Merge branch 'renovate/github.com-pquerna-otp-1.x' into 'master'

Update module pquerna/otp to v1.3.0

See merge request !11

go.mod

@@ -5,7 +5,6 @@ go 1.14
 require (
 	git.autistici.org/ai3/go-common v0.0.0-20210110180225-a05c683cfe23
 	git.autistici.org/id/usermetadb v0.0.0-20210112103616-f674f50555fc
-	github.com/boombuler/barcode v0.0.0-20170618053812-56ef0af91246 // indirect
 	github.com/bradfitz/gomemcache v0.0.0-20190913173617-a41fca850d0b
 	github.com/cenkalti/backoff/v4 v4.1.0
 	github.com/coreos/go-systemd/v22 v22.1.0
@@ -15,7 +14,7 @@ require (
 	github.com/lib/pq v0.0.0-20190326042056-d6156e141ac6
 	github.com/mattn/go-sqlite3 v0.0.0-20200618132256-aa77c03e2fcb
 	github.com/patrickmn/go-cache v0.0.0-20180815053127-5633e0862627
-	github.com/pquerna/otp v1.0.0
+	github.com/pquerna/otp v1.3.0
 	github.com/prometheus/client_golang v1.9.0
 	github.com/theckman/go-flock v0.8.0
 	github.com/tstranex/u2f v1.0.0

go.sum

@@ -47,6 +47,8 @@ github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6r
 github.com/bgentry/speakeasy v0.1.0/go.mod h1:+zsyZBPWlz7T6j88CTgSN5bM796AkVf0kBD4zp0CCIs=
 github.com/boombuler/barcode v0.0.0-20170618053812-56ef0af91246 h1:HrRyYatID4tDi4g2wTXryTXcFUXWay3sDGde2/jTCrw=
 github.com/boombuler/barcode v0.0.0-20170618053812-56ef0af91246/go.mod h1:paBWMcWSl3LHKBqUq+rly7CNSldXjb2rDl3JlRe0mD8=
+github.com/boombuler/barcode v1.0.1-0.20190219062509-6c824513bacc h1:biVzkmvwrH8WK8raXaxBx6fRVTlJILwEwQGL1I/ByEI=
+github.com/boombuler/barcode v1.0.1-0.20190219062509-6c824513bacc/go.mod h1:paBWMcWSl3LHKBqUq+rly7CNSldXjb2rDl3JlRe0mD8=
 github.com/bradfitz/gomemcache v0.0.0-20180710155616-bc664df96737 h1:rRISKWyXfVxvoa702s91Zl5oREZTrR3yv+tXrrX7G/g=
 github.com/bradfitz/gomemcache v0.0.0-20180710155616-bc664df96737/go.mod h1:PmM6Mmwb0LSuEubjR8N7PtNe1KxZLtOUHtbeikc5h60=
 github.com/bradfitz/gomemcache v0.0.0-20190913173617-a41fca850d0b h1:L/QXpzIa3pOvUGt1D1lA5KjYhPBAN/3iWdP7xeFS9F0=
@@ -281,6 +283,8 @@ github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZN
 github.com/posener/complete v1.1.1/go.mod h1:em0nMJCgc9GFtwrmVmEMR/ZL6WyhyjMBndrE9hABlRI=
 github.com/pquerna/otp v1.0.0 h1:TBZrpfnzVbgmpYhiYBK+bJ4Ig0+ye+GGNMe2pTrvxCo=
 github.com/pquerna/otp v1.0.0/go.mod h1:Zad1CMQfSQZI5KLpahDiSUX4tMMREnXw98IvL1nhgMk=
+github.com/pquerna/otp v1.3.0 h1:oJV/SkzR33anKXwQU3Of42rL4wbrffP4uvUf1SvS5Xs=
+github.com/pquerna/otp v1.3.0/go.mod h1:dkJfzwRKNiegxyNb54X/3fLwhCynbMspSyWKnvi1AEg=
 github.com/prometheus/client_golang v0.9.1/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXPKyh/dDVn+NZz0KFw=
 github.com/prometheus/client_golang v0.9.3-0.20190127221311-3c4408c8b829/go.mod h1:p2iRAGwDERtqlqzRXnrOVns+ignqQo//hLXqYxZYVNs=
 github.com/prometheus/client_golang v1.0.0/go.mod h1:db9x61etRT2tGnBNRi70OPL5FsnadC4Ky3P0J6CfImo=

vendor/github.com/boombuler/barcode/README.md

+[![Join the chat at https://gitter.im/golang-barcode/Lobby](https://badges.gitter.im/golang-barcode/Lobby.svg)](https://gitter.im/golang-barcode/Lobby?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge)
+
 ## Introduction ##
+
 This is a package for GO which can be used to create different types of barcodes.
 
 ## Supported Barcode Types ##

vendor/github.com/boombuler/barcode/go.mod

+module github.com/boombuler/barcode

vendor/github.com/boombuler/barcode/utils/base1dcode.go

@@ -46,7 +46,7 @@ func (c *base1DCodeIntCS) CheckSum() int {
 	return c.checksum
 }
 
-// New1DCode creates a new 1D barcode where the bars are represented by the bits in the bars BitList
+// New1DCodeIntCheckSum creates a new 1D barcode where the bars are represented by the bits in the bars BitList
 func New1DCodeIntCheckSum(codeKind, content string, bars *BitList, checksum int) barcode.BarcodeIntCS {
 	return &base1DCodeIntCS{base1DCode{bars, codeKind, content}, checksum}
 }

vendor/github.com/pquerna/otp/.travis.yml

+arch:
+  - amd64
+  - ppc64le
 language: go
 
+env:
+  - GO111MODULE=on
+
 go:
-  - 1.7
-  - 1.8
-  - tip
+  - "1.15"

vendor/github.com/pquerna/otp/README.md

 # otp: One Time Password utilities Go / Golang
 
-[![GoDoc](https://godoc.org/github.com/pquerna/otp?status.svg)](https://godoc.org/github.com/pquerna/otp) [![Build Status](https://travis-ci.org/pquerna/otp.svg?branch=master)](https://travis-ci.org/pquerna/otp)
+[![PkgGoDev](https://pkg.go.dev/badge/github.com/pquerna/otp)](https://pkg.go.dev/github.com/pquerna/otp) [![Build Status](https://travis-ci.org/pquerna/otp.svg?branch=master)](https://travis-ci.org/pquerna/otp)
 
 # Why One Time Passwords?
 

vendor/github.com/pquerna/otp/go.mod

+module github.com/pquerna/otp
+
+go 1.12
+
+require (
+	github.com/boombuler/barcode v1.0.1-0.20190219062509-6c824513bacc
+	github.com/stretchr/testify v1.3.0
+)

vendor/github.com/pquerna/otp/go.sum

+github.com/boombuler/barcode v1.0.0 h1:s1TvRnXwL2xJRaccrdcBQMZxq6X7DvsMogtmJeHDdrc=
+github.com/boombuler/barcode v1.0.0/go.mod h1:paBWMcWSl3LHKBqUq+rly7CNSldXjb2rDl3JlRe0mD8=
+github.com/boombuler/barcode v1.0.1-0.20190219062509-6c824513bacc h1:biVzkmvwrH8WK8raXaxBx6fRVTlJILwEwQGL1I/ByEI=
+github.com/boombuler/barcode v1.0.1-0.20190219062509-6c824513bacc/go.mod h1:paBWMcWSl3LHKBqUq+rly7CNSldXjb2rDl3JlRe0mD8=
+github.com/davecgh/go-spew v1.1.0 h1:ZDRjVQ15GmhC3fiQ8ni8+OwkZQO4DARzQgrnXU1Liz8=
+github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
+github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
+github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
+github.com/stretchr/testify v1.3.0 h1:TivCn/peBQ7UY8ooIcPgZFpTNSz0Q2U6UrFlUfqbe0Q=
+github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI=

vendor/github.com/pquerna/otp/hotp/hotp.go

@@ -19,6 +19,7 @@ package hotp
 
 import (
 	"github.com/pquerna/otp"
+	"io"
 
 	"crypto/hmac"
 	"crypto/rand"
@@ -77,6 +78,10 @@ func GenerateCodeCustom(secret string, counter uint64, opts ValidateOpts) (passc
 		secret = secret + strings.Repeat("=", 8-n)
 	}
 
+	// As noted in issue #24 Google has started producing base32 in lower case,
+	// but the StdEncoding (and the RFC), expect a dictionary of only upper case letters.
+	secret = strings.ToUpper(secret)
+
 	secretBytes, err := base32.StdEncoding.DecodeString(secret)
 	if err != nil {
 		return "", otp.ErrValidateSecretInvalidBase32
@@ -142,12 +147,18 @@ type GenerateOpts struct {
 	AccountName string
 	// Size in size of the generated Secret. Defaults to 10 bytes.
 	SecretSize uint
+	// Secret to store. Defaults to a randomly generated secret of SecretSize.  You should generally leave this empty.
+	Secret []byte
 	// Digits to request. Defaults to 6.
 	Digits otp.Digits
 	// Algorithm to use for HMAC. Defaults to SHA1.
 	Algorithm otp.Algorithm
+	// Reader to use for generating HOTP Key.
+	Rand io.Reader
 }
 
+var b32NoPadding = base32.StdEncoding.WithPadding(base32.NoPadding)
+
 // Generate creates a new HOTP Key.
 func Generate(opts GenerateOpts) (*otp.Key, error) {
 	// url encode the Issuer/AccountName
@@ -163,16 +174,28 @@ func Generate(opts GenerateOpts) (*otp.Key, error) {
 		opts.SecretSize = 10
 	}
 
+	if opts.Digits == 0 {
+		opts.Digits = otp.DigitsSix
+	}
+
+	if opts.Rand == nil {
+		opts.Rand = rand.Reader
+	}
+
 	// otpauth://totp/Example:alice@google.com?secret=JBSWY3DPEHPK3PXP&issuer=Example
 
 	v := url.Values{}
-	secret := make([]byte, opts.SecretSize)
-	_, err := rand.Read(secret)
-	if err != nil {
-		return nil, err
+	if len(opts.Secret) != 0 {
+		v.Set("secret", b32NoPadding.EncodeToString(opts.Secret))
+	} else {
+		secret := make([]byte, opts.SecretSize)
+		_, err := opts.Rand.Read(secret)
+		if err != nil {
+			return nil, err
+		}
+		v.Set("secret", b32NoPadding.EncodeToString(secret))
 	}
 
-	v.Set("secret", strings.TrimRight(base32.StdEncoding.EncodeToString(secret), "="))
 	v.Set("issuer", opts.Issuer)
 	v.Set("algorithm", opts.Algorithm.String())
 	v.Set("digits", opts.Digits.String())

vendor/github.com/pquerna/otp/otp.go

@@ -31,6 +31,7 @@ import (
 	"image"
 	"net/url"
 	"strings"
+	"strconv"
 )
 
 // Error when attempting to convert the secret from base32 to raw bytes.
@@ -138,11 +139,31 @@ func (k *Key) Secret() string {
 	return q.Get("secret")
 }
 
+// Period returns a tiny int representing the rotation time in seconds.
+func (k *Key) Period() uint64 {
+	q := k.url.Query()
+
+	if u, err := strconv.ParseUint(q.Get("period"), 10, 64); err == nil {
+		return u
+	}
+	
+	// If no period is defined 30 seconds is the default per (rfc6238)
+	return 30
+}
+
+// URL returns the OTP URL as a string
+func (k *Key) URL() string {
+	return k.url.String()
+}
+
 // Algorithm represents the hashing function to use in the HMAC
 // operation needed for OTPs.
 type Algorithm int
 
 const (
+	// AlgorithmSHA1 should be used for compatibility with Google Authenticator.
+	//
+	// See https://github.com/pquerna/otp/issues/55 for additional details.
 	AlgorithmSHA1 Algorithm = iota
 	AlgorithmSHA256
 	AlgorithmSHA512

vendor/github.com/pquerna/otp/totp/totp.go

@@ -18,10 +18,9 @@
 package totp
 
 import (
-	"strings"
-
 	"github.com/pquerna/otp"
 	"github.com/pquerna/otp/hotp"
+	"io"
 
 	"crypto/rand"
 	"encoding/base32"
@@ -136,14 +135,20 @@ type GenerateOpts struct {
 	AccountName string
 	// Number of seconds a TOTP hash is valid for. Defaults to 30 seconds.
 	Period uint
-	// Size in size of the generated Secret. Defaults to 10 bytes.
+	// Size in size of the generated Secret. Defaults to 20 bytes.
 	SecretSize uint
+	// Secret to store. Defaults to a randomly generated secret of SecretSize.  You should generally leave this empty.
+	Secret []byte
 	// Digits to request. Defaults to 6.
 	Digits otp.Digits
 	// Algorithm to use for HMAC. Defaults to SHA1.
 	Algorithm otp.Algorithm
+	// Reader to use for generating TOTP Key.
+	Rand io.Reader
 }
 
+var b32NoPadding = base32.StdEncoding.WithPadding(base32.NoPadding)
+
 // Generate a new TOTP Key.
 func Generate(opts GenerateOpts) (*otp.Key, error) {
 	// url encode the Issuer/AccountName
@@ -160,23 +165,31 @@ func Generate(opts GenerateOpts) (*otp.Key, error) {
 	}
 
 	if opts.SecretSize == 0 {
-		opts.SecretSize = 10
+		opts.SecretSize = 20
 	}
 
 	if opts.Digits == 0 {
 		opts.Digits = otp.DigitsSix
 	}
 
+	if opts.Rand == nil {
+		opts.Rand = rand.Reader
+	}
+
 	// otpauth://totp/Example:alice@google.com?secret=JBSWY3DPEHPK3PXP&issuer=Example
 
 	v := url.Values{}
-	secret := make([]byte, opts.SecretSize)
-	_, err := rand.Read(secret)
-	if err != nil {
-		return nil, err
+	if len(opts.Secret) != 0 {
+		v.Set("secret", b32NoPadding.EncodeToString(opts.Secret))
+	} else {
+		secret := make([]byte, opts.SecretSize)
+		_, err := opts.Rand.Read(secret)
+		if err != nil {
+			return nil, err
+		}
+		v.Set("secret", b32NoPadding.EncodeToString(secret))
 	}
 
-	v.Set("secret", strings.TrimRight(base32.StdEncoding.EncodeToString(secret), "="))
 	v.Set("issuer", opts.Issuer)
 	v.Set("period", strconv.FormatUint(uint64(opts.Period), 10))
 	v.Set("algorithm", opts.Algorithm.String())

vendor/modules.txt

@@ -19,8 +19,7 @@ github.com/Azure/go-ntlmssp
 github.com/amoghe/go-crypt
 # github.com/beorn7/perks v1.0.1
 github.com/beorn7/perks/quantile
-# github.com/boombuler/barcode v0.0.0-20170618053812-56ef0af91246
-## explicit
+# github.com/boombuler/barcode v1.0.1-0.20190219062509-6c824513bacc
 github.com/boombuler/barcode
 github.com/boombuler/barcode/qr
 github.com/boombuler/barcode/utils
@@ -82,7 +81,7 @@ github.com/openzipkin/zipkin-go/reporter/http
 # github.com/patrickmn/go-cache v0.0.0-20180815053127-5633e0862627
 ## explicit
 github.com/patrickmn/go-cache
-# github.com/pquerna/otp v1.0.0
+# github.com/pquerna/otp v1.3.0
 ## explicit
 github.com/pquerna/otp
 github.com/pquerna/otp/hotp