otplib 12.0.0-1 → 12.0.1

package/totp/index.js

@@ -1,202 +0,0 @@
-/**
- * otplib-totp
- *
- * @author Gerald Yeo <contact@fusedthought.com>
- * @version: 12.0.0-1
- * @license: MIT
- **/
-'use strict';
-
-Object.defineProperty(exports, '__esModule', { value: true });
-
-var otplibHotp = require('../hotp');
-
-function parseWindowBounds(win) {
-  if (typeof win === 'number') {
-    return [Math.abs(win), Math.abs(win)];
-  }
-  if (Array.isArray(win)) {
-    const [past, future] = win;
-    if (typeof past === 'number' && typeof future === 'number') {
-      return [Math.abs(past), Math.abs(future)];
-    }
-  }
-  throw new Error('Expecting options.window to be an number or [number, number].');
-}
-function totpOptionsValidator(options) {
-  otplibHotp.hotpOptionsValidator(options);
-  parseWindowBounds(options.window);
-  if (typeof options.epoch !== 'number') {
-    throw new Error('Expecting options.epoch to be a number.');
-  }
-  if (typeof options.step !== 'number') {
-    throw new Error('Expecting options.step to be a number.');
-  }
-}
-const totpPadSecret = (secret, encoding, minLength) => {
-  const currentLength = secret.length;
-  const hexSecret = Buffer.from(secret, encoding).toString('hex');
-  if (currentLength < minLength) {
-    const newSecret = new Array(minLength - currentLength + 1).join(hexSecret);
-    return Buffer.from(newSecret, 'hex').slice(0, minLength).toString('hex');
-  }
-  return hexSecret;
-};
-const totpCreateHmacKey = (algorithm, secret, encoding) => {
-  switch (algorithm) {
-    case otplibHotp.HashAlgorithms.SHA1:
-      return totpPadSecret(secret, encoding, 20);
-    case otplibHotp.HashAlgorithms.SHA256:
-      return totpPadSecret(secret, encoding, 32);
-    case otplibHotp.HashAlgorithms.SHA512:
-      return totpPadSecret(secret, encoding, 64);
-    default:
-      throw new Error(`Expecting algorithm to be one of ${otplibHotp.HASH_ALGORITHMS.join(', ')}. Received ${algorithm}.`);
-  }
-};
-function totpDefaultOptions() {
-  const options = {
-    algorithm: otplibHotp.HashAlgorithms.SHA1,
-    createDigest: otplibHotp.createDigestPlaceholder,
-    createHmacKey: totpCreateHmacKey,
-    digits: 6,
-    encoding: otplibHotp.KeyEncodings.ASCII,
-    epoch: Date.now(),
-    step: 30,
-    window: 0
-  };
-  return options;
-}
-function totpOptions(opt) {
-  const options = { ...totpDefaultOptions(),
-    ...opt
-  };
-  totpOptionsValidator(options);
-  return Object.freeze(options);
-}
-function totpCounter(epoch, step) {
-  return Math.floor(epoch / step / 1000);
-}
-function totpToken(secret, options) {
-  const counter = totpCounter(options.epoch, options.step);
-  return otplibHotp.hotpToken(secret, counter, options);
-}
-function totpEpochsInWindow(epoch, direction, deltaPerEpoch, numOfEpoches) {
-  const result = [];
-  if (numOfEpoches === 0) {
-    return result;
-  }
-  for (let i = 1; i <= numOfEpoches; i++) {
-    const delta = direction * i * deltaPerEpoch;
-    result.push(epoch + delta);
-  }
-  return result;
-}
-function totpEpochAvailable(epoch, step, win) {
-  const bounds = parseWindowBounds(win);
-  const delta = step * 1000;
-  return {
-    current: epoch,
-    past: totpEpochsInWindow(epoch, -1, delta, bounds[0]),
-    future: totpEpochsInWindow(epoch, 1, delta, bounds[1])
-  };
-}
-function totpCheck(token, secret, options) {
-  if (!otplibHotp.isTokenValid(token)) {
-    return false;
-  }
-  const systemToken = totpToken(secret, options);
-  return token === systemToken;
-}
-function totpCheckByEpoch(epochs, token, secret, options) {
-  let position = null;
-  epochs.some((epoch, idx) => {
-    if (totpCheck(token, secret, { ...options,
-      epoch
-    })) {
-      position = idx + 1;
-      return true;
-    }
-    return false;
-  });
-  return position;
-}
-function totpCheckWithWindow(token, secret, options) {
-  if (totpCheck(token, secret, options)) {
-    return 0;
-  }
-  const epochs = totpEpochAvailable(options.epoch, options.step, options.window);
-  const backward = totpCheckByEpoch(epochs.past, token, secret, options);
-  if (backward !== null) {
-    return backward * -1;
-  }
-  return totpCheckByEpoch(epochs.future, token, secret, options);
-}
-function totpTimeUsed(epoch, step) {
-  return Math.floor(epoch / 1000) % step;
-}
-function totpTimeRemaining(epoch, step) {
-  return step - totpTimeUsed(epoch, step);
-}
-function totpKeyuri(accountName, issuer, secret, options) {
-  return otplibHotp.keyuri({
-    algorithm: options.algorithm,
-    digits: options.digits,
-    step: options.step,
-    type: otplibHotp.Strategy.TOTP,
-    accountName,
-    issuer,
-    secret
-  });
-}
-class TOTP extends otplibHotp.HOTP {
-  create(defaultOptions = {}) {
-    return new TOTP(defaultOptions);
-  }
-  allOptions() {
-    return totpOptions(this.options);
-  }
-  generate(secret) {
-    return totpToken(secret, this.allOptions());
-  }
-  checkDelta(token, secret) {
-    return totpCheckWithWindow(token, secret, this.allOptions());
-  }
-  check(token, secret) {
-    const delta = this.checkDelta(token, secret);
-    return typeof delta === 'number';
-  }
-  verify(opts) {
-    if (typeof opts !== 'object') {
-      throw new Error('Expecting argument 0 of verify to be an object');
-    }
-    return this.check(opts.token, opts.secret);
-  }
-  timeRemaining() {
-    const options = this.allOptions();
-    return totpTimeRemaining(options.epoch, options.step);
-  }
-  timeUsed() {
-    const options = this.allOptions();
-    return totpTimeUsed(options.epoch, options.step);
-  }
-  keyuri(accountName, issuer, secret) {
-    return totpKeyuri(accountName, issuer, secret, this.allOptions());
-  }
-}
-
-exports.TOTP = TOTP;
-exports.totpCheck = totpCheck;
-exports.totpCheckByEpoch = totpCheckByEpoch;
-exports.totpCheckWithWindow = totpCheckWithWindow;
-exports.totpCounter = totpCounter;
-exports.totpCreateHmacKey = totpCreateHmacKey;
-exports.totpDefaultOptions = totpDefaultOptions;
-exports.totpEpochAvailable = totpEpochAvailable;
-exports.totpKeyuri = totpKeyuri;
-exports.totpOptions = totpOptions;
-exports.totpOptionsValidator = totpOptionsValidator;
-exports.totpPadSecret = totpPadSecret;
-exports.totpTimeRemaining = totpTimeRemaining;
-exports.totpTimeUsed = totpTimeUsed;
-exports.totpToken = totpToken;

package/totp/totp.d.ts

@@ -1,201 +0,0 @@
-import { CreateHmacKey, HOTP, HOTPOptions, KeyEncodings, SecretKey } from '../hotp';
-/**
- * Interface for options used in TOTP.
- *
- * Contains additional options in addition to
- * those within HOTP.
- */
-export interface TOTPOptions<T = string> extends HOTPOptions<T> {
-    /**
-     * The starting time since the JavasSript epoch (seconds) (UNIX epoch * 1000).
-     */
-    epoch: number;
-    /**
-     * Time step (seconds).
-     */
-    step: number;
-    /**
-     * How many windows (x * step) past and future do we consider as valid during check.
-     */
-    window: number | [number, number];
-}
-/**
- * Interface for available epoches derived from
- * the current epoch.
- */
-export interface EpochAvailable {
-    current: number;
-    future: number[];
-    past: number[];
-}
-/**
- * Validates the given [[TOTPOptions]].
- */
-export declare function totpOptionsValidator<T extends TOTPOptions<unknown> = TOTPOptions<unknown>>(options: Readonly<Partial<T>>): void;
-/**
- * Pads the secret to the expected minimum length
- * and returns a hex representation of the string.
- */
-export declare const totpPadSecret: (secret: string, encoding: KeyEncodings, minLength: number) => string;
-/**
- * Takes a TOTP secret and derives the HMAC key
- * for use in token generation.
- *
- * In RFC 6238, the secret / seed length for different algorithms
- * are predefined.
- *
- * - HMAC-SHA1 (20 bytes)
- * - HMAC-SHA256 (32 bytes)
- * - HMAC-SHA512 (64 bytes)
- *
- * @param algorithm - Reference: [[TOTPOptions.algorithm]]
- * @param secret
- * @param encoding - Reference: [[TOTPOptions.encoding]]
- */
-export declare const totpCreateHmacKey: CreateHmacKey;
-/**
- * Returns a set of default options for TOTP at the current epoch.
- */
-export declare function totpDefaultOptions<T extends TOTPOptions<unknown> = TOTPOptions<unknown>>(): Partial<T>;
-/**
- * Takes an TOTP Option object and provides presets for
- * some of the missing required TOTP option fields and validates
- * the resultant options.
- */
-export declare function totpOptions<T extends TOTPOptions<unknown> = TOTPOptions<unknown>>(opt: Partial<T>): Readonly<T>;
-/**
- * Generates the counter based on the current epoch and step.
- * This dynamic counter is used in the HOTP algorithm.
- *
- * @param epoch - Reference: [[TOTPOptions.epoch]]
- * @param step - Reference: [[TOTPOptions.step]]
- */
-export declare function totpCounter(epoch: number, step: number): number;
-/**
- * Generates a Time-based One-time Token (TOTP)
- *
- * tl;dr: TOTP = HOTP + counter based on current time.
- *
- * **References**
- *
- * -   http://tools.ietf.org/html/rfc6238
- * -   http://en.wikipedia.org/wiki/Time-based_One-time_Password_Algorithm
- *
- */
-export declare function totpToken<T extends TOTPOptions<unknown> = TOTPOptions<unknown>>(secret: SecretKey, options: Readonly<T>): string;
-/**
- * Gets a set of epoches derived from
- * the current epoch and the acceptable window.
- *
- * @param epoch - Reference: [[TOTPOptions.epoch]]
- * @param step - Reference: [[TOTPOptions.step]]
- * @param win - Reference: [[TOTPOptions.window]]
- */
-export declare function totpEpochAvailable(epoch: number, step: number, win: number | [number, number]): EpochAvailable;
-/**
- * Checks the given token against the system generated token.
- *
- * **Note**: Token is valid only if it is a number string.
- */
-export declare function totpCheck<T extends TOTPOptions<unknown> = TOTPOptions<unknown>>(token: string, secret: SecretKey, options: Readonly<T>): boolean;
-/**
- * Checks if there is a valid TOTP token in a given list of epoches.
- * Returns the (index + 1) of a valid epoch in the list.
- *
- * @param epochs - List of epochs to check token against
- * @param token - The token to check
- * @param secret - Your secret key.
- * @param options - A TOTPOptions object.
- */
-export declare function totpCheckByEpoch<T extends TOTPOptions = TOTPOptions>(epochs: number[], token: string, secret: SecretKey, options: Readonly<T>): number | null;
-/**
- * Checks the provided OTP token against system generated token
- * with support for checking past or future x * step windows.
- *
- * Return values:
- *
- * - null = check failed
- * - positive number = token at future x * step
- * - negative number = token at past x * step
- *
- * @param token - The token to check
- * @param secret - Your secret key.
- * @param options - A TOTPOptions object.
- */
-export declare function totpCheckWithWindow<T extends TOTPOptions = TOTPOptions>(token: string, secret: SecretKey, options: Readonly<T>): number | null;
-/**
- * Calculates the number of seconds used in the current tick for TOTP.
- *
- * The start of a new token: `timeUsed() === 0`
- *
- * @param epoch - Reference: [[TOTPOptions.epoch]]
- * @param step - Reference: [[TOTPOptions.step]]
- */
-export declare function totpTimeUsed(epoch: number, step: number): number;
-/**
- * Calculates the number of seconds till next tick for TOTP.
- *
- * The start of a new token: `timeRemaining() === step`
- *
- * @param epoch - Reference: [[TOTPOptions.epoch]]
- * @param step - Reference: [[TOTPOptions.step]]
- */
-export declare function totpTimeRemaining(epoch: number, step: number): number;
-/**
- * Generates a [keyuri](../#keyuri) from options provided
- * and it's type set to TOTP.
- */
-export declare function totpKeyuri<T extends TOTPOptions<unknown> = TOTPOptions<unknown>>(accountName: string, issuer: string, secret: SecretKey, options: Readonly<T>): string;
-/**
- * A class wrapper containing all TOTP methods.
- */
-export declare class TOTP<T extends TOTPOptions = TOTPOptions> extends HOTP<T> {
-    /**
-     * Creates a new instance with all defaultOptions and options reset.
-     */
-    create(defaultOptions?: Partial<T>): TOTP<T>;
-    /**
-     * Returns class options polyfilled with some of
-     * the missing required options.
-     *
-     * Reference: [[totpOptions]]
-     */
-    allOptions(): Readonly<T>;
-    /**
-     * Reference: [[totpToken]]
-     */
-    generate(secret: SecretKey): string;
-    /**
-     * Reference: [[totpCheckWithWindow]]
-     */
-    checkDelta(token: string, secret: SecretKey): number | null;
-    /**
-     * Checks if a given TOTP token matches the generated
-     * token at the given epoch (default to current time).
-     *
-     * This method will return true as long as the token is
-     * still within the acceptable time window defined.
-     *
-     * i.e when [[checkDelta]] returns a number.
-     */
-    check(token: string, secret: SecretKey): boolean;
-    /**
-     * Same as [[check]] but accepts a single object based argument.
-     */
-    verify(opts: {
-        token: string;
-        secret: SecretKey;
-    }): boolean;
-    /**
-     * Reference: [[totpTimeRemaining]]
-     */
-    timeRemaining(): number;
-    /**
-     * Reference: [[totpTimeUsed]]
-     */
-    timeUsed(): number;
-    /**
-     * Reference: [[totpKeyuri]]
-     */
-    keyuri(accountName: string, issuer: string, secret: SecretKey): string;
-}

package/totp-async/index.d.ts

@@ -1 +0,0 @@
-export * from './totp';

package/totp-async/index.js

@@ -1,98 +0,0 @@
-/**
- * otplib-totp-async
- *
- * @author Gerald Yeo <contact@fusedthought.com>
- * @version: 12.0.0-1
- * @license: MIT
- **/
-'use strict';
-
-Object.defineProperty(exports, '__esModule', { value: true });
-
-var otplibTotp = require('../totp');
-var otplibHotpAsync = require('../hotp-async');
-
-async function totpDigestAsync(secret, options) {
-  const counter = otplibTotp.totpCounter(options.epoch, options.step);
-  return otplibHotpAsync.hotpDigestAsync(secret, counter, options);
-}
-async function totpTokenAsync(secret, options) {
-  const digest = await totpDigestAsync(secret, options);
-  return otplibTotp.totpToken(secret, { ...options,
-    digest
-  });
-}
-async function totpCheckAsync(token, secret, options) {
-  const digest = await totpDigestAsync(secret, options);
-  return otplibTotp.totpCheck(token, secret, { ...options,
-    digest
-  });
-}
-async function totpCheckByEpochAsync(epochs, token, secret, options) {
-  let position = null;
-  const digests = await Promise.all(epochs.map(epoch => totpDigestAsync(secret, { ...options,
-    epoch
-  })));
-  digests.some((digest, idx) => {
-    const result = otplibTotp.totpCheck(token, secret, { ...options,
-      digest
-    });
-    if (result) {
-      position = idx + 1;
-      return true;
-    }
-    return false;
-  });
-  return position;
-}
-async function totpCheckWithWindowAsync(token, secret, options) {
-  const checkZero = await totpCheckAsync(token, secret, options);
-  if (checkZero) {
-    return 0;
-  }
-  const epochs = otplibTotp.totpEpochAvailable(options.epoch, options.step, options.window);
-  const backward = await totpCheckByEpochAsync(epochs.past, token, secret, options);
-  if (backward !== null) {
-    return backward * -1;
-  }
-  return totpCheckByEpochAsync(epochs.future, token, secret, options);
-}
-class TOTPAsync extends otplibHotpAsync.HOTPAsync {
-  create(defaultOptions = {}) {
-    return new TOTPAsync(defaultOptions);
-  }
-  allOptions() {
-    return otplibTotp.totpOptions(this.options);
-  }
-  async generate(secret) {
-    return totpTokenAsync(secret, this.allOptions());
-  }
-  async checkDelta(token, secret) {
-    return totpCheckWithWindowAsync(token, secret, this.allOptions());
-  }
-  async check(token, secret) {
-    const delta = await this.checkDelta(token, secret);
-    return typeof delta === 'number';
-  }
-  async verify(opts) {
-    return this.check(opts.token, opts.secret);
-  }
-  async timeRemaining() {
-    const options = this.allOptions();
-    return otplibTotp.totpTimeRemaining(options.epoch, options.step);
-  }
-  async timeUsed() {
-    const options = this.allOptions();
-    return otplibTotp.totpTimeUsed(options.epoch, options.step);
-  }
-  async keyuri(accountName, issuer, secret) {
-    return otplibTotp.totpKeyuri(accountName, issuer, secret, this.allOptions());
-  }
-}
-
-exports.TOTPAsync = TOTPAsync;
-exports.totpCheckAsync = totpCheckAsync;
-exports.totpCheckByEpochAsync = totpCheckByEpochAsync;
-exports.totpCheckWithWindowAsync = totpCheckWithWindowAsync;
-exports.totpDigestAsync = totpDigestAsync;
-exports.totpTokenAsync = totpTokenAsync;

package/totp-async/totp.d.ts

@@ -1,46 +0,0 @@
-import { HexString, SecretKey } from '../hotp';
-import { TOTPOptions } from '../totp';
-import { HOTPAsync } from '../hotp-async';
-/**
- * Allow TOTPOptions to accept async method options.
- */
-export declare type TOTPAsyncOptions = TOTPOptions<Promise<string>>;
-/**
- * Generates the digest for TOTP based tokens.
- *
- * Uses [[hotpDigestAsync]].
- */
-export declare function totpDigestAsync<T extends TOTPAsyncOptions = TOTPAsyncOptions>(secret: SecretKey, options: Readonly<T>): Promise<HexString>;
-/**
- * Async version of [[totpToken]].
- */
-export declare function totpTokenAsync<T extends TOTPAsyncOptions = TOTPAsyncOptions>(secret: SecretKey, options: Readonly<T>): Promise<string>;
-/**
- * Async version of [[totpCheck]].
- */
-export declare function totpCheckAsync<T extends TOTPAsyncOptions = TOTPAsyncOptions>(token: string, secret: SecretKey, options: Readonly<T>): Promise<boolean>;
-/**
- * Async version of [[totpCheckByEpoch]].
- */
-export declare function totpCheckByEpochAsync<T extends TOTPAsyncOptions = TOTPAsyncOptions>(epochs: number[], token: string, secret: SecretKey, options: Readonly<T>): Promise<number | null>;
-/**
- * Async version of [[totpCheckWithWindow]].
- */
-export declare function totpCheckWithWindowAsync<T extends TOTPAsyncOptions = TOTPAsyncOptions>(token: string, secret: SecretKey, options: Readonly<T>): Promise<number | null>;
-/**
- * Async version of [[TOTP]].
- */
-export declare class TOTPAsync<T extends TOTPAsyncOptions = TOTPAsyncOptions> extends HOTPAsync<T> {
-    create(defaultOptions?: Partial<T>): TOTPAsync<T>;
-    allOptions(): Readonly<T>;
-    generate(secret: SecretKey): Promise<string>;
-    checkDelta(token: string, secret: SecretKey): Promise<number | null>;
-    check(token: string, secret: SecretKey): Promise<boolean>;
-    verify(opts: {
-        token: string;
-        secret: SecretKey;
-    }): Promise<boolean>;
-    timeRemaining(): Promise<number>;
-    timeUsed(): Promise<number>;
-    keyuri(accountName: string, issuer: string, secret: SecretKey): Promise<string>;
-}