Commit d657a68c authored by mh's avatar mh

add a check for totp and fix image URI handling for new ROTP gem

parent 1af1dc6e
......@@ -9,22 +9,31 @@ module ROTP
@image = options[:image]
super
end
def provisioning_uri(name)
# The format of this URI is documented at:
# https://github.com/google/google-authenticator/wiki/Key-Uri-Format
# For compatibility the issuer appears both before that account name and also in the
# query string.
issuer_string = issuer.nil? ? '' : "#{Addressable::URI.escape(issuer)}:"
params = {
secret: secret,
period: interval == 30 ? nil : interval,
issuer: issuer,
digits: digits == DEFAULT_DIGITS ? nil : digits,
algorithm: digest.casecmp('SHA1').zero? ? nil : digest.upcase,
image: image,
}
end
end
encode_params("otpauth://totp/#{issuer_string}#{Addressable::URI.escape(name)}", params)
module ROTP
class OTP
class URI
private
def image
return unless @otp.is_a?(TOTP)
@otp.image
end
def parameters
{
secret: @otp.secret,
issuer: issuer,
algorithm: algorithm,
digits: digits,
period: period,
counter: counter,
image: image,
}
.reject { |_, v| v.nil? }
.map { |k, v| "#{k}=#{ERB::Util.url_encode(v)}" }
.join('&')
end
end
end
end
......@@ -9,6 +9,20 @@ class TfaTest < ActionDispatch::IntegrationTest
end
end
test "view with recovery" do
with_fresh_user(recovery_email: 'norecovery@immerda.ch') do |user, pw, token|
get tfa_path
assert_response :success
end
end
test "add new totp" do
with_fresh_user(recovery_email: 'norecovery@immerda.ch') do |user, pw, token|
get tfa_totp_path
assert_response :success
end
end
test "enable" do
with_fresh_user(recovery_email: 'norecovery@immerda.ch') do |user, pw, token|
secret = ROTP::Base32.random
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment