otpauth
Version:
One Time Password (HOTP/TOTP) library for Node.js, Deno, Bun and browsers
10 lines (9 loc) • 9.45 kB
JavaScript
//! otpauth 9.4.0 | (c) Héctor Molinero Fernández | MIT | https://github.com/hectorm/otpauth
/// <reference types="./otpauth.d.ts" />
// @ts-nocheck
import*as e from"node:crypto";const t=(()=>{if("object"==typeof globalThis)return globalThis;Object.defineProperty(Object.prototype,"__GLOBALTHIS__",{get(){return this},configurable:!0});try{if("undefined"!=typeof __GLOBALTHIS__)return __GLOBALTHIS__}finally{delete Object.prototype.__GLOBALTHIS__}return"undefined"!=typeof self?self:"undefined"!=typeof window?window:"undefined"!=typeof global?global:void 0})(),r=e=>{switch(!0){case/^(?:SHA-?1|SSL3-SHA1)$/i.test(e):return"SHA1";case/^SHA(?:2?-)?224$/i.test(e):return"SHA224";case/^SHA(?:2?-)?256$/i.test(e):return"SHA256";case/^SHA(?:2?-)?384$/i.test(e):return"SHA384";case/^SHA(?:2?-)?512$/i.test(e):return"SHA512";case/^SHA3-224$/i.test(e):return"SHA3-224";case/^SHA3-256$/i.test(e):return"SHA3-256";case/^SHA3-384$/i.test(e):return"SHA3-384";case/^SHA3-512$/i.test(e):return"SHA3-512";default:throw new TypeError(`Unknown hash algorithm: ${e}`)}},i="ABCDEFGHIJKLMNOPQRSTUVWXYZ234567",s=e=>{let t=(e=e.replace(/ /g,"")).length;for(;"="===e[t-1];)--t;e=(t<e.length?e.substring(0,t):e).toUpperCase();const r=new ArrayBuffer(5*e.length/8|0),s=new Uint8Array(r);let n=0,o=0,a=0;for(let t=0;t<e.length;t++){const r=i.indexOf(e[t]);if(-1===r)throw new TypeError(`Invalid character found: ${e[t]}`);o=o<<5|r,n+=5,n>=8&&(n-=8,s[a++]=o>>>n)}return s},n=e=>{let t=0,r=0,s="";for(let n=0;n<e.length;n++)for(r=r<<8|e[n],t+=8;t>=5;)s+=i[r>>>t-5&31],t-=5;return t>0&&(s+=i[r<<5-t&31]),s},o=e=>{e=e.replace(/ /g,"");const t=new ArrayBuffer(e.length/2),r=new Uint8Array(t);for(let t=0;t<e.length;t+=2)r[t/2]=parseInt(e.substring(t,t+2),16);return r},a=e=>{let t="";for(let r=0;r<e.length;r++){const i=e[r].toString(16);1===i.length&&(t+="0"),t+=i}return t.toUpperCase()},l=e=>{const t=new ArrayBuffer(e.length),r=new Uint8Array(t);for(let t=0;t<e.length;t++)r[t]=255&e.charCodeAt(t);return r},u=e=>{let t="";for(let r=0;r<e.length;r++)t+=String.fromCharCode(e[r]);return t},d=t.TextEncoder?new t.TextEncoder:null,h=t.TextDecoder?new t.TextDecoder:null,c=e=>{if(!d)throw new Error("Encoding API not available")
;return d.encode(e)},f=e=>{if(!h)throw new Error("Encoding API not available");return h.decode(e)};class g{static fromLatin1(e){return new g({buffer:l(e).buffer})}static fromUTF8(e){return new g({buffer:c(e).buffer})}static fromBase32(e){return new g({buffer:s(e).buffer})}static fromHex(e){return new g({buffer:o(e).buffer})}get buffer(){return this.bytes.buffer}get latin1(){return Object.defineProperty(this,"latin1",{enumerable:!0,writable:!1,configurable:!1,value:u(this.bytes)}),this.latin1}get utf8(){return Object.defineProperty(this,"utf8",{enumerable:!0,writable:!1,configurable:!1,value:f(this.bytes)}),this.utf8}get base32(){return Object.defineProperty(this,"base32",{enumerable:!0,writable:!1,configurable:!1,value:n(this.bytes)}),this.base32}get hex(){return Object.defineProperty(this,"hex",{enumerable:!0,writable:!1,configurable:!1,value:a(this.bytes)}),this.hex}constructor({buffer:r,size:i=20}={}){this.bytes=void 0===r?(r=>{if(e?.randomBytes)return e.randomBytes(r);if(t.crypto?.getRandomValues)return t.crypto.getRandomValues(new Uint8Array(r));throw new Error("Cryptography API not available")})(i):new Uint8Array(r),Object.defineProperty(this,"bytes",{enumerable:!0,writable:!1,configurable:!1,value:this.bytes})}}class p{static get defaults(){return{issuer:"",label:"OTPAuth",issuerInLabel:!0,algorithm:"SHA1",digits:6,counter:0,window:1}}static generate({secret:r,algorithm:i=p.defaults.algorithm,digits:s=p.defaults.digits,counter:n=p.defaults.counter}){const o=((r,i,s)=>{if(e?.createHmac){const n=e.createHmac(r,t.Buffer.from(i));return n.update(t.Buffer.from(s)),n.digest()}throw new Error("Missing HMAC function")})(i,r.bytes,(e=>{const t=new ArrayBuffer(8),r=new Uint8Array(t);let i=e;for(let e=7;e>=0&&0!==i;e--)r[e]=255&i,i-=r[e],i/=256;return r})(n)),a=15&o[o.byteLength-1];return(((127&o[a])<<24|(255&o[a+1])<<16|(255&o[a+2])<<8|255&o[a+3])%10**s).toString().padStart(s,"0")}generate({counter:e=this.counter++}={}){return p.generate({secret:this.secret,algorithm:this.algorithm,digits:this.digits,counter:e})}
static validate({token:r,secret:i,algorithm:s,digits:n=p.defaults.digits,counter:o=p.defaults.counter,window:a=p.defaults.window}){if(r.length!==n)return null;let l=null;const u=a=>{const u=p.generate({secret:i,algorithm:s,digits:n,counter:a});((r,i)=>{if(e?.timingSafeEqual)return e.timingSafeEqual(t.Buffer.from(r),t.Buffer.from(i));{if(r.length!==i.length)throw new TypeError("Input strings must have the same length");let e=-1,t=0;for(;++e<r.length;)t|=r.charCodeAt(e)^i.charCodeAt(e);return 0===t}})(r,u)&&(l=a-o)};u(o);for(let e=1;e<=a&&null===l&&(u(o-e),null===l)&&(u(o+e),null===l);++e);return l}validate({token:e,counter:t=this.counter,window:r}){return p.validate({token:e,secret:this.secret,algorithm:this.algorithm,digits:this.digits,counter:t,window:r})}toString(){const e=encodeURIComponent;return"otpauth://hotp/"+(this.issuer.length>0?this.issuerInLabel?`${e(this.issuer)}:${e(this.label)}?issuer=${e(this.issuer)}&`:`${e(this.label)}?issuer=${e(this.issuer)}&`:`${e(this.label)}?`)+`secret=${e(this.secret.base32)}&`+`algorithm=${e(this.algorithm)}&`+`digits=${e(this.digits)}&`+`counter=${e(this.counter)}`}constructor({issuer:e=p.defaults.issuer,label:t=p.defaults.label,issuerInLabel:i=p.defaults.issuerInLabel,secret:s=new g,algorithm:n=p.defaults.algorithm,digits:o=p.defaults.digits,counter:a=p.defaults.counter}={}){this.issuer=e,this.label=t,this.issuerInLabel=i,this.secret="string"==typeof s?g.fromBase32(s):s,this.algorithm=r(n),this.digits=o,this.counter=a}}class m{static get defaults(){return{issuer:"",label:"OTPAuth",issuerInLabel:!0,algorithm:"SHA1",digits:6,period:30,window:1}}static counter({period:e=m.defaults.period,timestamp:t=Date.now()}={}){return Math.floor(t/1e3/e)}counter({timestamp:e=Date.now()}={}){return m.counter({period:this.period,timestamp:e})}static remaining({period:e=m.defaults.period,timestamp:t=Date.now()}={}){return 1e3*e-t%(1e3*e)}remaining({timestamp:e=Date.now()}={}){return m.remaining({period:this.period,timestamp:e})}
static generate({secret:e,algorithm:t,digits:r,period:i=m.defaults.period,timestamp:s=Date.now()}){return p.generate({secret:e,algorithm:t,digits:r,counter:m.counter({period:i,timestamp:s})})}generate({timestamp:e=Date.now()}={}){return m.generate({secret:this.secret,algorithm:this.algorithm,digits:this.digits,period:this.period,timestamp:e})}static validate({token:e,secret:t,algorithm:r,digits:i,period:s=m.defaults.period,timestamp:n=Date.now(),window:o}){return p.validate({token:e,secret:t,algorithm:r,digits:i,counter:m.counter({period:s,timestamp:n}),window:o})}validate({token:e,timestamp:t,window:r}){return m.validate({token:e,secret:this.secret,algorithm:this.algorithm,digits:this.digits,period:this.period,timestamp:t,window:r})}toString(){const e=encodeURIComponent;return"otpauth://totp/"+(this.issuer.length>0?this.issuerInLabel?`${e(this.issuer)}:${e(this.label)}?issuer=${e(this.issuer)}&`:`${e(this.label)}?issuer=${e(this.issuer)}&`:`${e(this.label)}?`)+`secret=${e(this.secret.base32)}&`+`algorithm=${e(this.algorithm)}&`+`digits=${e(this.digits)}&`+`period=${e(this.period)}`}constructor({issuer:e=m.defaults.issuer,label:t=m.defaults.label,issuerInLabel:i=m.defaults.issuerInLabel,secret:s=new g,algorithm:n=m.defaults.algorithm,digits:o=m.defaults.digits,period:a=m.defaults.period}={}){this.issuer=e,this.label=t,this.issuerInLabel=i,this.secret="string"==typeof s?g.fromBase32(s):s,this.algorithm=r(n),this.digits=o,this.period=a}}const w=/^otpauth:\/\/([ht]otp)\/(.+)\?([A-Z0-9.~_-]+=[^?&]*(?:&[A-Z0-9.~_-]+=[^?&]*)*)$/i,b=/^[2-7A-Z]+=*$/i,y=/^SHA(?:1|224|256|384|512|3-224|3-256|3-384|3-512)$/i,A=/^[+-]?\d+$/,S=/^\+?[1-9]\d*$/;class I{static parse(e){let t;try{t=e.match(w)}catch(e){}if(!Array.isArray(t))throw new URIError("Invalid URI format");const r=t[1].toLowerCase(),i=t[2].split(/(?::|%3A) *(.+)/i,2).map(decodeURIComponent),s=t[3].split("&").reduce(((e,t)=>{const r=t.split(/=(.*)/,2).map(decodeURIComponent),i=r[0].toLowerCase(),s=r[1],n=e;return n[i]=s,n}),{});let n;const o={};if("hotp"===r){if(n=p,
void 0===s.counter||!A.test(s.counter))throw new TypeError("Missing or invalid 'counter' parameter");o.counter=parseInt(s.counter,10)}else{if("totp"!==r)throw new TypeError("Unknown OTP type");if(n=m,void 0!==s.period){if(!S.test(s.period))throw new TypeError("Invalid 'period' parameter");o.period=parseInt(s.period,10)}}if(void 0!==s.issuer&&(o.issuer=s.issuer),2===i.length?(o.label=i[1],void 0===o.issuer||""===o.issuer?o.issuer=i[0]:""===i[0]&&(o.issuerInLabel=!1)):(o.label=i[0],void 0!==o.issuer&&""!==o.issuer&&(o.issuerInLabel=!1)),void 0===s.secret||!b.test(s.secret))throw new TypeError("Missing or invalid 'secret' parameter");if(o.secret=s.secret,void 0!==s.algorithm){if(!y.test(s.algorithm))throw new TypeError("Invalid 'algorithm' parameter");o.algorithm=s.algorithm}if(void 0!==s.digits){if(!S.test(s.digits))throw new TypeError("Invalid 'digits' parameter");o.digits=parseInt(s.digits,10)}return new n(o)}static stringify(e){if(e instanceof p||e instanceof m)return e.toString();throw new TypeError("Invalid 'HOTP/TOTP' object")}}const $="9.4.0";export{p as HOTP,g as Secret,m as TOTP,I as URI,$ as version};
//# sourceMappingURL=otpauth.node.min.mjs.map