otplib/dist/index.cjs.map

TypeScript-first library for TOTP and HOTP with multi-runtime and plugin support

{"version":3,"sources":["../src/index.ts","../src/functional.ts","../src/defaults.ts","../src/class.ts"],"sourcesContent":["export type {\n  OTPAuthOptions,\n  TOTPOptions,\n  OTPGenerateOptions as OTPFunctionalOptions,\n  OTPVerifyOptions as OTPVerifyFunctionalOptions,\n} from \"./types\";\n\nexport {\n  generateSecret,\n  generateURI,\n  generate,\n  generateSync,\n  verify,\n  verifySync,\n  type OTPStrategy,\n} from \"./functional\";\n\nexport {\n  OTP,\n  type OTPClassOptions,\n  type OTPGenerateOptions,\n  type OTPVerifyOptions,\n  type OTPURIGenerateOptions,\n} from \"./class\";\n\nexport type { Base32Plugin, CryptoPlugin, HashAlgorithm, OTPResult } from \"@otplib/core\";\nexport type { VerifyResult } from \"@otplib/totp\";\n\nexport { HOTP } from \"@otplib/hotp\";\nexport { TOTP } from \"@otplib/totp\";\n\n// Result wrapping utilities\nexport { wrapResult, wrapResultAsync } from \"@otplib/core\";\n\n// Default Plugins\nexport { NobleCryptoPlugin } from \"@otplib/plugin-crypto-noble\";\nexport { ScureBase32Plugin } from \"@otplib/plugin-base32-scure\";\n","import { generateSecret as generateSecretCore, ConfigurationError } from \"@otplib/core\";\nimport {\n  generate as generateHOTP,\n  generateSync as generateHOTPSync,\n  verify as verifyHOTP,\n  verifySync as verifyHOTPSync,\n} from \"@otplib/hotp\";\nimport {\n  generate as generateTOTP,\n  generateSync as generateTOTPSync,\n  verify as verifyTOTP,\n  verifySync as verifyTOTPSync,\n} from \"@otplib/totp\";\nimport { generateTOTP as generateTOTPURI } from \"@otplib/uri\";\n\nimport {\n  defaultCrypto,\n  defaultBase32,\n  normalizeGenerateOptions,\n  normalizeVerifyOptions,\n} from \"./defaults\";\n\nimport type { OTPGenerateOptions, OTPVerifyOptions, OTPStrategy, StrategyHandlers } from \"./types\";\nimport type { CryptoPlugin, Base32Plugin, Digits, HashAlgorithm } from \"@otplib/core\";\nimport type { VerifyResult as HOTPVerifyResult } from \"@otplib/hotp\";\nimport type { VerifyResult as TOTPVerifyResult } from \"@otplib/totp\";\n\nexport type { OTPStrategy };\n\nexport type VerifyResult = TOTPVerifyResult | HOTPVerifyResult;\n\nfunction executeByStrategy<T>(\n  strategy: OTPStrategy,\n  counter: number | undefined,\n  handlers: StrategyHandlers<T>,\n): T {\n  if (strategy === \"totp\") {\n    return handlers.totp();\n  }\n  if (strategy === \"hotp\") {\n    if (counter === undefined) {\n      throw new ConfigurationError(\n        \"Counter is required for HOTP strategy. Example: { strategy: 'hotp', counter: 0 }\",\n      );\n    }\n    return handlers.hotp(counter);\n  }\n  throw new ConfigurationError(\n    `Unknown OTP strategy: ${strategy}. Valid strategies are 'totp' or 'hotp'.`,\n  );\n}\n\n/**\n * Generate a random secret key for use with OTP\n *\n * The secret is encoded in Base32 format for compatibility with\n * Google Authenticator and other authenticator apps.\n *\n * @param options - Secret generation options\n * @returns Base32-encoded secret key\n *\n * @example\n * ```ts\n * import { generateSecret } from 'otplib';\n *\n * const secret = generateSecret();\n * // Returns: 'JBSWY3DPEHPK3PXP'\n * ```\n *\n * @example With custom plugins\n * ```ts\n * import { generateSecret, NodeCryptoPlugin } from 'otplib';\n *\n * const secret = generateSecret({\n *   crypto: new NodeCryptoPlugin(),\n * });\n * ```\n */\nexport function generateSecret(options?: {\n  /**\n   * Number of random bytes to generate (default: 20)\n   * 20 bytes = 160 bits, which provides a good security margin\n   */\n  length?: number;\n\n  /**\n   * Crypto plugin to use (default: NobleCryptoPlugin)\n   */\n  crypto?: CryptoPlugin;\n\n  /**\n   * Base32 plugin to use (default: ScureBase32Plugin)\n   */\n  base32?: Base32Plugin;\n}): string {\n  const { crypto = defaultCrypto, base32 = defaultBase32, length = 20 } = options || {};\n\n  return generateSecretCore({ crypto, base32, length });\n}\n\n/**\n * Generate an otpauth:// URI for QR code generation\n *\n * This URI can be used to generate a QR code that can be scanned\n * by Google Authenticator and other authenticator apps.\n *\n * @param options - URI generation options\n * @returns otpauth:// URI string\n *\n * @example\n * ```ts\n * import { generateURI } from 'otplib';\n *\n * const uri = generateURI({\n *   issuer: 'ACME Co',\n *   label: 'john@example.com',\n *   secret: 'JBSWY3DPEHPK3PXP',\n * });\n * // Returns: 'otpauth://totp/ACME%20Co:john%40example.com?secret=...'\n * ```\n */\nexport function generateURI(options: {\n  issuer: string;\n  label: string;\n  secret: string;\n  algorithm?: HashAlgorithm;\n  digits?: Digits;\n  period?: number;\n}): string {\n  const { issuer, label, secret, algorithm = \"sha1\", digits = 6, period = 30 } = options;\n  return generateTOTPURI({ issuer, label, secret, algorithm, digits, period });\n}\n\n/**\n * Generate an OTP code\n *\n * Generates a one-time password based on the specified strategy.\n * - 'totp': Time-based OTP (default)\n * - 'hotp': HMAC-based OTP\n *\n * @param options - OTP generation options\n * @returns OTP code\n *\n * @example TOTP\n * ```ts\n * import { generate } from 'otplib';\n *\n * const token = await generate({\n *   secret: 'JBSWY3DPEHPK3PXP',\n * });\n * // Returns: '123456'\n * ```\n *\n * @example HOTP\n * ```ts\n * import { generate } from 'otplib';\n *\n * const token = await generate({\n *   secret: 'JBSWY3DPEHPK3PXP',\n *   strategy: 'hotp',\n *   counter: 0,\n * });\n * ```\n *\n * @example With custom plugins\n * ```ts\n * import { generate, NodeCryptoPlugin } from 'otplib';\n *\n * const token = await generate({\n *   secret: 'JBSWY3DPEHPK3PXP',\n *   crypto: new NodeCryptoPlugin(),\n * });\n * ```\n */\nexport async function generate(options: OTPGenerateOptions): Promise<string> {\n  const opts = normalizeGenerateOptions(options);\n  const { secret, crypto, base32, algorithm, digits } = opts;\n  const commonOptions = { secret, crypto, base32, algorithm, digits };\n\n  return executeByStrategy(opts.strategy, opts.counter, {\n    totp: () =>\n      generateTOTP({\n        ...commonOptions,\n        period: opts.period,\n        epoch: opts.epoch,\n        t0: opts.t0,\n      }),\n    hotp: (counter) =>\n      generateHOTP({\n        ...commonOptions,\n        counter,\n      }),\n  });\n}\n\n/**\n * Generate an OTP code synchronously\n *\n * This is the synchronous version of {@link generate}. It requires a crypto\n * plugin that supports synchronous HMAC operations.\n *\n * @param options - OTP generation options\n * @returns OTP code\n * @throws {HMACError} If the crypto plugin doesn't support sync operations\n *\n * @example\n * ```ts\n * import { generateSync } from 'otplib';\n *\n * const token = generateSync({\n *   secret: 'JBSWY3DPEHPK3PXP',\n * });\n * ```\n */\nexport function generateSync(options: OTPGenerateOptions): string {\n  const opts = normalizeGenerateOptions(options);\n  const { secret, crypto, base32, algorithm, digits } = opts;\n  const commonOptions = { secret, crypto, base32, algorithm, digits };\n\n  return executeByStrategy(opts.strategy, opts.counter, {\n    totp: () =>\n      generateTOTPSync({\n        ...commonOptions,\n        period: opts.period,\n        epoch: opts.epoch,\n        t0: opts.t0,\n      }),\n    hotp: (counter) =>\n      generateHOTPSync({\n        ...commonOptions,\n        counter,\n      }),\n  });\n}\n\n/**\n * Verify an OTP code\n *\n * Verifies a provided OTP code against the expected value based on the strategy.\n * - 'totp': Time-based OTP (default, Google Authenticator compatible)\n * - 'hotp': HMAC-based OTP\n *\n * Uses constant-time comparison to prevent timing attacks.\n *\n * @param options - OTP verification options\n * @returns Verification result with validity and optional delta\n *\n * @example TOTP\n * ```ts\n * import { verify } from 'otplib';\n *\n * const result = await verify({\n *   secret: 'JBSWY3DPEHPK3PXP',\n *   token: '123456',\n * });\n * // Returns: { valid: true, delta: 0 }\n * ```\n *\n * @example HOTP\n * ```ts\n * import { verify } from 'otplib';\n *\n * const result = await verify({\n *   secret: 'JBSWY3DPEHPK3PXP',\n *   token: '123456',\n *   strategy: 'hotp',\n *   counter: 0,\n * });\n * ```\n *\n * @example With epochTolerance for TOTP\n * ```ts\n * import { verify, NodeCryptoPlugin } from 'otplib';\n *\n * const result = await verify({\n *   secret: 'JBSWY3DPEHPK3PXP',\n *   token: '123456',\n *   epochTolerance: 30,\n *   crypto: new NodeCryptoPlugin(),\n * });\n * ```\n */\nexport async function verify(options: OTPVerifyOptions): Promise<VerifyResult> {\n  const opts = normalizeVerifyOptions(options);\n  const { secret, token, crypto, base32, algorithm, digits } = opts;\n  const commonOptions = { secret, token, crypto, base32, algorithm, digits };\n\n  return executeByStrategy(opts.strategy, opts.counter, {\n    totp: () =>\n      verifyTOTP({\n        ...commonOptions,\n        period: opts.period,\n        epoch: opts.epoch,\n        t0: opts.t0,\n        epochTolerance: opts.epochTolerance,\n      }),\n    hotp: (counter) =>\n      verifyHOTP({\n        ...commonOptions,\n        counter,\n        counterTolerance: opts.counterTolerance,\n      }),\n  });\n}\n\n/**\n * Verify an OTP code synchronously\n *\n * This is the synchronous version of {@link verify}. It requires a crypto\n * plugin that supports synchronous HMAC operations.\n *\n * @param options - OTP verification options\n * @returns Verification result with validity and optional delta\n * @throws {HMACError} If the crypto plugin doesn't support sync operations\n *\n * @example\n * ```ts\n * import { verifySync } from 'otplib';\n *\n * const result = verifySync({\n *   secret: 'JBSWY3DPEHPK3PXP',\n *   token: '123456',\n * });\n * ```\n */\nexport function verifySync(options: OTPVerifyOptions): VerifyResult {\n  const opts = normalizeVerifyOptions(options);\n  const { secret, token, crypto, base32, algorithm, digits } = opts;\n  const commonOptions = { secret, token, crypto, base32, algorithm, digits };\n\n  return executeByStrategy(opts.strategy, opts.counter, {\n    totp: () =>\n      verifyTOTPSync({\n        ...commonOptions,\n        period: opts.period,\n        epoch: opts.epoch,\n        t0: opts.t0,\n        epochTolerance: opts.epochTolerance,\n      }),\n    hotp: (counter) =>\n      verifyHOTPSync({\n        ...commonOptions,\n        counter,\n        counterTolerance: opts.counterTolerance,\n      }),\n  });\n}\n","/**\n * Default plugin instances\n *\n * Shared across functional and class APIs to ensure singleton behavior\n * and reduce memory overhead.\n */\nimport { ScureBase32Plugin } from \"@otplib/plugin-base32-scure\";\nimport { NobleCryptoPlugin } from \"@otplib/plugin-crypto-noble\";\n\nimport type {\n  OTPGenerateOptions,\n  OTPVerifyOptions,\n  OTPGenerateOptionsWithDefaults,\n  OTPVerifyOptionsWithDefaults,\n} from \"./types\";\n\n/**\n * Default crypto plugin instance (Noble Hashes)\n *\n * This plugin provides cross-platform cryptographic operations\n * using the @noble/hashes library.\n */\nexport const defaultCrypto = Object.freeze(new NobleCryptoPlugin());\n\n/**\n * Default Base32 plugin instance (@scure/base)\n *\n * This plugin provides Base32 encoding/decoding operations\n * using the @scure/base library.\n */\nexport const defaultBase32 = Object.freeze(new ScureBase32Plugin());\n\nexport function normalizeGenerateOptions(\n  options: OTPGenerateOptions,\n): OTPGenerateOptionsWithDefaults {\n  return {\n    secret: options.secret,\n    strategy: options.strategy ?? \"totp\",\n    crypto: options.crypto ?? defaultCrypto,\n    base32: options.base32 ?? defaultBase32,\n    algorithm: options.algorithm ?? \"sha1\",\n    digits: options.digits ?? 6,\n    period: options.period ?? 30,\n    epoch: options.epoch ?? Math.floor(Date.now() / 1000),\n    t0: options.t0 ?? 0,\n    counter: options.counter,\n  };\n}\n\nexport function normalizeVerifyOptions(options: OTPVerifyOptions): OTPVerifyOptionsWithDefaults {\n  return {\n    ...normalizeGenerateOptions(options),\n    token: options.token,\n    epochTolerance: options.epochTolerance ?? 0,\n    counterTolerance: options.counterTolerance ?? 0,\n  };\n}\n","/**\n * OTP Wrapper Class\n *\n * A unified class that dynamically handles TOTP and HOTP strategies.\n */\n\nimport { generateSecret as generateSecretCore } from \"@otplib/core\";\nimport { generateTOTP as generateTOTPURI } from \"@otplib/uri\";\n\nimport { defaultCrypto, defaultBase32 } from \"./defaults\";\nimport {\n  generate as functionalGenerate,\n  generateSync as functionalGenerateSync,\n  verify as functionalVerify,\n  verifySync as functionalVerifySync,\n} from \"./functional\";\n\nimport type { OTPStrategy } from \"./functional\";\nimport type { CryptoPlugin, Digits, HashAlgorithm, Base32Plugin } from \"@otplib/core\";\nimport type { VerifyResult as HOTPVerifyResult } from \"@otplib/hotp\";\nimport type { VerifyResult as TOTPVerifyResult } from \"@otplib/totp\";\n\n/**\n * Combined verify result that works for both TOTP and HOTP\n */\nexport type VerifyResult = TOTPVerifyResult | HOTPVerifyResult;\n\n/**\n * Options for the OTP class\n */\nexport type OTPClassOptions = {\n  /**\n   * OTP strategy to use\n   * - 'totp': Time-based OTP (default)\n   * - 'hotp': HMAC-based OTP\n   */\n  strategy?: OTPStrategy;\n\n  /**\n   * Crypto plugin to use (default: NobleCryptoPlugin)\n   */\n  crypto?: CryptoPlugin;\n\n  /**\n   * Base32 plugin to use (default: ScureBase32Plugin)\n   */\n  base32?: Base32Plugin;\n};\n\n/**\n * Options for generating a token with the OTP class\n */\nexport type OTPGenerateOptions = {\n  /**\n   * Base32-encoded secret key\n   */\n  secret: string;\n\n  /**\n   * Hash algorithm (default: 'sha1')\n   */\n  algorithm?: HashAlgorithm;\n\n  /**\n   * Number of digits (default: 6)\n   */\n  digits?: Digits;\n\n  /**\n   * Current Unix epoch timestamp in seconds (default: now)\n   * Used by TOTP strategy\n   */\n  epoch?: number;\n\n  /**\n   * Initial Unix time to start counting time steps (default: 0)\n   * Used by TOTP strategy\n   */\n  t0?: number;\n\n  /**\n   * Time step in seconds (default: 30)\n   * Used by TOTP strategy\n   */\n  period?: number;\n\n  /**\n   * Counter value\n   * Used by HOTP strategy (required)\n   */\n  counter?: number;\n};\n\n/**\n * Options for verifying a token with the OTP class\n */\nexport type OTPVerifyOptions = {\n  /**\n   * Base32-encoded secret key\n   */\n  secret: string;\n\n  /**\n   * OTP code to verify\n   */\n  token: string;\n\n  /**\n   * Hash algorithm (default: 'sha1')\n   */\n  algorithm?: HashAlgorithm;\n\n  /**\n   * Number of digits (default: 6)\n   */\n  digits?: Digits;\n\n  /**\n   * Current Unix epoch timestamp in seconds (default: now)\n   * Used by TOTP strategy\n   */\n  epoch?: number;\n\n  /**\n   * Initial Unix time to start counting time steps (default: 0)\n   * Used by TOTP strategy\n   */\n  t0?: number;\n\n  /**\n   * Time step in seconds (default: 30)\n   * Used by TOTP strategy\n   */\n  period?: number;\n\n  /**\n   * Counter value\n   * Used by HOTP strategy (required)\n   */\n  counter?: number;\n\n  /**\n   * Time tolerance in seconds for TOTP verification (default: 0)\n   * - Number: symmetric tolerance (same for past and future)\n   * - Tuple [past, future]: asymmetric tolerance\n   *   Use [5, 0] for RFC-compliant past-only verification.\n   */\n  epochTolerance?: number | [number, number];\n\n  /**\n   * Counter tolerance for HOTP verification (default: 0)\n   * - Number: symmetric look-ahead window\n   * - Array: asymmetric window\n   */\n  counterTolerance?: number | number[];\n};\n\n/**\n * Options for generating URI with the OTP class\n */\nexport type OTPURIGenerateOptions = {\n  /**\n   * Issuer name (e.g., 'ACME Co')\n   */\n  issuer: string;\n\n  /**\n   * Label/Account name (e.g., 'john@example.com')\n   */\n  label: string;\n\n  /**\n   * Base32-encoded secret key\n   */\n  secret: string;\n\n  /**\n   * Hash algorithm (default: 'sha1')\n   */\n  algorithm?: HashAlgorithm;\n\n  /**\n   * Number of digits (default: 6)\n   */\n  digits?: Digits;\n\n  /**\n   * Time step in seconds (default: 30)\n   */\n  period?: number;\n};\n\n/**\n * OTP Class\n *\n * A wrapper class that dynamically handles TOTP and HOTP strategies.\n *\n * @example\n * ```ts\n * import { OTP } from 'otplib';\n *\n * // Create OTP instance with TOTP strategy (default)\n * const otp = new OTP({ strategy: 'totp' });\n *\n * // Generate and verify\n * const secret = otp.generateSecret();\n * const token = await otp.generate({ secret });\n * const result = await otp.verify({ secret, token });\n * ```\n *\n * @example With HOTP strategy\n * ```ts\n * import { OTP } from 'otplib';\n *\n * const otp = new OTP({ strategy: 'hotp' });\n * const token = await otp.generate({ secret: 'ABC123', counter: 0 });\n * ```\n *\n * @example Generating otpauth:// URI for authenticator apps\n * ```ts\n * import { OTP } from 'otplib';\n *\n * const otp = new OTP({ strategy: 'totp' });\n * const uri = otp.generateURI({\n *   issuer: 'MyApp',\n *   label: 'user@example.com',\n *   secret: 'ABC123',\n * });\n * ```\n */\nexport class OTP {\n  private readonly strategy: OTPStrategy;\n  private readonly crypto: CryptoPlugin;\n  private readonly base32: Base32Plugin;\n\n  constructor(options: OTPClassOptions = {}) {\n    const { strategy = \"totp\", crypto = defaultCrypto, base32 = defaultBase32 } = options;\n\n    this.strategy = strategy;\n    this.crypto = crypto;\n    this.base32 = base32;\n  }\n\n  /**\n   * Get the current strategy\n   */\n  getStrategy(): OTPStrategy {\n    return this.strategy;\n  }\n\n  /**\n   * Generate a random secret key\n   *\n   * @param length - Number of random bytes (default: 20)\n   * @returns Base32-encoded secret key\n   */\n  generateSecret(length: number = 20): string {\n    return generateSecretCore({ crypto: this.crypto, base32: this.base32, length });\n  }\n\n  /**\n   * Generate an OTP token based on the configured strategy\n   *\n   * @param options - Generation options\n   * @returns OTP code\n   */\n  async generate(options: OTPGenerateOptions): Promise<string> {\n    return functionalGenerate({\n      ...options,\n      strategy: this.strategy,\n      crypto: this.crypto,\n      base32: this.base32,\n    });\n  }\n\n  /**\n   * Generate an OTP token based on the configured strategy synchronously\n   *\n   * @param options - Generation options\n   * @returns OTP code\n   * @throws {HMACError} If the crypto plugin doesn't support sync operations\n   */\n  generateSync(options: OTPGenerateOptions): string {\n    return functionalGenerateSync({\n      ...options,\n      strategy: this.strategy,\n      crypto: this.crypto,\n      base32: this.base32,\n    });\n  }\n\n  /**\n   * Verify an OTP token based on the configured strategy\n   *\n   * @param options - Verification options\n   * @returns Verification result with validity and optional delta\n   */\n  async verify(options: OTPVerifyOptions): Promise<VerifyResult> {\n    return functionalVerify({\n      ...options,\n      strategy: this.strategy,\n      crypto: this.crypto,\n      base32: this.base32,\n    });\n  }\n\n  /**\n   * Verify an OTP token based on the configured strategy synchronously\n   *\n   * @param options - Verification options\n   * @returns Verification result with validity and optional delta\n   * @throws {HMACError} If the crypto plugin doesn't support sync operations\n   */\n  verifySync(options: OTPVerifyOptions): VerifyResult {\n    return functionalVerifySync({\n      ...options,\n      strategy: this.strategy,\n      crypto: this.crypto,\n      base32: this.base32,\n    });\n  }\n\n  /**\n   * Generate an otpauth:// URI for QR code generation\n   *\n   * Only available for TOTP strategy.\n   *\n   * @param options - URI generation options\n   * @returns otpauth:// URI string\n   */\n  generateURI(options: OTPURIGenerateOptions): string {\n    if (this.strategy === \"hotp\") {\n      throw new Error(\"generateURI is not available for HOTP strategy\");\n    }\n\n    const { issuer, label, secret, algorithm = \"sha1\", digits = 6, period = 30 } = options;\n\n    return generateTOTPURI({\n      issuer,\n      label,\n      secret,\n      algorithm,\n      digits,\n      period,\n    });\n  }\n}\n"],"mappings":"yaAAA,IAAAA,EAAA,GAAAC,EAAAD,EAAA,mEAAAE,EAAA,uEAAAC,EAAA,mBAAAC,EAAA,iBAAAC,EAAA,gBAAAC,EAAA,WAAAC,EAAA,eAAAC,EAAA,mFAAAC,EAAAT,GCAA,IAAAU,EAAyE,wBACzEC,EAKO,wBACPC,EAKO,wBACPC,EAAgD,uBCPhD,IAAAC,EAAkC,uCAClCC,EAAkC,uCAerBC,EAAgB,OAAO,OAAO,IAAI,mBAAmB,EAQrDC,EAAgB,OAAO,OAAO,IAAI,mBAAmB,EAE3D,SAASC,EACdC,EACgC,CAChC,MAAO,CACL,OAAQA,EAAQ,OAChB,SAAUA,EAAQ,UAAY,OAC9B,OAAQA,EAAQ,QAAUH,EAC1B,OAAQG,EAAQ,QAAUF,EAC1B,UAAWE,EAAQ,WAAa,OAChC,OAAQA,EAAQ,QAAU,EAC1B,OAAQA,EAAQ,QAAU,GAC1B,MAAOA,EAAQ,OAAS,KAAK,MAAM,KAAK,IAAI,EAAI,GAAI,EACpD,GAAIA,EAAQ,IAAM,EAClB,QAASA,EAAQ,OACnB,CACF,CAEO,SAASC,EAAuBD,EAAyD,CAC9F,MAAO,CACL,GAAGD,EAAyBC,CAAO,EACnC,MAAOA,EAAQ,MACf,eAAgBA,EAAQ,gBAAkB,EAC1C,iBAAkBA,EAAQ,kBAAoB,CAChD,CACF,CDzBA,SAASE,EACPC,EACAC,EACAC,EACG,CACH,GAAIF,IAAa,OACf,OAAOE,EAAS,KAAK,EAEvB,GAAIF,IAAa,OAAQ,CACvB,GAAIC,IAAY,OACd,MAAM,IAAI,qBACR,kFACF,EAEF,OAAOC,EAAS,KAAKD,CAAO,CAC9B,CACA,MAAM,IAAI,qBACR,yBAAyBD,CAAQ,0CACnC,CACF,CA4BO,SAASG,EAAeC,EAgBpB,CACT,GAAM,CAAE,OAAAC,EAASC,EAAe,OAAAC,EAASC,EAAe,OAAAC,EAAS,EAAG,EAAIL,GAAW,CAAC,EAEpF,SAAO,EAAAM,gBAAmB,CAAE,OAAAL,EAAQ,OAAAE,EAAQ,OAAAE,CAAO,CAAC,CACtD,CAuBO,SAASE,EAAYP,EAOjB,CACT,GAAM,CAAE,OAAAQ,EAAQ,MAAAC,EAAO,OAAAC,EAAQ,UAAAC,EAAY,OAAQ,OAAAC,EAAS,EAAG,OAAAC,EAAS,EAAG,EAAIb,EAC/E,SAAO,EAAAc,cAAgB,CAAE,OAAAN,EAAQ,MAAAC,EAAO,OAAAC,EAAQ,UAAAC,EAAW,OAAAC,EAAQ,OAAAC,CAAO,CAAC,CAC7E,CA2CA,eAAsBE,EAASf,EAA8C,CAC3E,IAAMgB,EAAOC,EAAyBjB,CAAO,EACvC,CAAE,OAAAU,EAAQ,OAAAT,EAAQ,OAAAE,EAAQ,UAAAQ,EAAW,OAAAC,CAAO,EAAII,EAChDE,EAAgB,CAAE,OAAAR,EAAQ,OAAAT,EAAQ,OAAAE,EAAQ,UAAAQ,EAAW,OAAAC,CAAO,EAElE,OAAOjB,EAAkBqB,EAAK,SAAUA,EAAK,QAAS,CACpD,KAAM,OACJ,EAAAG,UAAa,CACX,GAAGD,EACH,OAAQF,EAAK,OACb,MAAOA,EAAK,MACZ,GAAIA,EAAK,EACX,CAAC,EACH,KAAOnB,MACL,EAAAuB,UAAa,CACX,GAAGF,EACH,QAAArB,CACF,CAAC,CACL,CAAC,CACH,CAqBO,SAASwB,EAAarB,EAAqC,CAChE,IAAMgB,EAAOC,EAAyBjB,CAAO,EACvC,CAAE,OAAAU,EAAQ,OAAAT,EAAQ,OAAAE,EAAQ,UAAAQ,EAAW,OAAAC,CAAO,EAAII,EAChDE,EAAgB,CAAE,OAAAR,EAAQ,OAAAT,EAAQ,OAAAE,EAAQ,UAAAQ,EAAW,OAAAC,CAAO,EAElE,OAAOjB,EAAkBqB,EAAK,SAAUA,EAAK,QAAS,CACpD,KAAM,OACJ,EAAAM,cAAiB,CACf,GAAGJ,EACH,OAAQF,EAAK,OACb,MAAOA,EAAK,MACZ,GAAIA,EAAK,EACX,CAAC,EACH,KAAOnB,MACL,EAAA0B,cAAiB,CACf,GAAGL,EACH,QAAArB,CACF,CAAC,CACL,CAAC,CACH,CAiDA,eAAsB2B,EAAOxB,EAAkD,CAC7E,IAAMgB,EAAOS,EAAuBzB,CAAO,EACrC,CAAE,OAAAU,EAAQ,MAAAgB,EAAO,OAAAzB,EAAQ,OAAAE,EAAQ,UAAAQ,EAAW,OAAAC,CAAO,EAAII,EACvDE,EAAgB,CAAE,OAAAR,EAAQ,MAAAgB,EAAO,OAAAzB,EAAQ,OAAAE,EAAQ,UAAAQ,EAAW,OAAAC,CAAO,EAEzE,OAAOjB,EAAkBqB,EAAK,SAAUA,EAAK,QAAS,CACpD,KAAM,OACJ,EAAAW,QAAW,CACT,GAAGT,EACH,OAAQF,EAAK,OACb,MAAOA,EAAK,MACZ,GAAIA,EAAK,GACT,eAAgBA,EAAK,cACvB,CAAC,EACH,KAAOnB,MACL,EAAA+B,QAAW,CACT,GAAGV,EACH,QAAArB,EACA,iBAAkBmB,EAAK,gBACzB,CAAC,CACL,CAAC,CACH,CAsBO,SAASa,EAAW7B,EAAyC,CAClE,IAAMgB,EAAOS,EAAuBzB,CAAO,EACrC,CAAE,OAAAU,EAAQ,MAAAgB,EAAO,OAAAzB,EAAQ,OAAAE,EAAQ,UAAAQ,EAAW,OAAAC,CAAO,EAAII,EACvDE,EAAgB,CAAE,OAAAR,EAAQ,MAAAgB,EAAO,OAAAzB,EAAQ,OAAAE,EAAQ,UAAAQ,EAAW,OAAAC,CAAO,EAEzE,OAAOjB,EAAkBqB,EAAK,SAAUA,EAAK,QAAS,CACpD,KAAM,OACJ,EAAAc,YAAe,CACb,GAAGZ,EACH,OAAQF,EAAK,OACb,MAAOA,EAAK,MACZ,GAAIA,EAAK,GACT,eAAgBA,EAAK,cACvB,CAAC,EACH,KAAOnB,MACL,EAAAkC,YAAe,CACb,GAAGb,EACH,QAAArB,EACA,iBAAkBmB,EAAK,gBACzB,CAAC,CACL,CAAC,CACH,CEpVA,IAAAgB,EAAqD,wBACrDC,EAAgD,uBA+NzC,IAAMC,EAAN,KAAU,CACE,SACA,OACA,OAEjB,YAAYC,EAA2B,CAAC,EAAG,CACzC,GAAM,CAAE,SAAAC,EAAW,OAAQ,OAAAC,EAASC,EAAe,OAAAC,EAASC,CAAc,EAAIL,EAE9E,KAAK,SAAWC,EAChB,KAAK,OAASC,EACd,KAAK,OAASE,CAChB,CAKA,aAA2B,CACzB,OAAO,KAAK,QACd,CAQA,eAAeE,EAAiB,GAAY,CAC1C,SAAO,EAAAC,gBAAmB,CAAE,OAAQ,KAAK,OAAQ,OAAQ,KAAK,OAAQ,OAAAD,CAAO,CAAC,CAChF,CAQA,MAAM,SAASN,EAA8C,CAC3D,OAAOQ,EAAmB,CACxB,GAAGR,EACH,SAAU,KAAK,SACf,OAAQ,KAAK,OACb,OAAQ,KAAK,MACf,CAAC,CACH,CASA,aAAaA,EAAqC,CAChD,OAAOS,EAAuB,CAC5B,GAAGT,EACH,SAAU,KAAK,SACf,OAAQ,KAAK,OACb,OAAQ,KAAK,MACf,CAAC,CACH,CAQA,MAAM,OAAOA,EAAkD,CAC7D,OAAOU,EAAiB,CACtB,GAAGV,EACH,SAAU,KAAK,SACf,OAAQ,KAAK,OACb,OAAQ,KAAK,MACf,CAAC,CACH,CASA,WAAWA,EAAyC,CAClD,OAAOW,EAAqB,CAC1B,GAAGX,EACH,SAAU,KAAK,SACf,OAAQ,KAAK,OACb,OAAQ,KAAK,MACf,CAAC,CACH,CAUA,YAAYA,EAAwC,CAClD,GAAI,KAAK,WAAa,OACpB,MAAM,IAAI,MAAM,gDAAgD,EAGlE,GAAM,CAAE,OAAAY,EAAQ,MAAAC,EAAO,OAAAC,EAAQ,UAAAC,EAAY,OAAQ,OAAAC,EAAS,EAAG,OAAAC,EAAS,EAAG,EAAIjB,EAE/E,SAAO,EAAAkB,cAAgB,CACrB,OAAAN,EACA,MAAAC,EACA,OAAAC,EACA,UAAAC,EACA,OAAAC,EACA,OAAAC,CACF,CAAC,CACH,CACF,EH9TA,IAAAE,EAAqB,wBACrBC,EAAqB,wBAGrBC,EAA4C,wBAG5CC,EAAkC,uCAClCC,EAAkC","names":["src_exports","__export","OTP","generate","generateSecret","generateSync","generateURI","verify","verifySync","__toCommonJS","import_core","import_hotp","import_totp","import_uri","import_plugin_base32_scure","import_plugin_crypto_noble","defaultCrypto","defaultBase32","normalizeGenerateOptions","options","normalizeVerifyOptions","executeByStrategy","strategy","counter","handlers","generateSecret","options","crypto","defaultCrypto","base32","defaultBase32","length","generateSecretCore","generateURI","issuer","label","secret","algorithm","digits","period","generateTOTPURI","generate","opts","normalizeGenerateOptions","commonOptions","generateTOTP","generateHOTP","generateSync","generateTOTPSync","generateHOTPSync","verify","normalizeVerifyOptions","token","verifyTOTP","verifyHOTP","verifySync","verifyTOTPSync","verifyHOTPSync","import_core","import_uri","OTP","options","strategy","crypto","defaultCrypto","base32","defaultBase32","length","generateSecretCore","generate","generateSync","verify","verifySync","issuer","label","secret","algorithm","digits","period","generateTOTPURI","import_hotp","import_totp","import_core","import_plugin_crypto_noble","import_plugin_base32_scure"]}