAAGV,EACH,QAAAvB,EACA,iBAAkBoB,EAAK,iBACvB,WAAYA,EAAK,UACnB,CAAC,CACL,CAAC,CACH,CAsBO,SAASc,EAAW/B,EAAyC,CAClE,IAAMiB,EAAOU,EAAuB3B,CAAO,EACrC,CAAE,OAAAU,EAAQ,MAAAkB,EAAO,OAAA3B,EAAQ,OAAAE,EAAQ,UAAAQ,EAAW,OAAAC,EAAQ,MAAAO,CAAM,EAAIF,EAC9DG,EAAgB,CAAE,OAAAV,EAAQ,MAAAkB,EAAO,OAAA3B,EAAQ,OAAAE,EAAQ,UAAAQ,EAAW,OAAAC,EAAQ,MAAAO,CAAM,EAEhF,OAAOxB,EAAkBsB,EAAK,SAAUA,EAAK,QAAS,CACpD,KAAM,OACJ,EAAAe,YAAe,CACb,GAAGZ,EACH,OAAQH,EAAK,OACb,MAAOA,EAAK,MACZ,GAAIA,EAAK,GACT,eAAgBA,EAAK,eACrB,cAAeA,EAAK,cACpB,WAAYA,EAAK,UACnB,CAAC,EACH,KAAOpB,MACL,EAAAoC,YAAe,CACb,GAAGb,EACH,QAAAvB,EACA,iBAAkBoB,EAAK,iBACvB,WAAYA,EAAK,UACnB,CAAC,CACL,CAAC,CACH,CEzYA,IAAAiB,EAAuE,wBAwRhE,IAAMC,EAAN,KAAU,CACE,SACA,OACA,OACA,WAEjB,YAAYC,EAA2B,CAAC,EAAG,CACzC,GAAM,CACJ,SAAAC,EAAW,OACX,OAAAC,EAAS,EAAAC,OACT,OAAAC,EAAS,EAAAC,OACT,WAAAC,CACF,EAAIN,EAEJ,KAAK,SAAWC,EAChB,KAAK,OAASC,EACd,KAAK,OAASE,EACd,KAAK,cAAa,oBAAiBE,CAAU,CAC/C,CAKA,aAA2B,CACzB,OAAO,KAAK,QACd,CAQA,eAAeC,EAAiB,GAAY,CAC1C,SAAO,EAAAC,gBAAmB,CAAE,OAAQ,KAAK,OAAQ,OAAQ,KAAK,OAAQ,OAAAD,CAAO,CAAC,CAChF,CAQA,MAAM,SAASP,EAA8C,CAC3D,OAAOS,EAAmB,CACxB,GAAGT,EACH,SAAU,KAAK,SACf,OAAQ,KAAK,OACb,OAAQ,KAAK,OACb,WAAYA,EAAQ,YAAc,KAAK,UACzC,CAAC,CACH,CASA,aAAaA,EAAqC,CAChD,OAAOU,EAAuB,CAC5B,GAAGV,EACH,SAAU,KAAK,SACf,OAAQ,KAAK,OACb,OAAQ,KAAK,OACb,WAAYA,EAAQ,YAAc,KAAK,UACzC,CAAC,CACH,CAQA,MAAM,OAAOA,EAAkD,CAC7D,OAAOW,EAAiB,CACtB,GAAGX,EACH,SAAU,KAAK,SACf,OAAQ,KAAK,OACb,OAAQ,KAAK,OACb,WAAYA,EAAQ,YAAc,KAAK,UACzC,CAAC,CACH,CASA,WAAWA,EAAyC,CAClD,OAAOY,EAAqB,CAC1B,GAAGZ,EACH,SAAU,KAAK,SACf,OAAQ,KAAK,OACb,OAAQ,KAAK,OACb,WAAYA,EAAQ,YAAc,KAAK,UACzC,CAAC,CACH,CAUA,YAAYA,EAAwC,CAClD,OAAOa,EAAsB,CAC3B,GAAGb,EACH,SAAU,KAAK,QACjB,CAAC,CACH,CACF,EHhXA,IAAAc,EAAqB,wBACrBC,EAAqB,wBAErBC,EAA6E,wBAG7EC,EAAkC,uCAClCC,EAAkC","names":["src_exports","__export","OTP","generate","generateSecret","generateSync","generateURI","verify","verifySync","__toCommonJS","import_core","import_hotp","import_totp","import_uri","import_core","import_plugin_base32_scure","import_plugin_crypto_noble","normalizeGenerateOptions","options","defaultCrypto","defaultBase32","normalizeVerifyOptions","executeByStrategy","strategy","counter","handlers","generateSecret","options","crypto","defaultCrypto","base32","defaultBase32","length","generateSecretCore","generateURI","issuer","label","secret","algorithm","digits","period","generateTOTPURI","generateHOTURI","generate","opts","normalizeGenerateOptions","hooks","commonOptions","generateTOTP","generateHOTP","generateSync","generateTOTPSync","generateHOTPSync","verify","normalizeVerifyOptions","token","verifyTOTP","verifyHOTP","verifySync","verifyTOTPSync","verifyHOTPSync","import_core","OTP","options","strategy","crypto","defaultCrypto","base32","defaultBase32","guardrails","length","generateSecretCore","generate","generateSync","verify","verifySync","generateURI","import_hotp","import_totp","import_core","import_plugin_crypto_noble","import_plugin_base32_scure"]}

package/dist/index.d.cts ADDED Viewed

@@ -0,0 +1,8 @@
+export { O as OTPAuthOptions, a as OTPFunctionalOptions, b as OTPStrategy, c as OTPVerifyFunctionalOptions } from './types-BBT_82HF.cjs';
+export { generate, generateSecret, generateSync, generateURI, verify, verifySync } from './functional.cjs';
+export { OTP, OTPClassOptions, OTPGenerateOptions, OTPURIGenerateOptions, OTPVerifyOptions } from './class.cjs';
+export { Base32Plugin, CryptoPlugin, HashAlgorithm, OTPGuardrails, OTPGuardrailsConfig, OTPResult, createGuardrails, stringToBytes, wrapResult, wrapResultAsync } from '@otplib/core';
+export { TOTP, TOTPOptions, VerifyResult } from '@otplib/totp';
+export { HOTP } from '@otplib/hotp';
+export { NobleCryptoPlugin } from '@otplib/plugin-crypto-noble';
+export { ScureBase32Plugin } from '@otplib/plugin-base32-scure';

package/dist/index.d.ts ADDED Viewed

@@ -0,0 +1,8 @@
+export { O as OTPAuthOptions, a as OTPFunctionalOptions, b as OTPStrategy, c as OTPVerifyFunctionalOptions } from './types-BBT_82HF.js';
+export { generate, generateSecret, generateSync, generateURI, verify, verifySync } from './functional.js';
+export { OTP, OTPClassOptions, OTPGenerateOptions, OTPURIGenerateOptions, OTPVerifyOptions } from './class.js';
+export { Base32Plugin, CryptoPlugin, HashAlgorithm, OTPGuardrails, OTPGuardrailsConfig, OTPResult, createGuardrails, stringToBytes, wrapResult, wrapResultAsync } from '@otplib/core';
+export { TOTP, TOTPOptions, VerifyResult } from '@otplib/totp';
+export { HOTP } from '@otplib/hotp';
+export { NobleCryptoPlugin } from '@otplib/plugin-crypto-noble';
+export { ScureBase32Plugin } from '@otplib/plugin-base32-scure';

package/dist/index.js ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ import{generateSecret as R,ConfigurationError as S}from"@otplib/core";import{generate as G,generateSync as x,verify as H,verifySync as v}from"@otplib/hotp";import{generate as C,generateSync as k,verify as U,verifySync as B}from"@otplib/totp";import{generateTOTP as A,generateHOTP as D}from"@otplib/uri";import{createGuardrails as V}from"@otplib/core";import{base32 as u}from"@otplib/plugin-base32-scure";import{crypto as g}from"@otplib/plugin-crypto-noble";function c(t){return{secret:t.secret,strategy:t.strategy??"totp",crypto:t.crypto??g,base32:t.base32??u,algorithm:t.algorithm??"sha1",digits:t.digits??6,period:t.period??30,epoch:t.epoch??Math.floor(Date.now()/1e3),t0:t.t0??0,counter:t.counter,guardrails:t.guardrails??V(),hooks:t.hooks}}function O(t){return{...c(t),token:t.token,epochTolerance:t.epochTolerance??0,counterTolerance:t.counterTolerance??0,afterTimeStep:t.afterTimeStep}}function l(t,e,r){if(t==="totp")return r.totp();if(t==="hotp"){if(e===void 0)throw new S("Counter is required for HOTP strategy. Example: { strategy: 'hotp', counter: 0 }");return r.hotp(e)}throw new S(`Unknown OTP strategy: ${t}. Valid strategies are 'totp' or 'hotp'.`)}function I(t){let{crypto:e=g,base32:r=u,length:a=20}=t\|\|{};return R({crypto:e,base32:r,length:a})}function T(t){let{strategy:e="totp",issuer:r,label:a,secret:o,algorithm:i="sha1",digits:s=6,period:n=30,counter:p}=t;return l(e,p,{totp:()=>A({issuer:r,label:a,secret:o,algorithm:i,digits:s,period:n}),hotp:y=>D({issuer:r,label:a,secret:o,algorithm:i,digits:s,counter:y})})}async function m(t){let e=c(t),{secret:r,crypto:a,base32:o,algorithm:i,digits:s,hooks:n}=e,p={secret:r,crypto:a,base32:o,algorithm:i,digits:s,hooks:n};return l(e.strategy,e.counter,{totp:()=>C({...p,period:e.period,epoch:e.epoch,t0:e.t0,guardrails:e.guardrails}),hotp:y=>G({...p,counter:y,guardrails:e.guardrails})})}function h(t){let e=c(t),{secret:r,crypto:a,base32:o,algorithm:i,digits:s}=e,n={secret:r,crypto:a,base32:o,algorithm:i,digits:s};return l(e.strategy,e.counter,{totp:()=>k({...n,period:e.period,epoch:e.epoch,t0:e.t0,guardrails:e.guardrails}),hotp:p=>x({...n,counter:p,guardrails:e.guardrails})})}async function P(t){let e=O(t),{secret:r,token:a,crypto:o,base32:i,algorithm:s,digits:n,hooks:p}=e,y={secret:r,token:a,crypto:o,base32:i,algorithm:s,digits:n,hooks:p};return l(e.strategy,e.counter,{totp:()=>U({...y,period:e.period,epoch:e.epoch,t0:e.t0,epochTolerance:e.epochTolerance,afterTimeStep:e.afterTimeStep,guardrails:e.guardrails}),hotp:f=>H({...y,counter:f,counterTolerance:e.counterTolerance,guardrails:e.guardrails})})}function d(t){let e=O(t),{secret:r,token:a,crypto:o,base32:i,algorithm:s,digits:n,hooks:p}=e,y={secret:r,token:a,crypto:o,base32:i,algorithm:s,digits:n,hooks:p};return l(e.strategy,e.counter,{totp:()=>B({...y,period:e.period,epoch:e.epoch,t0:e.t0,epochTolerance:e.epochTolerance,afterTimeStep:e.afterTimeStep,guardrails:e.guardrails}),hotp:f=>v({...y,counter:f,counterTolerance:e.counterTolerance,guardrails:e.guardrails})})}import{createGuardrails as w,generateSecret as j}from"@otplib/core";var b=class{strategy;crypto;base32;guardrails;constructor(e={}){let{strategy:r="totp",crypto:a=g,base32:o=u,guardrails:i}=e;this.strategy=r,this.crypto=a,this.base32=o,this.guardrails=w(i)}getStrategy(){return this.strategy}generateSecret(e=20){return j({crypto:this.crypto,base32:this.base32,length:e})}async generate(e){return m({...e,strategy:this.strategy,crypto:this.crypto,base32:this.base32,guardrails:e.guardrails??this.guardrails})}generateSync(e){return h({...e,strategy:this.strategy,crypto:this.crypto,base32:this.base32,guardrails:e.guardrails??this.guardrails})}async verify(e){return P({...e,strategy:this.strategy,crypto:this.crypto,base32:this.base32,guardrails:e.guardrails??this.guardrails})}verifySync(e){return d({...e,strategy:this.strategy,crypto:this.crypto,base32:this.base32,guardrails:e.guardrails??this.guardrails})}generateURI(e){return T({...e,strategy:this.strategy})}};import{HOTP as re}from"@otplib/hotp";import{TOTP as oe}from"@otplib/totp";import{createGuardrails as se,stringToBytes as ne,wrapResult as pe,wrapResultAsync as ye}from"@otplib/core";import{NobleCryptoPlugin as ge}from"@otplib/plugin-crypto-noble";import{ScureBase32Plugin as ce}from"@otplib/plugin-base32-scure";export{re as HOTP,ge as NobleCryptoPlugin,b as OTP,ce as ScureBase32Plugin,oe as TOTP,se as createGuardrails,m as generate,I as generateSecret,h as generateSync,T as generateURI,ne as stringToBytes,P as verify,d as verifySync,pe as wrapResult,ye as wrapResultAsync};
2	+ //# sourceMappingURL=index.js.map

package/dist/index.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"sources":["../src/functional.ts","../src/defaults.ts","../src/class.ts","../src/index.ts"],"sourcesContent":["import { generateSecret as generateSecretCore, ConfigurationError } from \"@otplib/core\";\nimport {\n generate as generateHOTP,\n generateSync as generateHOTPSync,\n verify as verifyHOTP,\n verifySync as verifyHOTPSync,\n} from \"@otplib/hotp\";\nimport {\n generate as generateTOTP,\n generateSync as generateTOTPSync,\n verify as verifyTOTP,\n verifySync as verifyTOTPSync,\n} from \"@otplib/totp\";\nimport { generateTOTP as generateTOTPURI, generateHOTP as generateHOTURI } from \"@otplib/uri\";\n\nimport {\n defaultCrypto,\n defaultBase32,\n normalizeGenerateOptions,\n normalizeVerifyOptions,\n} from \"./defaults.js\";\n\nimport type {\n OTPGenerateOptions,\n OTPVerifyOptions,\n OTPStrategy,\n StrategyHandlers,\n} from \"./types.js\";\nimport type { CryptoPlugin, Base32Plugin, Digits, HashAlgorithm } from \"@otplib/core\";\nimport type { VerifyResult as HOTPVerifyResult } from \"@otplib/hotp\";\nimport type { VerifyResult as TOTPVerifyResult } from \"@otplib/totp\";\n\nexport type { OTPStrategy };\n\nexport type VerifyResult = TOTPVerifyResult | HOTPVerifyResult;\n\nfunction executeByStrategy<T>(\n strategy: OTPStrategy,\n counter: number | undefined,\n handlers: StrategyHandlers<T>,\n): T {\n if (strategy === \"totp\") {\n return handlers.totp();\n }\n if (strategy === \"hotp\") {\n if (counter === undefined) {\n throw new ConfigurationError(\n \"Counter is required for HOTP strategy. Example: { strategy: 'hotp', counter: 0 }\",\n );\n }\n return handlers.hotp(counter);\n }\n throw new ConfigurationError(\n `Unknown OTP strategy: ${strategy}. Valid strategies are 'totp' or 'hotp'.`,\n );\n}\n\n/**\n * Generate a random secret key for use with OTP\n *\n * The secret is encoded in Base32 format for compatibility with\n * Google Authenticator and other authenticator apps.\n *\n * @param options - Secret generation options\n * @returns Base32-encoded secret key\n *\n * @example\n * ```ts\n * import { generateSecret } from 'otplib';\n *\n * const secret = generateSecret();\n * // Returns: 'JBSWY3DPEHPK3PXP'\n * ```\n *\n * @example With custom plugins\n * ```ts\n * import { generateSecret, NodeCryptoPlugin } from 'otplib';\n *\n * const secret = generateSecret({\n * crypto: new NodeCryptoPlugin(),\n * });\n * ```\n */\nexport function generateSecret(options?: {\n /**\n * Number of random bytes to generate (default: 20)\n * 20 bytes = 160 bits, which provides a good security margin\n */\n length?: number;\n\n /**\n * Crypto plugin to use (default: NobleCryptoPlugin)\n */\n crypto?: CryptoPlugin;\n\n /**\n * Base32 plugin to use (default: ScureBase32Plugin)\n */\n base32?: Base32Plugin;\n}): string {\n const { crypto = defaultCrypto, base32 = defaultBase32, length = 20 } = options || {};\n\n return generateSecretCore({ crypto, base32, length });\n}\n\n/**\n * Generate an otpauth:// URI for QR code generation\n *\n * This URI can be used to generate a QR code that can be scanned\n * by Google Authenticator and other authenticator apps.\n *\n * @param options - URI generation options\n * @returns otpauth:// URI string\n *\n * @example TOTP\n * ```ts\n * import { generateURI } from 'otplib';\n *\n * const uri = generateURI({\n * issuer: 'ACME Co',\n * label: 'john@example.com',\n * secret: 'JBSWY3DPEHPK3PXP',\n * });\n * // Returns: 'otpauth://totp/ACME%20Co:john%40example.com?secret=...'\n * ```\n *\n * @example HOTP\n * ```ts\n * import { generateURI } from 'otplib';\n *\n * const uri = generateURI({\n * strategy: 'hotp',\n * issuer: 'ACME Co',\n * label: 'john@example.com',\n * secret: 'JBSWY3DPEHPK3PXP',\n * counter: 5,\n * });\n * // Returns: 'otpauth://hotp/ACME%20Co:john%40example.com?secret=...&counter=5'\n * ```\n */\nexport function generateURI(options: {\n /**\n * OTP strategy to use (default: 'totp')\n */\n strategy?: OTPStrategy;\n issuer: string;\n label: string;\n /**\n * Base32-encoded secret key\n *\n * **Note**: By default, strings are assumed to be Base32 encoded.\n * If you have a raw string/passphrase, you must convert it to Uint8Array first.\n */\n secret: string;\n algorithm?: HashAlgorithm;\n digits?: Digits;\n period?: number;\n counter?: number;\n}): string {\n const {\n strategy = \"totp\",\n issuer,\n label,\n secret,\n algorithm = \"sha1\",\n digits = 6,\n period = 30,\n counter,\n } = options;\n\n return executeByStrategy(strategy, counter, {\n totp: () => generateTOTPURI({ issuer, label, secret, algorithm, digits, period }),\n hotp: (counter) => generateHOTURI({ issuer, label, secret, algorithm, digits, counter }),\n });\n}\n\n/**\n * Generate an OTP code\n *\n * Generates a one-time password based on the specified strategy.\n * - 'totp': Time-based OTP (default)\n * - 'hotp': HMAC-based OTP\n *\n * @param options - OTP generation options\n * @returns OTP code\n *\n * @example TOTP\n * ```ts\n * import { generate } from 'otplib';\n *\n * const token = await generate({\n * secret: 'JBSWY3DPEHPK3PXP',\n * });\n * // Returns: '123456'\n * ```\n *\n * @example HOTP\n * ```ts\n * import { generate } from 'otplib';\n *\n * const token = await generate({\n * secret: 'JBSWY3DPEHPK3PXP',\n * strategy: 'hotp',\n * counter: 0,\n * });\n * ```\n *\n * @example With custom plugins\n * ```ts\n * import { generate, NodeCryptoPlugin } from 'otplib';\n *\n * const token = await generate({\n * secret: 'JBSWY3DPEHPK3PXP',\n * crypto: new NodeCryptoPlugin(),\n * });\n * ```\n */\nexport async function generate(options: OTPGenerateOptions): Promise<string> {\n const opts = normalizeGenerateOptions(options);\n const { secret, crypto, base32, algorithm, digits, hooks } = opts;\n const commonOptions = { secret, crypto, base32, algorithm, digits, hooks };\n\n return executeByStrategy(opts.strategy, opts.counter, {\n totp: () =>\n generateTOTP({\n ...commonOptions,\n period: opts.period,\n epoch: opts.epoch,\n t0: opts.t0,\n guardrails: opts.guardrails,\n }),\n hotp: (counter) =>\n generateHOTP({\n ...commonOptions,\n counter,\n guardrails: opts.guardrails,\n }),\n });\n}\n\n/**\n * Generate an OTP code synchronously\n *\n * This is the synchronous version of {@link generate}. It requires a crypto\n * plugin that supports synchronous HMAC operations.\n *\n * @param options - OTP generation options\n * @returns OTP code\n * @throws {HMACError} If the crypto plugin doesn't support sync operations\n *\n * @example\n * ```ts\n * import { generateSync } from 'otplib';\n *\n * const token = generateSync({\n * secret: 'JBSWY3DPEHPK3PXP',\n * });\n * ```\n */\nexport function generateSync(options: OTPGenerateOptions): string {\n const opts = normalizeGenerateOptions(options);\n const { secret, crypto, base32, algorithm, digits } = opts;\n const commonOptions = { secret, crypto, base32, algorithm, digits };\n\n return executeByStrategy(opts.strategy, opts.counter, {\n totp: () =>\n generateTOTPSync({\n ...commonOptions,\n period: opts.period,\n epoch: opts.epoch,\n t0: opts.t0,\n guardrails: opts.guardrails,\n }),\n hotp: (counter) =>\n generateHOTPSync({\n ...commonOptions,\n counter,\n guardrails: opts.guardrails,\n }),\n });\n}\n\n/**\n * Verify an OTP code\n *\n * Verifies a provided OTP code against the expected value based on the strategy.\n * - 'totp': Time-based OTP (default, Google Authenticator compatible)\n * - 'hotp': HMAC-based OTP\n *\n * Uses constant-time comparison to prevent timing attacks.\n *\n * @param options - OTP verification options\n * @returns Verification result with validity and optional delta\n *\n * @example TOTP\n * ```ts\n * import { verify } from 'otplib';\n *\n * const result = await verify({\n * secret: 'JBSWY3DPEHPK3PXP',\n * token: '123456',\n * });\n * // Returns: { valid: true, delta: 0 }\n * ```\n *\n * @example HOTP\n * ```ts\n * import { verify } from 'otplib';\n *\n * const result = await verify({\n * secret: 'JBSWY3DPEHPK3PXP',\n * token: '123456',\n * strategy: 'hotp',\n * counter: 0,\n * });\n * ```\n *\n * @example With epochTolerance for TOTP\n * ```ts\n * import { verify, NodeCryptoPlugin } from 'otplib';\n *\n * const result = await verify({\n * secret: 'JBSWY3DPEHPK3PXP',\n * token: '123456',\n * epochTolerance: 30,\n * crypto: new NodeCryptoPlugin(),\n * });\n * ```\n */\nexport async function verify(options: OTPVerifyOptions): Promise<VerifyResult> {\n const opts = normalizeVerifyOptions(options);\n const { secret, token, crypto, base32, algorithm, digits, hooks } = opts;\n const commonOptions = { secret, token, crypto, base32, algorithm, digits, hooks };\n\n return executeByStrategy(opts.strategy, opts.counter, {\n totp: () =>\n verifyTOTP({\n ...commonOptions,\n period: opts.period,\n epoch: opts.epoch,\n t0: opts.t0,\n epochTolerance: opts.epochTolerance,\n afterTimeStep: opts.afterTimeStep,\n guardrails: opts.guardrails,\n }),\n hotp: (counter) =>\n verifyHOTP({\n ...commonOptions,\n counter,\n counterTolerance: opts.counterTolerance,\n guardrails: opts.guardrails,\n }),\n });\n}\n\n/**\n * Verify an OTP code synchronously\n *\n * This is the synchronous version of {@link verify}. It requires a crypto\n * plugin that supports synchronous HMAC operations.\n *\n * @param options - OTP verification options\n * @returns Verification result with validity and optional delta\n * @throws {HMACError} If the crypto plugin doesn't support sync operations\n *\n * @example\n * ```ts\n * import { verifySync } from 'otplib';\n *\n * const result = verifySync({\n * secret: 'JBSWY3DPEHPK3PXP',\n * token: '123456',\n * });\n * ```\n */\nexport function verifySync(options: OTPVerifyOptions): VerifyResult {\n const opts = normalizeVerifyOptions(options);\n const { secret, token, crypto, base32, algorithm, digits, hooks } = opts;\n const commonOptions = { secret, token, crypto, base32, algorithm, digits, hooks };\n\n return executeByStrategy(opts.strategy, opts.counter, {\n totp: () =>\n verifyTOTPSync({\n ...commonOptions,\n period: opts.period,\n epoch: opts.epoch,\n t0: opts.t0,\n epochTolerance: opts.epochTolerance,\n afterTimeStep: opts.afterTimeStep,\n guardrails: opts.guardrails,\n }),\n hotp: (counter) =>\n verifyHOTPSync({\n ...commonOptions,\n counter,\n counterTolerance: opts.counterTolerance,\n guardrails: opts.guardrails,\n }),\n });\n}\n","/**\n * Default plugin instances\n *\n * Shared across functional and class APIs to ensure singleton behavior\n * and reduce memory overhead. Uses pre-instantiated frozen singletons\n * from the plugin packages.\n */\nimport { createGuardrails } from \"@otplib/core\";\nimport { base32 as defaultBase32 } from \"@otplib/plugin-base32-scure\";\nimport { crypto as defaultCrypto } from \"@otplib/plugin-crypto-noble\";\n\nimport type {\n OTPGenerateOptions,\n OTPVerifyOptions,\n OTPGenerateOptionsWithDefaults,\n OTPVerifyOptionsWithDefaults,\n} from \"./types.js\";\n\nexport { defaultCrypto, defaultBase32 };\n\nexport function normalizeGenerateOptions(\n options: OTPGenerateOptions,\n): OTPGenerateOptionsWithDefaults {\n return {\n secret: options.secret,\n strategy: options.strategy ?? \"totp\",\n crypto: options.crypto ?? defaultCrypto,\n base32: options.base32 ?? defaultBase32,\n algorithm: options.algorithm ?? \"sha1\",\n digits: options.digits ?? 6,\n period: options.period ?? 30,\n epoch: options.epoch ?? Math.floor(Date.now() / 1000),\n t0: options.t0 ?? 0,\n counter: options.counter,\n guardrails: options.guardrails ?? createGuardrails(),\n hooks: options.hooks,\n };\n}\n\nexport function normalizeVerifyOptions(options: OTPVerifyOptions): OTPVerifyOptionsWithDefaults {\n return {\n ...normalizeGenerateOptions(options),\n token: options.token,\n epochTolerance: options.epochTolerance ?? 0,\n counterTolerance: options.counterTolerance ?? 0,\n afterTimeStep: options.afterTimeStep,\n };\n}\n","/**\n * OTP Wrapper Class\n *\n * A unified class that dynamically handles TOTP and HOTP strategies.\n */\n\nimport { createGuardrails, generateSecret as generateSecretCore } from \"@otplib/core\";\n\nimport { defaultCrypto, defaultBase32 } from \"./defaults.js\";\nimport {\n generate as functionalGenerate,\n generateSync as functionalGenerateSync,\n verify as functionalVerify,\n verifySync as functionalVerifySync,\n generateURI as functionalGenerateURI,\n} from \"./functional.js\";\n\nimport type { OTPStrategy } from \"./functional.js\";\nimport type {\n CryptoPlugin,\n Digits,\n HashAlgorithm,\n Base32Plugin,\n OTPGuardrails,\n OTPHooks,\n} from \"@otplib/core\";\nimport type { VerifyResult as HOTPVerifyResult } from \"@otplib/hotp\";\nimport type { VerifyResult as TOTPVerifyResult } from \"@otplib/totp\";\n\n/**\n * Combined verify result that works for both TOTP and HOTP\n */\nexport type VerifyResult = TOTPVerifyResult | HOTPVerifyResult;\n\n/**\n * Options for the OTP class\n */\nexport type OTPClassOptions = {\n /**\n * OTP strategy to use\n * - 'totp': Time-based OTP (default)\n * - 'hotp': HMAC-based OTP\n */\n strategy?: OTPStrategy;\n\n /**\n * Crypto plugin to use (default: NobleCryptoPlugin)\n */\n crypto?: CryptoPlugin;\n\n /**\n * Base32 plugin to use (default: ScureBase32Plugin)\n */\n base32?: Base32Plugin;\n\n /**\n * Validation guardrails\n */\n guardrails?: OTPGuardrails;\n};\n\n/**\n * Options for generating a token with the OTP class\n */\nexport type OTPGenerateOptions = {\n /**\n * Base32-encoded secret key\n *\n * **Note**: By default, strings are assumed to be Base32 encoded.\n * If you have a raw string/passphrase, you must convert it to Uint8Array first.\n */\n secret: string | Uint8Array;\n\n /**\n * Hash algorithm (default: 'sha1')\n */\n algorithm?: HashAlgorithm;\n\n /**\n * Number of digits (default: 6)\n */\n digits?: Digits;\n\n /**\n * Current Unix epoch timestamp in seconds (default: now)\n * Used by TOTP strategy\n */\n epoch?: number;\n\n /**\n * Initial Unix time to start counting time steps (default: 0)\n * Used by TOTP strategy\n */\n t0?: number;\n\n /**\n * Time step in seconds (default: 30)\n * Used by TOTP strategy\n */\n period?: number;\n\n /**\n * Counter value\n * Used by HOTP strategy (required)\n */\n counter?: number;\n\n /**\n * Validation guardrails\n */\n guardrails?: OTPGuardrails;\n\n /**\n * Hooks for customizing token encoding and validation\n */\n hooks?: OTPHooks;\n};\n\n/**\n * Options for verifying a token with the OTP class\n */\nexport type OTPVerifyOptions = {\n /**\n * Base32-encoded secret key\n *\n * **Note**: By default, strings are assumed to be Base32 encoded.\n * If you have a raw string/passphrase, you must convert it to Uint8Array first.\n */\n secret: string | Uint8Array;\n\n /**\n * OTP code to verify\n */\n token: string;\n\n /**\n * Hash algorithm (default: 'sha1')\n */\n algorithm?: HashAlgorithm;\n\n /**\n * Number of digits (default: 6)\n */\n digits?: Digits;\n\n /**\n * Current Unix epoch timestamp in seconds (default: now)\n * Used by TOTP strategy\n */\n epoch?: number;\n\n /**\n * Initial Unix time to start counting time steps (default: 0)\n * Used by TOTP strategy\n */\n t0?: number;\n\n /**\n * Time step in seconds (default: 30)\n * Used by TOTP strategy\n */\n period?: number;\n\n /**\n * Counter value\n * Used by HOTP strategy (required)\n */\n counter?: number;\n\n /**\n * Time tolerance in seconds for TOTP verification (default: 0)\n * - Number: symmetric tolerance (same for past and future)\n * - Tuple [past, future]: asymmetric tolerance\n * Use [5, 0] for RFC-compliant past-only verification.\n */\n epochTolerance?: number | [number, number];\n\n /**\n * Counter tolerance for HOTP verification (default: 0)\n * - Number: creates look-ahead only tolerance [0, n]\n * - Tuple [past, future]: explicit window control\n */\n counterTolerance?: number | [number, number];\n\n /**\n * Minimum allowed TOTP time step for replay protection (optional)\n *\n * Rejects tokens with timeStep <= afterTimeStep.\n * Only used by TOTP strategy.\n */\n afterTimeStep?: number;\n\n /**\n * Validation guardrails\n */\n guardrails?: OTPGuardrails;\n\n /**\n * Hooks for customizing token encoding and validation\n */\n hooks?: OTPHooks;\n};\n\n/**\n * Options for generating URI with the OTP class\n */\nexport type OTPURIGenerateOptions = {\n /**\n * Issuer name (e.g., 'ACME Co')\n */\n issuer: string;\n\n /**\n * Label/Account name (e.g., 'john@example.com')\n */\n label: string;\n\n /**\n * Base32-encoded secret key\n *\n * **Note**: By default, strings are assumed to be Base32 encoded.\n * If you have a raw string/passphrase, you must convert it to Uint8Array first.\n */\n secret: string;\n\n /**\n * Hash algorithm (default: 'sha1')\n */\n algorithm?: HashAlgorithm;\n\n /**\n * Number of digits (default: 6)\n */\n digits?: Digits;\n\n /**\n * Time step in seconds (default: 30)\n * Used by TOTP strategy\n */\n period?: number;\n\n /**\n * Counter value (default: 0)\n * Used by HOTP strategy\n */\n counter?: number;\n};\n\n/**\n * OTP Class\n *\n * A wrapper class that dynamically handles TOTP and HOTP strategies.\n *\n * @example\n * ```ts\n * import { OTP } from 'otplib';\n *\n * // Create OTP instance with TOTP strategy (default)\n * const otp = new OTP({ strategy: 'totp' });\n *\n * // Generate and verify\n * const secret = otp.generateSecret();\n * const token = await otp.generate({ secret });\n * const result = await otp.verify({ secret, token });\n * ```\n *\n * @example With HOTP strategy\n * ```ts\n * import { OTP } from 'otplib';\n *\n * const otp = new OTP({ strategy: 'hotp' });\n * const token = await otp.generate({ secret: 'ABC123', counter: 0 });\n * ```\n *\n * @example Generating otpauth:// URI for authenticator apps\n * ```ts\n * import { OTP } from 'otplib';\n *\n * const otp = new OTP({ strategy: 'totp' });\n * const uri = otp.generateURI({\n * issuer: 'MyApp',\n * label: 'user@example.com',\n * secret: 'ABC123',\n * });\n * ```\n */\nexport class OTP {\n private readonly strategy: OTPStrategy;\n private readonly crypto: CryptoPlugin;\n private readonly base32: Base32Plugin;\n private readonly guardrails: OTPGuardrails;\n\n constructor(options: OTPClassOptions = {}) {\n const {\n strategy = \"totp\",\n crypto = defaultCrypto,\n base32 = defaultBase32,\n guardrails,\n } = options;\n\n this.strategy = strategy;\n this.crypto = crypto;\n this.base32 = base32;\n this.guardrails = createGuardrails(guardrails);\n }\n\n /**\n * Get the current strategy\n */\n getStrategy(): OTPStrategy {\n return this.strategy;\n }\n\n /**\n * Generate a random secret key\n *\n * @param length - Number of random bytes (default: 20)\n * @returns Base32-encoded secret key\n */\n generateSecret(length: number = 20): string {\n return generateSecretCore({ crypto: this.crypto, base32: this.base32, length });\n }\n\n /**\n * Generate an OTP token based on the configured strategy\n *\n * @param options - Generation options\n * @returns OTP code\n */\n async generate(options: OTPGenerateOptions): Promise<string> {\n return functionalGenerate({\n ...options,\n strategy: this.strategy,\n crypto: this.crypto,\n base32: this.base32,\n guardrails: options.guardrails ?? this.guardrails,\n });\n }\n\n /**\n * Generate an OTP token based on the configured strategy synchronously\n *\n * @param options - Generation options\n * @returns OTP code\n * @throws {HMACError} If the crypto plugin doesn't support sync operations\n */\n generateSync(options: OTPGenerateOptions): string {\n return functionalGenerateSync({\n ...options,\n strategy: this.strategy,\n crypto: this.crypto,\n base32: this.base32,\n guardrails: options.guardrails ?? this.guardrails,\n });\n }\n\n /**\n * Verify an OTP token based on the configured strategy\n *\n * @param options - Verification options\n * @returns Verification result with validity and optional delta\n */\n async verify(options: OTPVerifyOptions): Promise<VerifyResult> {\n return functionalVerify({\n ...options,\n strategy: this.strategy,\n crypto: this.crypto,\n base32: this.base32,\n guardrails: options.guardrails ?? this.guardrails,\n });\n }\n\n /**\n * Verify an OTP token based on the configured strategy synchronously\n *\n * @param options - Verification options\n * @returns Verification result with validity and optional delta\n * @throws {HMACError} If the crypto plugin doesn't support sync operations\n */\n verifySync(options: OTPVerifyOptions): VerifyResult {\n return functionalVerifySync({\n ...options,\n strategy: this.strategy,\n crypto: this.crypto,\n base32: this.base32,\n guardrails: options.guardrails ?? this.guardrails,\n });\n }\n\n /**\n * Generate an otpauth:// URI for QR code generation\n *\n * Supports both TOTP and HOTP strategies.\n *\n * @param options - URI generation options\n * @returns otpauth:// URI string\n */\n generateURI(options: OTPURIGenerateOptions): string {\n return functionalGenerateURI({\n ...options,\n strategy: this.strategy,\n });\n }\n}\n","export type {\n OTPAuthOptions,\n TOTPOptions,\n OTPGenerateOptions as OTPFunctionalOptions,\n OTPVerifyOptions as OTPVerifyFunctionalOptions,\n} from \"./types.js\";\n\nexport {\n generateSecret,\n generateURI,\n generate,\n generateSync,\n verify,\n verifySync,\n type OTPStrategy,\n} from \"./functional.js\";\n\nexport {\n OTP,\n type OTPClassOptions,\n type OTPGenerateOptions,\n type OTPVerifyOptions,\n type OTPURIGenerateOptions,\n} from \"./class.js\";\n\nexport type {\n Base32Plugin,\n CryptoPlugin,\n HashAlgorithm,\n OTPResult,\n OTPGuardrails,\n OTPGuardrailsConfig,\n} from \"@otplib/core\";\nexport type { VerifyResult } from \"@otplib/totp\";\n\nexport { HOTP } from \"@otplib/hotp\";\nexport { TOTP } from \"@otplib/totp\";\n\nexport { createGuardrails, stringToBytes, wrapResult, wrapResultAsync } from \"@otplib/core\";\n\n// Default Plugins\nexport { NobleCryptoPlugin } from \"@otplib/plugin-crypto-noble\";\nexport { ScureBase32Plugin } from \"@otplib/plugin-base32-scure\";\n"],"mappings":"AAAA,OAAS,kBAAkBA,EAAoB,sBAAAC,MAA0B,eACzE,OACE,YAAYC,EACZ,gBAAgBC,EAChB,UAAUC,EACV,cAAcC,MACT,eACP,OACE,YAAYC,EACZ,gBAAgBC,EAChB,UAAUC,EACV,cAAcC,MACT,eACP,OAAS,gBAAgBC,EAAiB,gBAAgBC,MAAsB,cCNhF,OAAS,oBAAAC,MAAwB,eACjC,OAAS,UAAUC,MAAqB,8BACxC,OAAS,UAAUC,MAAqB,8BAWjC,SAASC,EACdC,EACgC,CAChC,MAAO,CACL,OAAQA,EAAQ,OAChB,SAAUA,EAAQ,UAAY,OAC9B,OAAQA,EAAQ,QAAUC,EAC1B,OAAQD,EAAQ,QAAUE,EAC1B,UAAWF,EAAQ,WAAa,OAChC,OAAQA,EAAQ,QAAU,EAC1B,OAAQA,EAAQ,QAAU,GAC1B,MAAOA,EAAQ,OAAS,KAAK,MAAM,KAAK,IAAI,EAAI,GAAI,EACpD,GAAIA,EAAQ,IAAM,EAClB,QAASA,EAAQ,QACjB,WAAYA,EAAQ,YAAcG,EAAiB,EACnD,MAAOH,EAAQ,KACjB,CACF,CAEO,SAASI,EAAuBJ,EAAyD,CAC9F,MAAO,CACL,GAAGD,EAAyBC,CAAO,EACnC,MAAOA,EAAQ,MACf,eAAgBA,EAAQ,gBAAkB,EAC1C,iBAAkBA,EAAQ,kBAAoB,EAC9C,cAAeA,EAAQ,aACzB,CACF,CDXA,SAASK,EACPC,EACAC,EACAC,EACG,CACH,GAAIF,IAAa,OACf,OAAOE,EAAS,KAAK,EAEvB,GAAIF,IAAa,OAAQ,CACvB,GAAIC,IAAY,OACd,MAAM,IAAIE,EACR,kFACF,EAEF,OAAOD,EAAS,KAAKD,CAAO,CAC9B,CACA,MAAM,IAAIE,EACR,yBAAyBH,CAAQ,0CACnC,CACF,CA4BO,SAASI,EAAeC,EAgBpB,CACT,GAAM,CAAE,OAAAC,EAASC,EAAe,OAAAC,EAASC,EAAe,OAAAC,EAAS,EAAG,EAAIL,GAAW,CAAC,EAEpF,OAAOM,EAAmB,CAAE,OAAAL,EAAQ,OAAAE,EAAQ,OAAAE,CAAO,CAAC,CACtD,CAqCO,SAASE,EAAYP,EAkBjB,CACT,GAAM,CACJ,SAAAL,EAAW,OACX,OAAAa,EACA,MAAAC,EACA,OAAAC,EACA,UAAAC,EAAY,OACZ,OAAAC,EAAS,EACT,OAAAC,EAAS,GACT,QAAAjB,CACF,EAAII,EAEJ,OAAON,EAAkBC,EAAUC,EAAS,CAC1C,KAAM,IAAMkB,EAAgB,CAAE,OAAAN,EAAQ,MAAAC,EAAO,OAAAC,EAAQ,UAAAC,EAAW,OAAAC,EAAQ,OAAAC,CAAO,CAAC,EAChF,KAAOjB,GAAYmB,EAAe,CAAE,OAAAP,EAAQ,MAAAC,EAAO,OAAAC,EAAQ,UAAAC,EAAW,OAAAC,EAAQ,QAAAhB,CAAQ,CAAC,CACzF,CAAC,CACH,CA2CA,eAAsBoB,EAAShB,EAA8C,CAC3E,IAAMiB,EAAOC,EAAyBlB,CAAO,EACvC,CAAE,OAAAU,EAAQ,OAAAT,EAAQ,OAAAE,EAAQ,UAAAQ,EAAW,OAAAC,EAAQ,MAAAO,CAAM,EAAIF,EACvDG,EAAgB,CAAE,OAAAV,EAAQ,OAAAT,EAAQ,OAAAE,EAAQ,UAAAQ,EAAW,OAAAC,EAAQ,MAAAO,CAAM,EAEzE,OAAOzB,EAAkBuB,EAAK,SAAUA,EAAK,QAAS,CACpD,KAAM,IACJI,EAAa,CACX,GAAGD,EACH,OAAQH,EAAK,OACb,MAAOA,EAAK,MACZ,GAAIA,EAAK,GACT,WAAYA,EAAK,UACnB,CAAC,EACH,KAAOrB,GACL0B,EAAa,CACX,GAAGF,EACH,QAAAxB,EACA,WAAYqB,EAAK,UACnB,CAAC,CACL,CAAC,CACH,CAqBO,SAASM,EAAavB,EAAqC,CAChE,IAAMiB,EAAOC,EAAyBlB,CAAO,EACvC,CAAE,OAAAU,EAAQ,OAAAT,EAAQ,OAAAE,EAAQ,UAAAQ,EAAW,OAAAC,CAAO,EAAIK,EAChDG,EAAgB,CAAE,OAAAV,EAAQ,OAAAT,EAAQ,OAAAE,EAAQ,UAAAQ,EAAW,OAAAC,CAAO,EAElE,OAAOlB,EAAkBuB,EAAK,SAAUA,EAAK,QAAS,CACpD,KAAM,IACJO,EAAiB,CACf,GAAGJ,EACH,OAAQH,EAAK,OACb,MAAOA,EAAK,MACZ,GAAIA,EAAK,GACT,WAAYA,EAAK,UACnB,CAAC,EACH,KAAOrB,GACL6B,EAAiB,CACf,GAAGL,EACH,QAAAxB,EACA,WAAYqB,EAAK,UACnB,CAAC,CACL,CAAC,CACH,CAiDA,eAAsBS,EAAO1B,EAAkD,CAC7E,IAAMiB,EAAOU,EAAuB3B,CAAO,EACrC,CAAE,OAAAU,EAAQ,MAAAkB,EAAO,OAAA3B,EAAQ,OAAAE,EAAQ,UAAAQ,EAAW,OAAAC,EAAQ,MAAAO,CAAM,EAAIF,EAC9DG,EAAgB,CAAE,OAAAV,EAAQ,MAAAkB,EAAO,OAAA3B,EAAQ,OAAAE,EAAQ,UAAAQ,EAAW,OAAAC,EAAQ,MAAAO,CAAM,EAEhF,OAAOzB,EAAkBuB,EAAK,SAAUA,EAAK,QAAS,CACpD,KAAM,IACJY,EAAW,CACT,GAAGT,EACH,OAAQH,EAAK,OACb,MAAOA,EAAK,MACZ,GAAIA,EAAK,GACT,eAAgBA,EAAK,eACrB,cAAeA,EAAK,cACpB,WAAYA,EAAK,UACnB,CAAC,EACH,KAAOrB,GACLkC,EAAW,CACT,GAAGV,EACH,QAAAxB,EACA,iBAAkBqB,EAAK,iBACvB,WAAYA,EAAK,UACnB,CAAC,CACL,CAAC,CACH,CAsBO,SAASc,EAAW/B,EAAyC,CAClE,IAAMiB,EAAOU,EAAuB3B,CAAO,EACrC,CAAE,OAAAU,EAAQ,MAAAkB,EAAO,OAAA3B,EAAQ,OAAAE,EAAQ,UAAAQ,EAAW,OAAAC,EAAQ,MAAAO,CAAM,EAAIF,EAC9DG,EAAgB,CAAE,OAAAV,EAAQ,MAAAkB,EAAO,OAAA3B,EAAQ,OAAAE,EAAQ,UAAAQ,EAAW,OAAAC,EAAQ,MAAAO,CAAM,EAEhF,OAAOzB,EAAkBuB,EAAK,SAAUA,EAAK,QAAS,CACpD,KAAM,IACJe,EAAe,CACb,GAAGZ,EACH,OAAQH,EAAK,OACb,MAAOA,EAAK,MACZ,GAAIA,EAAK,GACT,eAAgBA,EAAK,eACrB,cAAeA,EAAK,cACpB,WAAYA,EAAK,UACnB,CAAC,EACH,KAAOrB,GACLqC,EAAe,CACb,GAAGb,EACH,QAAAxB,EACA,iBAAkBqB,EAAK,iBACvB,WAAYA,EAAK,UACnB,CAAC,CACL,CAAC,CACH,CEzYA,OAAS,oBAAAiB,EAAkB,kBAAkBC,MAA0B,eAwRhE,IAAMC,EAAN,KAAU,CACE,SACA,OACA,OACA,WAEjB,YAAYC,EAA2B,CAAC,EAAG,CACzC,GAAM,CACJ,SAAAC,EAAW,OACX,OAAAC,EAASC,EACT,OAAAC,EAASC,EACT,WAAAC,CACF,EAAIN,EAEJ,KAAK,SAAWC,EAChB,KAAK,OAASC,EACd,KAAK,OAASE,EACd,KAAK,WAAaG,EAAiBD,CAAU,CAC/C,CAKA,aAA2B,CACzB,OAAO,KAAK,QACd,CAQA,eAAeE,EAAiB,GAAY,CAC1C,OAAOC,EAAmB,CAAE,OAAQ,KAAK,OAAQ,OAAQ,KAAK,OAAQ,OAAAD,CAAO,CAAC,CAChF,CAQA,MAAM,SAASR,EAA8C,CAC3D,OAAOU,EAAmB,CACxB,GAAGV,EACH,SAAU,KAAK,SACf,OAAQ,KAAK,OACb,OAAQ,KAAK,OACb,WAAYA,EAAQ,YAAc,KAAK,UACzC,CAAC,CACH,CASA,aAAaA,EAAqC,CAChD,OAAOW,EAAuB,CAC5B,GAAGX,EACH,SAAU,KAAK,SACf,OAAQ,KAAK,OACb,OAAQ,KAAK,OACb,WAAYA,EAAQ,YAAc,KAAK,UACzC,CAAC,CACH,CAQA,MAAM,OAAOA,EAAkD,CAC7D,OAAOY,EAAiB,CACtB,GAAGZ,EACH,SAAU,KAAK,SACf,OAAQ,KAAK,OACb,OAAQ,KAAK,OACb,WAAYA,EAAQ,YAAc,KAAK,UACzC,CAAC,CACH,CASA,WAAWA,EAAyC,CAClD,OAAOa,EAAqB,CAC1B,GAAGb,EACH,SAAU,KAAK,SACf,OAAQ,KAAK,OACb,OAAQ,KAAK,OACb,WAAYA,EAAQ,YAAc,KAAK,UACzC,CAAC,CACH,CAUA,YAAYA,EAAwC,CAClD,OAAOc,EAAsB,CAC3B,GAAGd,EACH,SAAU,KAAK,QACjB,CAAC,CACH,CACF,EChXA,OAAS,QAAAe,OAAY,eACrB,OAAS,QAAAC,OAAY,eAErB,OAAS,oBAAAC,GAAkB,iBAAAC,GAAe,cAAAC,GAAY,mBAAAC,OAAuB,eAG7E,OAAS,qBAAAC,OAAyB,8BAClC,OAAS,qBAAAC,OAAyB","names":["generateSecretCore","ConfigurationError","generateHOTP","generateHOTPSync","verifyHOTP","verifyHOTPSync","generateTOTP","generateTOTPSync","verifyTOTP","verifyTOTPSync","generateTOTPURI","generateHOTURI","createGuardrails","defaultBase32","defaultCrypto","normalizeGenerateOptions","options","defaultCrypto","defaultBase32","createGuardrails","normalizeVerifyOptions","executeByStrategy","strategy","counter","handlers","ConfigurationError","generateSecret","options","crypto","defaultCrypto","base32","defaultBase32","length","generateSecretCore","generateURI","issuer","label","secret","algorithm","digits","period","generateTOTPURI","generateHOTURI","generate","opts","normalizeGenerateOptions","hooks","commonOptions","generateTOTP","generateHOTP","generateSync","generateTOTPSync","generateHOTPSync","verify","normalizeVerifyOptions","token","verifyTOTP","verifyHOTP","verifySync","verifyTOTPSync","verifyHOTPSync","createGuardrails","generateSecretCore","OTP","options","strategy","crypto","defaultCrypto","base32","defaultBase32","guardrails","createGuardrails","length","generateSecretCore","generate","generateSync","verify","verifySync","generateURI","HOTP","TOTP","createGuardrails","stringToBytes","wrapResult","wrapResultAsync","NobleCryptoPlugin","ScureBase32Plugin"]}

package/dist/metafile-cjs.json ADDED Viewed

@@ -0,0 +1 @@

+ {"inputs":{"src/defaults.ts":{"bytes":1514,"imports":[{"path":"@otplib/core","kind":"import-statement","external":true},{"path":"@otplib/plugin-base32-scure","kind":"import-statement","external":true},{"path":"@otplib/plugin-crypto-noble","kind":"import-statement","external":true}],"format":"esm"},"src/functional.ts":{"bytes":10325,"imports":[{"path":"@otplib/core","kind":"import-statement","external":true},{"path":"@otplib/hotp","kind":"import-statement","external":true},{"path":"@otplib/totp","kind":"import-statement","external":true},{"path":"@otplib/uri","kind":"import-statement","external":true},{"path":"src/defaults.ts","kind":"import-statement","original":"./defaults.js"}],"format":"esm"},"src/class.ts":{"bytes":9168,"imports":[{"path":"@otplib/core","kind":"import-statement","external":true},{"path":"src/defaults.ts","kind":"import-statement","original":"./defaults.js"},{"path":"src/functional.ts","kind":"import-statement","original":"./functional.js"}],"format":"esm"},"src/index.ts":{"bytes":958,"imports":[{"path":"src/functional.ts","kind":"import-statement","original":"./functional.js"},{"path":"src/class.ts","kind":"import-statement","original":"./class.js"},{"path":"@otplib/hotp","kind":"import-statement","external":true},{"path":"@otplib/totp","kind":"import-statement","external":true},{"path":"@otplib/core","kind":"import-statement","external":true},{"path":"@otplib/plugin-crypto-noble","kind":"import-statement","external":true},{"path":"@otplib/plugin-base32-scure","kind":"import-statement","external":true}],"format":"esm"}},"outputs":{"dist/index.cjs.map":{"imports":[],"exports":[],"inputs":{},"bytes":29068},"dist/index.cjs":{"imports":[{"path":"@otplib/core","kind":"require-call","external":true},{"path":"@otplib/hotp","kind":"require-call","external":true},{"path":"@otplib/totp","kind":"require-call","external":true},{"path":"@otplib/uri","kind":"require-call","external":true},{"path":"@otplib/core","kind":"require-call","external":true},{"path":"@otplib/plugin-base32-scure","kind":"require-call","external":true},{"path":"@otplib/plugin-crypto-noble","kind":"require-call","external":true},{"path":"@otplib/core","kind":"require-call","external":true},{"path":"@otplib/hotp","kind":"require-call","external":true},{"path":"@otplib/totp","kind":"require-call","external":true},{"path":"@otplib/core","kind":"require-call","external":true},{"path":"@otplib/plugin-crypto-noble","kind":"require-call","external":true},{"path":"@otplib/plugin-base32-scure","kind":"require-call","external":true}],"exports":[],"entryPoint":"src/index.ts","inputs":{"src/index.ts":{"bytesInOutput":569},"src/functional.ts":{"bytesInOutput":2434},"src/defaults.ts":{"bytesInOutput":582},"src/class.ts":{"bytesInOutput":984}},"bytes":5192},"dist/functional.cjs.map":{"imports":[],"exports":[],"inputs":{},"bytes":16976},"dist/functional.cjs":{"imports":[{"path":"@otplib/core","kind":"require-call","external":true},{"path":"@otplib/hotp","kind":"require-call","external":true},{"path":"@otplib/totp","kind":"require-call","external":true},{"path":"@otplib/uri","kind":"require-call","external":true},{"path":"@otplib/core","kind":"require-call","external":true},{"path":"@otplib/plugin-base32-scure","kind":"require-call","external":true},{"path":"@otplib/plugin-crypto-noble","kind":"require-call","external":true}],"exports":[],"entryPoint":"src/functional.ts","inputs":{"src/functional.ts":{"bytesInOutput":2573},"src/defaults.ts":{"bytesInOutput":582}},"bytes":3670},"dist/class.cjs.map":{"imports":[],"exports":[],"inputs":{},"bytes":27425},"dist/class.cjs":{"imports":[{"path":"@otplib/core","kind":"require-call","external":true},{"path":"@otplib/core","kind":"require-call","external":true},{"path":"@otplib/plugin-base32-scure","kind":"require-call","external":true},{"path":"@otplib/plugin-crypto-noble","kind":"require-call","external":true},{"path":"@otplib/core","kind":"require-call","external":true},{"path":"@otplib/hotp","kind":"require-call","external":true},{"path":"@otplib/totp","kind":"require-call","external":true},{"path":"@otplib/uri","kind":"require-call","external":true}],"exports":[],"entryPoint":"src/class.ts","inputs":{"src/class.ts":{"bytesInOutput":1030},"src/defaults.ts":{"bytesInOutput":582},"src/functional.ts":{"bytesInOutput":2304}},"bytes":4368}}}

package/dist/metafile-esm.json ADDED Viewed

@@ -0,0 +1 @@

+ {"inputs":{"src/defaults.ts":{"bytes":1514,"imports":[{"path":"@otplib/core","kind":"import-statement","external":true},{"path":"@otplib/plugin-base32-scure","kind":"import-statement","external":true},{"path":"@otplib/plugin-crypto-noble","kind":"import-statement","external":true}],"format":"esm"},"src/functional.ts":{"bytes":10325,"imports":[{"path":"@otplib/core","kind":"import-statement","external":true},{"path":"@otplib/hotp","kind":"import-statement","external":true},{"path":"@otplib/totp","kind":"import-statement","external":true},{"path":"@otplib/uri","kind":"import-statement","external":true},{"path":"src/defaults.ts","kind":"import-statement","original":"./defaults.js"}],"format":"esm"},"src/class.ts":{"bytes":9168,"imports":[{"path":"@otplib/core","kind":"import-statement","external":true},{"path":"src/defaults.ts","kind":"import-statement","original":"./defaults.js"},{"path":"src/functional.ts","kind":"import-statement","original":"./functional.js"}],"format":"esm"},"src/index.ts":{"bytes":958,"imports":[{"path":"src/functional.ts","kind":"import-statement","original":"./functional.js"},{"path":"src/class.ts","kind":"import-statement","original":"./class.js"},{"path":"@otplib/hotp","kind":"import-statement","external":true},{"path":"@otplib/totp","kind":"import-statement","external":true},{"path":"@otplib/core","kind":"import-statement","external":true},{"path":"@otplib/plugin-crypto-noble","kind":"import-statement","external":true},{"path":"@otplib/plugin-base32-scure","kind":"import-statement","external":true}],"format":"esm"}},"outputs":{"dist/index.js.map":{"imports":[],"exports":[],"inputs":{},"bytes":29218},"dist/index.js":{"imports":[{"path":"@otplib/core","kind":"import-statement","external":true},{"path":"@otplib/hotp","kind":"import-statement","external":true},{"path":"@otplib/totp","kind":"import-statement","external":true},{"path":"@otplib/uri","kind":"import-statement","external":true},{"path":"@otplib/core","kind":"import-statement","external":true},{"path":"@otplib/plugin-base32-scure","kind":"import-statement","external":true},{"path":"@otplib/plugin-crypto-noble","kind":"import-statement","external":true},{"path":"@otplib/core","kind":"import-statement","external":true},{"path":"@otplib/hotp","kind":"import-statement","external":true},{"path":"@otplib/totp","kind":"import-statement","external":true},{"path":"@otplib/core","kind":"import-statement","external":true},{"path":"@otplib/plugin-crypto-noble","kind":"import-statement","external":true},{"path":"@otplib/plugin-base32-scure","kind":"import-statement","external":true}],"exports":["HOTP","NobleCryptoPlugin","OTP","ScureBase32Plugin","TOTP","createGuardrails","generate","generateSecret","generateSync","generateURI","stringToBytes","verify","verifySync","wrapResult","wrapResultAsync"],"entryPoint":"src/index.ts","inputs":{"src/functional.ts":{"bytesInOutput":2414},"src/defaults.ts":{"bytesInOutput":589},"src/index.ts":{"bytesInOutput":312},"src/class.ts":{"bytesInOutput":969}},"bytes":4551},"dist/functional.js.map":{"imports":[],"exports":[],"inputs":{},"bytes":16989},"dist/functional.js":{"imports":[{"path":"@otplib/core","kind":"import-statement","external":true},{"path":"@otplib/hotp","kind":"import-statement","external":true},{"path":"@otplib/totp","kind":"import-statement","external":true},{"path":"@otplib/uri","kind":"import-statement","external":true},{"path":"@otplib/core","kind":"import-statement","external":true},{"path":"@otplib/plugin-base32-scure","kind":"import-statement","external":true},{"path":"@otplib/plugin-crypto-noble","kind":"import-statement","external":true}],"exports":["generate","generateSecret","generateSync","generateURI","verify","verifySync"],"entryPoint":"src/functional.ts","inputs":{"src/functional.ts":{"bytesInOutput":2414},"src/defaults.ts":{"bytesInOutput":589}},"bytes":3109},"dist/class.js.map":{"imports":[],"exports":[],"inputs":{},"bytes":27644},"dist/class.js":{"imports":[{"path":"@otplib/core","kind":"import-statement","external":true},{"path":"@otplib/core","kind":"import-statement","external":true},{"path":"@otplib/plugin-base32-scure","kind":"import-statement","external":true},{"path":"@otplib/plugin-crypto-noble","kind":"import-statement","external":true},{"path":"@otplib/core","kind":"import-statement","external":true},{"path":"@otplib/hotp","kind":"import-statement","external":true},{"path":"@otplib/totp","kind":"import-statement","external":true},{"path":"@otplib/uri","kind":"import-statement","external":true}],"exports":["OTP"],"entryPoint":"src/class.ts","inputs":{"src/class.ts":{"bytesInOutput":969},"src/defaults.ts":{"bytesInOutput":589},"src/functional.ts":{"bytesInOutput":2316}},"bytes":3892}}}