susam / mintotp Goto Github PK
View Code? Open in Web Editor NEWMinimal TOTP generator in 20 lines of Python
License: MIT License
Minimal TOTP generator in 20 lines of Python
License: MIT License
Is the 'Getting Started' safe to follow ?
Won't copy-pasting with the provided secret-key and following with google authenticator compromise my google account ?
Line 19 in 50c8a04
it gives AttributeError: 'str' object has no attribute 'new' on line 13 because of the hmac module calls .new function on the digest we gave.
You gave sha1 string to it but it should be like
+import hashlib # to the start
def hotp(key, counter, digits=6, digest=hashlib.sha1): # at line 10
and
def totp(key, time_step=30, digits=6, digest=hashlib.sha1): # at line 19
Line 14 in 50c8a04
it gives an error because of the & operand doesn't work with str
Like
offset = ord(mac[-1]) & 0x0f
This is a great little script and thank you very much for it. However there is an problem with the following text, as it is no longer accurate.
[โฆ] one of the issues currently with
oathtool
is that it requires the secret key to be provided as a command line argument [โฆ]
In recent versions of oathtool
you can provide the key via a pipe (like mintopt
) by having '-' as the last argument. You should update your help text to accurately reflect the current situation. mintopt
still provides advantages for those wanting a more portable implementation. In addition mintotp
allows multiple keys to be provided through the pipe together, while oathtool
allows for just one.
Hello!
I noticed your project on HN and decided to translate it into Go. My objective was to simply write it in golang so that I can compile a binary and put them in most of my machines.
My version is here: https://github.com/ashraful-islam/gototp
The source code is more or less reflection of your Python version(with few minor adaptations and changes), so I wanted to check if you are fine with it.
If I have some time I'll also refactor a bit and make a nice go module usable as third-party module.
Traceback (most recent call last):
File "totp.py", line 26, in
print(totp(secret))
File "totp.py", line 21, in totp
return hotp(secret, int(time.time() / interval))
File "totp.py", line 14, in hotp
mac = hmac.digest(secret_bytes, counter_bytes, algo)
AttributeError: module 'hmac' has no attribute 'digest'
it's not a real issue but users can call functions with separated keys.
$ echo "ZYTY YE5F OAGW 5ML7 LRWU L4WT ZLNJ AMZS" | python3 mintotp.py
Traceback (most recent call last):
File "mintotp.py", line 30, in
main()
File "mintotp.py", line 26, in main
print(totp(key.strip(), *args))
File "mintotp.py", line 20, in totp
return hotp(key, int(time.time() / time_step), digits, digest)
File "mintotp.py", line 11, in hotp
key = base64.b32decode(key.upper() + '=' * ((8 - len(key)) % 8))
File "/usr/lib/python3.6/base64.py", line 231, in b32decode
raise binascii.Error('Non-base32 digit found') from None
binascii.Error: Non-base32 digit found
$ echo "ZYTYYE5FOAGW5ML7LRWUL4WTZLNJAMZS" | python3 mintotp.py
246648
you were right at the first two issues i was using python2.7 sorry for that.
Spaces in the keys broke the script it's not a real issue but i think it's worth to know
key = base64.b32decode(key.upper().replace(" ","") + '=' * ((8 - len(key) + key.count(" ")) % 8))
It would be good if new line is not present when copying the token to clipboard and later paste into other prompts. The new line makes login fail as one extra character is present.
$ gpg -q -o - secret.gpg | mintotp | pbcopy
123456
Hi @susam , just wanted to say thanks for your simple and powerful library.
I had ported your library to Ruby and give you credit for your work. Please let me know if I missed out someone to credit for their work in my repo.
This is my repo URL: https://github.com/winhtaikaung/mintotp-ruby
Cheers
๐ป
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.