mattrubin/OneTimePassword

Tag 3.2.0

🔑 A small library for generating TOTP and HOTP one-time passwords on iOS.

Repository Swift

Keywords
2fa, hotp, ios, one-time-passwords, otp, swift, totp, two-factor-authentication
License
MIT

Documentation

OneTimePassword

TOTP and HOTP one-time passwords for iOS

Build Status Code Coverage Swift 4.2 or 5.0 Available via Carthage and CocoaPods Platforms: iOS, watchOS MIT License

The OneTimePassword library is the core of Authenticator. It can generate both time-based and counter-based one-time passwords as standardized in RFC 4226 and RFC 6238. It can also read and generate the "otpauth://" URLs commonly used to set up OTP tokens, and can save and load tokens to and from the iOS secure keychain.

Installation

Carthage

Add the following line to your Cartfile:

github "mattrubin/OneTimePassword" ~> 3.2

Then run carthage update OneTimePassword to install the latest version of the framework.

Be sure to check the Carthage README file for the latest instructions on adding frameworks to an application.

CocoaPods

Add the following line to your Podfile:

pod 'OneTimePassword', '~> 3.2'

OneTimePassword, like all pods written in Swift, can only be integrated as a framework. Make sure to add the line use_frameworks! to your Podfile or target to opt into frameworks instead of static libraries.

Then run pod install to install the latest version of the framework.

Usage

The latest version of OneTimePassword can be compiled with either Swift 4.2 or Swift 5, and can be linked with Swift 4 or Swift 5 projects using the Swift compiler's compatibility mode. To use OneTimePassword with earlier versions of Swift, check out the swift-4, swift-3, and swift-2.3 branches. To use OneTimePassword in an Objective-C based project, check out the objc branch and the 1.x releases.

Create a Token

The Generator struct contains the parameters necessary to generate a one-time password. The Token struct associates a generator with a name and an issuer string.

To initialize a token with an otpauth:// url:

if let token = Token(url: url) {
    print("Password: \(token.currentPassword)")
} else {
    print("Invalid token URL")
}

To create a generator and a token from user input:

This example assumes the user provides the secret as a Base32-encoded string. To use the decoding function seen below, add import Base32 to the top of your Swift file.

let name = "..."
let issuer = "..."
let secretString = "..."

guard let secretData = MF_Base32Codec.data(fromBase32String: secretString),
    !secretData.isEmpty else {
        print("Invalid secret")
        return nil
}

guard let generator = Generator(
    factor: .timer(period: 30),
    secret: secretData,
    algorithm: .sha1,
    digits: 6) else {
        print("Invalid generator parameters")
        return nil
}

let token = Token(name: name, issuer: issuer, generator: generator)
return token

Generate a One-Time Password

To generate the current password:

let password = token.currentPassword

To generate the password at a specific point in time:

let time = Date(timeIntervalSince1970: ...)
do {
    let passwordAtTime = try token.generator.password(at: time)
    print("Password at time: \(passwordAtTime)")
} catch {
    print("Cannot generate password for invalid time \(time)")
}

Persistence

Token persistence is managed by the Keychain class, which represents the iOS system keychain.

let keychain = Keychain.sharedInstance

The PersistentToken struct represents a Token that has been saved to the keychain, and associates a token with a keychain-provided data identifier.

To save a token to the keychain:

do {
    let persistentToken = try keychain.add(token)
    print("Saved to keychain with identifier: \(persistentToken.identifier)")
} catch {
    print("Keychain error: \(error)")
}

To retrieve a token from the keychain:

do {
    if let persistentToken = try keychain.persistentToken(withIdentifier: identifier) {
        print("Retrieved token: \(persistentToken.token)")
    }
    // Or...
    let persistentTokens = try keychain.allPersistentTokens()
    print("All tokens: \(persistentTokens.map({ $0.token }))")
} catch {
    print("Keychain error: \(error)")
}

To update a saved token in the keychain:

do {
    let updatedPersistentToken = try keychain.update(persistentToken, with: token)
    print("Updated token: \(updatedPersistentToken)")
} catch {
    print("Keychain error: \(error)")
}

To delete a token from the keychain:

do {
    try keychain.delete(persistentToken)
    print("Deleted token.")
} catch {
    print("Keychain error: \(error)")
}

License

OneTimePassword was created by Matt Rubin and the OneTimePassword authors and is released under the MIT License.

Stats

Dependent repositories
9
Total tags
38
Latest tag
First tag
Stars
333
Forks
101
Watchers
13
Contributors
6
Repository size
1.16 MB
SourceRank
12

Development practices

Source repo 2FA enabled
TEXT!
Package manager 2FA enabled
TEXT!
Is security responsive
TEXT!
Dependencies are managed
TEXT!
Issue-free release available
TEXT!
Succession plan available
TEXT!
Package manager 2FA enabled
TEXT!

The Tidelift Subscription provides access to a continuously curated stream of human-researched and maintainer-verified data on open source packages and their licenses, releases, vulnerabilities, and development practices.

Learn more

Tagged Releases

3.2.0
3.2.0-rc
3.1.6-rc
3.1.5
3.1.5-rc
3.1.4
3.1.4
3.1.4-rc
3.1.4-rc
3.1.3
See all 38 tags

Contributors

Matt Rubin Gereon Steffens Chris Ziogas Martin Algesten Mike Engel Sathya Rajaraman


See all contributors

Something wrong with this page? Make a suggestion

Export .ABOUT file for this package

Last synced: 2024-04-15 01:15:57 UTC

Login to resync this project