123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191 |
- package totp
- import (
- "github.com/pquerna/otp"
- "github.com/pquerna/otp/hotp"
- "crypto/rand"
- "encoding/base32"
- "math"
- "net/url"
- "strconv"
- "time"
- )
- func Validate(passcode string, secret string) bool {
- rv, _ := ValidateCustom(
- passcode,
- secret,
- time.Now().UTC(),
- ValidateOpts{
- Period: 30,
- Skew: 1,
- Digits: otp.DigitsSix,
- Algorithm: otp.AlgorithmSHA1,
- },
- )
- return rv
- }
- func GenerateCode(secret string, t time.Time) (string, error) {
- return GenerateCodeCustom(secret, t, ValidateOpts{
- Period: 30,
- Skew: 1,
- Digits: otp.DigitsSix,
- Algorithm: otp.AlgorithmSHA1,
- })
- }
- type ValidateOpts struct {
-
- Period uint
-
-
-
- Skew uint
-
- Digits otp.Digits
-
- Algorithm otp.Algorithm
- }
- func GenerateCodeCustom(secret string, t time.Time, opts ValidateOpts) (passcode string, err error) {
- if opts.Period == 0 {
- opts.Period = 30
- }
- counter := uint64(math.Floor(float64(t.Unix()) / float64(opts.Period)))
- passcode, err = hotp.GenerateCodeCustom(secret, counter, hotp.ValidateOpts{
- Digits: opts.Digits,
- Algorithm: opts.Algorithm,
- })
- if err != nil {
- return "", err
- }
- return passcode, nil
- }
- func ValidateCustom(passcode string, secret string, t time.Time, opts ValidateOpts) (bool, error) {
- if opts.Period == 0 {
- opts.Period = 30
- }
- counters := []uint64{}
- counter := int64(math.Floor(float64(t.Unix()) / float64(opts.Period)))
- counters = append(counters, uint64(counter))
- for i := 1; i <= int(opts.Skew); i++ {
- counters = append(counters, uint64(counter+int64(i)))
- counters = append(counters, uint64(counter-int64(i)))
- }
- for _, counter := range counters {
- rv, err := hotp.ValidateCustom(passcode, counter, secret, hotp.ValidateOpts{
- Digits: opts.Digits,
- Algorithm: opts.Algorithm,
- })
- if err != nil {
- return false, err
- }
- if rv == true {
- return true, nil
- }
- }
- return false, nil
- }
- type GenerateOpts struct {
-
- Issuer string
-
- AccountName string
-
- Period uint
-
- SecretSize uint
-
- Digits otp.Digits
-
- Algorithm otp.Algorithm
- }
- func Generate(opts GenerateOpts) (*otp.Key, error) {
-
- if opts.Issuer == "" {
- return nil, otp.ErrGenerateMissingIssuer
- }
- if opts.AccountName == "" {
- return nil, otp.ErrGenerateMissingAccountName
- }
- if opts.Period == 0 {
- opts.Period = 30
- }
- if opts.SecretSize == 0 {
- opts.SecretSize = 10
- }
- if opts.Digits == 0 {
- opts.Digits = otp.DigitsSix
- }
-
- v := url.Values{}
- secret := make([]byte, opts.SecretSize)
- _, err := rand.Read(secret)
- if err != nil {
- return nil, err
- }
- v.Set("secret", base32.StdEncoding.EncodeToString(secret))
- v.Set("issuer", opts.Issuer)
- v.Set("period", strconv.FormatUint(uint64(opts.Period), 10))
- v.Set("algorithm", opts.Algorithm.String())
- v.Set("digits", opts.Digits.String())
- u := url.URL{
- Scheme: "otpauth",
- Host: "totp",
- Path: "/" + opts.Issuer + ":" + opts.AccountName,
- RawQuery: v.Encode(),
- }
- return otp.NewKeyFromURL(u.String())
- }
|