otp

package module
v0.0.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Nov 16, 2022 License: Unlicense Imports: 8 Imported by: 0

README

Yet another Go One-Time Password package

Why?

...

Documentation

Index

Constants

View Source 
const (

	// length defines the OTP code in character length.
	OTPLength = 6
	// period defines the TTL of a TOTP code in seconds.
	OTPPeriod = 30
)

Variables

This section is empty.

Functions

func NewQR 

func NewQR(uri string) ([]byte, error)

func NewSecret 

func NewSecret() (string, error)

Types

type OTP 

type OTP struct {
	// Issuer represents the service provider. It is you! e.g. your service,
	// your application, your organisation so on.
	Issuer string
	// Account represents the service user. It is the user! e.g. username, email
	// address so on.
	Account string
	// Secret is an arbitrary key value encoded in Base32 and belongs to the
	// service user.
	Secret string
	// Window is used for time (TOTP) and counter (HOTP) synchronization. Given
	// that the possible time and counter drifts between client and server, this
	// parameter helps overcome such issue. TOTP uses backward and forward time
	// window whereas HOTP uses look-ahead counter window that depends on the
	// Counter parameter.
	// Resynchronisation is an official recommended practise, however the
	// lower the better.
	// 0 = not recommended as synchronization is disabled
	//   TOTP: current time
	//   HOTP: current counter
	// 1 = recommended option
	//   TOTP: previous - current - next
	//   HOTP: current counter - next counter
	// 2 = being overcautious
	//   TOTP: previous,previous - current - next,next
	//   HOTP: current counter - next counter - next counter
	// * = Higher numbers may cause denial-of-service attacks.
	// https://datatracker.ietf.org/doc/html/rfc6238#page-7
	// https://datatracker.ietf.org/doc/html/rfc4226#page-11
	Window int
	// Counter is required for HOTP only and used for provisioning the code. Set
	// it to 0 if you with to use TOTP. Start from 1 for HOTP then fetch and use
	// the one in the persistent storage. The server counter is incremented only
	// after a successful code verification, however the counter on the code is
	// incremented every time a new code is requested by the user which causes
	// counters being out of sync. For that reason, time-synchronization should
	// be enabled.
	// https://datatracker.ietf.org/doc/html/rfc4226#page-11
	Counter int
}

func (*OTP) CreateHOTPCode 

func (o *OTP) CreateHOTPCode(counter int) (string, error)

CreateHOTPCode creates a new HOTP with a specific counter. This method is ideal if you are planning to send manually created code via email, SMS etc. The user should not be present a QR code for this option otherwise there is a high posibility that the client and server counters will be out of sync, unless the user will be forced to rescan a newly generaed QR with up to date counter value.

func (*OTP) CreateURI 

func (o *OTP) CreateURI() string

CreateURI builds the authentication URI which is used to create a QR code. If the counter is set to 0, the algorithm is assumed to be TOTP, otherwise HOTP. https://github.com/google/google-authenticator/wiki/Key-Uri-Format

func (*OTP) VerifyCode 

func (o *OTP) VerifyCode(code string) (bool, error)

VerifyCode talks to an algorithm specific validator to verify the integrity of the code. If the counter is set to 0, the algorithm is assumed to be TOTP, otherwise HOTP.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.