Package go-otp implements one-time-password generators used in 2-factor authentication systems like RSA-tokens. Currently this supports both HOTP (RFC-4226), TOTP (RFC-6238) and Base32 encoding (RFC-3548) for Google Authenticator compatibility

OTP

Build Status

Package go-otp implements one-time-password generators used in 2-factor authentication systems like RSA-tokens and Google Authenticator. Currently this supports both HOTP (RFC-4226) and TOTP (RFC-6238).

Install

$ go get github.com/hgfischer/go-otp

Usage

Check API docs, with examples, at http://godoc.org/github.com/hgfischer/go-otp

License

Copyright (c) 2014, Herbert G. Fischer All rights reserved.

Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: * Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. * Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. * Neither the name of the organization nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission.

THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL HERBERT G. FISCHER BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

Owner
Herbert Fischer
Herbert Fischer
https://github.com/hgfischer/go-otp
Comments
  • Fix Window{Back,Forward} tokens not being verified properly

    Fix Window{Back,Forward} tokens not being verified properly

    When initializing Totp with the given Window{Back,Forward} the verification of the generated tokens within that window fails.

    The for loop that goes through the matching tokens using the given Window{Back,Forward} always updates the Totp's Time variable with the preceding value of Time, resulting in a Moving Window generating wrong tokens.

    It's my pleasure to contribute, please give me any possible feedback for the tests provided in this PR as I'm newly introduced to GO ;)

  • Please tag and version this project

    Please tag and version this project

    Tags and versions aid in packaging for things like .deb files, and for anyone wanting to use Glide and other version based package managers to version their dependencies. It would also help ensure that if you make a breaking change, we don't pull it down until we are ready.

  • Handle padding on base32 secrets

    Handle padding on base32 secrets

    This should handle #7 by padding out the Base32 string to always be a multiple of 8 characters in length.

    That said, it feels like a dangerous spot to hide the errors from base32 decoding the secret. Fixing that would require changing the API such that Get() (and thus the TOTP validate calls as well) would return an error in addition to their existing result.

  • Add a Gitter chat badge to README.md

    Add a Gitter chat badge to README.md

    hgfischer/go-otp now has a Chat Room on Gitter

    @hgfischer has just created a chat room. You can visit it here: https://gitter.im/hgfischer/go-otp.

    This pull-request adds this badge to your README.md:

    Gitter

    If my aim is a little off, please let me know.

    Happy chatting.

    PS: Click here if you would prefer not to receive automatic pull-requests from Gitter in future.

  • TOTP not returning correct codes for seeds with length 26 characters

    TOTP not returning correct codes for seeds with length 26 characters

    Hello, I discovered that the code is not returning correct values for this seed: HG3ST7NLZJJRASIQSLQLZH2EDV

    Further testing has shown that all seeds in the same length produce an incorrect code. For timestamp 2016-05-21 07:00:37.995 +0200 CEST the value returned is 502621, but it should be 289787. I am not sure where to start debugging.

  • The `Period` for TOTP is very limited being uint8

    The `Period` for TOTP is very limited being uint8

    Given the value is in seconds, uint8 can't be used to have values like 5 minutes or more. The Period should be allowed to have higher values, even few days if the situation demands.

Related tags
Authentication & OAuth go otp rsa-tokens
Go based HTTP server with 2FA based on OTP (One-Time Password) manager like Google Authenticator

Go based HTTP server with 2FA based on OTP (One-Time Password) manager like Goog

Aug 21, 2022
Implementation of RFC-6238 (Time-Based One-Time Password Algorithm) in Go.

TOTP TOTP (RFC-6238) implementation in Go with no external dependencies. INSTALL You can do little copying the totp.go file or add this package as Go

Jan 18, 2022
Go library for one-time passwords, supports HOPT and TOPT (Google Authenticator compatible)

GoTP: One-time password library for Go GoTP library provides implementations of one-time password generators and validators. This implemantation suppo

Oct 5, 2022
Yet another ykman Go lib for requesting OATH TOTP Multi-Factor Authentication Codes from Yubikey Devices

ykmangoath Ykman OATH TOTP with Go Yet another ykman Go lib for requesting OATH TOTP Multi-Factor Authentication Codes from Yubikey Devices. ?? Work-i

Jul 3, 2022
Go implementation of OTP (One-time-password). SMS send async (goroutine)

Go-OTP Go realization to otp authentication Stack: Redis (Save OTP and token) Go SMS provider (Megafon as example) Schema: User send phonenumber (ex.7

Dec 14, 2021
Gotp - Generate TOTP codes from standalone TOTP secret keys

⏲️ GOTP Generate TOTP codes from standalone TOTP secrets. Usage $ gotp TOTPSECRE

Mar 22, 2022
Generate a generic library of 2FA tokens compatible with Google Authenticator

towfa Generate a generic library of 2FA tokens compatible with Google Authenticator go get -u github.com/golandscape/twofa $twofa "you secret" result:

Mar 23, 2022
Authelia: an open-source authentication and authorization server providing two-factor authentication
 Authelia: an open-source authentication and authorization server providing two-factor authentication

Authelia is an open-source authentication and authorization server providing two

Jan 5, 2022
A tool to manage accounts and codes of Google Authenticator.

A tool to manage accounts and codes of Google Authenticator.

Sep 10, 2021
Google Authenticator for Go

This is a Go implementation of the Google Authenticator library. Copyright (c) 2012 Damian Gryski [email protected] This code is licensed under the Ap

Dec 31, 2022
2FA (Two-Factor Authentication) application for CLI terminal with support to import/export andOTP files.
 2FA (Two-Factor Authentication) application for CLI terminal with support to import/export andOTP files.

zauth zauth is a 2FA (Two-Factor Authentication) application for terminal written in Go. Features Supports both TOTP and HOTP codes. Add new entries d

Nov 27, 2022
Gets Firebase auth tokens (for development purposes only)Gets Firebase auth tokens

Firebase Token Gets Firebase auth tokens (for development purposes only) Getting started Create Firebase project Setup Firebase authentication Setup G

Nov 17, 2021
One time password for Go.

otp One time password for Go. Features Simple API. Dependency-free. Clean and tested code. HOTP RFC 4226. TOTP RFC 6238. See GUIDE.md for more details

May 16, 2022
[DEPRECATED] Go package authcookie implements creation and verification of signed authentication cookies.

Package authcookie import "github.com/dchest/authcookie" Package authcookie implements creation and verification of signed authentication cookies. Co

Dec 22, 2022
a Framework for creating mesh networks using technologies and design patterns of Erlang/OTP in Golang
 a Framework for creating mesh networks using technologies and design patterns of Erlang/OTP in Golang

Ergo Framework Implementation of Erlang/OTP in Golang. Up to x5 times faster than original Erlang/OTP. The easiest drop-in replacement for your hot no

Jan 5, 2023
simple-jwt-provider - Simple and lightweight provider which exhibits JWTs, supports login, password-reset (via mail) and user management.

Simple and lightweight JWT-Provider written in go (golang). It exhibits JWT for the in postgres persisted user, which can be managed via api. Also, a password-reset flow via mail verification is available. User specific custom-claims also available for jwt-generation and mail rendering.

Dec 18, 2022
Terraform utility provider for generating Time-Based One-Time Passwords (TOTPs)

Terraform TOTP Provider The TOTP provider is a utility provider, which allows for generating Time-Based One-Time Passwords (TOTP) following the RFC 62

Nov 19, 2022
✨ Pretty TOTP manager in your terminal
 ✨ Pretty TOTP manager in your terminal

asunder Asunder, Sweet and Other Distress asunder is a small pretty command-line TOTP manager. Installation Binaries Download a binary from the releas

Dec 26, 2022
Authorization and authentication. Learning go by writing a simple authentication and authorization service.

Authorization and authentication. Learning go by writing a simple authentication and authorization service.

Aug 5, 2022