foronce 0.0.0

package/README.md

@@ -0,0 +1 @@
+# foronce

package/dist/index.cjs

@@ -0,0 +1,92 @@
+'use strict';
+
+var node_crypto = require('node:crypto');
+var node_buffer = require('node:buffer');
+var base32 = require('hi-base32');
+
+/**
+ * Simplified implementation of TOTP with existing node libs
+ *
+ * helpers to handle the following
+ * - generate QR codes with the otpauth:// URL scheme
+ * - algo and implmentation taken from https://drewdevault.com/2022/10/18/TOTP-is-easy.html
+ */
+
+const { floor } = Math;
+
+/**
+ *
+ * @param {string} secret
+ * @param {number} when
+ * @param {object} [options]
+ * @param {number} [options.period] in seconds (eg: 30 => 30 seconds)
+ * @returns {string}
+ */
+function totp(secret, when = floor(Date.now() / 1000), options = {}) {
+  const _options = Object.assign({ period: 30 }, options);
+  const now = floor(when / _options.period);
+  const key = base32.decode(secret);
+  const buff = bigEndian64(BigInt(now));
+  const hmac = node_crypto.createHmac('sha512', key).update(buff).digest();
+  const offset = hmac[hmac.length - 1] & 0xf;
+  const truncatedHash = hmac.subarray(offset, offset + 4);
+  const otp = (
+    (truncatedHash.readInt32BE() & 0x7f_ff_ff_ff) %
+    1_000_000
+  ).toString(10);
+  return otp.length < 6 ? `${otp}`.padStart(6, '0') : otp
+}
+
+/**
+ * @param {string} secret
+ * @param {string} token
+ * @param {object} [options]
+ * @param {number} [options.period] in seconds (eg: 30 => 30 seconds)
+ * @returns {boolean}
+ */
+function isValid(secret, token, options = {}) {
+  const _options = Object.assign({ period: 30 }, options);
+  for (let index = -2; index < 3; index += 1) {
+    const fromSys = totp(secret, Date.now() / 1000 + index, _options);
+    const valid = fromSys === token;
+    if (valid) return true
+  }
+  return false
+}
+
+/**
+ * @param {string} secret
+ * @param {object} options
+ * @param {string} options.company
+ * @param {string} options.email
+ * @returns {string}
+ */
+function generateTOTPURL(secret, options) {
+  const parameters = new URLSearchParams();
+  parameters.append('secret', secret);
+  parameters.append('issuer', options.company);
+  parameters.append('digits', '6');
+  const url = `otpauth://totp/${options.company}:${
+    options.email
+  }?${parameters.toString()}`;
+  return new URL(url).toString()
+}
+
+/**
+ * @param {bigint} hash
+ * @returns {Buffer}
+ */
+function bigEndian64(hash) {
+  const buf = node_buffer.Buffer.allocUnsafe(64 / 8);
+  buf.writeBigInt64BE(hash, 0);
+  return buf
+}
+
+function generateTOTPSecret(num = 32) {
+  return base32.encode(node_crypto.randomBytes(num).toString('ascii'))
+}
+
+exports.generateTOTPSecret = generateTOTPSecret;
+exports.generateTOTPURL = generateTOTPURL;
+exports.isValid = isValid;
+exports.totp = totp;

package/dist/index.d.ts

@@ -0,0 +1,11 @@
+export function totp(secret: string, when?: number, options?: {
+    period?: number;
+}): string;
+export function isValid(secret: string, token: string, options?: {
+    period?: number;
+}): boolean;
+export function generateTOTPURL(secret: string, options: {
+    company: string;
+    email: string;
+}): string;
+export function generateTOTPSecret(num?: number): string;

package/dist/index.js

@@ -0,0 +1,89 @@
+'use strict';
+
+var node_crypto = require('node:crypto');
+var node_buffer = require('node:buffer');
+var base32 = require('hi-base32');
+
+/**
+ * Simplified implementation of TOTP with existing node libs
+ *
+ * helpers to handle the following
+ * - generate QR codes with the otpauth:// URL scheme
+ * - algo and implmentation taken from https://drewdevault.com/2022/10/18/TOTP-is-easy.html
+ */
+
+const { floor } = Math;
+
+/**
+ *
+ * @param {string} secret
+ * @param {number} when
+ * @param {object} [options]
+ * @param {number} [options.period]
+ * @returns {string}
+ */
+function totp(secret, when = floor(Date.now() / 1000), options = {}) {
+  const _options = Object.assign({ period: 30 }, options);
+  const now = floor(when / _options.period);
+  const key = base32.decode(secret);
+  const buff = bigEndian64(BigInt(now));
+  const hmac = node_crypto.createHmac('sha1', key).update(buff).digest();
+  const offset = hmac[hmac.length - 1] & 0xf;
+  const truncatedHash = hmac.subarray(offset, offset + 4);
+  const otp = (
+    (truncatedHash.readInt32BE() & 0x7f_ff_ff_ff) %
+    1_000_000
+  ).toString(10);
+  return otp.length < 6 ? `${otp}`.padStart(6, '0') : otp
+}
+
+/**
+ * @param {string} secret
+ * @param {string} token
+ * @returns {boolean}
+ */
+function isValid(secret, token) {
+  for (let index = -2; index < 3; index += 1) {
+    const fromSys = totp(secret, Date.now() / 1000 + index);
+    const valid = fromSys === token;
+    if (valid) return true
+  }
+  return false
+}
+
+/**
+ * @param {string} secret
+ * @param {object} options
+ * @param {string} options.company
+ * @param {string} options.email
+ * @returns {string}
+ */
+function generateTOTPURL(secret, options) {
+  const parameters = new URLSearchParams();
+  parameters.append('secret', secret);
+  parameters.append('issuer', options.company);
+  parameters.append('digits', '6');
+  const url = `otpauth://totp/${options.company}:${
+    options.email
+  }?${parameters.toString()}`;
+  return new URL(url).toString()
+}
+
+/**
+ * @param {bigint} hash
+ * @returns {Buffer}
+ */
+function bigEndian64(hash) {
+  const buf = node_buffer.Buffer.allocUnsafe(64 / 8);
+  buf.writeBigInt64BE(hash, 0);
+  return buf
+}
+
+function generateTOTPSecret(num = 32) {
+  return base32.encode(node_crypto.randomBytes(num).toString('ascii'))
+}
+
+exports.generateTOTPSecret = generateTOTPSecret;
+exports.generateTOTPURL = generateTOTPURL;
+exports.isValid = isValid;
+exports.totp = totp;

package/package.json

@@ -0,0 +1,69 @@
+{
+  "name": "foronce",
+  "version": "0.0.0",
+  "repository": "git@github.com:dumbjs/foronce.git",
+  "license": "MIT",
+  "author": "Reaper <ahoy@barelyhuman.dev>",
+  "type": "module",
+  "exports": {
+    ".": {
+      "types": "./dist/index.d.ts",
+      "import": "./src/index.js",
+      "require": "./dist/index.cjs"
+    },
+    "./package.json": "./package.json"
+  },
+  "main": "./dist/index.cjs",
+  "module": "./src/index.js",
+  "types": "./dist/index.d.ts",
+  "files": [
+    "dist",
+    "src"
+  ],
+  "scripts": {
+    "build": "rollup -c; tsc",
+    "dev": "rollup -c --watch",
+    "fix": "prettier --write .",
+    "next": "bumpp",
+    "prepare": "husky install",
+    "size": "sizesnap",
+    "test": "uvu tests",
+    "test:ci": "c8 uvu tests "
+  },
+  "lint-staged": {
+    "*.{js,css,md,json}": "prettier --write"
+  },
+  "prettier": "@barelyhuman/prettier-config",
+  "dependencies": {
+    "hi-base32": "^0.5.1",
+    "uncrypto": "^0.1.3"
+  },
+  "devDependencies": {
+    "@barelyhuman/prettier-config": "^1.0.0",
+    "@types/node": "^20.10.8",
+    "buffer": "^6.0.3",
+    "bumpp": "^9.2.0",
+    "c8": "^8.0.1",
+    "esm": "^3.2.25",
+    "husky": "^8.0.3",
+    "lint-staged": "^14.0.1",
+    "prettier": "^2.7.1",
+    "publint": "^0.2.7",
+    "rollup": "^4.9.4",
+    "rollup-plugin-node-externals": "^6.1.2",
+    "sizesnap": "^0.2.1",
+    "tsup": "^6.1.2",
+    "typescript": "^4.7.4",
+    "uvu": "^0.5.6"
+  },
+  "publishConfig": {
+    "access": "public"
+  },
+  "sizesnap": {
+    "files": [
+      "dist/*.dts",
+      "dist/*.ts",
+      "dist/*.js"
+    ]
+  }
+}

package/src/index.js

@@ -0,0 +1,84 @@
+/**
+ * Simplified implementation of TOTP with existing node libs
+ *
+ * helpers to handle the following
+ * - generate QR codes with the otpauth:// URL scheme
+ * - algo and implmentation taken from https://drewdevault.com/2022/10/18/TOTP-is-easy.html
+ */
+import { createHmac, randomBytes } from 'node:crypto'
+import { Buffer } from 'buffer'
+import base32 from 'hi-base32'
+
+const { floor } = Math
+
+/**
+ *
+ * @param {string} secret
+ * @param {number} when
+ * @param {object} [options]
+ * @param {number} [options.period] in seconds (eg: 30 => 30 seconds)
+ * @returns {string}
+ */
+export function totp(secret, when = floor(Date.now() / 1000), options = {}) {
+  const _options = Object.assign({ period: 30 }, options)
+  const now = floor(when / _options.period)
+  const key = base32.decode(secret)
+  const buff = bigEndian64(BigInt(now))
+  const hmac = createHmac('sha512', key).update(buff).digest()
+  const offset = hmac[hmac.length - 1] & 0xf
+  const truncatedHash = hmac.subarray(offset, offset + 4)
+  const otp = (
+    (truncatedHash.readInt32BE() & 0x7f_ff_ff_ff) %
+    1_000_000
+  ).toString(10)
+  return otp.length < 6 ? `${otp}`.padStart(6, '0') : otp
+}
+
+/**
+ * @param {string} secret
+ * @param {string} token
+ * @param {object} [options]
+ * @param {number} [options.period] in seconds (eg: 30 => 30 seconds)
+ * @returns {boolean}
+ */
+export function isValid(secret, token, options = {}) {
+  const _options = Object.assign({ period: 30 }, options)
+  for (let index = -2; index < 3; index += 1) {
+    const fromSys = totp(secret, Date.now() / 1000 + index, _options)
+    const valid = fromSys === token
+    if (valid) return true
+  }
+  return false
+}
+
+/**
+ * @param {string} secret
+ * @param {object} options
+ * @param {string} options.company
+ * @param {string} options.email
+ * @returns {string}
+ */
+export function generateTOTPURL(secret, options) {
+  const parameters = new URLSearchParams()
+  parameters.append('secret', secret)
+  parameters.append('issuer', options.company)
+  parameters.append('digits', '6')
+  const url = `otpauth://totp/${options.company}:${
+    options.email
+  }?${parameters.toString()}`
+  return new URL(url).toString()
+}
+
+/**
+ * @param {bigint} hash
+ * @returns {Buffer}
+ */
+function bigEndian64(hash) {
+  const buf = Buffer.allocUnsafe(64 / 8)
+  buf.writeBigInt64BE(hash, 0)
+  return buf
+}
+
+export function generateTOTPSecret(num = 32) {
+  return base32.encode(randomBytes(num).toString('ascii'))
+}