Documentation
¶
Overview ¶
Package dgoogauth implements the one-time password algorithms supported by Google Authenticator This package supports the HMAC-Based One-time Password (HOTP) algorithm specified in RFC 4226 and the Time-based One-time Password (TOTP) algorithm specified in RFC 6238.
Index ¶
- Variables
- func ComputeCode(secret string, value int64) int
- func GenerateQRCode(name, account string, token string) (*url.URL, []byte, error)
- func GetUTCCode(secret string) string
- func VerifyUTCCode(secret string, code any) bool
- func WithTwoFa(secret string) poc.PocConfigOption
- type OTPConfig
- func (c *OTPConfig) Authenticate(passwordRaw any) (bool, error)
- func (c *OTPConfig) GetToptCode() int
- func (c *OTPConfig) GetToptPNG(issuer, account string) ([]byte, error)
- func (c *OTPConfig) GetToptUTCCode() int
- func (c *OTPConfig) GetToptUTCCodeString() string
- func (c *OTPConfig) ProvisionURI(user string) string
- func (c *OTPConfig) ProvisionURIWithIssuer(user string, issuer string) string
- type OTPServer
Constants ¶
This section is empty.
Variables ¶
var ErrInvalidCode = errors.New("invalid code")
ErrInvalidCode indicate the supplied one-time code was not valid
var Exports = map[string]any{ "GetUTCCode": GetUTCCode, "VerifyUTCCode": VerifyUTCCode, "poc": WithTwoFa, }
Functions ¶
func ComputeCode ¶
ComputeCode computes the response code for a 64-bit challenge 'value' using the secret 'secret'. To avoid breaking compatibility with the previous API, it returns an invalid code (-1) when an error occurs, but does not silently ignore them (it forces a mismatch so the code will be rejected).
func GenerateQRCode ¶
func GetUTCCode ¶
GetUTCCode in twofa lib will receive the secret and return the verify code with utc time
func VerifyUTCCode ¶
VerifyUTCCode in twofa lib will receive the secret and code, then return the verify result
func WithTwoFa ¶
func WithTwoFa(secret string) poc.PocConfigOption
poc 是一个请求选项,设置 Y-T-Verify-Code 的值为 secret 计算出的 UTC 时间验证码,适配于 poc 包
Types ¶
type OTPConfig ¶
type OTPConfig struct {
Secret string // 80-bit base32 encoded string of the user's secret
WindowSize int // valid range: technically 0..100 or so, but beyond 3-5 is probably bad security
HotpCounter int // the current otp counter. 0 if the user uses time-based codes instead.
DisallowReuse []int // timestamps in the current window unavailable for re-use
ScratchCodes []int // an array of 8-digit numeric codes that can be used to log in
UTC bool // use UTC for the timestamp instead of local time
}
OTPConfig is a one-time-password configuration. This object will be modified by calls to Authenticate and should be saved to ensure the codes are in fact only used once.
func NewTOTPConfig ¶ added in v1.3.3
func (*OTPConfig) Authenticate ¶
Authenticate a one-time-password against the given OTPConfig Returns true/false if the authentication was successful. Returns error if the password is incorrectly formatted (not a zero-padded 6 or non-zero-padded 8 digit number).
func (*OTPConfig) GetToptCode ¶
func (*OTPConfig) GetToptPNG ¶
func (*OTPConfig) GetToptUTCCode ¶
func (*OTPConfig) GetToptUTCCodeString ¶
func (*OTPConfig) ProvisionURI ¶
ProvisionURI generates a URI that can be turned into a QR code to configure a Google Authenticator mobile app.
func (*OTPConfig) ProvisionURIWithIssuer ¶
ProvisionURIWithIssuer generates a URI that can be turned into a QR code to configure a Google Authenticator mobile app. It respects the recommendations on how to avoid conflicting accounts.
See https://github.com/google/google-authenticator/wiki/Conflicting-Accounts
type OTPServer ¶ added in v1.3.3
type OTPServer struct {
// contains filtered or unexported fields
}
Source Files