fix: refactor GenerateTOTP to use optauth

2025-04-20 14:56:19 -04:00 · 2025-01-23 11:28:04 +00:00 · 2025-01-23 11:28:04 +00:00 · 672cb5dea4
commit 672cb5dea4
parent 7eb9e08ad2
1 changed files with 16 additions and 27 deletions
--- a/src/core/operations/GenerateTOTP.mjs
+++ b/src/core/operations/GenerateTOTP.mjs
@ -5,15 +5,14 @@
 */

 import Operation from "../Operation.mjs";
-import otp from "otp";
+import * as OTPAuth from "otpauth";

 /**
 * Generate TOTP operation
 */
 class GenerateTOTP extends Operation {
-
    /**
-     * GenerateTOTP constructor
+     *
     */
    constructor() {
        super();
@ -29,11 +28,6 @@ class GenerateTOTP extends Operation {
                "type": "string",
                "value": ""
            },
-            {
-                "name": "Key size",
-                "type": "number",
-                "value": 32
-            },
            {
                "name": "Code length",
                "type": "number",
@ -53,32 +47,27 @@ class GenerateTOTP extends Operation {
    }

    /**
-     * @param {ArrayBuffer} input
-     * @param {Object[]} args
-     * @returns {string}
+     *
     */
    run(input, args) {
        const secretStr = new TextDecoder("utf-8").decode(input).trim();
+        const secret = secretStr ? secretStr.toUpperCase().replace(/\s+/g, "") : "";

-        // uppercase it and remove spaces. If input is empty, let otp generate a random key.
-        const secret = secretStr ?
-            secretStr.toUpperCase().replace(/\s+/g, "") : // e.g. "ok53 fvlf" -> "OK53FVLF"
-            "";
-
-        // Construct the OTP object. If secret is "", otp will auto-generate one.
-        const otpObj = new otp({
-            name: args[0],
-            keySize: args[1],
-            codeLength: args[2],
-            secret: secret,
-            epoch: args[3],
-            timeSlice: args[4]
+        const totp = new OTPAuth.TOTP({
+            issuer: "",
+            label: args[0],
+            algorithm: "SHA1",
+            digits: args[1],
+            period: args[3],
+            epoch: args[2] * 1000, // Convert seconds to milliseconds
+            secret: OTPAuth.Secret.fromBase32(secret)
        });

-        // Return TOTP URI and code
-        return `URI: ${otpObj.totpURL}\n\nPassword: ${otpObj.totp()}`;
-    }
+        const uri = totp.toString();
+        const code = totp.generate();

+        return `URI: ${uri}\n\nPassword: ${code}`;
+    }
 }

 export default GenerateTOTP;