npm - @otplib/v12-adapter - Versions diffs - 13.0.0 - Mend

@otplib/v12-adapter 13.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (9) hide show

package/dist/index.cjs.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"sources":["../src/index.ts","../src/hotp.ts","../src/types.ts","../src/totp.ts","../src/authenticator.ts"],"sourcesContent":["/**\n * @otplib/v12-adapter\n *\n * Drop-in replacement adapter for migrating from otplib v12 to v13.\n *\n * This package provides the same API as otplib v12, making it easy\n * to migrate existing codebases to v13 without breaking changes.\n *\n * @example Using pre-configured instances (v12 style)\n * ```typescript\n * import { authenticator } from '@otplib/v12-adapter';\n *\n * const secret = authenticator.generateSecret();\n * const token = authenticator.generate(secret);\n * const isValid = authenticator.check(token, secret);\n * const uri = authenticator.keyuri('user@example.com', 'MyApp', secret);\n * ```\n *\n * @example Using class instances\n * ```typescript\n * import { Authenticator } from '@otplib/v12-adapter';\n *\n * const authenticator = new Authenticator({ step: 60 });\n * const secret = authenticator.generateSecret();\n * const token = authenticator.generate(secret);\n * ```\n */\n\n// Classes\nexport { HOTP } from \"./hotp\";\nexport { TOTP } from \"./totp\";\nexport { Authenticator } from \"./authenticator\";\n\n// Functional exports (v12-style)\nexport { hotpDigestToToken } from \"./hotp\";\n\n// Constants (v12-style)\nexport { HashAlgorithms, KeyEncodings } from \"./types\";\n\n// Types\nexport type {\n HOTPOptions,\n TOTPOptions,\n AuthenticatorOptions,\n SecretKey,\n Base32SecretKey,\n CreateDigest,\n CreateHmacKey,\n CreateRandomBytes,\n KeyEncoder,\n KeyDecoder,\n} from \"./types\";\n\n// Pre-configured instances (v12 style)\nimport { Authenticator } from \"./authenticator\";\nimport { HOTP } from \"./hotp\";\nimport { TOTP } from \"./totp\";\n\n/**\n * Pre-configured HOTP instance\n *\n * @example\n * ```typescript\n * import { hotp } from '@otplib/v12-adapter';\n *\n * const token = hotp.generate('JBSWY3DPEHPK3PXP', 0);\n * const isValid = hotp.check(token, 'JBSWY3DPEHPK3PXP', 0);\n * ```\n */\nexport const hotp = new HOTP();\n\n/**\n * Pre-configured TOTP instance\n *\n * @example\n * ```typescript\n * import { totp } from '@otplib/v12-adapter';\n *\n * const token = totp.generate('JBSWY3DPEHPK3PXP');\n * const isValid = totp.check(token, 'JBSWY3DPEHPK3PXP');\n * ```\n */\nexport const totp = new TOTP();\n\n/**\n * Pre-configured Authenticator instance\n *\n * @example\n * ```typescript\n * import { authenticator } from '@otplib/v12-adapter';\n *\n * const secret = authenticator.generateSecret();\n * const token = authenticator.generate(secret);\n * const isValid = authenticator.check(token, secret);\n * ```\n */\nexport const authenticator = new Authenticator();\n\n// Re-export v13 plugins for advanced usage\nexport { NobleCryptoPlugin } from \"@otplib/plugin-crypto-noble\";\nexport { ScureBase32Plugin } from \"@otplib/plugin-base32-scure\";\n","/**\n * @otplib/v12-adapter\n *\n * v12-compatible HOTP class implementation.\n * Provides synchronous API wrapper around v13's HOTP implementation.\n */\n\nimport { stringToBytes, hexToBytes, dynamicTruncate, truncateDigits } from \"@otplib/core\";\nimport { generateSync as hotpGenerateSync, verifySync as hotpVerifySync } from \"@otplib/hotp\";\nimport { ScureBase32Plugin } from \"@otplib/plugin-base32-scure\";\nimport { NobleCryptoPlugin } from \"@otplib/plugin-crypto-noble\";\nimport { generateHOTP as generateHOTPURI } from \"@otplib/uri\";\n\nimport { HashAlgorithms, KeyEncodings as KeyEncodingsConst } from \"./types\";\n\nimport type { HOTPOptions, SecretKey, ResolvedHOTPOptions } from \"./types\";\nimport type { Digits } from \"@otplib/core\";\n\n/**\n * Default crypto plugin instance\n */\nconst defaultCrypto = new NobleCryptoPlugin();\n\n/**\n * Default base32 plugin instance\n */\nconst defaultBase32 = new ScureBase32Plugin();\n\n/**\n * Convert a string secret to bytes based on encoding\n * @internal\n */\nexport function secretToBytes(secret: SecretKey, encoding?: string): Uint8Array {\n if (encoding === KeyEncodingsConst.BASE32 || encoding === \"base32\") {\n return defaultBase32.decode(secret);\n }\n if (encoding === KeyEncodingsConst.HEX || encoding === \"hex\") {\n return hexToBytes(secret.replace(/\\s/g, \"\"));\n }\n // Default: treat as ASCII/UTF-8\n return stringToBytes(secret);\n}\n\n/**\n * Converts a digest to a token of a specified length.\n * Uses dynamicTruncate and truncateDigits from core.\n */\nexport function hotpDigestToToken(hexDigest: string, digits: number): string {\n const digestBytes = hexToBytes(hexDigest);\n const truncated = dynamicTruncate(digestBytes);\n return truncateDigits(truncated, digits);\n}\n\n/**\n * v12-compatible HOTP class\n *\n * Provides the same API as otplib v12 HOTP class while using v13's\n * implementation internally.\n *\n * @example\n * ```typescript\n * import { HOTP } from '@otplib/v12-adapter';\n *\n * const hotp = new HOTP();\n * const secret = 'JBSWY3DPEHPK3PXP';\n * const token = hotp.generate(secret, 0);\n * const isValid = hotp.check(token, secret, 0);\n * ```\n */\nexport class HOTP<T extends HOTPOptions = HOTPOptions> {\n /**\n * Stored options that can be modified\n */\n protected _options: Partial<T> = {};\n\n /**\n * Default options applied to all operations\n */\n protected _defaultOptions: Partial<T> = {};\n\n constructor(defaultOptions: Partial<T> = {}) {\n this._defaultOptions = { ...defaultOptions };\n this._options = {};\n }\n\n /**\n * Get current options (merged with defaults)\n */\n get options(): Partial<T> {\n return { ...this._defaultOptions, ...this._options };\n }\n\n /**\n * Set options (replaces current options)\n */\n set options(value: Partial<T>) {\n this._options = { ...value };\n }\n\n /**\n * Creates a new instance with the specified default options\n */\n create(defaultOptions: Partial<T> = {}): HOTP<T> {\n return new HOTP<T>(defaultOptions);\n }\n\n /**\n * Returns class options polyfilled with default values\n */\n allOptions(): Readonly<ResolvedHOTPOptions> {\n const merged = {\n algorithm: HashAlgorithms.SHA1,\n digits: 6,\n encoding: KeyEncodingsConst.ASCII,\n crypto: defaultCrypto,\n base32: defaultBase32,\n ...this._defaultOptions,\n ...this._options,\n };\n return Object.freeze(merged) as Readonly<ResolvedHOTPOptions>;\n }\n\n /**\n * Reset options to defaults\n */\n resetOptions(): this {\n this._options = {};\n return this;\n }\n\n /**\n * Generate an HOTP token\n */\n generate(secret: SecretKey, counter: number): string {\n const opts = this.allOptions();\n const secretBytes = secretToBytes(secret, opts.encoding);\n\n return hotpGenerateSync({\n secret: secretBytes,\n counter,\n algorithm: opts.algorithm,\n digits: opts.digits as Digits,\n crypto: opts.crypto,\n });\n }\n\n /**\n * Check if a token is valid for the given secret and counter\n */\n check(token: string, secret: SecretKey, counter: number): boolean {\n const opts = this.allOptions();\n const secretBytes = secretToBytes(secret, opts.encoding);\n\n try {\n const result = hotpVerifySync({\n secret: secretBytes,\n token,\n counter,\n algorithm: opts.algorithm,\n digits: opts.digits as Digits,\n counterTolerance: 0,\n crypto: opts.crypto,\n });\n\n return result.valid;\n } catch {\n return false;\n }\n }\n\n /**\n * Verify a token (object-based API)\n */\n verify(opts: { token: string; secret: SecretKey; counter: number }): boolean {\n if (typeof opts !== \"object\") {\n throw new Error(\"Expecting argument 0 of verify to be an object\");\n }\n return this.check(opts.token, opts.secret, opts.counter);\n }\n\n /**\n * Generate an otpauth:// URI for HOTP\n */\n keyuri(accountName: string, issuer: string, secret: SecretKey, counter: number): string {\n const opts = this.allOptions();\n\n return generateHOTPURI({\n label: accountName,\n issuer,\n secret,\n algorithm: opts.algorithm,\n digits: opts.digits as Digits,\n counter,\n });\n }\n}\n","/**\n * @otplib/v12-adapter\n *\n * v12-compatible type definitions for migration adapter.\n * These types mirror the v12 API to provide drop-in compatibility.\n */\n\nimport type { CryptoPlugin, Base32Plugin, HashAlgorithm } from \"@otplib/core\";\n\n/**\n * v12-style hash algorithms constant\n */\nexport const HashAlgorithms = {\n SHA1: \"sha1\",\n SHA256: \"sha256\",\n SHA512: \"sha512\",\n} as const;\n\nexport type HashAlgorithms = (typeof HashAlgorithms)[keyof typeof HashAlgorithms];\n\n/**\n * v12-style key encodings constant\n */\nexport const KeyEncodings = {\n ASCII: \"ascii\",\n HEX: \"hex\",\n BASE32: \"base32\",\n BASE64: \"base64\",\n LATIN1: \"latin1\",\n UTF8: \"utf8\",\n} as const;\n\nexport type KeyEncodings = (typeof KeyEncodings)[keyof typeof KeyEncodings];\n\n/**\n * v12-style secret key type (string-based)\n */\nexport type SecretKey = string;\n\n/**\n * Base32 encoded secret key\n */\nexport type Base32SecretKey = string;\n\n/**\n * v12-style createDigest function signature\n */\nexport type CreateDigest<T = string> = (algorithm: HashAlgorithm, hmacKey: T, counter: T) => T;\n\n/**\n * v12-style createHmacKey function signature\n */\nexport type CreateHmacKey<T = string> = (\n algorithm: HashAlgorithm,\n secret: SecretKey,\n encoding: KeyEncodings,\n) => T;\n\n/**\n * v12-style createRandomBytes function signature\n */\nexport type CreateRandomBytes<T = string> = (size: number, encoding: KeyEncodings) => T;\n\n/**\n * v12-style keyEncoder function signature\n */\nexport type KeyEncoder<T = Base32SecretKey> = (secret: SecretKey, encoding: KeyEncodings) => T;\n\n/**\n * v12-style keyDecoder function signature\n */\nexport type KeyDecoder<T = SecretKey> = (\n encodedSecret: Base32SecretKey,\n encoding: KeyEncodings,\n) => T;\n\n/**\n * v12-compatible HOTP options\n */\nexport type HOTPOptions<T = string> = {\n /** Algorithm for HMAC (default: sha1) */\n algorithm?: HashAlgorithm;\n /** Creates the digest for token generation */\n createDigest?: CreateDigest<T>;\n /** Formats the secret into HMAC key */\n createHmacKey?: CreateHmacKey<T>;\n /** Number of digits in token (default: 6) */\n digits?: number;\n /** Secret encoding (default: ascii) */\n encoding?: KeyEncodings;\n /** Pre-computed digest (use with caution) */\n digest?: string;\n /** v13 crypto plugin (internal use) */\n crypto?: CryptoPlugin;\n /** v13 base32 plugin (internal use) */\n base32?: Base32Plugin;\n};\n\n/**\n * v12-compatible TOTP options\n */\nexport type TOTPOptions<T = string> = HOTPOptions<T> & {\n /** Starting epoch in milliseconds (default: Date.now()) */\n epoch?: number;\n /** Time step in seconds (default: 30) */\n step?: number;\n /** Verification window - number of steps or [past, future] */\n window?: number | [number, number];\n};\n\n/**\n * v12-compatible Authenticator options\n */\nexport type AuthenticatorOptions<T = string> = TOTPOptions<T> & {\n /** Encodes secret to Base32 */\n keyEncoder?: KeyEncoder<T>;\n /** Decodes Base32 secret */\n keyDecoder?: KeyDecoder<T>;\n /** Creates random bytes for secret generation */\n createRandomBytes?: CreateRandomBytes<T>;\n};\n\n/**\n * Resolved HOTP options with guaranteed defaults\n */\nexport type ResolvedHOTPOptions = {\n algorithm: HashAlgorithm;\n digits: number;\n encoding: KeyEncodings;\n crypto: CryptoPlugin;\n base32: Base32Plugin;\n};\n\n/**\n * Resolved TOTP options with guaranteed defaults\n */\nexport type ResolvedTOTPOptions = ResolvedHOTPOptions & {\n epoch: number;\n step: number;\n window: number | [number, number];\n};\n\n/**\n * Resolved Authenticator options with guaranteed defaults\n */\nexport type ResolvedAuthenticatorOptions = ResolvedTOTPOptions & {\n keyEncoder?: KeyEncoder;\n keyDecoder?: KeyDecoder;\n};\n","/**\n * @otplib/v12-adapter\n *\n * v12-compatible TOTP class implementation.\n * Provides synchronous API wrapper around v13's TOTP implementation.\n */\n\nimport { ScureBase32Plugin } from \"@otplib/plugin-base32-scure\";\nimport { NobleCryptoPlugin } from \"@otplib/plugin-crypto-noble\";\nimport {\n generateSync as totpGenerateSync,\n verifySync as totpVerifySync,\n getRemainingTime,\n} from \"@otplib/totp\";\nimport { generateTOTP as generateTOTPURI } from \"@otplib/uri\";\n\nimport { HOTP, secretToBytes } from \"./hotp\";\nimport { HashAlgorithms, KeyEncodings as KeyEncodingsConst } from \"./types\";\n\nimport type { TOTPOptions, SecretKey, ResolvedTOTPOptions } from \"./types\";\nimport type { Digits } from \"@otplib/core\";\n\n/**\n * Default crypto plugin instance\n */\nconst defaultCrypto = new NobleCryptoPlugin();\n\n/**\n * Default base32 plugin instance\n */\nconst defaultBase32 = new ScureBase32Plugin();\n\n/**\n * Parse window option into epochTolerance\n * v12 uses \"window\" as number of steps, v13 uses epochTolerance in seconds\n */\nfunction parseWindow(\n window: number | [number, number] | undefined,\n step: number,\n): number | [number, number] {\n if (window === undefined || window === 0) {\n return 0;\n }\n if (typeof window === \"number\") {\n return window * step;\n }\n // [past, future] steps → [past, future] seconds\n return [window[0] * step, window[1] * step];\n}\n\n/**\n * v12-compatible TOTP class\n *\n * Provides the same API as otplib v12 TOTP class while using v13's\n * implementation internally.\n *\n * @example\n * ```typescript\n * import { TOTP } from '@otplib/v12-adapter';\n *\n * const totp = new TOTP();\n * const secret = 'JBSWY3DPEHPK3PXP';\n * const token = totp.generate(secret);\n * const isValid = totp.check(token, secret);\n * ```\n */\nexport class TOTP<T extends TOTPOptions = TOTPOptions> extends HOTP<T> {\n constructor(defaultOptions: Partial<T> = {}) {\n super(defaultOptions);\n }\n\n /**\n * Creates a new TOTP instance with the specified default options\n */\n override create(defaultOptions: Partial<T> = {}): TOTP<T> {\n return new TOTP<T>(defaultOptions);\n }\n\n /**\n * Returns class options polyfilled with TOTP default values\n */\n override allOptions(): Readonly<ResolvedTOTPOptions> {\n const merged = {\n algorithm: HashAlgorithms.SHA1,\n digits: 6,\n encoding: KeyEncodingsConst.ASCII,\n epoch: Date.now(),\n step: 30,\n window: 0 as number | [number, number],\n crypto: defaultCrypto,\n base32: defaultBase32,\n ...this._defaultOptions,\n ...this._options,\n };\n return Object.freeze(merged) as Readonly<ResolvedTOTPOptions>;\n }\n\n /**\n * Generate a TOTP token\n *\n * @param secret - The secret key\n * @returns The OTP token\n */\n generate(secret: SecretKey): string {\n const opts = this.allOptions();\n const secretBytes = secretToBytes(secret, opts.encoding);\n // v12 uses epoch in milliseconds, always convert to seconds\n const epochSeconds = Math.floor(opts.epoch / 1000);\n\n return totpGenerateSync({\n secret: secretBytes,\n algorithm: opts.algorithm,\n digits: opts.digits as Digits,\n period: opts.step,\n epoch: epochSeconds,\n t0: 0,\n crypto: opts.crypto,\n });\n }\n\n /**\n * Check if a token is valid for the given secret\n *\n * @param token - The token to verify\n * @param secret - The secret key\n * @returns true if valid\n */\n check(token: string, secret: SecretKey): boolean {\n const delta = this.checkDelta(token, secret);\n return typeof delta === \"number\";\n }\n\n /**\n * Check token and return the time window delta\n *\n * @param token - The token to verify\n * @param secret - The secret key\n * @returns Window delta (0 = current, positive = future, negative = past), null if invalid\n */\n checkDelta(token: string, secret: SecretKey): number | null {\n const opts = this.allOptions();\n const secretBytes = secretToBytes(secret, opts.encoding);\n // v12 uses epoch in milliseconds, always convert to seconds\n const epochSeconds = Math.floor(opts.epoch / 1000);\n const step = opts.step;\n const window = opts.window;\n\n const epochTolerance = parseWindow(window, step);\n\n try {\n const result = totpVerifySync({\n secret: secretBytes,\n token,\n algorithm: opts.algorithm,\n digits: opts.digits as Digits,\n period: step,\n epoch: epochSeconds,\n t0: 0,\n epochTolerance,\n crypto: opts.crypto,\n });\n\n if (!result.valid) {\n return null;\n }\n\n // v13 returns delta directly as time step offset\n return result.delta;\n } catch {\n return null;\n }\n }\n\n /**\n * Verify a token (object-based API)\n *\n * @param opts - Verification options\n * @returns true if valid\n */\n verify(opts: { token: string; secret: SecretKey }): boolean {\n if (typeof opts !== \"object\") {\n throw new Error(\"Expecting argument 0 of verify to be an object\");\n }\n return this.check(opts.token, opts.secret);\n }\n\n /**\n * Generate an otpauth:// URI for TOTP\n *\n * @param accountName - Account name for the URI\n * @param issuer - Issuer name\n * @param secret - The secret key (should be Base32 for QR codes)\n * @returns The otpauth:// URI\n */\n keyuri(accountName: string, issuer: string, secret: SecretKey): string {\n const opts = this.allOptions();\n\n return generateTOTPURI({\n label: accountName,\n issuer,\n secret,\n algorithm: opts.algorithm,\n digits: opts.digits as Digits,\n period: opts.step,\n });\n }\n\n /**\n * Get time used in current step (seconds elapsed in current window)\n *\n * @returns Seconds used in current step\n */\n timeUsed(): number {\n const opts = this.allOptions();\n // v12 uses epoch in milliseconds, convert to seconds\n const epochSeconds = Math.floor(opts.epoch / 1000);\n return epochSeconds % opts.step;\n }\n\n /**\n * Get time remaining until next token\n *\n * @returns Seconds remaining in current step\n */\n timeRemaining(): number {\n const opts = this.allOptions();\n // v12 uses epoch in milliseconds, convert to seconds\n const epochSeconds = Math.floor(opts.epoch / 1000);\n return getRemainingTime(epochSeconds, opts.step, 0);\n }\n}\n","/**\n * @otplib/v12-adapter\n *\n * v12-compatible Authenticator class implementation.\n * Provides same API as v12 with Base32 encoding support.\n */\n\nimport { generateSecret as generateSecretCore } from \"@otplib/core\";\nimport { ScureBase32Plugin } from \"@otplib/plugin-base32-scure\";\nimport { NobleCryptoPlugin } from \"@otplib/plugin-crypto-noble\";\nimport { generateSync as totpGenerateSync, verifySync as totpVerifySync } from \"@otplib/totp\";\n\nimport { TOTP } from \"./totp\";\nimport { HashAlgorithms, KeyEncodings as KeyEncodingsConst } from \"./types\";\n\nimport type {\n AuthenticatorOptions,\n Base32SecretKey,\n SecretKey,\n KeyEncodings,\n ResolvedAuthenticatorOptions,\n} from \"./types\";\nimport type { Digits } from \"@otplib/core\";\n\n/**\n * Default crypto plugin instance\n */\nconst defaultCrypto = new NobleCryptoPlugin();\n\n/**\n * Default base32 plugin instance\n */\nconst defaultBase32 = new ScureBase32Plugin();\n\n/**\n * Default key encoder - encodes raw bytes to Base32\n */\nfunction defaultKeyEncoder(secret: SecretKey, _encoding: KeyEncodings): Base32SecretKey {\n const bytes = new TextEncoder().encode(secret);\n return defaultBase32.encode(bytes);\n}\n\n/**\n * Default key decoder - decodes Base32 to string\n */\nfunction defaultKeyDecoder(encodedSecret: Base32SecretKey, _encoding: KeyEncodings): SecretKey {\n const bytes = defaultBase32.decode(encodedSecret);\n return new TextDecoder().decode(bytes);\n}\n\n/**\n * v12-compatible Authenticator class\n *\n * The Authenticator class is a TOTP variant that uses Base32-encoded secrets\n * by default, making it compatible with Google Authenticator and similar apps.\n *\n * @example\n * ```typescript\n * import { Authenticator } from '@otplib/v12-adapter';\n *\n * const authenticator = new Authenticator();\n * const secret = authenticator.generateSecret();\n * const token = authenticator.generate(secret);\n * const isValid = authenticator.check(token, secret);\n * const uri = authenticator.keyuri('user@example.com', 'MyApp', secret);\n * ```\n */\nexport class Authenticator<T extends AuthenticatorOptions = AuthenticatorOptions> extends TOTP<T> {\n constructor(defaultOptions: Partial<T> = {}) {\n super(defaultOptions);\n }\n\n /**\n * Creates a new Authenticator instance with the specified default options\n */\n override create(defaultOptions: Partial<T> = {}): Authenticator<T> {\n return new Authenticator<T>(defaultOptions);\n }\n\n /**\n * Returns class options polyfilled with Authenticator default values\n */\n override allOptions(): Readonly<ResolvedAuthenticatorOptions> {\n const merged = {\n algorithm: HashAlgorithms.SHA1,\n digits: 6,\n encoding: KeyEncodingsConst.HEX,\n epoch: Date.now(),\n step: 30,\n window: 0 as number | [number, number],\n keyEncoder: defaultKeyEncoder,\n keyDecoder: defaultKeyDecoder,\n crypto: defaultCrypto,\n base32: defaultBase32,\n ...this._defaultOptions,\n ...this._options,\n };\n return Object.freeze(merged) as Readonly<ResolvedAuthenticatorOptions>;\n }\n\n /**\n * Generate an OTP token from a Base32 secret\n *\n * @param secret - Base32-encoded secret\n * @returns The OTP token\n */\n override generate(secret: Base32SecretKey): string {\n const opts = this.allOptions();\n\n // Generate using decoded secret (as raw bytes)\n const secretBytes = defaultBase32.decode(secret);\n const epoch = opts.epoch;\n const epochSeconds = epoch >= 1e12 ? Math.floor(epoch / 1000) : epoch;\n\n return totpGenerateSync({\n secret: secretBytes,\n algorithm: opts.algorithm,\n digits: opts.digits as Digits,\n period: opts.step,\n epoch: epochSeconds,\n t0: 0,\n crypto: opts.crypto,\n });\n }\n\n /**\n * Check if a token is valid for the given Base32 secret\n *\n * @param token - The token to verify\n * @param secret - Base32-encoded secret\n * @returns true if valid\n */\n override check(token: string, secret: Base32SecretKey): boolean {\n const delta = this.checkDelta(token, secret);\n return typeof delta === \"number\";\n }\n\n /**\n * Check token and return the time window delta\n *\n * @param token - The token to verify\n * @param secret - Base32-encoded secret\n * @returns Window delta (0 = current, positive = future, negative = past), null if invalid\n */\n override checkDelta(token: string, secret: Base32SecretKey): number | null {\n const opts = this.allOptions();\n const secretBytes = defaultBase32.decode(secret);\n const epoch = opts.epoch;\n const epochSeconds = epoch >= 1e12 ? Math.floor(epoch / 1000) : epoch;\n const step = opts.step;\n const window = opts.window;\n\n // Convert window (steps) to epochTolerance (seconds)\n let epochTolerance: number | [number, number] = 0;\n if (typeof window === \"number\") {\n epochTolerance = window * step;\n } else if (Array.isArray(window)) {\n epochTolerance = [window[0] * step, window[1] * step];\n }\n\n try {\n const result = totpVerifySync({\n secret: secretBytes,\n token,\n algorithm: opts.algorithm,\n digits: opts.digits as Digits,\n period: step,\n epoch: epochSeconds,\n t0: 0,\n epochTolerance,\n crypto: opts.crypto,\n });\n\n if (!result.valid) {\n return null;\n }\n\n return result.delta;\n } catch {\n return null;\n }\n }\n\n /**\n * Verify a token (object-based API)\n *\n * @param opts - Verification options\n * @returns true if valid\n */\n override verify(opts: { token: string; secret: Base32SecretKey }): boolean {\n if (typeof opts !== \"object\") {\n throw new Error(\"Expecting argument 0 of verify to be an object\");\n }\n return this.check(opts.token, opts.secret);\n }\n\n /**\n * Encode a raw secret to Base32\n *\n * @param secret - Raw secret string\n * @returns Base32-encoded secret\n */\n encode(secret: SecretKey): Base32SecretKey {\n const opts = this.allOptions();\n if (opts.keyEncoder) {\n return opts.keyEncoder(secret, opts.encoding);\n }\n return defaultKeyEncoder(secret, opts.encoding);\n }\n\n /**\n * Decode a Base32 secret to raw string\n *\n * @param secret - Base32-encoded secret\n * @returns Raw secret string\n */\n decode(secret: Base32SecretKey): SecretKey {\n const opts = this.allOptions();\n if (opts.keyDecoder) {\n return opts.keyDecoder(secret, opts.encoding);\n }\n return defaultKeyDecoder(secret, opts.encoding);\n }\n\n /**\n * Generate a random Base32-encoded secret\n *\n * @param numberOfBytes - Number of bytes for the secret (default: 20)\n * @returns Base32-encoded secret\n */\n generateSecret(numberOfBytes: number = 20): Base32SecretKey {\n const opts = this.allOptions();\n return generateSecretCore({\n crypto: opts.crypto,\n base32: opts.base32,\n length: numberOfBytes,\n });\n }\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;;ACOA,kBAA2E;AAC3E,kBAA+E;AAC/E,iCAAkC;AAClC,iCAAkC;AAClC,iBAAgD;;;ACCzC,IAAM,iBAAiB;AAAA,EAC5B,MAAM;AAAA,EACN,QAAQ;AAAA,EACR,QAAQ;AACV;AAOO,IAAM,eAAe;AAAA,EAC1B,OAAO;AAAA,EACP,KAAK;AAAA,EACL,QAAQ;AAAA,EACR,QAAQ;AAAA,EACR,QAAQ;AAAA,EACR,MAAM;AACR;;;ADTA,IAAM,gBAAgB,IAAI,6CAAkB;AAK5C,IAAM,gBAAgB,IAAI,6CAAkB;AAMrC,SAAS,cAAc,QAAmB,UAA+B;AAC9E,MAAI,aAAa,aAAkB,UAAU,aAAa,UAAU;AAClE,WAAO,cAAc,OAAO,MAAM;AAAA,EACpC;AACA,MAAI,aAAa,aAAkB,OAAO,aAAa,OAAO;AAC5D,eAAO,wBAAW,OAAO,QAAQ,OAAO,EAAE,CAAC;AAAA,EAC7C;AAEA,aAAO,2BAAc,MAAM;AAC7B;AAMO,SAAS,kBAAkB,WAAmB,QAAwB;AAC3E,QAAM,kBAAc,wBAAW,SAAS;AACxC,QAAM,gBAAY,6BAAgB,WAAW;AAC7C,aAAO,4BAAe,WAAW,MAAM;AACzC;AAkBO,IAAM,OAAN,MAAM,MAA0C;AAAA;AAAA;AAAA;AAAA,EAI3C,WAAuB,CAAC;AAAA;AAAA;AAAA;AAAA,EAKxB,kBAA8B,CAAC;AAAA,EAEzC,YAAY,iBAA6B,CAAC,GAAG;AAC3C,SAAK,kBAAkB,EAAE,GAAG,eAAe;AAC3C,SAAK,WAAW,CAAC;AAAA,EACnB;AAAA;AAAA;AAAA;AAAA,EAKA,IAAI,UAAsB;AACxB,WAAO,EAAE,GAAG,KAAK,iBAAiB,GAAG,KAAK,SAAS;AAAA,EACrD;AAAA;AAAA;AAAA;AAAA,EAKA,IAAI,QAAQ,OAAmB;AAC7B,SAAK,WAAW,EAAE,GAAG,MAAM;AAAA,EAC7B;AAAA;AAAA;AAAA;AAAA,EAKA,OAAO,iBAA6B,CAAC,GAAY;AAC/C,WAAO,IAAI,MAAQ,cAAc;AAAA,EACnC;AAAA;AAAA;AAAA;AAAA,EAKA,aAA4C;AAC1C,UAAM,SAAS;AAAA,MACb,WAAW,eAAe;AAAA,MAC1B,QAAQ;AAAA,MACR,UAAU,aAAkB;AAAA,MAC5B,QAAQ;AAAA,MACR,QAAQ;AAAA,MACR,GAAG,KAAK;AAAA,MACR,GAAG,KAAK;AAAA,IACV;AACA,WAAO,OAAO,OAAO,MAAM;AAAA,EAC7B;AAAA;AAAA;AAAA;AAAA,EAKA,eAAqB;AACnB,SAAK,WAAW,CAAC;AACjB,WAAO;AAAA,EACT;AAAA;AAAA;AAAA;AAAA,EAKA,SAAS,QAAmB,SAAyB;AACnD,UAAM,OAAO,KAAK,WAAW;AAC7B,UAAM,cAAc,cAAc,QAAQ,KAAK,QAAQ;AAEvD,eAAO,YAAAA,cAAiB;AAAA,MACtB,QAAQ;AAAA,MACR;AAAA,MACA,WAAW,KAAK;AAAA,MAChB,QAAQ,KAAK;AAAA,MACb,QAAQ,KAAK;AAAA,IACf,CAAC;AAAA,EACH;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,OAAe,QAAmB,SAA0B;AAChE,UAAM,OAAO,KAAK,WAAW;AAC7B,UAAM,cAAc,cAAc,QAAQ,KAAK,QAAQ;AAEvD,QAAI;AACF,YAAM,aAAS,YAAAC,YAAe;AAAA,QAC5B,QAAQ;AAAA,QACR;AAAA,QACA;AAAA,QACA,WAAW,KAAK;AAAA,QAChB,QAAQ,KAAK;AAAA,QACb,kBAAkB;AAAA,QAClB,QAAQ,KAAK;AAAA,MACf,CAAC;AAED,aAAO,OAAO;AAAA,IAChB,QAAQ;AACN,aAAO;AAAA,IACT;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,OAAO,MAAsE;AAC3E,QAAI,OAAO,SAAS,UAAU;AAC5B,YAAM,IAAI,MAAM,gDAAgD;AAAA,IAClE;AACA,WAAO,KAAK,MAAM,KAAK,OAAO,KAAK,QAAQ,KAAK,OAAO;AAAA,EACzD;AAAA;AAAA;AAAA;AAAA,EAKA,OAAO,aAAqB,QAAgB,QAAmB,SAAyB;AACtF,UAAM,OAAO,KAAK,WAAW;AAE7B,eAAO,WAAAC,cAAgB;AAAA,MACrB,OAAO;AAAA,MACP;AAAA,MACA;AAAA,MACA,WAAW,KAAK;AAAA,MAChB,QAAQ,KAAK;AAAA,MACb;AAAA,IACF,CAAC;AAAA,EACH;AACF;;;AE5LA,IAAAC,8BAAkC;AAClC,IAAAC,8BAAkC;AAClC,kBAIO;AACP,IAAAC,cAAgD;AAWhD,IAAMC,iBAAgB,IAAI,8CAAkB;AAK5C,IAAMC,iBAAgB,IAAI,8CAAkB;AAM5C,SAAS,YACP,QACA,MAC2B;AAC3B,MAAI,WAAW,UAAa,WAAW,GAAG;AACxC,WAAO;AAAA,EACT;AACA,MAAI,OAAO,WAAW,UAAU;AAC9B,WAAO,SAAS;AAAA,EAClB;AAEA,SAAO,CAAC,OAAO,CAAC,IAAI,MAAM,OAAO,CAAC,IAAI,IAAI;AAC5C;AAkBO,IAAM,OAAN,MAAM,cAAkD,KAAQ;AAAA,EACrE,YAAY,iBAA6B,CAAC,GAAG;AAC3C,UAAM,cAAc;AAAA,EACtB;AAAA;AAAA;AAAA;AAAA,EAKS,OAAO,iBAA6B,CAAC,GAAY;AACxD,WAAO,IAAI,MAAQ,cAAc;AAAA,EACnC;AAAA;AAAA;AAAA;AAAA,EAKS,aAA4C;AACnD,UAAM,SAAS;AAAA,MACb,WAAW,eAAe;AAAA,MAC1B,QAAQ;AAAA,MACR,UAAU,aAAkB;AAAA,MAC5B,OAAO,KAAK,IAAI;AAAA,MAChB,MAAM;AAAA,MACN,QAAQ;AAAA,MACR,QAAQD;AAAA,MACR,QAAQC;AAAA,MACR,GAAG,KAAK;AAAA,MACR,GAAG,KAAK;AAAA,IACV;AACA,WAAO,OAAO,OAAO,MAAM;AAAA,EAC7B;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQA,SAAS,QAA2B;AAClC,UAAM,OAAO,KAAK,WAAW;AAC7B,UAAM,cAAc,cAAc,QAAQ,KAAK,QAAQ;AAEvD,UAAM,eAAe,KAAK,MAAM,KAAK,QAAQ,GAAI;AAEjD,eAAO,YAAAC,cAAiB;AAAA,MACtB,QAAQ;AAAA,MACR,WAAW,KAAK;AAAA,MAChB,QAAQ,KAAK;AAAA,MACb,QAAQ,KAAK;AAAA,MACb,OAAO;AAAA,MACP,IAAI;AAAA,MACJ,QAAQ,KAAK;AAAA,IACf,CAAC;AAAA,EACH;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EASA,MAAM,OAAe,QAA4B;AAC/C,UAAM,QAAQ,KAAK,WAAW,OAAO,MAAM;AAC3C,WAAO,OAAO,UAAU;AAAA,EAC1B;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EASA,WAAW,OAAe,QAAkC;AAC1D,UAAM,OAAO,KAAK,WAAW;AAC7B,UAAM,cAAc,cAAc,QAAQ,KAAK,QAAQ;AAEvD,UAAM,eAAe,KAAK,MAAM,KAAK,QAAQ,GAAI;AACjD,UAAM,OAAO,KAAK;AAClB,UAAM,SAAS,KAAK;AAEpB,UAAM,iBAAiB,YAAY,QAAQ,IAAI;AAE/C,QAAI;AACF,YAAM,aAAS,YAAAC,YAAe;AAAA,QAC5B,QAAQ;AAAA,QACR;AAAA,QACA,WAAW,KAAK;AAAA,QAChB,QAAQ,KAAK;AAAA,QACb,QAAQ;AAAA,QACR,OAAO;AAAA,QACP,IAAI;AAAA,QACJ;AAAA,QACA,QAAQ,KAAK;AAAA,MACf,CAAC;AAED,UAAI,CAAC,OAAO,OAAO;AACjB,eAAO;AAAA,MACT;AAGA,aAAO,OAAO;AAAA,IAChB,QAAQ;AACN,aAAO;AAAA,IACT;AAAA,EACF;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQA,OAAO,MAAqD;AAC1D,QAAI,OAAO,SAAS,UAAU;AAC5B,YAAM,IAAI,MAAM,gDAAgD;AAAA,IAClE;AACA,WAAO,KAAK,MAAM,KAAK,OAAO,KAAK,MAAM;AAAA,EAC3C;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAUA,OAAO,aAAqB,QAAgB,QAA2B;AACrE,UAAM,OAAO,KAAK,WAAW;AAE7B,eAAO,YAAAC,cAAgB;AAAA,MACrB,OAAO;AAAA,MACP;AAAA,MACA;AAAA,MACA,WAAW,KAAK;AAAA,MAChB,QAAQ,KAAK;AAAA,MACb,QAAQ,KAAK;AAAA,IACf,CAAC;AAAA,EACH;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,WAAmB;AACjB,UAAM,OAAO,KAAK,WAAW;AAE7B,UAAM,eAAe,KAAK,MAAM,KAAK,QAAQ,GAAI;AACjD,WAAO,eAAe,KAAK;AAAA,EAC7B;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,gBAAwB;AACtB,UAAM,OAAO,KAAK,WAAW;AAE7B,UAAM,eAAe,KAAK,MAAM,KAAK,QAAQ,GAAI;AACjD,eAAO,8BAAiB,cAAc,KAAK,MAAM,CAAC;AAAA,EACpD;AACF;;;AC/NA,IAAAC,eAAqD;AACrD,IAAAC,8BAAkC;AAClC,IAAAC,8BAAkC;AAClC,IAAAC,eAA+E;AAiB/E,IAAMC,iBAAgB,IAAI,8CAAkB;AAK5C,IAAMC,iBAAgB,IAAI,8CAAkB;AAK5C,SAAS,kBAAkB,QAAmB,WAA0C;AACtF,QAAM,QAAQ,IAAI,YAAY,EAAE,OAAO,MAAM;AAC7C,SAAOA,eAAc,OAAO,KAAK;AACnC;AAKA,SAAS,kBAAkB,eAAgC,WAAoC;AAC7F,QAAM,QAAQA,eAAc,OAAO,aAAa;AAChD,SAAO,IAAI,YAAY,EAAE,OAAO,KAAK;AACvC;AAmBO,IAAM,gBAAN,MAAM,uBAA6E,KAAQ;AAAA,EAChG,YAAY,iBAA6B,CAAC,GAAG;AAC3C,UAAM,cAAc;AAAA,EACtB;AAAA;AAAA;AAAA;AAAA,EAKS,OAAO,iBAA6B,CAAC,GAAqB;AACjE,WAAO,IAAI,eAAiB,cAAc;AAAA,EAC5C;AAAA;AAAA;AAAA;AAAA,EAKS,aAAqD;AAC5D,UAAM,SAAS;AAAA,MACb,WAAW,eAAe;AAAA,MAC1B,QAAQ;AAAA,MACR,UAAU,aAAkB;AAAA,MAC5B,OAAO,KAAK,IAAI;AAAA,MAChB,MAAM;AAAA,MACN,QAAQ;AAAA,MACR,YAAY;AAAA,MACZ,YAAY;AAAA,MACZ,QAAQD;AAAA,MACR,QAAQC;AAAA,MACR,GAAG,KAAK;AAAA,MACR,GAAG,KAAK;AAAA,IACV;AACA,WAAO,OAAO,OAAO,MAAM;AAAA,EAC7B;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQS,SAAS,QAAiC;AACjD,UAAM,OAAO,KAAK,WAAW;AAG7B,UAAM,cAAcA,eAAc,OAAO,MAAM;AAC/C,UAAM,QAAQ,KAAK;AACnB,UAAM,eAAe,SAAS,OAAO,KAAK,MAAM,QAAQ,GAAI,IAAI;AAEhE,eAAO,aAAAC,cAAiB;AAAA,MACtB,QAAQ;AAAA,MACR,WAAW,KAAK;AAAA,MAChB,QAAQ,KAAK;AAAA,MACb,QAAQ,KAAK;AAAA,MACb,OAAO;AAAA,MACP,IAAI;AAAA,MACJ,QAAQ,KAAK;AAAA,IACf,CAAC;AAAA,EACH;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EASS,MAAM,OAAe,QAAkC;AAC9D,UAAM,QAAQ,KAAK,WAAW,OAAO,MAAM;AAC3C,WAAO,OAAO,UAAU;AAAA,EAC1B;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EASS,WAAW,OAAe,QAAwC;AACzE,UAAM,OAAO,KAAK,WAAW;AAC7B,UAAM,cAAcD,eAAc,OAAO,MAAM;AAC/C,UAAM,QAAQ,KAAK;AACnB,UAAM,eAAe,SAAS,OAAO,KAAK,MAAM,QAAQ,GAAI,IAAI;AAChE,UAAM,OAAO,KAAK;AAClB,UAAM,SAAS,KAAK;AAGpB,QAAI,iBAA4C;AAChD,QAAI,OAAO,WAAW,UAAU;AAC9B,uBAAiB,SAAS;AAAA,IAC5B,WAAW,MAAM,QAAQ,MAAM,GAAG;AAChC,uBAAiB,CAAC,OAAO,CAAC,IAAI,MAAM,OAAO,CAAC,IAAI,IAAI;AAAA,IACtD;AAEA,QAAI;AACF,YAAM,aAAS,aAAAE,YAAe;AAAA,QAC5B,QAAQ;AAAA,QACR;AAAA,QACA,WAAW,KAAK;AAAA,QAChB,QAAQ,KAAK;AAAA,QACb,QAAQ;AAAA,QACR,OAAO;AAAA,QACP,IAAI;AAAA,QACJ;AAAA,QACA,QAAQ,KAAK;AAAA,MACf,CAAC;AAED,UAAI,CAAC,OAAO,OAAO;AACjB,eAAO;AAAA,MACT;AAEA,aAAO,OAAO;AAAA,IAChB,QAAQ;AACN,aAAO;AAAA,IACT;AAAA,EACF;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQS,OAAO,MAA2D;AACzE,QAAI,OAAO,SAAS,UAAU;AAC5B,YAAM,IAAI,MAAM,gDAAgD;AAAA,IAClE;AACA,WAAO,KAAK,MAAM,KAAK,OAAO,KAAK,MAAM;AAAA,EAC3C;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQA,OAAO,QAAoC;AACzC,UAAM,OAAO,KAAK,WAAW;AAC7B,QAAI,KAAK,YAAY;AACnB,aAAO,KAAK,WAAW,QAAQ,KAAK,QAAQ;AAAA,IAC9C;AACA,WAAO,kBAAkB,QAAQ,KAAK,QAAQ;AAAA,EAChD;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQA,OAAO,QAAoC;AACzC,UAAM,OAAO,KAAK,WAAW;AAC7B,QAAI,KAAK,YAAY;AACnB,aAAO,KAAK,WAAW,QAAQ,KAAK,QAAQ;AAAA,IAC9C;AACA,WAAO,kBAAkB,QAAQ,KAAK,QAAQ;AAAA,EAChD;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQA,eAAe,gBAAwB,IAAqB;AAC1D,UAAM,OAAO,KAAK,WAAW;AAC7B,eAAO,aAAAC,gBAAmB;AAAA,MACxB,QAAQ,KAAK;AAAA,MACb,QAAQ,KAAK;AAAA,MACb,QAAQ;AAAA,IACV,CAAC;AAAA,EACH;AACF;;;AJ3IA,IAAAC,8BAAkC;AAClC,IAAAC,8BAAkC;AA/B3B,IAAM,OAAO,IAAI,KAAK;AAatB,IAAM,OAAO,IAAI,KAAK;AActB,IAAM,gBAAgB,IAAI,cAAc;","names":["hotpGenerateSync","hotpVerifySync","generateHOTPURI","import_plugin_base32_scure","import_plugin_crypto_noble","import_uri","defaultCrypto","defaultBase32","totpGenerateSync","totpVerifySync","generateTOTPURI","import_core","import_plugin_base32_scure","import_plugin_crypto_noble","import_totp","defaultCrypto","defaultBase32","totpGenerateSync","totpVerifySync","generateSecretCore","import_plugin_crypto_noble","import_plugin_base32_scure"]}

package/dist/index.d.cts ADDED Viewed

@@ -0,0 +1,427 @@
+import { HashAlgorithm, CryptoPlugin, Base32Plugin } from '@otplib/core';
+export { NobleCryptoPlugin } from '@otplib/plugin-crypto-noble';
+export { ScureBase32Plugin } from '@otplib/plugin-base32-scure';
+/**
+ * @otplib/v12-adapter
+ *
+ * v12-compatible type definitions for migration adapter.
+ * These types mirror the v12 API to provide drop-in compatibility.
+ */
+/**
+ * v12-style hash algorithms constant
+ */
+declare const HashAlgorithms: {
+    readonly SHA1: "sha1";
+    readonly SHA256: "sha256";
+    readonly SHA512: "sha512";
+};
+type HashAlgorithms = (typeof HashAlgorithms)[keyof typeof HashAlgorithms];
+/**
+ * v12-style key encodings constant
+ */
+declare const KeyEncodings: {
+    readonly ASCII: "ascii";
+    readonly HEX: "hex";
+    readonly BASE32: "base32";
+    readonly BASE64: "base64";
+    readonly LATIN1: "latin1";
+    readonly UTF8: "utf8";
+};
+type KeyEncodings = (typeof KeyEncodings)[keyof typeof KeyEncodings];
+/**
+ * v12-style secret key type (string-based)
+ */
+type SecretKey = string;
+/**
+ * Base32 encoded secret key
+ */
+type Base32SecretKey = string;
+/**
+ * v12-style createDigest function signature
+ */
+type CreateDigest<T = string> = (algorithm: HashAlgorithm, hmacKey: T, counter: T) => T;
+/**
+ * v12-style createHmacKey function signature
+ */
+type CreateHmacKey<T = string> = (algorithm: HashAlgorithm, secret: SecretKey, encoding: KeyEncodings) => T;
+/**
+ * v12-style createRandomBytes function signature
+ */
+type CreateRandomBytes<T = string> = (size: number, encoding: KeyEncodings) => T;
+/**
+ * v12-style keyEncoder function signature
+ */
+type KeyEncoder<T = Base32SecretKey> = (secret: SecretKey, encoding: KeyEncodings) => T;
+/**
+ * v12-style keyDecoder function signature
+ */
+type KeyDecoder<T = SecretKey> = (encodedSecret: Base32SecretKey, encoding: KeyEncodings) => T;
+/**
+ * v12-compatible HOTP options
+ */
+type HOTPOptions<T = string> = {
+    /** Algorithm for HMAC (default: sha1) */
+    algorithm?: HashAlgorithm;
+    /** Creates the digest for token generation */
+    createDigest?: CreateDigest<T>;
+    /** Formats the secret into HMAC key */
+    createHmacKey?: CreateHmacKey<T>;
+    /** Number of digits in token (default: 6) */
+    digits?: number;
+    /** Secret encoding (default: ascii) */
+    encoding?: KeyEncodings;
+    /** Pre-computed digest (use with caution) */
+    digest?: string;
+    /** v13 crypto plugin (internal use) */
+    crypto?: CryptoPlugin;
+    /** v13 base32 plugin (internal use) */
+    base32?: Base32Plugin;
+};
+/**
+ * v12-compatible TOTP options
+ */
+type TOTPOptions<T = string> = HOTPOptions<T> & {
+    /** Starting epoch in milliseconds (default: Date.now()) */
+    epoch?: number;
+    /** Time step in seconds (default: 30) */
+    step?: number;
+    /** Verification window - number of steps or [past, future] */
+    window?: number | [number, number];
+};
+/**
+ * v12-compatible Authenticator options
+ */
+type AuthenticatorOptions<T = string> = TOTPOptions<T> & {
+    /** Encodes secret to Base32 */
+    keyEncoder?: KeyEncoder<T>;
+    /** Decodes Base32 secret */
+    keyDecoder?: KeyDecoder<T>;
+    /** Creates random bytes for secret generation */
+    createRandomBytes?: CreateRandomBytes<T>;
+};
+/**
+ * Resolved HOTP options with guaranteed defaults
+ */
+type ResolvedHOTPOptions = {
+    algorithm: HashAlgorithm;
+    digits: number;
+    encoding: KeyEncodings;
+    crypto: CryptoPlugin;
+    base32: Base32Plugin;
+};
+/**
+ * Resolved TOTP options with guaranteed defaults
+ */
+type ResolvedTOTPOptions = ResolvedHOTPOptions & {
+    epoch: number;
+    step: number;
+    window: number | [number, number];
+};
+/**
+ * Resolved Authenticator options with guaranteed defaults
+ */
+type ResolvedAuthenticatorOptions = ResolvedTOTPOptions & {
+    keyEncoder?: KeyEncoder;
+    keyDecoder?: KeyDecoder;
+};
+/**
+ * @otplib/v12-adapter
+ *
+ * v12-compatible HOTP class implementation.
+ * Provides synchronous API wrapper around v13's HOTP implementation.
+ */
+/**
+ * Converts a digest to a token of a specified length.
+ * Uses dynamicTruncate and truncateDigits from core.
+ */
+declare function hotpDigestToToken(hexDigest: string, digits: number): string;
+/**
+ * v12-compatible HOTP class
+ *
+ * Provides the same API as otplib v12 HOTP class while using v13's
+ * implementation internally.
+ *
+ * @example
+ * ```typescript
+ * import { HOTP } from '@otplib/v12-adapter';
+ *
+ * const hotp = new HOTP();
+ * const secret = 'JBSWY3DPEHPK3PXP';
+ * const token = hotp.generate(secret, 0);
+ * const isValid = hotp.check(token, secret, 0);
+ * ```
+ */
+declare class HOTP<T extends HOTPOptions = HOTPOptions> {
+    /**
+     * Stored options that can be modified
+     */
+    protected _options: Partial<T>;
+    /**
+     * Default options applied to all operations
+     */
+    protected _defaultOptions: Partial<T>;
+    constructor(defaultOptions?: Partial<T>);
+    /**
+     * Get current options (merged with defaults)
+     */
+    get options(): Partial<T>;
+    /**
+     * Set options (replaces current options)
+     */
+    set options(value: Partial<T>);
+    /**
+     * Creates a new instance with the specified default options
+     */
+    create(defaultOptions?: Partial<T>): HOTP<T>;
+    /**
+     * Returns class options polyfilled with default values
+     */
+    allOptions(): Readonly<ResolvedHOTPOptions>;
+    /**
+     * Reset options to defaults
+     */
+    resetOptions(): this;
+    /**
+     * Generate an HOTP token
+     */
+    generate(secret: SecretKey, counter: number): string;
+    /**
+     * Check if a token is valid for the given secret and counter
+     */
+    check(token: string, secret: SecretKey, counter: number): boolean;
+    /**
+     * Verify a token (object-based API)
+     */
+    verify(opts: {
+        token: string;
+        secret: SecretKey;
+        counter: number;
+    }): boolean;
+    /**
+     * Generate an otpauth:// URI for HOTP
+     */
+    keyuri(accountName: string, issuer: string, secret: SecretKey, counter: number): string;
+}
+/**
+ * @otplib/v12-adapter
+ *
+ * v12-compatible TOTP class implementation.
+ * Provides synchronous API wrapper around v13's TOTP implementation.
+ */
+/**
+ * v12-compatible TOTP class
+ *
+ * Provides the same API as otplib v12 TOTP class while using v13's
+ * implementation internally.
+ *
+ * @example
+ * ```typescript
+ * import { TOTP } from '@otplib/v12-adapter';
+ *
+ * const totp = new TOTP();
+ * const secret = 'JBSWY3DPEHPK3PXP';
+ * const token = totp.generate(secret);
+ * const isValid = totp.check(token, secret);
+ * ```
+ */
+declare class TOTP<T extends TOTPOptions = TOTPOptions> extends HOTP<T> {
+    constructor(defaultOptions?: Partial<T>);
+    /**
+     * Creates a new TOTP instance with the specified default options
+     */
+    create(defaultOptions?: Partial<T>): TOTP<T>;
+    /**
+     * Returns class options polyfilled with TOTP default values
+     */
+    allOptions(): Readonly<ResolvedTOTPOptions>;
+    /**
+     * Generate a TOTP token
+     *
+     * @param secret - The secret key
+     * @returns The OTP token
+     */
+    generate(secret: SecretKey): string;
+    /**
+     * Check if a token is valid for the given secret
+     *
+     * @param token - The token to verify
+     * @param secret - The secret key
+     * @returns true if valid
+     */
+    check(token: string, secret: SecretKey): boolean;
+    /**
+     * Check token and return the time window delta
+     *
+     * @param token - The token to verify
+     * @param secret - The secret key
+     * @returns Window delta (0 = current, positive = future, negative = past), null if invalid
+     */
+    checkDelta(token: string, secret: SecretKey): number | null;
+    /**
+     * Verify a token (object-based API)
+     *
+     * @param opts - Verification options
+     * @returns true if valid
+     */
+    verify(opts: {
+        token: string;
+        secret: SecretKey;
+    }): boolean;
+    /**
+     * Generate an otpauth:// URI for TOTP
+     *
+     * @param accountName - Account name for the URI
+     * @param issuer - Issuer name
+     * @param secret - The secret key (should be Base32 for QR codes)
+     * @returns The otpauth:// URI
+     */
+    keyuri(accountName: string, issuer: string, secret: SecretKey): string;
+    /**
+     * Get time used in current step (seconds elapsed in current window)
+     *
+     * @returns Seconds used in current step
+     */
+    timeUsed(): number;
+    /**
+     * Get time remaining until next token
+     *
+     * @returns Seconds remaining in current step
+     */
+    timeRemaining(): number;
+}
+/**
+ * @otplib/v12-adapter
+ *
+ * v12-compatible Authenticator class implementation.
+ * Provides same API as v12 with Base32 encoding support.
+ */
+/**
+ * v12-compatible Authenticator class
+ *
+ * The Authenticator class is a TOTP variant that uses Base32-encoded secrets
+ * by default, making it compatible with Google Authenticator and similar apps.
+ *
+ * @example
+ * ```typescript
+ * import { Authenticator } from '@otplib/v12-adapter';
+ *
+ * const authenticator = new Authenticator();
+ * const secret = authenticator.generateSecret();
+ * const token = authenticator.generate(secret);
+ * const isValid = authenticator.check(token, secret);
+ * const uri = authenticator.keyuri('user@example.com', 'MyApp', secret);
+ * ```
+ */
+declare class Authenticator<T extends AuthenticatorOptions = AuthenticatorOptions> extends TOTP<T> {
+    constructor(defaultOptions?: Partial<T>);
+    /**
+     * Creates a new Authenticator instance with the specified default options
+     */
+    create(defaultOptions?: Partial<T>): Authenticator<T>;
+    /**
+     * Returns class options polyfilled with Authenticator default values
+     */
+    allOptions(): Readonly<ResolvedAuthenticatorOptions>;
+    /**
+     * Generate an OTP token from a Base32 secret
+     *
+     * @param secret - Base32-encoded secret
+     * @returns The OTP token
+     */
+    generate(secret: Base32SecretKey): string;
+    /**
+     * Check if a token is valid for the given Base32 secret
+     *
+     * @param token - The token to verify
+     * @param secret - Base32-encoded secret
+     * @returns true if valid
+     */
+    check(token: string, secret: Base32SecretKey): boolean;
+    /**
+     * Check token and return the time window delta
+     *
+     * @param token - The token to verify
+     * @param secret - Base32-encoded secret
+     * @returns Window delta (0 = current, positive = future, negative = past), null if invalid
+     */
+    checkDelta(token: string, secret: Base32SecretKey): number | null;
+    /**
+     * Verify a token (object-based API)
+     *
+     * @param opts - Verification options
+     * @returns true if valid
+     */
+    verify(opts: {
+        token: string;
+        secret: Base32SecretKey;
+    }): boolean;
+    /**
+     * Encode a raw secret to Base32
+     *
+     * @param secret - Raw secret string
+     * @returns Base32-encoded secret
+     */
+    encode(secret: SecretKey): Base32SecretKey;
+    /**
+     * Decode a Base32 secret to raw string
+     *
+     * @param secret - Base32-encoded secret
+     * @returns Raw secret string
+     */
+    decode(secret: Base32SecretKey): SecretKey;
+    /**
+     * Generate a random Base32-encoded secret
+     *
+     * @param numberOfBytes - Number of bytes for the secret (default: 20)
+     * @returns Base32-encoded secret
+     */
+    generateSecret(numberOfBytes?: number): Base32SecretKey;
+}
+/**
+ * Pre-configured HOTP instance
+ *
+ * @example
+ * ```typescript
+ * import { hotp } from '@otplib/v12-adapter';
+ *
+ * const token = hotp.generate('JBSWY3DPEHPK3PXP', 0);
+ * const isValid = hotp.check(token, 'JBSWY3DPEHPK3PXP', 0);
+ * ```
+ */
+declare const hotp: HOTP<HOTPOptions>;
+/**
+ * Pre-configured TOTP instance
+ *
+ * @example
+ * ```typescript
+ * import { totp } from '@otplib/v12-adapter';
+ *
+ * const token = totp.generate('JBSWY3DPEHPK3PXP');
+ * const isValid = totp.check(token, 'JBSWY3DPEHPK3PXP');
+ * ```
+ */
+declare const totp: TOTP<TOTPOptions>;
+/**
+ * Pre-configured Authenticator instance
+ *
+ * @example
+ * ```typescript
+ * import { authenticator } from '@otplib/v12-adapter';
+ *
+ * const secret = authenticator.generateSecret();
+ * const token = authenticator.generate(secret);
+ * const isValid = authenticator.check(token, secret);
+ * ```
+ */
+declare const authenticator: Authenticator<AuthenticatorOptions>;
+export { Authenticator, type AuthenticatorOptions, type Base32SecretKey, type CreateDigest, type CreateHmacKey, type CreateRandomBytes, HOTP, type HOTPOptions, HashAlgorithms, type KeyDecoder, type KeyEncoder, KeyEncodings, type SecretKey, TOTP, type TOTPOptions, authenticator, hotp, hotpDigestToToken, totp };