Thanks to visit codestin.com
Credit goes to github.com

Skip to content

NoYiBa/rotp

BranchesTags
 
 

Repository files navigation

The Ruby One Time Password Library

Build Status Gem Version License

A ruby library for generating one time passwords (HOTP & TOTP) according to RFC 4226 and RFC 6238.

ROTP is compatible with the Google Authenticator available for Android and iPhone.

Many websites use this for multi-factor authentication, such as GMail, Facebook, Amazon EC2, WordPress, and Salesforce. You can find the whole list here.

Dependencies

  • OpenSSL
  • Ruby 1.9.3 or higher

Installation

gem install rotp

Library Usage

Time based OTP's

totp = ROTP::TOTP.new("base32secret3232")
totp.now # => "492039"

# OTP verified for current time
totp.verify("492039") # => true
sleep 30
totp.verify("492039") # => false

Counter based OTP's

hotp = ROTP::HOTP.new("base32secretkey3232")
hotp.at(0) # => "260182"
hotp.at(1) # => "055283"
hotp.at(1401) # => "316439"

# OTP verified with a counter
hotp.verify("316439", 1401) # => true
hotp.verify("316439", 1402) # => false

Generating a Base32 Secret key

ROTP::Base32.random_base32  # returns a 16 character base32 secret. Compatible with Google Authenticator

Note: The Base32 format conforms to RFC 4648 Base32

Google Authenticator Compatible URI's

Provisioning URI's generated by ROTP are compatible with the Google Authenticator App to be scanned with the in-built QR Code scanner.

totp.provisioning_uri("[email protected]") # => 'otpauth://totp/[email protected]?secret=JBSWY3DPEHPK3PXP'
hotp.provisioning_uri("[email protected]", 0) # => 'otpauth://hotp/[email protected]?secret=JBSWY3DPEHPK3PXP&counter=0'

This can then be rendered as a QR Code which can then be scanned and added to the users list of OTP credentials.

Working example

Scan the following barcode with your phone, using Google Authenticator

QR Code for OTP

Now run the following and compare the output

require 'rubygems'
require 'rotp'
totp = ROTP::TOTP.new("JBSWY3DPEHPK3PXP")
p "Current OTP: #{totp.now}"

Testing

bundle install
bundle exec rspec

Executable Usage

Once the rotp rubygem is installed on your system, you should be able to run the rotp executable (if not, you might find trouble-shooting help at this stackoverflow question).

# Try this to get an overview of the commands
rotp --help

# Examples
rotp --secret p4ssword                       # Generates a time-based one-time password
rotp --hmac --secret p4ssword --counter 42   # Generates a counter-based one-time password

Contributors

Have a look at the contributors graph on Github.

License

MIT Copyright (C) 2011 by Mark Percival, see LICENSE for details.

Other implementations

A list can be found at Wikipedia.

About

Ruby One Time Password library

rubydoc.info/github/mdp/rotp/master/frames

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

2 tags

Packages

No packages published

Languages

  • Ruby 100.0%