twofa

package
v1.2.1-sp5 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: May 30, 2023 License: AGPL-3.0 Imports: 11 Imported by: 0

Documentation

Overview

Package dgoogauth implements the one-time password algorithms supported by Google Authenticator This package supports the HMAC-Based One-time Password (HOTP) algorithm specified in RFC 4226 and the Time-based One-time Password (TOTP) algorithm specified in RFC 6238.

Index

Constants

This section is empty.

Variables

View Source
var ErrInvalidCode = errors.New("invalid code")

ErrInvalidCode indicate the supplied one-time code was not valid

Functions

func ComputeCode

func ComputeCode(secret string, value int64) int

ComputeCode computes the response code for a 64-bit challenge 'value' using the secret 'secret'. To avoid breaking compatibility with the previous API, it returns an invalid code (-1) when an error occurs, but does not silently ignore them (it forces a mismatch so the code will be rejected).

func GenerateQRCode

func GenerateQRCode(name, account string, token string) (*url.URL, []byte, error)

Types

type OTPConfig

type OTPConfig struct {
	Secret        string // 80-bit base32 encoded string of the user's secret
	WindowSize    int    // valid range: technically 0..100 or so, but beyond 3-5 is probably bad security
	HotpCounter   int    // the current otp counter.  0 if the user uses time-based codes instead.
	DisallowReuse []int  // timestamps in the current window unavailable for re-use
	ScratchCodes  []int  // an array of 8-digit numeric codes that can be used to log in
	UTC           bool   // use UTC for the timestamp instead of local time
}

OTPConfig is a one-time-password configuration. This object will be modified by calls to Authenticate and should be saved to ensure the codes are in fact only used once.

func (*OTPConfig) Authenticate

func (c *OTPConfig) Authenticate(password string) (bool, error)

Authenticate a one-time-password against the given OTPConfig Returns true/false if the authentication was successful. Returns error if the password is incorrectly formatted (not a zero-padded 6 or non-zero-padded 8 digit number).

func (*OTPConfig) GetToptCode

func (c *OTPConfig) GetToptCode() int

func (*OTPConfig) GetToptPNG

func (c *OTPConfig) GetToptPNG(issuer, account string) ([]byte, error)

func (*OTPConfig) GetToptUTCCode

func (c *OTPConfig) GetToptUTCCode() int

func (*OTPConfig) ProvisionURI

func (c *OTPConfig) ProvisionURI(user string) string

ProvisionURI generates a URI that can be turned into a QR code to configure a Google Authenticator mobile app.

func (*OTPConfig) ProvisionURIWithIssuer

func (c *OTPConfig) ProvisionURIWithIssuer(user string, issuer string) string

ProvisionURIWithIssuer generates a URI that can be turned into a QR code to configure a Google Authenticator mobile app. It respects the recommendations on how to avoid conflicting accounts.

See https://github.com/google/google-authenticator/wiki/Conflicting-Accounts

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL