foronce 0.0.5 → 0.0.6

package/dist/base32.cjs

@@ -5,148 +5,112 @@
  * Copyright(c) 2024 Reaper
  * MIT Licensed
  */
-
-// Simple implementation based of RFC 4648 for base32 encoding and decoding
-
-const pad = '=';
-const base32alphaMap = {
-  0: 'A',
-  1: 'B',
-  2: 'C',
-  3: 'D',
-  4: 'E',
-  5: 'F',
-  6: 'G',
-  7: 'H',
-  8: 'I',
-  9: 'J',
-  10: 'K',
-  11: 'L',
-  12: 'M',
-  13: 'N',
-  14: 'O',
-  15: 'P',
-  16: 'Q',
-  17: 'R',
-  18: 'S',
-  19: 'T',
-  20: 'U',
-  21: 'V',
-  22: 'W',
-  23: 'X',
-  24: 'Y',
-  25: 'Z',
-  26: '2',
-  27: '3',
-  28: '4',
-  29: '5',
-  30: '6',
-  31: '7',
-};
-
-const base32alphaMapDecode = Object.fromEntries(
-  Object.entries(base32alphaMap).map(([k, v]) => [v, k])
-);
-
-/**
- * @param {string} str
- */
-const encode = str => {
-  const splits = str.split('');
-
+const pad = "=";
+const base32alphaMap = [
+  "A",
+  "B",
+  "C",
+  "D",
+  "E",
+  "F",
+  "G",
+  "H",
+  "I",
+  "J",
+  "K",
+  "L",
+  "M",
+  "N",
+  "O",
+  "P",
+  "Q",
+  "R",
+  "S",
+  "T",
+  "U",
+  "V",
+  "W",
+  "X",
+  "Y",
+  "Z",
+  "2",
+  "3",
+  "4",
+  "5",
+  "6",
+  "7"
+];
+const encode = (str) => {
+  const splits = str.split("");
   if (!splits.length) {
-    return ''
+    return "";
   }
-
   let binaryGroup = [];
-  let bitText = '';
-
-  splits.forEach(c => {
+  let bitText = "";
+  splits.forEach((c) => {
     bitText += toBinary(c);
-
     if (bitText.length == 40) {
       binaryGroup.push(bitText);
-      bitText = '';
+      bitText = "";
     }
   });
-
   if (bitText.length > 0) {
     binaryGroup.push(bitText);
-    bitText = '';
+    bitText = "";
   }
-
-  return binaryGroup
-    .map(x => {
-      let fiveBitGrouping = [];
-      let lex = '';
-      let bitOn = x;
-
-      bitOn.split('').forEach(d => {
-        lex += d;
-        if (lex.length == 5) {
-          fiveBitGrouping.push(lex);
-          lex = '';
-        }
-      });
-
-      if (lex.length > 0) {
-        fiveBitGrouping.push(lex.padEnd(5, '0'));
-        lex = '';
+  return binaryGroup.map((x) => {
+    let fiveBitGrouping = [];
+    let lex = "";
+    let bitOn = x;
+    bitOn.split("").forEach((d) => {
+      lex += d;
+      if (lex.length == 5) {
+        fiveBitGrouping.push(lex);
+        lex = "";
       }
-
-      let paddedArray = Array.from(fiveBitGrouping);
-      paddedArray.length = 8;
-      paddedArray = paddedArray.fill('-1', fiveBitGrouping.length, 8);
-
-      return paddedArray
-        .map(f => {
-          if (f == '-1') {
-            return pad
-          }
-          return base32alphaMap[parseInt(f, 2).toString(10)]
-        })
-        .join('')
-    })
-    .join('')
-};
-
-/**
- * @param {string} str
- * @returns
- */
-const decode = str => {
-  const overallBinary = str
-    .split('')
-    .map(x => {
-      if (x === pad) {
-        return '00000'
+    });
+    if (lex.length > 0) {
+      fiveBitGrouping.push(lex.padEnd(5, "0"));
+      lex = "";
+    }
+    let paddedArray = Array.from(fiveBitGrouping);
+    paddedArray.length = 8;
+    paddedArray = paddedArray.fill("-1", fiveBitGrouping.length, 8);
+    return paddedArray.map((f) => {
+      if (f == "-1") {
+        return pad;
       }
-      const d = base32alphaMapDecode[x];
-      const binary = parseInt(d, 10).toString(2);
-      return binary.padStart(5, '0')
-    })
-    .join('');
-
-  const characterBitGrouping = chunk(overallBinary.split(''), 8);
-  return characterBitGrouping
-    .map(x => {
-      const binaryL = x.join('');
-      const str = String.fromCharCode(+parseInt(binaryL, 2).toString(10));
-      return str.replace('\x00', '')
-    })
-    .join('')
+      return base32alphaMap[parseInt(f, 2).toString(10)];
+    }).join("");
+  }).join("");
+};
+const decode = (str) => {
+  const overallBinary = str.split("").map((x) => {
+    if (x === pad) {
+      return "00000";
+    }
+    const decodeIndex = base32alphaMap.indexOf(x);
+    const binary = decodeIndex.toString(2);
+    return binary.padStart(5, "0");
+  }).join("");
+  const characterBitGrouping = chunk(overallBinary.split(""), 8);
+  return characterBitGrouping.map((x) => {
+    const binaryL = x.join("");
+    const str2 = String.fromCharCode(+parseInt(binaryL, 2).toString(10));
+    return str2.replace("\0", "");
+  }).join("");
 };
-
 const toBinary = (char, padLimit = 8) => {
   const binary = String(char).charCodeAt(0).toString(2);
-  return binary.padStart(padLimit, '0')
+  return binary.padStart(padLimit, "0");
 };
-
 const chunk = (arr, chunkSize = 1, cache = []) => {
   const tmp = [...arr];
-  if (chunkSize <= 0) return cache
-  while (tmp.length) cache.push(tmp.splice(0, chunkSize));
-  return cache
+  if (chunkSize <= 0)
+    return cache;
+  while (tmp.length)
+    cache.push(tmp.splice(0, chunkSize));
+  return cache;
 };
 
 exports.decode = decode;

package/dist/base32.d.cts

@@ -0,0 +1,4 @@
+declare function encode(str: string): string;
+declare function decode(str: string): string;
+
+export { decode, encode };

package/dist/base32.d.mts

@@ -0,0 +1,4 @@
+declare function encode(str: string): string;
+declare function decode(str: string): string;
+
+export { decode, encode };

package/dist/base32.d.ts

@@ -1,2 +1,4 @@
-export function encode(str: string): string;
-export function decode(str: string): string;
+declare function encode(str: string): string;
+declare function decode(str: string): string;
+
+export { decode, encode };

package/dist/base32.mjs

@@ -0,0 +1,114 @@
+/*!
+ * base-32.js
+ * Copyright(c) 2024 Reaper
+ * MIT Licensed
+ */
+const pad = "=";
+const base32alphaMap = [
+  "A",
+  "B",
+  "C",
+  "D",
+  "E",
+  "F",
+  "G",
+  "H",
+  "I",
+  "J",
+  "K",
+  "L",
+  "M",
+  "N",
+  "O",
+  "P",
+  "Q",
+  "R",
+  "S",
+  "T",
+  "U",
+  "V",
+  "W",
+  "X",
+  "Y",
+  "Z",
+  "2",
+  "3",
+  "4",
+  "5",
+  "6",
+  "7"
+];
+const encode = (str) => {
+  const splits = str.split("");
+  if (!splits.length) {
+    return "";
+  }
+  let binaryGroup = [];
+  let bitText = "";
+  splits.forEach((c) => {
+    bitText += toBinary(c);
+    if (bitText.length == 40) {
+      binaryGroup.push(bitText);
+      bitText = "";
+    }
+  });
+  if (bitText.length > 0) {
+    binaryGroup.push(bitText);
+    bitText = "";
+  }
+  return binaryGroup.map((x) => {
+    let fiveBitGrouping = [];
+    let lex = "";
+    let bitOn = x;
+    bitOn.split("").forEach((d) => {
+      lex += d;
+      if (lex.length == 5) {
+        fiveBitGrouping.push(lex);
+        lex = "";
+      }
+    });
+    if (lex.length > 0) {
+      fiveBitGrouping.push(lex.padEnd(5, "0"));
+      lex = "";
+    }
+    let paddedArray = Array.from(fiveBitGrouping);
+    paddedArray.length = 8;
+    paddedArray = paddedArray.fill("-1", fiveBitGrouping.length, 8);
+    return paddedArray.map((f) => {
+      if (f == "-1") {
+        return pad;
+      }
+      return base32alphaMap[parseInt(f, 2).toString(10)];
+    }).join("");
+  }).join("");
+};
+const decode = (str) => {
+  const overallBinary = str.split("").map((x) => {
+    if (x === pad) {
+      return "00000";
+    }
+    const decodeIndex = base32alphaMap.indexOf(x);
+    const binary = decodeIndex.toString(2);
+    return binary.padStart(5, "0");
+  }).join("");
+  const characterBitGrouping = chunk(overallBinary.split(""), 8);
+  return characterBitGrouping.map((x) => {
+    const binaryL = x.join("");
+    const str2 = String.fromCharCode(+parseInt(binaryL, 2).toString(10));
+    return str2.replace("\0", "");
+  }).join("");
+};
+const toBinary = (char, padLimit = 8) => {
+  const binary = String(char).charCodeAt(0).toString(2);
+  return binary.padStart(padLimit, "0");
+};
+const chunk = (arr, chunkSize = 1, cache = []) => {
+  const tmp = [...arr];
+  if (chunkSize <= 0)
+    return cache;
+  while (tmp.length)
+    cache.push(tmp.splice(0, chunkSize));
+  return cache;
+};
+
+export { decode, encode };

package/dist/index.cjs

@@ -1,90 +1,51 @@
 'use strict';
 
-var node_crypto = require('node:crypto');
-var node_buffer = require('node:buffer');
-var base32 = require('./base32.cjs');
+const node_crypto = require('node:crypto');
+const buffer = require('buffer');
+const base32 = require('./base32.cjs');
 
 /*!
  * base-32.js
  * Copyright(c) 2024 Reaper
  * MIT Licensed
  */
-
-
 const { floor } = Math;
-
-/**
- *
- * @param {string} secret
- * @param {number} when
- * @param {object} [options]
- * @param {number} [options.period] in seconds (eg: 30 => 30 seconds)
- * @param {"sha1" | "sha256" | "sha512"} [options.algorithm] (default: sha512)
- * @returns {string}
- */
-function totp(secret, when = floor(Date.now() / 1000), options = {}) {
-  const _options = Object.assign({ period: 30, algorithm: 'sha512' }, options);
+function totp(secret, when = floor(Date.now() / 1e3), options = {}) {
+  const _options = Object.assign({ period: 30, algorithm: "sha512" }, options);
   const now = floor(when / _options.period);
   const key = base32.decode(secret);
   const buff = bigEndian64(BigInt(now));
   const hmac = node_crypto.createHmac(_options.algorithm, key).update(buff).digest();
-  const offset = hmac[hmac.length - 1] & 0xf;
+  const offset = hmac[hmac.length - 1] & 15;
   const truncatedHash = hmac.subarray(offset, offset + 4);
-  const otp = (
-    (truncatedHash.readInt32BE() & 0x7f_ff_ff_ff) %
-    1_000_000
-  ).toString(10);
-  return otp.length < 6 ? `${otp}`.padStart(6, '0') : otp
+  const otp = ((truncatedHash.readInt32BE() & 2147483647) % 1e6).toString(10);
+  return otp.length < 6 ? `${otp}`.padStart(6, "0") : otp;
 }
-
-/**
- * @param {string} secret
- * @param {string} token
- * @param {object} [options]
- * @param {number} [options.period] in seconds (eg: 30 => 30 seconds)
- * @param {"sha1" | "sha256" | "sha512"} [options.algorithm] (default: sha512)
- * @returns {boolean}
- */
 function isTOTPValid(secret, token, options = {}) {
-  const _options = Object.assign({ period: 30, algorithm: 'sha512' }, options);
+  const _options = Object.assign({ period: 30, algorithm: "sha512" }, options);
   for (let index = -2; index < 3; index += 1) {
-    const fromSys = totp(secret, Date.now() / 1000 + index, _options);
+    const fromSys = totp(secret, Date.now() / 1e3 + index, _options);
     const valid = fromSys === token;
-    if (valid) return true
+    if (valid)
+      return true;
   }
-  return false
+  return false;
 }
-
-/**
- * @param {string} secret
- * @param {object} options
- * @param {string} options.company
- * @param {string} options.email
- * @returns {string}
- */
 function generateTOTPURL(secret, options) {
   const parameters = new URLSearchParams();
-  parameters.append('secret', secret);
-  parameters.append('issuer', options.company);
-  parameters.append('digits', '6');
-  const url = `otpauth://totp/${options.company}:${
-    options.email
-  }?${parameters.toString()}`;
-  return new URL(url).toString()
+  parameters.append("secret", secret);
+  parameters.append("issuer", options.company);
+  parameters.append("digits", "6");
+  const url = `otpauth://totp/${options.company}:${options.email}?${parameters.toString()}`;
+  return new URL(url).toString();
 }
-
-/**
- * @param {bigint} hash
- * @returns {Buffer}
- */
 function bigEndian64(hash) {
-  const buf = node_buffer.Buffer.allocUnsafe(64 / 8);
+  const buf = buffer.Buffer.allocUnsafe(64 / 8);
   buf.writeBigInt64BE(hash, 0);
-  return buf
+  return buf;
 }
-
 function generateTOTPSecret(num = 32) {
-  return base32.encode(node_crypto.randomBytes(num).toString('ascii'))
+  return base32.encode(node_crypto.randomBytes(num).toString("ascii"));
 }
 
 exports.generateTOTPSecret = generateTOTPSecret;

package/dist/index.d.cts

@@ -0,0 +1,15 @@
+declare function totp(secret: string, when?: number, options?: {
+    period?: number;
+    algorithm?: "sha1" | "sha256" | "sha512";
+}): string;
+declare function isTOTPValid(secret: string, token: string, options?: {
+    period?: number;
+    algorithm?: "sha1" | "sha256" | "sha512";
+}): boolean;
+declare function generateTOTPURL(secret: string, options: {
+    company: string;
+    email: string;
+}): string;
+declare function generateTOTPSecret(num?: number): string;
+
+export { generateTOTPSecret, generateTOTPURL, isTOTPValid, totp };

package/dist/index.d.mts

@@ -0,0 +1,15 @@
+declare function totp(secret: string, when?: number, options?: {
+    period?: number;
+    algorithm?: "sha1" | "sha256" | "sha512";
+}): string;
+declare function isTOTPValid(secret: string, token: string, options?: {
+    period?: number;
+    algorithm?: "sha1" | "sha256" | "sha512";
+}): boolean;
+declare function generateTOTPURL(secret: string, options: {
+    company: string;
+    email: string;
+}): string;
+declare function generateTOTPSecret(num?: number): string;
+
+export { generateTOTPSecret, generateTOTPURL, isTOTPValid, totp };

package/dist/index.d.ts

@@ -1,13 +1,15 @@
-export function totp(secret: string, when?: number, options?: {
+declare function totp(secret: string, when?: number, options?: {
     period?: number;
     algorithm?: "sha1" | "sha256" | "sha512";
 }): string;
-export function isTOTPValid(secret: string, token: string, options?: {
+declare function isTOTPValid(secret: string, token: string, options?: {
     period?: number;
     algorithm?: "sha1" | "sha256" | "sha512";
 }): boolean;
-export function generateTOTPURL(secret: string, options: {
+declare function generateTOTPURL(secret: string, options: {
     company: string;
     email: string;
 }): string;
-export function generateTOTPSecret(num?: number): string;
+declare function generateTOTPSecret(num?: number): string;
+
+export { generateTOTPSecret, generateTOTPURL, isTOTPValid, totp };

package/dist/index.mjs

@@ -0,0 +1,49 @@
+import { createHmac, randomBytes } from 'node:crypto';
+import { Buffer } from 'buffer';
+import { decode, encode } from './base32.mjs';
+
+/*!
+ * base-32.js
+ * Copyright(c) 2024 Reaper
+ * MIT Licensed
+ */
+const { floor } = Math;
+function totp(secret, when = floor(Date.now() / 1e3), options = {}) {
+  const _options = Object.assign({ period: 30, algorithm: "sha512" }, options);
+  const now = floor(when / _options.period);
+  const key = decode(secret);
+  const buff = bigEndian64(BigInt(now));
+  const hmac = createHmac(_options.algorithm, key).update(buff).digest();
+  const offset = hmac[hmac.length - 1] & 15;
+  const truncatedHash = hmac.subarray(offset, offset + 4);
+  const otp = ((truncatedHash.readInt32BE() & 2147483647) % 1e6).toString(10);
+  return otp.length < 6 ? `${otp}`.padStart(6, "0") : otp;
+}
+function isTOTPValid(secret, token, options = {}) {
+  const _options = Object.assign({ period: 30, algorithm: "sha512" }, options);
+  for (let index = -2; index < 3; index += 1) {
+    const fromSys = totp(secret, Date.now() / 1e3 + index, _options);
+    const valid = fromSys === token;
+    if (valid)
+      return true;
+  }
+  return false;
+}
+function generateTOTPURL(secret, options) {
+  const parameters = new URLSearchParams();
+  parameters.append("secret", secret);
+  parameters.append("issuer", options.company);
+  parameters.append("digits", "6");
+  const url = `otpauth://totp/${options.company}:${options.email}?${parameters.toString()}`;
+  return new URL(url).toString();
+}
+function bigEndian64(hash) {
+  const buf = Buffer.allocUnsafe(64 / 8);
+  buf.writeBigInt64BE(hash, 0);
+  return buf;
+}
+function generateTOTPSecret(num = 32) {
+  return encode(randomBytes(num).toString("ascii"));
+}
+
+export { generateTOTPSecret, generateTOTPURL, isTOTPValid, totp };

package/dist/universal/universal.cjs

@@ -0,0 +1,82 @@
+'use strict';
+
+const uncrypto = require('uncrypto');
+const base32 = require('../base32.cjs');
+
+function bigEndian64(hash) {
+  const buf = Buffer.allocUnsafe(64 / 8);
+  buf.writeBigInt64BE(hash, 0);
+  return buf;
+}
+
+const algoMap = {
+  sha1: "SHA-1",
+  sha256: "SHA-256",
+  sha512: "SHA-512"
+};
+async function createHmac(algorithm, secret, data) {
+  const key = await uncrypto.subtle.importKey(
+    "raw",
+    // raw format of the key - should be Uint8Array
+    secret,
+    {
+      // algorithm details
+      name: "HMAC",
+      hash: { name: algoMap[algorithm] }
+    },
+    false,
+    // export = false
+    ["sign", "verify"]
+    // what this key can do
+  );
+  const signature = await uncrypto.subtle.sign("HMAC", key, data);
+  return Buffer.from(signature);
+}
+
+const { floor } = Math;
+async function totp(secret, when = floor(Date.now() / 1e3), options = {}) {
+  const _options = Object.assign(
+    {
+      period: 30,
+      algorithm: "sha512"
+    },
+    options
+  );
+  const now = floor(when / _options.period);
+  const key = base32.decode(secret);
+  const buff = bigEndian64(BigInt(now));
+  const hmac = await createHmac(_options.algorithm, key, buff);
+  const offset = hmac.at(-1) & 15;
+  const truncatedHash = hmac.subarray(offset, offset + 4);
+  const otp = ((truncatedHash.readInt32BE() & 2147483647) % 1e6).toString(10);
+  return otp.length < 6 ? `${otp}`.padStart(6, "0") : otp;
+}
+async function isTOTPValid(secret, totpToken, options = {}) {
+  const _options = Object.assign({ period: 30, algorithm: "sha512" }, options);
+  for (let index = -2; index < 3; index += 1) {
+    const fromSys = await totp(secret, Date.now() / 1e3 + index, _options);
+    const valid = fromSys === totpToken;
+    if (valid) {
+      return true;
+    }
+  }
+  return false;
+}
+function generateTOTPURL(secret, options) {
+  const parameters = new URLSearchParams();
+  parameters.append("secret", secret);
+  parameters.append("issuer", options.company);
+  parameters.append("digits", "6");
+  const url = `otpauth://totp/${options.company}:${options.email}?${parameters.toString()}`;
+  return new URL(url).toString();
+}
+function generateTOTPSecret(num = 32) {
+  const array = new Uint32Array(num);
+  const vals = uncrypto.getRandomValues(array);
+  return base32.encode(Buffer.from(vals).toString("ascii"));
+}
+
+exports.generateTOTPSecret = generateTOTPSecret;
+exports.generateTOTPURL = generateTOTPURL;
+exports.isTOTPValid = isTOTPValid;
+exports.totp = totp;

package/dist/universal/universal.d.cts

@@ -0,0 +1,10 @@
+interface TOTPURLOptions {
+    company: string;
+    email: string;
+}
+declare function totp(secret: string, when?: number, options?: {}): Promise<string>;
+declare function isTOTPValid(secret: string, totpToken: string, options?: {}): Promise<boolean>;
+declare function generateTOTPURL(secret: string, options: TOTPURLOptions): string;
+declare function generateTOTPSecret(num?: number): string;
+
+export { generateTOTPSecret, generateTOTPURL, isTOTPValid, totp };

package/dist/universal/universal.d.mts

@@ -0,0 +1,10 @@
+interface TOTPURLOptions {
+    company: string;
+    email: string;
+}
+declare function totp(secret: string, when?: number, options?: {}): Promise<string>;
+declare function isTOTPValid(secret: string, totpToken: string, options?: {}): Promise<boolean>;
+declare function generateTOTPURL(secret: string, options: TOTPURLOptions): string;
+declare function generateTOTPSecret(num?: number): string;
+
+export { generateTOTPSecret, generateTOTPURL, isTOTPValid, totp };

package/dist/universal/universal.d.ts

@@ -0,0 +1,10 @@
+interface TOTPURLOptions {
+    company: string;
+    email: string;
+}
+declare function totp(secret: string, when?: number, options?: {}): Promise<string>;
+declare function isTOTPValid(secret: string, totpToken: string, options?: {}): Promise<boolean>;
+declare function generateTOTPURL(secret: string, options: TOTPURLOptions): string;
+declare function generateTOTPSecret(num?: number): string;
+
+export { generateTOTPSecret, generateTOTPURL, isTOTPValid, totp };

package/dist/universal/universal.mjs

@@ -0,0 +1,77 @@
+import { subtle, getRandomValues } from 'uncrypto';
+import { decode, encode } from '../base32.mjs';
+
+function bigEndian64(hash) {
+  const buf = Buffer.allocUnsafe(64 / 8);
+  buf.writeBigInt64BE(hash, 0);
+  return buf;
+}
+
+const algoMap = {
+  sha1: "SHA-1",
+  sha256: "SHA-256",
+  sha512: "SHA-512"
+};
+async function createHmac(algorithm, secret, data) {
+  const key = await subtle.importKey(
+    "raw",
+    // raw format of the key - should be Uint8Array
+    secret,
+    {
+      // algorithm details
+      name: "HMAC",
+      hash: { name: algoMap[algorithm] }
+    },
+    false,
+    // export = false
+    ["sign", "verify"]
+    // what this key can do
+  );
+  const signature = await subtle.sign("HMAC", key, data);
+  return Buffer.from(signature);
+}
+
+const { floor } = Math;
+async function totp(secret, when = floor(Date.now() / 1e3), options = {}) {
+  const _options = Object.assign(
+    {
+      period: 30,
+      algorithm: "sha512"
+    },
+    options
+  );
+  const now = floor(when / _options.period);
+  const key = decode(secret);
+  const buff = bigEndian64(BigInt(now));
+  const hmac = await createHmac(_options.algorithm, key, buff);
+  const offset = hmac.at(-1) & 15;
+  const truncatedHash = hmac.subarray(offset, offset + 4);
+  const otp = ((truncatedHash.readInt32BE() & 2147483647) % 1e6).toString(10);
+  return otp.length < 6 ? `${otp}`.padStart(6, "0") : otp;
+}
+async function isTOTPValid(secret, totpToken, options = {}) {
+  const _options = Object.assign({ period: 30, algorithm: "sha512" }, options);
+  for (let index = -2; index < 3; index += 1) {
+    const fromSys = await totp(secret, Date.now() / 1e3 + index, _options);
+    const valid = fromSys === totpToken;
+    if (valid) {
+      return true;
+    }
+  }
+  return false;
+}
+function generateTOTPURL(secret, options) {
+  const parameters = new URLSearchParams();
+  parameters.append("secret", secret);
+  parameters.append("issuer", options.company);
+  parameters.append("digits", "6");
+  const url = `otpauth://totp/${options.company}:${options.email}?${parameters.toString()}`;
+  return new URL(url).toString();
+}
+function generateTOTPSecret(num = 32) {
+  const array = new Uint32Array(num);
+  const vals = getRandomValues(array);
+  return encode(Buffer.from(vals).toString("ascii"));
+}
+
+export { generateTOTPSecret, generateTOTPURL, isTOTPValid, totp };

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "foronce",
-  "version": "0.0.5",
+  "version": "0.0.6",
   "description": "The OTP Library",
   "repository": "git@github.com:dumbjs/foronce.git",
   "license": "MIT",
@@ -8,33 +8,46 @@
   "type": "module",
   "exports": {
     ".": {
-      "types": "./dist/index.d.ts",
-      "import": "./src/index.js",
+      "types": {
+        "import": "./dist/index.d.mts",
+        "require": "./dist/index.d.cts"
+      },
+      "import": "./dist/index.mjs",
       "require": "./dist/index.cjs"
     },
     "./base32": {
-      "types": "./dist/base32.d.ts",
-      "import": "./src/base32.js",
+      "types": {
+        "import": "./dist/base32.d.mts",
+        "require": "./dist/base32.d.cts"
+      },
+      "import": "./dist/base32.mjs",
       "require": "./dist/base32.cjs"
     },
+    "./universal": {
+      "types": {
+        "import": "./dist/universal/universal.d.mts",
+        "require": "./dist/universal/universal.d.cts"
+      },
+      "import": "./dist/universal/universal.mjs",
+      "require": "./dist/universal/universal.cjs"
+    },
     "./package.json": "./package.json"
   },
   "main": "./dist/index.cjs",
-  "module": "./src/index.js",
+  "module": "./dist/index.mjs",
   "types": "./dist/index.d.ts",
   "files": [
     "dist",
     "src"
   ],
   "scripts": {
-    "build": "rollup -c; tsc",
-    "dev": "rollup -c --watch",
+    "build": "unbuild",
     "fix": "prettier --write .",
     "next": "bumpp",
     "prepare": "husky install",
     "size": "sizesnap",
-    "test": "uvu tests",
-    "test:ci": "c8 uvu tests "
+    "test": "uvu -r tsm tests",
+    "test:ci": "c8 uvu -r tsm tests "
   },
   "keywords": [
     "otp",
@@ -57,11 +70,9 @@
     "lint-staged": "^14.0.1",
     "prettier": "^2.7.1",
     "publint": "^0.2.7",
-    "rollup": "^4.9.4",
-    "rollup-plugin-node-externals": "^6.1.2",
     "sizesnap": "^0.2.1",
-    "tsup": "^6.1.2",
-    "typescript": "^4.7.4",
+    "tsm": "^2.3.0",
+    "unbuild": "^2.0.0",
     "uvu": "^0.5.6"
   },
   "publishConfig": {
@@ -74,5 +85,8 @@
       "dist/*.js",
       "dist/*.cjs"
     ]
+  },
+  "dependencies": {
+    "uncrypto": "^0.1.3"
   }
 }

package/src/base32.js

@@ -7,44 +7,40 @@
 // Simple implementation based of RFC 4648 for base32 encoding and decoding
 
 const pad = '='
-const base32alphaMap = {
-  0: 'A',
-  1: 'B',
-  2: 'C',
-  3: 'D',
-  4: 'E',
-  5: 'F',
-  6: 'G',
-  7: 'H',
-  8: 'I',
-  9: 'J',
-  10: 'K',
-  11: 'L',
-  12: 'M',
-  13: 'N',
-  14: 'O',
-  15: 'P',
-  16: 'Q',
-  17: 'R',
-  18: 'S',
-  19: 'T',
-  20: 'U',
-  21: 'V',
-  22: 'W',
-  23: 'X',
-  24: 'Y',
-  25: 'Z',
-  26: '2',
-  27: '3',
-  28: '4',
-  29: '5',
-  30: '6',
-  31: '7',
-}
-
-const base32alphaMapDecode = Object.fromEntries(
-  Object.entries(base32alphaMap).map(([k, v]) => [v, k])
-)
+const base32alphaMap = [
+  'A',
+  'B',
+  'C',
+  'D',
+  'E',
+  'F',
+  'G',
+  'H',
+  'I',
+  'J',
+  'K',
+  'L',
+  'M',
+  'N',
+  'O',
+  'P',
+  'Q',
+  'R',
+  'S',
+  'T',
+  'U',
+  'V',
+  'W',
+  'X',
+  'Y',
+  'Z',
+  '2',
+  '3',
+  '4',
+  '5',
+  '6',
+  '7',
+]
 
 /**
  * @param {string} str
@@ -119,8 +115,8 @@ export const decode = str => {
       if (x === pad) {
         return '00000'
       }
-      const d = base32alphaMapDecode[x]
-      const binary = parseInt(d, 10).toString(2)
+      const decodeIndex = base32alphaMap.indexOf(x)
+      const binary = decodeIndex.toString(2)
       return binary.padStart(5, '0')
     })
     .join('')
@@ -133,8 +129,6 @@ export const decode = str => {
       return str.replace('\x00', '')
     })
     .join('')
-
-  return ''
 }
 
 const toBinary = (char, padLimit = 8) => {

package/src/lib/crypto.js

@@ -0,0 +1,31 @@
+import { subtle } from 'uncrypto'
+
+const algoMap = {
+  sha1: 'SHA-1',
+  sha256: 'SHA-256',
+  sha512: 'SHA-512',
+}
+
+export async function createHmac(algorithm, secret, data) {
+  // let enc
+  // if (TextEncoder.constructor.length == 1) {
+  //   // @ts-ignore
+  //   enc = new TextEncoder('utf-8')
+  // } else {
+  //   enc = new TextEncoder()
+  // }
+
+  const key = await subtle.importKey(
+    'raw', // raw format of the key - should be Uint8Array
+    secret,
+    {
+      // algorithm details
+      name: 'HMAC',
+      hash: { name: algoMap[algorithm] },
+    },
+    false, // export = false
+    ['sign', 'verify'] // what this key can do
+  )
+  const signature = await subtle.sign('HMAC', key, data)
+  return Buffer.from(signature)
+}

package/src/lib/utils.js

@@ -0,0 +1,9 @@
+/**
+ * @param {bigint} hash
+ * @returns {Buffer}
+ */
+export function bigEndian64(hash) {
+  const buf = Buffer.allocUnsafe(64 / 8)
+  buf.writeBigInt64BE(hash, 0)
+  return buf
+}

package/src/universal/hmac.ts

@@ -0,0 +1,29 @@
+import { subtle } from 'uncrypto'
+
+const algoMap = {
+  sha1: 'SHA-1',
+  sha256: 'SHA-256',
+  sha512: 'SHA-512',
+}
+
+export type AlgoEnum = 'sha1' | 'sha256' | 'sha512'
+
+export async function createHmac(
+  algorithm: AlgoEnum,
+  secret: string,
+  data: Buffer
+) {
+  const key = await subtle.importKey(
+    'raw', // raw format of the key - should be Uint8Array
+    secret,
+    {
+      // algorithm details
+      name: 'HMAC',
+      hash: { name: algoMap[algorithm] },
+    },
+    false, // export = false
+    ['sign', 'verify'] // what this key can do
+  )
+  const signature = await subtle.sign('HMAC', key, data)
+  return Buffer.from(signature)
+}

package/src/universal/universal.ts

@@ -0,0 +1,85 @@
+import { getRandomValues } from 'uncrypto'
+import { decode, encode } from '../base32.js'
+import { bigEndian64 } from '../lib/utils.js'
+import { AlgoEnum, createHmac } from './hmac.js'
+
+interface TOTPURLOptions {
+  company: string
+  email: string
+}
+
+const { floor } = Math
+
+/**
+ * @param {string} secret - the secret to be used, needs to be a base32 encoded string
+ * @param {number} when - point of time in seconds (default: Date.now()/1000)
+ * @param {object} [options]
+ * @param {number} [options.period] in seconds (eg: 30 => 30 seconds)
+ * @param {import("./hmac.js").AlgoEnum} [options.algorithm] (default: sha512)
+ * @returns {Promise<string>}
+ */
+export async function totp(
+  secret: string,
+  when = floor(Date.now() / 1000),
+  options = {}
+) {
+  const _options = Object.assign(
+    {
+      period: 30,
+      algorithm: 'sha512' as AlgoEnum,
+    },
+    options
+  )
+  const now = floor(when / _options.period)
+  const key = decode(secret)
+  const buff = bigEndian64(BigInt(now))
+  const hmac = await createHmac(_options.algorithm, key, buff)
+  const offset = hmac.at(-1)! & 0xf
+  const truncatedHash = hmac.subarray(offset, offset + 4)
+  const otp = (
+    (truncatedHash.readInt32BE() & 0x7f_ff_ff_ff) %
+    1_000_000
+  ).toString(10)
+  return otp.length < 6 ? `${otp}`.padStart(6, '0') : otp
+}
+
+/**
+ * @param {string} secret - the secret to be used, needs to be a base32 encoded string
+ * @param {string} totpToken - the totp token
+ * @param {object} [options]
+ * @param {number} [options.period] in seconds (eg: 30 => 30 seconds)
+ * @param {import("./hmac.js").AlgoEnum} [options.algorithm] (default: sha512)
+ * @returns {Promise<boolean>}
+ */
+export async function isTOTPValid(
+  secret: string,
+  totpToken: string,
+  options = {}
+) {
+  const _options = Object.assign({ period: 30, algorithm: 'sha512' }, options)
+  for (let index = -2; index < 3; index += 1) {
+    const fromSys = await totp(secret, Date.now() / 1000 + index, _options)
+    const valid = fromSys === totpToken
+    if (valid) {
+      return true
+    }
+  }
+  return false
+}
+
+export function generateTOTPURL(secret: string, options: TOTPURLOptions) {
+  const parameters = new URLSearchParams()
+  parameters.append('secret', secret)
+  parameters.append('issuer', options.company)
+  parameters.append('digits', '6')
+  const url = `otpauth://totp/${options.company}:${
+    options.email
+  }?${parameters.toString()}`
+  return new URL(url).toString()
+}
+
+export function generateTOTPSecret(num = 32) {
+  const array = new Uint32Array(num)
+  const vals = getRandomValues(array)
+  return encode(Buffer.from(vals).toString('ascii'))
+}