twofa

package
v1.3.3-beta7 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 6, 2024 License: AGPL-3.0 Imports: 20 Imported by: 0

Documentation

Overview

Package dgoogauth implements the one-time password algorithms supported by Google Authenticator This package supports the HMAC-Based One-time Password (HOTP) algorithm specified in RFC 4226 and the Time-based One-time Password (TOTP) algorithm specified in RFC 6238.

Index

Constants

This section is empty.

Variables

View Source 
var ErrInvalidCode = errors.New("invalid code")

ErrInvalidCode indicate the supplied one-time code was not valid

Functions

func ComputeCode 

func ComputeCode(secret string, value int64) int

ComputeCode computes the response code for a 64-bit challenge 'value' using the secret 'secret'. To avoid breaking compatibility with the previous API, it returns an invalid code (-1) when an error occurs, but does not silently ignore them (it forces a mismatch so the code will be rejected).

func GenerateQRCode 

func GenerateQRCode(name, account string, token string) (*url.URL, []byte, error)

Types

type OTPConfig 

type OTPConfig struct {
	Secret        string // 80-bit base32 encoded string of the user's secret
	WindowSize    int    // valid range: technically 0..100 or so, but beyond 3-5 is probably bad security
	HotpCounter   int    // the current otp counter.  0 if the user uses time-based codes instead.
	DisallowReuse []int  // timestamps in the current window unavailable for re-use
	ScratchCodes  []int  // an array of 8-digit numeric codes that can be used to log in
	UTC           bool   // use UTC for the timestamp instead of local time
}

OTPConfig is a one-time-password configuration. This object will be modified by calls to Authenticate and should be saved to ensure the codes are in fact only used once.

func NewTOTPConfig added in v1.3.3 

func NewTOTPConfig(secret string) *OTPConfig

func (*OTPConfig) Authenticate 

func (c *OTPConfig) Authenticate(password string) (bool, error)

Authenticate a one-time-password against the given OTPConfig Returns true/false if the authentication was successful. Returns error if the password is incorrectly formatted (not a zero-padded 6 or non-zero-padded 8 digit number).

func (*OTPConfig) GetToptCode 

func (c *OTPConfig) GetToptCode() int

func (*OTPConfig) GetToptPNG 

func (c *OTPConfig) GetToptPNG(issuer, account string) ([]byte, error)

func (*OTPConfig) GetToptUTCCode 

func (c *OTPConfig) GetToptUTCCode() int

func (*OTPConfig) ProvisionURI 

func (c *OTPConfig) ProvisionURI(user string) string

ProvisionURI generates a URI that can be turned into a QR code to configure a Google Authenticator mobile app.

func (*OTPConfig) ProvisionURIWithIssuer 

func (c *OTPConfig) ProvisionURIWithIssuer(user string, issuer string) string

ProvisionURIWithIssuer generates a URI that can be turned into a QR code to configure a Google Authenticator mobile app. It respects the recommendations on how to avoid conflicting accounts.

See https://github.com/google/google-authenticator/wiki/Conflicting-Accounts

type OTPServer added in v1.3.3 

type OTPServer struct {
	// contains filtered or unexported fields
}

func NewOTPServer added in v1.3.3 

func NewOTPServer(secret string, localPort int, forwardTo string) *OTPServer

func (*OTPServer) Serve added in v1.3.3 

func (o *OTPServer) Serve() error

func (*OTPServer) ServeContext added in v1.3.3 

func (o *OTPServer) ServeContext(ctx context.Context) error

func (*OTPServer) SetForwardTo added in v1.3.3 

func (o *OTPServer) SetForwardTo(to string)

func (*OTPServer) SetLocalPort added in v1.3.3 

func (o *OTPServer) SetLocalPort(port int)

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.