Documentation ¶
Overview ¶
Package otp implements one-time-password generators used in 2-factor authentication systems like RSA-tokens and Google Authenticator. Currently this supports both HOTP (RFC-4226) and TOTP (RFC-6238).
All tests used in this package, uses reference values from both RFCs to ensure compatibility with another OTP implementations.
Index ¶
Constants ¶
const ( DefaultLength = 6 // Default length of the generated tokens DefaultPeriod = 30 // Default time period for TOTP tokens, in seconds // This used to be 100, and here's why I changed it to 20. The HOTP spec recommends // the secret be 160 bits. 2^160 = (2^5)^32 = 32^32. Note that the two bases we // have are base 62 (for alphanum mixed case) and base32 (which Google prefers). // Setting the secret to 20 genererates a length 32 base 32 secret. We avoid gigantic // QR codes, and have sufficient entropy that's not greater than the number of atoms in // the universe. <3 DefaultRandomSecretLength = 20 // Default random secret length DefaultWindowBack = 1 // Default TOTP verification window back steps DefaultWindowForward = 1 // Default TOTP verification window forward steps )
Default settings for all generators
const (
MaxLength = 10 // Maximum token length
)
Maximum values for all generators
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type HOTP ¶
type HOTP struct { Secret string // The secret used to generate the token Length uint8 // The token size, with a maximum determined by MaxLength Counter uint64 // The counter used as moving factor IsBase32Secret bool // If true, the secret will be used as a Base32 encoded string }
HOTP is used to generate tokens based on RFC-4226.
Example:
hotp := &HOTP{Secret: "your-secret", Counter: 1000, Length: 8, IsBase32Secret: true} token := hotp.Get()
HOTP assumes a set of default values for Secret, Length, Counter, and IsBase32Secret. If no Secret is informed, HOTP will generate a random one that you need to store with the Counter, for future token verifications. Check this package constants to see the current default values.
type TOTP ¶
type TOTP struct { Secret string // The secret used to generate a token Length uint8 // The token length Time time.Time // The time used to generate the token IsBase32Secret bool // Period uint8 // The step size to slice time, in seconds WindowBack uint8 // How many steps HOTP will go backwards to validate a token WindowForward uint8 // How many steps HOTP will go forward to validate a token }
TOTP is used to generate tokens based on RFC-6238.
Example:
totp := &TOTP{Secret: "your-secret", IsBase32Secret: true} token := totp.Get()
TOTP assumes a set of default values for Secret, Length, Time, Period, WindowBack, WindowForward and IsBase32Secret ¶
If no Secret is informed, TOTP will generate a random one that you need to store with the Counter, for future token verifications.
Check this package constants to see the current default values.
func (*TOTP) Now ¶
Now is a fluent interface to set the TOTP generator's time to the current date/time
func (*TOTP) QR ¶ added in v1.0.1
QR generates a byte slice containing the a QR code encoded as a PNG with level L (20%) error correction. Note that size of the image is a factor of the amount of data encoded as well as error correction
func (*TOTP) URL ¶ added in v1.0.1
URL constructs a URL appropriate for the token (i.e. for use in a QR code). URI keys specified here: https://github.com/google/google-authenticator/wiki/Key-Uri-Format Typically label is the username for the service, and issuer is the service name