authelia/internal/handlers/totp.go

package handlers

import (
	"time"

	"github.com/pquerna/otp"
	"github.com/pquerna/otp/totp"
)

// TOTPVerifier is the interface for verifying TOTPs.
type TOTPVerifier interface {
	Verify(token, secret string) (bool, error)
}

// TOTPVerifierImpl the production implementation for TOTP verification.
type TOTPVerifierImpl struct {
	Period uint
	Skew   uint
}

// Verify verifies TOTPs.
func (tv *TOTPVerifierImpl) Verify(token, secret string) (bool, error) {
	opts := totp.ValidateOpts{
		Period:    tv.Period,
		Skew:      tv.Skew,
		Digits:    otp.DigitsSix,
		Algorithm: otp.AlgorithmSHA1,
	}

	return totp.ValidateCustom(token, secret, time.Now().UTC(), opts)
}
[FIX] Fix default redirection URL not taken into account (#600) * Remove unused mongo docker-compose file. * Default redirection URL was not taken into account. * Fix possible storage options in config template. * Remove useless checks in u2f registration endpoints. * Add default redirection url in config of duo suite. * Fix log line in response handler of 2FA methods. * Fix integration tests. Co-authored-by: Amir Zarrinkafsh <nightah@me.com> 2020-02-01 12:54:50 +00:00			`package handlers`

			`import (`
[MISC] Update durations to notation format and housekeeping (#824) * added regulation validator * made regulations find_time and ban_time values duration notation strings * added DefaultRegulationConfiguration for the validator * made session expiration and inactivity values duration notation strings * TOTP period does not need to be converted because adjustment should be discouraged * moved TOTP defaults to DefaultTOTPConfiguration and removed the consts * arranged the root config validator in configuration file order * adjusted tests for the changes * moved duration notation docs to root of configuration * added references to duration notation where applicable * project wide gofmt and goimports: * run gofmt * run goimports -local github.com/authelia/authelia -w on all files * Make jwt_secret error uniform and add tests * now at 100% coverage for internal/configuration/validator/configuration.go 2020-04-05 12:37:21 +00:00			`"time"`

[FEATURE] TOTP Tuning Configuration Options and Fix Timer Graphic (#773) * Add period TOPT config key to define the time in seconds each OTP is rotated * Add skew TOTP config to define how many keys either side of the current one should be considered valid * Add tests and set minimum values * Update config template * Use unix epoch for position calculation and Fix QR gen * This resolves the timer resetting improperly at the 0 seconds mark and allows for periods longer than 1 minute * Generate QR based on period * Fix OTP timer graphic 2020-03-25 01:48:20 +00:00			`"github.com/pquerna/otp"`
[FIX] Fix default redirection URL not taken into account (#600) * Remove unused mongo docker-compose file. * Default redirection URL was not taken into account. * Fix possible storage options in config template. * Remove useless checks in u2f registration endpoints. * Add default redirection url in config of duo suite. * Fix log line in response handler of 2FA methods. * Fix integration tests. Co-authored-by: Amir Zarrinkafsh <nightah@me.com> 2020-02-01 12:54:50 +00:00			`"github.com/pquerna/otp/totp"`
			`)`

[MISC] Implement golint recommendations (#885) Co-authored-by: Clément Michaud <clement.michaud34@gmail.com> 2020-04-20 21:03:38 +00:00			`// TOTPVerifier is the interface for verifying TOTPs.`
[FIX] Fix default redirection URL not taken into account (#600) * Remove unused mongo docker-compose file. * Default redirection URL was not taken into account. * Fix possible storage options in config template. * Remove useless checks in u2f registration endpoints. * Add default redirection url in config of duo suite. * Fix log line in response handler of 2FA methods. * Fix integration tests. Co-authored-by: Amir Zarrinkafsh <nightah@me.com> 2020-02-01 12:54:50 +00:00			`type TOTPVerifier interface {`
[FEATURE] TOTP Tuning Configuration Options and Fix Timer Graphic (#773) * Add period TOPT config key to define the time in seconds each OTP is rotated * Add skew TOTP config to define how many keys either side of the current one should be considered valid * Add tests and set minimum values * Update config template * Use unix epoch for position calculation and Fix QR gen * This resolves the timer resetting improperly at the 0 seconds mark and allows for periods longer than 1 minute * Generate QR based on period * Fix OTP timer graphic 2020-03-25 01:48:20 +00:00			`Verify(token, secret string) (bool, error)`
[FIX] Fix default redirection URL not taken into account (#600) * Remove unused mongo docker-compose file. * Default redirection URL was not taken into account. * Fix possible storage options in config template. * Remove useless checks in u2f registration endpoints. * Add default redirection url in config of duo suite. * Fix log line in response handler of 2FA methods. * Fix integration tests. Co-authored-by: Amir Zarrinkafsh <nightah@me.com> 2020-02-01 12:54:50 +00:00			`}`

[MISC] Implement golint recommendations (#885) Co-authored-by: Clément Michaud <clement.michaud34@gmail.com> 2020-04-20 21:03:38 +00:00			`// TOTPVerifierImpl the production implementation for TOTP verification.`
[FEATURE] TOTP Tuning Configuration Options and Fix Timer Graphic (#773) * Add period TOPT config key to define the time in seconds each OTP is rotated * Add skew TOTP config to define how many keys either side of the current one should be considered valid * Add tests and set minimum values * Update config template * Use unix epoch for position calculation and Fix QR gen * This resolves the timer resetting improperly at the 0 seconds mark and allows for periods longer than 1 minute * Generate QR based on period * Fix OTP timer graphic 2020-03-25 01:48:20 +00:00			`type TOTPVerifierImpl struct {`
			`Period uint`
			`Skew uint`
			`}`
[FIX] Fix default redirection URL not taken into account (#600) * Remove unused mongo docker-compose file. * Default redirection URL was not taken into account. * Fix possible storage options in config template. * Remove useless checks in u2f registration endpoints. * Add default redirection url in config of duo suite. * Fix log line in response handler of 2FA methods. * Fix integration tests. Co-authored-by: Amir Zarrinkafsh <nightah@me.com> 2020-02-01 12:54:50 +00:00
[MISC] Implement golint recommendations (#885) Co-authored-by: Clément Michaud <clement.michaud34@gmail.com> 2020-04-20 21:03:38 +00:00			`// Verify verifies TOTPs.`
[FEATURE] TOTP Tuning Configuration Options and Fix Timer Graphic (#773) * Add period TOPT config key to define the time in seconds each OTP is rotated * Add skew TOTP config to define how many keys either side of the current one should be considered valid * Add tests and set minimum values * Update config template * Use unix epoch for position calculation and Fix QR gen * This resolves the timer resetting improperly at the 0 seconds mark and allows for periods longer than 1 minute * Generate QR based on period * Fix OTP timer graphic 2020-03-25 01:48:20 +00:00			`func (tv *TOTPVerifierImpl) Verify(token, secret string) (bool, error) {`
			`opts := totp.ValidateOpts{`
			`Period: tv.Period,`
			`Skew: tv.Skew,`
			`Digits: otp.DigitsSix,`
			`Algorithm: otp.AlgorithmSHA1,`
			`}`
[CI] Add wsl linter (#980) * [CI] Add wsl linter * Implement wsl recommendations Co-authored-by: Clément Michaud <clement.michaud34@gmail.com> 2020-05-05 19:35:32 +00:00
[FEATURE] TOTP Tuning Configuration Options and Fix Timer Graphic (#773) * Add period TOPT config key to define the time in seconds each OTP is rotated * Add skew TOTP config to define how many keys either side of the current one should be considered valid * Add tests and set minimum values * Update config template * Use unix epoch for position calculation and Fix QR gen * This resolves the timer resetting improperly at the 0 seconds mark and allows for periods longer than 1 minute * Generate QR based on period * Fix OTP timer graphic 2020-03-25 01:48:20 +00:00			`return totp.ValidateCustom(token, secret, time.Now().UTC(), opts)`
[FIX] Fix default redirection URL not taken into account (#600) * Remove unused mongo docker-compose file. * Default redirection URL was not taken into account. * Fix possible storage options in config template. * Remove useless checks in u2f registration endpoints. * Add default redirection url in config of duo suite. * Fix log line in response handler of 2FA methods. * Fix integration tests. Co-authored-by: Amir Zarrinkafsh <nightah@me.com> 2020-02-01 12:54:50 +00:00			`}`