otpauth
Version:
One Time Password (HOTP/TOTP) library for Node.js, Deno, Bun and browsers
10 lines (9 loc) • 9.73 kB
JavaScript
//! otpauth 9.4.0 | (c) Héctor Molinero Fernández | MIT | https://github.com/hectorm/otpauth
/// <reference types="./otpauth.d.ts" />
// @ts-nocheck
;function e(e){var t=Object.create(null);return e&&Object.keys(e).forEach((function(r){if("default"!==r){var i=Object.getOwnPropertyDescriptor(e,r);Object.defineProperty(t,r,i.get?i:{enumerable:!0,get:function(){return e[r]}})}})),t.default=e,Object.freeze(t)}var t=e(require("node:crypto"));const r=(()=>{if("object"==typeof globalThis)return globalThis;Object.defineProperty(Object.prototype,"__GLOBALTHIS__",{get(){return this},configurable:!0});try{if("undefined"!=typeof __GLOBALTHIS__)return __GLOBALTHIS__}finally{delete Object.prototype.__GLOBALTHIS__}return"undefined"!=typeof self?self:"undefined"!=typeof window?window:"undefined"!=typeof global?global:void 0})(),i=e=>{switch(!0){case/^(?:SHA-?1|SSL3-SHA1)$/i.test(e):return"SHA1";case/^SHA(?:2?-)?224$/i.test(e):return"SHA224";case/^SHA(?:2?-)?256$/i.test(e):return"SHA256";case/^SHA(?:2?-)?384$/i.test(e):return"SHA384";case/^SHA(?:2?-)?512$/i.test(e):return"SHA512";case/^SHA3-224$/i.test(e):return"SHA3-224";case/^SHA3-256$/i.test(e):return"SHA3-256";case/^SHA3-384$/i.test(e):return"SHA3-384";case/^SHA3-512$/i.test(e):return"SHA3-512";default:throw new TypeError(`Unknown hash algorithm: ${e}`)}},s="ABCDEFGHIJKLMNOPQRSTUVWXYZ234567",n=e=>{let t=(e=e.replace(/ /g,"")).length;for(;"="===e[t-1];)--t;e=(t<e.length?e.substring(0,t):e).toUpperCase();const r=new ArrayBuffer(5*e.length/8|0),i=new Uint8Array(r);let n=0,o=0,a=0;for(let t=0;t<e.length;t++){const r=s.indexOf(e[t]);if(-1===r)throw new TypeError(`Invalid character found: ${e[t]}`);o=o<<5|r,n+=5,n>=8&&(n-=8,i[a++]=o>>>n)}return i},o=e=>{let t=0,r=0,i="";for(let n=0;n<e.length;n++)for(r=r<<8|e[n],t+=8;t>=5;)i+=s[r>>>t-5&31],t-=5;return t>0&&(i+=s[r<<5-t&31]),i},a=e=>{e=e.replace(/ /g,"");const t=new ArrayBuffer(e.length/2),r=new Uint8Array(t);for(let t=0;t<e.length;t+=2)r[t/2]=parseInt(e.substring(t,t+2),16);return r},l=e=>{let t="";for(let r=0;r<e.length;r++){const i=e[r].toString(16);1===i.length&&(t+="0"),t+=i}return t.toUpperCase()},u=e=>{const t=new ArrayBuffer(e.length),r=new Uint8Array(t)
;for(let t=0;t<e.length;t++)r[t]=255&e.charCodeAt(t);return r},d=e=>{let t="";for(let r=0;r<e.length;r++)t+=String.fromCharCode(e[r]);return t},h=r.TextEncoder?new r.TextEncoder:null,c=r.TextDecoder?new r.TextDecoder:null,f=e=>{if(!h)throw new Error("Encoding API not available");return h.encode(e)},g=e=>{if(!c)throw new Error("Encoding API not available");return c.decode(e)};class p{static fromLatin1(e){return new p({buffer:u(e).buffer})}static fromUTF8(e){return new p({buffer:f(e).buffer})}static fromBase32(e){return new p({buffer:n(e).buffer})}static fromHex(e){return new p({buffer:a(e).buffer})}get buffer(){return this.bytes.buffer}get latin1(){return Object.defineProperty(this,"latin1",{enumerable:!0,writable:!1,configurable:!1,value:d(this.bytes)}),this.latin1}get utf8(){return Object.defineProperty(this,"utf8",{enumerable:!0,writable:!1,configurable:!1,value:g(this.bytes)}),this.utf8}get base32(){return Object.defineProperty(this,"base32",{enumerable:!0,writable:!1,configurable:!1,value:o(this.bytes)}),this.base32}get hex(){return Object.defineProperty(this,"hex",{enumerable:!0,writable:!1,configurable:!1,value:l(this.bytes)}),this.hex}constructor({buffer:e,size:i=20}={}){this.bytes=void 0===e?(e=>{if(t?.randomBytes)return t.randomBytes(e);if(r.crypto?.getRandomValues)return r.crypto.getRandomValues(new Uint8Array(e));throw new Error("Cryptography API not available")})(i):new Uint8Array(e),Object.defineProperty(this,"bytes",{enumerable:!0,writable:!1,configurable:!1,value:this.bytes})}}class m{static get defaults(){return{issuer:"",label:"OTPAuth",issuerInLabel:!0,algorithm:"SHA1",digits:6,counter:0,window:1}}static generate({secret:e,algorithm:i=m.defaults.algorithm,digits:s=m.defaults.digits,counter:n=m.defaults.counter}){const o=((e,i,s)=>{if(t?.createHmac){const n=t.createHmac(e,r.Buffer.from(i));return n.update(r.Buffer.from(s)),n.digest()}throw new Error("Missing HMAC function")})(i,e.bytes,(e=>{const t=new ArrayBuffer(8),r=new Uint8Array(t);let i=e;for(let e=7;e>=0&&0!==i;e--)r[e]=255&i,i-=r[e],
i/=256;return r})(n)),a=15&o[o.byteLength-1];return(((127&o[a])<<24|(255&o[a+1])<<16|(255&o[a+2])<<8|255&o[a+3])%10**s).toString().padStart(s,"0")}generate({counter:e=this.counter++}={}){return m.generate({secret:this.secret,algorithm:this.algorithm,digits:this.digits,counter:e})}static validate({token:e,secret:i,algorithm:s,digits:n=m.defaults.digits,counter:o=m.defaults.counter,window:a=m.defaults.window}){if(e.length!==n)return null;let l=null;const u=a=>{const u=m.generate({secret:i,algorithm:s,digits:n,counter:a});((e,i)=>{if(t?.timingSafeEqual)return t.timingSafeEqual(r.Buffer.from(e),r.Buffer.from(i));{if(e.length!==i.length)throw new TypeError("Input strings must have the same length");let t=-1,r=0;for(;++t<e.length;)r|=e.charCodeAt(t)^i.charCodeAt(t);return 0===r}})(e,u)&&(l=a-o)};u(o);for(let e=1;e<=a&&null===l&&(u(o-e),null===l)&&(u(o+e),null===l);++e);return l}validate({token:e,counter:t=this.counter,window:r}){return m.validate({token:e,secret:this.secret,algorithm:this.algorithm,digits:this.digits,counter:t,window:r})}toString(){const e=encodeURIComponent;return"otpauth://hotp/"+(this.issuer.length>0?this.issuerInLabel?`${e(this.issuer)}:${e(this.label)}?issuer=${e(this.issuer)}&`:`${e(this.label)}?issuer=${e(this.issuer)}&`:`${e(this.label)}?`)+`secret=${e(this.secret.base32)}&`+`algorithm=${e(this.algorithm)}&`+`digits=${e(this.digits)}&`+`counter=${e(this.counter)}`}constructor({issuer:e=m.defaults.issuer,label:t=m.defaults.label,issuerInLabel:r=m.defaults.issuerInLabel,secret:s=new p,algorithm:n=m.defaults.algorithm,digits:o=m.defaults.digits,counter:a=m.defaults.counter}={}){this.issuer=e,this.label=t,this.issuerInLabel=r,this.secret="string"==typeof s?p.fromBase32(s):s,this.algorithm=i(n),this.digits=o,this.counter=a}}class b{static get defaults(){return{issuer:"",label:"OTPAuth",issuerInLabel:!0,algorithm:"SHA1",digits:6,period:30,window:1}}static counter({period:e=b.defaults.period,timestamp:t=Date.now()}={}){return Math.floor(t/1e3/e)}counter({timestamp:e=Date.now()}={}){return b.counter({
period:this.period,timestamp:e})}static remaining({period:e=b.defaults.period,timestamp:t=Date.now()}={}){return 1e3*e-t%(1e3*e)}remaining({timestamp:e=Date.now()}={}){return b.remaining({period:this.period,timestamp:e})}static generate({secret:e,algorithm:t,digits:r,period:i=b.defaults.period,timestamp:s=Date.now()}){return m.generate({secret:e,algorithm:t,digits:r,counter:b.counter({period:i,timestamp:s})})}generate({timestamp:e=Date.now()}={}){return b.generate({secret:this.secret,algorithm:this.algorithm,digits:this.digits,period:this.period,timestamp:e})}static validate({token:e,secret:t,algorithm:r,digits:i,period:s=b.defaults.period,timestamp:n=Date.now(),window:o}){return m.validate({token:e,secret:t,algorithm:r,digits:i,counter:b.counter({period:s,timestamp:n}),window:o})}validate({token:e,timestamp:t,window:r}){return b.validate({token:e,secret:this.secret,algorithm:this.algorithm,digits:this.digits,period:this.period,timestamp:t,window:r})}toString(){const e=encodeURIComponent;return"otpauth://totp/"+(this.issuer.length>0?this.issuerInLabel?`${e(this.issuer)}:${e(this.label)}?issuer=${e(this.issuer)}&`:`${e(this.label)}?issuer=${e(this.issuer)}&`:`${e(this.label)}?`)+`secret=${e(this.secret.base32)}&`+`algorithm=${e(this.algorithm)}&`+`digits=${e(this.digits)}&`+`period=${e(this.period)}`}constructor({issuer:e=b.defaults.issuer,label:t=b.defaults.label,issuerInLabel:r=b.defaults.issuerInLabel,secret:s=new p,algorithm:n=b.defaults.algorithm,digits:o=b.defaults.digits,period:a=b.defaults.period}={}){this.issuer=e,this.label=t,this.issuerInLabel=r,this.secret="string"==typeof s?p.fromBase32(s):s,this.algorithm=i(n),this.digits=o,this.period=a}}const w=/^otpauth:\/\/([ht]otp)\/(.+)\?([A-Z0-9.~_-]+=[^?&]*(?:&[A-Z0-9.~_-]+=[^?&]*)*)$/i,y=/^[2-7A-Z]+=*$/i,A=/^SHA(?:1|224|256|384|512|3-224|3-256|3-384|3-512)$/i,S=/^[+-]?\d+$/,v=/^\+?[1-9]\d*$/;exports.HOTP=m,exports.Secret=p,exports.TOTP=b,exports.URI=class{static parse(e){let t;try{t=e.match(w)}catch(e){}
if(!Array.isArray(t))throw new URIError("Invalid URI format");const r=t[1].toLowerCase(),i=t[2].split(/(?::|%3A) *(.+)/i,2).map(decodeURIComponent),s=t[3].split("&").reduce(((e,t)=>{const r=t.split(/=(.*)/,2).map(decodeURIComponent),i=r[0].toLowerCase(),s=r[1],n=e;return n[i]=s,n}),{});let n;const o={};if("hotp"===r){if(n=m,void 0===s.counter||!S.test(s.counter))throw new TypeError("Missing or invalid 'counter' parameter");o.counter=parseInt(s.counter,10)}else{if("totp"!==r)throw new TypeError("Unknown OTP type");if(n=b,void 0!==s.period){if(!v.test(s.period))throw new TypeError("Invalid 'period' parameter");o.period=parseInt(s.period,10)}}if(void 0!==s.issuer&&(o.issuer=s.issuer),2===i.length?(o.label=i[1],void 0===o.issuer||""===o.issuer?o.issuer=i[0]:""===i[0]&&(o.issuerInLabel=!1)):(o.label=i[0],void 0!==o.issuer&&""!==o.issuer&&(o.issuerInLabel=!1)),void 0===s.secret||!y.test(s.secret))throw new TypeError("Missing or invalid 'secret' parameter");if(o.secret=s.secret,void 0!==s.algorithm){if(!A.test(s.algorithm))throw new TypeError("Invalid 'algorithm' parameter");o.algorithm=s.algorithm}if(void 0!==s.digits){if(!v.test(s.digits))throw new TypeError("Invalid 'digits' parameter");o.digits=parseInt(s.digits,10)}return new n(o)}static stringify(e){if(e instanceof m||e instanceof b)return e.toString();throw new TypeError("Invalid 'HOTP/TOTP' object")}},exports.version="9.4.0";
//# sourceMappingURL=otpauth.node.min.cjs.map