otpauth
Version:
One Time Password (HOTP/TOTP) library for Node.js, Deno, Bun and browsers
11 lines (10 loc) • 9.68 kB
JavaScript
//! otpauth 9.4.0 | (c) Héctor Molinero Fernández | MIT | https://github.com/hectorm/otpauth
//! noble-hashes 1.7.1 | (c) Paul Miller | MIT | https://github.com/paulmillr/noble-hashes
/// <reference types="./otpauth.d.ts" />
// @ts-nocheck
import{hmac as e}from"@noble/hashes/hmac";import{sha1 as t}from"@noble/hashes/sha1";import{sha512 as r,sha384 as i,sha256 as s,sha224 as n}from"@noble/hashes/sha2";import{sha3_512 as o,sha3_384 as a,sha3_256 as l,sha3_224 as u}from"@noble/hashes/sha3";const h=(()=>{if("object"==typeof globalThis)return globalThis;Object.defineProperty(Object.prototype,"__GLOBALTHIS__",{get(){return this},configurable:!0});try{if("undefined"!=typeof __GLOBALTHIS__)return __GLOBALTHIS__}finally{delete Object.prototype.__GLOBALTHIS__}return"undefined"!=typeof self?self:"undefined"!=typeof window?window:"undefined"!=typeof global?global:void 0})(),d={SHA1:t,SHA224:n,SHA256:s,SHA384:i,SHA512:r,"SHA3-224":u,"SHA3-256":l,"SHA3-384":a,"SHA3-512":o},c=e=>{switch(!0){case/^(?:SHA-?1|SSL3-SHA1)$/i.test(e):return"SHA1";case/^SHA(?:2?-)?224$/i.test(e):return"SHA224";case/^SHA(?:2?-)?256$/i.test(e):return"SHA256";case/^SHA(?:2?-)?384$/i.test(e):return"SHA384";case/^SHA(?:2?-)?512$/i.test(e):return"SHA512";case/^SHA3-224$/i.test(e):return"SHA3-224";case/^SHA3-256$/i.test(e):return"SHA3-256";case/^SHA3-384$/i.test(e):return"SHA3-384";case/^SHA3-512$/i.test(e):return"SHA3-512";default:throw new TypeError(`Unknown hash algorithm: ${e}`)}},g="ABCDEFGHIJKLMNOPQRSTUVWXYZ234567",f=e=>{let t=(e=e.replace(/ /g,"")).length;for(;"="===e[t-1];)--t;e=(t<e.length?e.substring(0,t):e).toUpperCase();const r=new ArrayBuffer(5*e.length/8|0),i=new Uint8Array(r);let s=0,n=0,o=0;for(let t=0;t<e.length;t++){const r=g.indexOf(e[t]);if(-1===r)throw new TypeError(`Invalid character found: ${e[t]}`);n=n<<5|r,s+=5,s>=8&&(s-=8,i[o++]=n>>>s)}return i},p=e=>{let t=0,r=0,i="";for(let s=0;s<e.length;s++)for(r=r<<8|e[s],t+=8;t>=5;)i+=g[r>>>t-5&31],t-=5;return t>0&&(i+=g[r<<5-t&31]),i},m=e=>{e=e.replace(/ /g,"");const t=new ArrayBuffer(e.length/2),r=new Uint8Array(t);for(let t=0;t<e.length;t+=2)r[t/2]=parseInt(e.substring(t,t+2),16);return r},b=e=>{let t="";for(let r=0;r<e.length;r++){const i=e[r].toString(16);1===i.length&&(t+="0"),t+=i}return t.toUpperCase()},w=e=>{
const t=new ArrayBuffer(e.length),r=new Uint8Array(t);for(let t=0;t<e.length;t++)r[t]=255&e.charCodeAt(t);return r},A=e=>{let t="";for(let r=0;r<e.length;r++)t+=String.fromCharCode(e[r]);return t},y=h.TextEncoder?new h.TextEncoder:null,S=h.TextDecoder?new h.TextDecoder:null,H=e=>{if(!y)throw new Error("Encoding API not available");return y.encode(e)},I=e=>{if(!S)throw new Error("Encoding API not available");return S.decode(e)};class ${static fromLatin1(e){return new $({buffer:w(e).buffer})}static fromUTF8(e){return new $({buffer:H(e).buffer})}static fromBase32(e){return new $({buffer:f(e).buffer})}static fromHex(e){return new $({buffer:m(e).buffer})}get buffer(){return this.bytes.buffer}get latin1(){return Object.defineProperty(this,"latin1",{enumerable:!0,writable:!1,configurable:!1,value:A(this.bytes)}),this.latin1}get utf8(){return Object.defineProperty(this,"utf8",{enumerable:!0,writable:!1,configurable:!1,value:I(this.bytes)}),this.utf8}get base32(){return Object.defineProperty(this,"base32",{enumerable:!0,writable:!1,configurable:!1,value:p(this.bytes)}),this.base32}get hex(){return Object.defineProperty(this,"hex",{enumerable:!0,writable:!1,configurable:!1,value:b(this.bytes)}),this.hex}constructor({buffer:e,size:t=20}={}){this.bytes=void 0===e?(e=>{if(h.crypto?.getRandomValues)return h.crypto.getRandomValues(new Uint8Array(e));throw new Error("Cryptography API not available")})(t):new Uint8Array(e),Object.defineProperty(this,"bytes",{enumerable:!0,writable:!1,configurable:!1,value:this.bytes})}}class v{static get defaults(){return{issuer:"",label:"OTPAuth",issuerInLabel:!0,algorithm:"SHA1",digits:6,counter:0,window:1}}static generate({secret:t,algorithm:r=v.defaults.algorithm,digits:i=v.defaults.digits,counter:s=v.defaults.counter}){const n=((t,r,i)=>{if(e){const s=d[t]??d[c(t)];return e(s,r,i)}throw new Error("Missing HMAC function")})(r,t.bytes,(e=>{const t=new ArrayBuffer(8),r=new Uint8Array(t);let i=e;for(let e=7;e>=0&&0!==i;e--)r[e]=255&i,i-=r[e],i/=256;return r})(s)),o=15&n[n.byteLength-1]
;return(((127&n[o])<<24|(255&n[o+1])<<16|(255&n[o+2])<<8|255&n[o+3])%10**i).toString().padStart(i,"0")}generate({counter:e=this.counter++}={}){return v.generate({secret:this.secret,algorithm:this.algorithm,digits:this.digits,counter:e})}static validate({token:e,secret:t,algorithm:r,digits:i=v.defaults.digits,counter:s=v.defaults.counter,window:n=v.defaults.window}){if(e.length!==i)return null;let o=null;const a=n=>{const a=v.generate({secret:t,algorithm:r,digits:i,counter:n});((e,t)=>{{if(e.length!==t.length)throw new TypeError("Input strings must have the same length");let r=-1,i=0;for(;++r<e.length;)i|=e.charCodeAt(r)^t.charCodeAt(r);return 0===i}})(e,a)&&(o=n-s)};a(s);for(let e=1;e<=n&&null===o&&(a(s-e),null===o)&&(a(s+e),null===o);++e);return o}validate({token:e,counter:t=this.counter,window:r}){return v.validate({token:e,secret:this.secret,algorithm:this.algorithm,digits:this.digits,counter:t,window:r})}toString(){const e=encodeURIComponent;return"otpauth://hotp/"+(this.issuer.length>0?this.issuerInLabel?`${e(this.issuer)}:${e(this.label)}?issuer=${e(this.issuer)}&`:`${e(this.label)}?issuer=${e(this.issuer)}&`:`${e(this.label)}?`)+`secret=${e(this.secret.base32)}&`+`algorithm=${e(this.algorithm)}&`+`digits=${e(this.digits)}&`+`counter=${e(this.counter)}`}constructor({issuer:e=v.defaults.issuer,label:t=v.defaults.label,issuerInLabel:r=v.defaults.issuerInLabel,secret:i=new $,algorithm:s=v.defaults.algorithm,digits:n=v.defaults.digits,counter:o=v.defaults.counter}={}){this.issuer=e,this.label=t,this.issuerInLabel=r,this.secret="string"==typeof i?$.fromBase32(i):i,this.algorithm=c(s),this.digits=n,this.counter=o}}class T{static get defaults(){return{issuer:"",label:"OTPAuth",issuerInLabel:!0,algorithm:"SHA1",digits:6,period:30,window:1}}static counter({period:e=T.defaults.period,timestamp:t=Date.now()}={}){return Math.floor(t/1e3/e)}counter({timestamp:e=Date.now()}={}){return T.counter({period:this.period,timestamp:e})}static remaining({period:e=T.defaults.period,timestamp:t=Date.now()}={}){
return 1e3*e-t%(1e3*e)}remaining({timestamp:e=Date.now()}={}){return T.remaining({period:this.period,timestamp:e})}static generate({secret:e,algorithm:t,digits:r,period:i=T.defaults.period,timestamp:s=Date.now()}){return v.generate({secret:e,algorithm:t,digits:r,counter:T.counter({period:i,timestamp:s})})}generate({timestamp:e=Date.now()}={}){return T.generate({secret:this.secret,algorithm:this.algorithm,digits:this.digits,period:this.period,timestamp:e})}static validate({token:e,secret:t,algorithm:r,digits:i,period:s=T.defaults.period,timestamp:n=Date.now(),window:o}){return v.validate({token:e,secret:t,algorithm:r,digits:i,counter:T.counter({period:s,timestamp:n}),window:o})}validate({token:e,timestamp:t,window:r}){return T.validate({token:e,secret:this.secret,algorithm:this.algorithm,digits:this.digits,period:this.period,timestamp:t,window:r})}toString(){const e=encodeURIComponent;return"otpauth://totp/"+(this.issuer.length>0?this.issuerInLabel?`${e(this.issuer)}:${e(this.label)}?issuer=${e(this.issuer)}&`:`${e(this.label)}?issuer=${e(this.issuer)}&`:`${e(this.label)}?`)+`secret=${e(this.secret.base32)}&`+`algorithm=${e(this.algorithm)}&`+`digits=${e(this.digits)}&`+`period=${e(this.period)}`}constructor({issuer:e=T.defaults.issuer,label:t=T.defaults.label,issuerInLabel:r=T.defaults.issuerInLabel,secret:i=new $,algorithm:s=T.defaults.algorithm,digits:n=T.defaults.digits,period:o=T.defaults.period}={}){this.issuer=e,this.label=t,this.issuerInLabel=r,this.secret="string"==typeof i?$.fromBase32(i):i,this.algorithm=c(s),this.digits=n,this.period=o}}const L=/^otpauth:\/\/([ht]otp)\/(.+)\?([A-Z0-9.~_-]+=[^?&]*(?:&[A-Z0-9.~_-]+=[^?&]*)*)$/i,E=/^[2-7A-Z]+=*$/i,O=/^SHA(?:1|224|256|384|512|3-224|3-256|3-384|3-512)$/i,U=/^[+-]?\d+$/,_=/^\+?[1-9]\d*$/;class C{static parse(e){let t;try{t=e.match(L)}catch(e){}if(!Array.isArray(t))throw new URIError("Invalid URI format");const r=t[1].toLowerCase(),i=t[2].split(/(?::|%3A) *(.+)/i,2).map(decodeURIComponent),s=t[3].split("&").reduce(((e,t)=>{
const r=t.split(/=(.*)/,2).map(decodeURIComponent),i=r[0].toLowerCase(),s=r[1],n=e;return n[i]=s,n}),{});let n;const o={};if("hotp"===r){if(n=v,void 0===s.counter||!U.test(s.counter))throw new TypeError("Missing or invalid 'counter' parameter");o.counter=parseInt(s.counter,10)}else{if("totp"!==r)throw new TypeError("Unknown OTP type");if(n=T,void 0!==s.period){if(!_.test(s.period))throw new TypeError("Invalid 'period' parameter");o.period=parseInt(s.period,10)}}if(void 0!==s.issuer&&(o.issuer=s.issuer),2===i.length?(o.label=i[1],void 0===o.issuer||""===o.issuer?o.issuer=i[0]:""===i[0]&&(o.issuerInLabel=!1)):(o.label=i[0],void 0!==o.issuer&&""!==o.issuer&&(o.issuerInLabel=!1)),void 0===s.secret||!E.test(s.secret))throw new TypeError("Missing or invalid 'secret' parameter");if(o.secret=s.secret,void 0!==s.algorithm){if(!O.test(s.algorithm))throw new TypeError("Invalid 'algorithm' parameter");o.algorithm=s.algorithm}if(void 0!==s.digits){if(!_.test(s.digits))throw new TypeError("Invalid 'digits' parameter");o.digits=parseInt(s.digits,10)}return new n(o)}static stringify(e){if(e instanceof v||e instanceof T)return e.toString();throw new TypeError("Invalid 'HOTP/TOTP' object")}}const P="9.4.0";export{v as HOTP,$ as Secret,T as TOTP,C as URI,P as version};
//# sourceMappingURL=otpauth.slim.esm.min.js.map