commit bdf7a2f88ab32c67c9c9c8157ea3b72be84d1230
parent 044c876f04397f990010bbb553da6ad10892cd60
Author: Sean Enck <sean@ttypty.com>
Date: Sun, 2 Oct 2022 16:05:24 -0400
better override/input handling for totp tokens
Diffstat:
2 files changed, 24 insertions(+), 3 deletions(-)
diff --git a/internal/inputs/env.go b/internal/inputs/env.go
@@ -4,6 +4,7 @@ package inputs
import (
"errors"
"fmt"
+ "net/url"
"os"
"os/exec"
"strings"
@@ -12,6 +13,8 @@ import (
)
const (
+ otpAuth = "otpauth"
+ otpIssuer = "lbissuer"
prefixKey = "LOCKBOX_"
noClipEnv = prefixKey + "NOCLIP"
noColorEnv = prefixKey + "NOCOLOR"
@@ -129,6 +132,24 @@ func TOTPToken() string {
// FormatTOTP will format a totp otpauth url
func FormatTOTP(value string) string {
- v := EnvOrDefault(formatTOTPEnv, "otpauth://totp/totp:none?secret=%s&period=30&digits=6&issuer=lb")
- return fmt.Sprintf(v, value)
+ if strings.HasPrefix(value, otpAuth) {
+ return value
+ }
+ override := EnvOrDefault(formatTOTPEnv, "")
+ if override != "" {
+ return fmt.Sprintf(override, value)
+ }
+ v := url.Values{}
+ v.Set("secret", value)
+ v.Set("issuer", otpIssuer)
+ v.Set("period", "30")
+ v.Set("algorithm", "SHA1")
+ v.Set("digits", "6")
+ u := url.URL{
+ Scheme: "otpauth",
+ Host: "totp",
+ Path: "/" + otpIssuer + ":" + "lbaccount",
+ RawQuery: v.Encode(),
+ }
+ return u.String()
}
diff --git a/tests/expected.log b/tests/expected.log
@@ -27,7 +27,7 @@ hash:6d201beeefb589b08ef0672dac82353d0cbd9ad99e1642c83a1601f3d647bcca003257b5e8f
keys2/k/three:
hash:132ab0244293c495a027cec12d0050598616daca888449920fc652719be0987830827d069ef78cc613e348de37c9b592d3406e2fb8d99a6961bf0c58da8a334f
test/k/totp:
-hash:9f12449917d856a2f97d5f1b280ef864c1a6c03a7763d9a565553aeb4ebeca6ab3807e5b8e8c457333c6fe1dd5085d8d526ad150d31f42da9e875a45bf3eec00
+hash:b6c44d5d8a75071d8e8a39df231b0b98584d1d42982b5cf230e44f94d9c48e2983e78955a54b70c0acb0428d6db7205101e332f950ffb6b6d643aa37287c6aa5
delete entry? (y/N)
delete entry? (y/N)
delete entry? (y/N) unable to remove entry (entity is empty/invalid)
