Compare commits

...

6 Commits

Author SHA1 Message Date
Corentin Thomasset
433d6eae5b chore(release): 2.12.0 2022-08-24 00:17:40 +02:00
Corentin Thomasset
07a5fa51ec chore(release): 2.11.0 2022-08-24 00:16:59 +02:00
Corentin Thomasset
cc6070a166 feat(new-tool): added otp generator 2022-08-24 00:10:53 +02:00
Corentin Thomasset
741a3c25a9 feat(config): added tsx to allowed extension 2022-08-24 00:10:31 +02:00
Corentin Thomasset
a89c9bea42 refactor(useQRCode): switched args to MaybeRef 2022-08-24 00:09:59 +02:00
Corentin Thomasset
59ec6293b6 refactor: token generator can use a custom alphabet 2022-08-24 00:09:16 +02:00
11 changed files with 574 additions and 19 deletions

View File

@@ -29,6 +29,7 @@ module.exports = {
{ {
js: 'never', js: 'never',
ts: 'never', ts: 'never',
tsx: 'never',
}, },
], ],
}, },

View File

@@ -2,6 +2,50 @@
All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines. All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines.
## [2.12.0](https://github.com/CorentinTh/it-tools/compare/v2.10.3...v2.12.0) (2022-08-23)
### Features
* added colored share card ([ab7483b](https://github.com/CorentinTh/it-tools/commit/ab7483b5c2bd5aee1b8b609597c22b7b7b55606d))
* **config:** added tsx to allowed extension ([741a3c2](https://github.com/CorentinTh/it-tools/commit/741a3c25a915d8296987b23bda03f2b664d51ba6))
* **new-tool:** added otp generator ([cc6070a](https://github.com/CorentinTh/it-tools/commit/cc6070a16655bce9de90517bdda3bf6224ba139d))
* **new-tool:** meta tag generator ([164e32b](https://github.com/CorentinTh/it-tools/commit/164e32b4428b8dfaaddcefa06b767a8af94573a9))
### Bug Fixes
* **deps:** added missing optional deps ([4975590](https://github.com/CorentinTh/it-tools/commit/49755909bdaea9399e51b67fbd1a6d071acd3182))
* removed colored card border ([7c449f4](https://github.com/CorentinTh/it-tools/commit/7c449f4f2d491ce58726c5419a74dc295fa92905))
### Refactors
* **colored-card:** added transition on like hover ([da17696](https://github.com/CorentinTh/it-tools/commit/da17696293270005b1b7ec4aafc0df7496f602c7))
* **share:** updated share meta ([5222bd5](https://github.com/CorentinTh/it-tools/commit/5222bd5d04ad089ba4cbade399dada55e29dcde5))
* token generator can use a custom alphabet ([59ec629](https://github.com/CorentinTh/it-tools/commit/59ec6293b65526fe8dc527ac596d0e5af29b1e32))
* **useQRCode:** switched args to MaybeRef ([a89c9be](https://github.com/CorentinTh/it-tools/commit/a89c9bea42d598f4caba10800becd66a07bbcdc9))
## [2.11.0](https://github.com/CorentinTh/it-tools/compare/v2.10.3...v2.11.0) (2022-08-19)
### Features
* added colored share card ([ab7483b](https://github.com/CorentinTh/it-tools/commit/ab7483b5c2bd5aee1b8b609597c22b7b7b55606d))
* **new-tool:** meta tag generator ([164e32b](https://github.com/CorentinTh/it-tools/commit/164e32b4428b8dfaaddcefa06b767a8af94573a9))
### Bug Fixes
* **deps:** added missing optional deps ([4975590](https://github.com/CorentinTh/it-tools/commit/49755909bdaea9399e51b67fbd1a6d071acd3182))
* removed colored card border ([7c449f4](https://github.com/CorentinTh/it-tools/commit/7c449f4f2d491ce58726c5419a74dc295fa92905))
### Refactors
* **colored-card:** added transition on like hover ([da17696](https://github.com/CorentinTh/it-tools/commit/da17696293270005b1b7ec4aafc0df7496f602c7))
* **share:** updated share meta ([5222bd5](https://github.com/CorentinTh/it-tools/commit/5222bd5d04ad089ba4cbade399dada55e29dcde5))
### [2.10.3](https://github.com/CorentinTh/it-tools/compare/v2.10.2...v2.10.3) (2022-08-14) ### [2.10.3](https://github.com/CorentinTh/it-tools/compare/v2.10.2...v2.10.3) (2022-08-14)

View File

@@ -1,6 +1,6 @@
{ {
"name": "it-tools", "name": "it-tools",
"version": "2.10.3", "version": "2.12.0",
"description": "Collection of handy online tools for developers, with great UX. ", "description": "Collection of handy online tools for developers, with great UX. ",
"keywords": [ "keywords": [
"productivity", "productivity",

View File

@@ -1,6 +1,7 @@
import { LockOpen } from '@vicons/tabler'; import { LockOpen } from '@vicons/tabler';
import type { ToolCategory } from './tool'; import type { ToolCategory } from './tool';
import { tool as otpCodeGeneratorAndValidator } from './otp-code-generator-and-validator';
import { tool as base64FileConverter } from './base64-file-converter'; import { tool as base64FileConverter } from './base64-file-converter';
import { tool as base64StringConverter } from './base64-string-converter'; import { tool as base64StringConverter } from './base64-string-converter';
import { tool as basicAuthGenerator } from './basic-auth-generator'; import { tool as basicAuthGenerator } from './basic-auth-generator';
@@ -56,7 +57,15 @@ export const toolsByCategory: ToolCategory[] = [
{ {
name: 'Web', name: 'Web',
icon: LockOpen, icon: LockOpen,
components: [urlEncoder, htmlEntities, urlParser, deviceInformation, basicAuthGenerator, metaTagGenerator], components: [
urlEncoder,
htmlEntities,
urlParser,
deviceInformation,
basicAuthGenerator,
metaTagGenerator,
otpCodeGeneratorAndValidator,
],
}, },
{ {
name: 'Images', name: 'Images',

View File

@@ -0,0 +1,27 @@
import { DeviceMobile } from '@vicons/tabler';
import { defineTool } from '../tool';
export const tool = defineTool({
name: 'OTP code generator',
path: '/otp-code-generator-and-validator',
description: 'Generate and validate time-based OTP (one time password) for multi-factor authentication.',
keywords: [
'otp',
'code',
'generator',
'validator',
'one',
'time',
'password',
'authentication',
'MFA',
'mobile',
'device',
'security',
'TOTP',
'Time',
'HMAC',
],
component: () => import('./otp-code-generator-and-validator.vue'),
icon: DeviceMobile,
});

View File

@@ -0,0 +1,140 @@
<template>
<div style="max-width: 350px">
<n-form-item label="Secret" v-bind="secretValidationAttrs">
<n-input v-model:value="secret" placeholder="Paste your TOTP secret...">
<template #suffix>
<n-tooltip trigger="hover">
<template #trigger>
<n-button quaternary circle @click="refreshSecret">
<n-icon :component="Refresh" />
</n-button>
</template>
Generate secret token
</n-tooltip>
</template>
</n-input>
</n-form-item>
<div>
<token-display :tokens="tokens" style="margin-top: 2px" />
<n-progress :percentage="(100 * interval) / 30" :color="theme.primaryColor" :show-indicator="false" />
<div style="text-align: center">Next in {{ String(Math.floor(30 - interval)).padStart(2, '0') }}s</div>
</div>
<n-space justify="center" vertical align="center" style="margin-top: 10px">
<n-image :src="qrcode"></n-image>
<n-button secondary tag="a" :href="keyUri" target="_blank">Open Key URI in new tab</n-button>
</n-space>
</div>
<div style="max-width: 350px">
<n-form-item label="Secret in hexadecimal">
<input-copyable :value="base32toHex(secret)" readonly placeholder="Secret in hex will be displayed here" />
</n-form-item>
<n-form-item label="Epoch">
<input-copyable
:value="Math.floor(now / 1000).toString()"
readonly
placeholder="Epoch in sec will be displayed here"
/>
</n-form-item>
<n-form-item label="Iteration" :show-feedback="false">
<n-input-group>
<n-input-group-label style="width: 110px">Count:</n-input-group-label>
<input-copyable
:value="String(getCounterFromTime({ now, timeStep: 30 }))"
readonly
placeholder="Iteration count will be displayed here"
/>
</n-input-group>
</n-form-item>
<n-form-item label="Iteration" :show-label="false" style="margin-top: 5px">
<n-input-group>
<n-input-group-label style="width: 110px">Padded hex:</n-input-group-label>
<input-copyable
:value="getCounterFromTime({ now, timeStep: 30 }).toString(16).padStart(16, '0')"
readonly
placeholder="Iteration count in hex will be displayed here"
/>
</n-input-group>
</n-form-item>
</div>
</template>
<script setup lang="ts">
import { computed, ref, watch } from 'vue';
import { Refresh } from '@vicons/tabler';
import { useTimestamp, whenever } from '@vueuse/core';
import { useThemeVars } from 'naive-ui';
import { useStyleStore } from '@/stores/style.store';
import InputCopyable from '@/components/InputCopyable.vue';
import { useValidation } from '@/composable/validation';
import { generateTOTP, buildKeyUri, generateSecret, base32toHex, getCounterFromTime } from './otp.service';
import { useQRCode } from '../qr-code-generator/useQRCode';
import TokenDisplay from './token-display.vue';
const now = useTimestamp();
const interval = computed(() => (now.value / 1000) % 30);
const theme = useThemeVars();
const styleStore = useStyleStore();
const secret = ref(generateSecret());
const tokens = ref(buildTokens());
const keyUri = computed(() => buildKeyUri({ secret: secret.value }));
const { qrcode } = useQRCode({
text: keyUri,
color: { background: '#00000000', foreground: computed(() => (styleStore.isDarkTheme ? '#ffffff' : '#000000')) },
options: { width: 210 },
});
const { attrs: secretValidationAttrs } = useValidation({
source: secret,
rules: [
{
message: 'Secret should be a base32 string',
validator: (value) => value.match(/^[A-Z234567]+$/),
},
{
message: 'Please set a secret',
validator: (value) => value !== '',
},
],
});
// watch + whenever to prevent token to be refresh every raf
watch([secret], refreshToken);
whenever(() => Math.floor(interval.value) === 0, refreshToken);
function refreshSecret() {
secret.value = generateSecret();
}
function refreshToken() {
tokens.value = buildTokens();
}
function buildTokens() {
return {
previous: generateTOTP({ key: secret.value, now: now.value - 30000 }),
current: generateTOTP({ key: secret.value, now: now.value }),
next: generateTOTP({ key: secret.value, now: now.value + 30000 }),
};
}
</script>
<style lang="less" scoped>
.n-progress {
margin-top: 10px;
::v-deep(.n-progress-graph-line-fill) {
transition-duration: 0.05s !important;
}
}
.token {
text-align: center;
&.token-current {
font-size: 20px;
}
}
</style>

View File

@@ -0,0 +1,124 @@
import { describe, expect, it } from 'vitest';
import {
generateHOTP,
hexToBytes,
verifyHOTP,
generateTOTP,
verifyTOTP,
buildKeyUri,
base32toHex,
} from './otp.service';
describe('otp functions', () => {
describe('hexToBytes', () => {
it('convert an hexstring to a byte array', () => {
expect(hexToBytes('1')).to.eql([1]);
expect(hexToBytes('ffffff')).to.eql([255, 255, 255]);
expect(hexToBytes('000000000')).to.eql([0, 0, 0, 0, 0]);
expect(hexToBytes('a3218bcef89')).to.eql([163, 33, 139, 206, 248, 9]);
expect(hexToBytes('063679ca')).toEqual([6, 54, 121, 202]);
expect(hexToBytes('0102030405060708090a0b0c0d0e0f')).toEqual([1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15]);
});
});
describe('base32tohex', () => {
it('convert a base32 to hex string', () => {
expect(base32toHex('ABCDEF')).to.eql('00443205');
expect(base32toHex('7777')).to.eql('ffff0f');
expect(base32toHex('JBSWY3DPEHPK3PXP')).to.eql('48656c6c6f21deadbeef');
});
});
describe('generateHOTP', () => {
it('generates HOTP codes for a given counter', () => {
const key = 'JBSWY3DPEHPK3PXP';
const hotpCodes = ['282760', '996554', '602287', '143627', '960129'];
for (const [counter, code] of hotpCodes.entries()) {
expect(generateHOTP({ key, counter })).to.eql(code);
}
});
});
describe('verifyHOTP', () => {
it('validate hotp for a given secret', () => {
const key = 'JBSWY3DPEHPK3PXP';
const hotpCodes = ['282760', '996554', '602287', '143627', '960129'];
for (const [counter, token] of hotpCodes.entries()) {
expect(verifyHOTP({ token, key, counter, window: 0 })).to.eql(true);
}
expect(verifyHOTP({ token: 'INVALID', key })).to.eql(false);
});
it('does not validate hotp out of sync', () => {
const key = 'JBSWY3DPEHPK3PXP';
const token = '282760';
expect(verifyHOTP({ token, key, counter: 5, window: 2 })).to.eql(false);
expect(verifyHOTP({ token, key, counter: 5, window: 5 })).to.eql(true);
});
});
describe('generateTOTP', () => {
it('generates TOTP codes', () => {
const key = 'JBSWY3DPEHPK3PXP';
const codes = [
{ token: '282760', now: 0 },
{ token: '341128', now: 1465324707000 },
{ token: '089029', now: 1365324707000 },
];
for (const { token, now } of codes) {
expect(generateTOTP({ key, now })).to.eql(token);
}
});
});
describe('verifyTOTP', () => {
it('verify TOTP in sync codes against a key', () => {
const key = 'JBSWY3DPEHPK3PXP';
const codes = [
{ token: '282760', now: 0 },
{ token: '341128', now: 1465324707000 },
{ token: '089029', now: 1365324707000 },
];
for (const { token, now } of codes) {
expect(verifyTOTP({ key, token, now })).to.eql(true);
}
});
it('does not validate totp out of sync', () => {
const key = 'JBSWY3DPEHPK3PXP';
const token = '635183';
const now = 1661266455000;
expect(verifyTOTP({ key, token, now, window: 2 })).to.eql(true);
expect(verifyTOTP({ key, token, now, window: 1 })).to.eql(false);
});
});
describe('buildKeyUri', () => {
it('build a key uri string', () => {
expect(buildKeyUri({ secret: 'JBSWY3DPEHPK3PXP' })).to.eql(
'otpauth://totp/IT-Tools:demo-user?issuer=IT-Tools&secret=JBSWY3DPEHPK3PXP&algorithm=SHA1&digits=6&period=30',
);
expect(
buildKeyUri({
secret: 'JBSWY3DPEHPK3PXP',
app: 'app-name',
account: 'account',
algorithm: 'algo',
digits: 7,
period: 10,
}),
).to.eql(
'otpauth://totp/app-name:account?issuer=app-name&secret=JBSWY3DPEHPK3PXP&algorithm=algo&digits=7&period=10',
);
});
});
});

View File

@@ -0,0 +1,139 @@
import { enc, HmacSHA1 } from 'crypto-js';
import _ from 'lodash';
import { createToken } from '../token-generator/token-generator.service';
export {
generateHOTP,
hexToBytes,
verifyHOTP,
generateTOTP,
verifyTOTP,
buildKeyUri,
generateSecret,
base32toHex,
getCounterFromTime,
};
function hexToBytes(hex: string) {
return (hex.match(/.{1,2}/g) ?? []).map((char) => parseInt(char, 16));
}
function computeHMACSha1(message: string, key: string) {
return HmacSHA1(enc.Hex.parse(message), enc.Hex.parse(base32toHex(key))).toString(enc.Hex);
}
function base32toHex(base32: string) {
const base32Chars = 'ABCDEFGHIJKLMNOPQRSTUVWXYZ234567';
const bits = base32
.replace(/=+$/, '')
.split('')
.map((value) => base32Chars.indexOf(value).toString(2).padStart(5, '0'))
.join('');
const hex = (bits.match(/.{1,8}/g) ?? []).map((chunk) => parseInt(chunk, 2).toString(16).padStart(2, '0')).join('');
return hex;
}
function generateHOTP({ key, counter = 0 }: { key: string; counter?: number }) {
// Compute HMACdigest
const digest = computeHMACSha1(counter.toString(16).padStart(16, '0'), key);
// Get byte array
const bytes = hexToBytes(digest);
// Truncate
const offset = bytes[19] & 0xf;
const v =
((bytes[offset] & 0x7f) << 24) |
((bytes[offset + 1] & 0xff) << 16) |
((bytes[offset + 2] & 0xff) << 8) |
(bytes[offset + 3] & 0xff);
const code = String(v % 1000000).padStart(6, '0');
return code;
}
function verifyHOTP({
token,
key,
window = 0,
counter = 0,
}: {
token: string;
key: string;
window?: number;
counter?: number;
}) {
for (let i = counter - window; i <= counter + window; ++i) {
if (generateHOTP({ key, counter: i }) === token) {
return true;
}
}
return false;
}
function getCounterFromTime({ now, timeStep }: { now: number; timeStep: number }) {
return Math.floor(now / 1000 / timeStep);
}
function generateTOTP({ key, now = Date.now(), timeStep = 30 }: { key: string; now?: number; timeStep?: number }) {
const counter = getCounterFromTime({ now, timeStep });
return generateHOTP({ key, counter });
}
function verifyTOTP({
key,
token,
window = 0,
now = Date.now(),
timeStep = 30,
}: {
token: string;
key: string;
window?: number;
now?: number;
timeStep?: number;
}) {
const counter = getCounterFromTime({ now, timeStep });
return verifyHOTP({ token, key, window, counter });
}
function buildKeyUri({
secret,
app = 'IT-Tools',
account = 'demo-user',
algorithm = 'SHA1',
digits = 6,
period = 30,
}: {
secret: string;
app?: string;
account?: string;
algorithm?: string;
digits?: number;
period?: number;
}) {
const params = {
issuer: app,
secret,
algorithm,
digits,
period,
};
const paramsString = _(params)
.map((value, key) => `${encodeURIComponent(key)}=${encodeURIComponent(value)}`)
.join('&');
return `otpauth://totp/${encodeURIComponent(app)}:${encodeURIComponent(account)}?${paramsString}`;
}
function generateSecret() {
return createToken({ length: 16, alphabet: 'ABCDEFGHIJKLMNOPQRSTUVWXYZ234567' });
}

View File

@@ -0,0 +1,66 @@
<template>
<div>
<n-space class="labels" item-style="flex: 1 1 0" style="width: 100%" align="center">
<div style="text-align: left">Previous</div>
<div style="text-align: center">Current OTP</div>
<div style="text-align: right">Next</div>
</n-space>
<n-input-group>
<n-tooltip trigger="hover" placement="bottom">
<template #trigger>
<n-button secondary @click.prevent="copyPrevious(tokens.previous)">{{ tokens.previous }}</n-button>
</template>
<div>{{ previousCopied ? 'Copied !' : 'Copy previous OTP' }}</div>
</n-tooltip>
<n-tooltip trigger="hover" placement="bottom">
<template #trigger>
<n-button tertiary type="primary" class="current-otp" @click.prevent="copyCurrent(tokens.current)">
{{ tokens.current }}
</n-button>
</template>
<div>{{ currentCopied ? 'Copied !' : 'Copy current OTP' }}</div>
</n-tooltip>
<n-tooltip trigger="hover" placement="bottom">
<template #trigger>
<n-button secondary @click.prevent="copyNext(tokens.next)">{{ tokens.next }}</n-button>
</template>
<div>{{ nextCopied ? 'Copied !' : 'Copy next OTP' }}</div>
</n-tooltip>
</n-input-group>
</div>
</template>
<script setup lang="ts">
import { useClipboard } from '@vueuse/core';
import { toRefs } from 'vue';
const { copy: copyPrevious, copied: previousCopied } = useClipboard();
const { copy: copyCurrent, copied: currentCopied } = useClipboard();
const { copy: copyNext, copied: nextCopied } = useClipboard();
const props = defineProps<{ tokens: { previous: string; current: string; next: string } }>();
const { tokens } = toRefs(props);
</script>
<style scoped lang="less">
.current-otp {
font-size: 22px;
flex: 1 0 35% !important;
}
.n-button {
height: 45px;
}
.labels {
div {
text-align: center;
padding: 0 2px 6px 2px;
line-height: 1.25;
}
}
.n-input-group > * {
flex: 1 0 0;
}
</style>

View File

@@ -1,5 +1,6 @@
import { get, type MaybeRef } from '@vueuse/core';
import QRCode, { type QRCodeErrorCorrectionLevel, type QRCodeToDataURLOptions } from 'qrcode'; import QRCode, { type QRCodeErrorCorrectionLevel, type QRCodeToDataURLOptions } from 'qrcode';
import { ref, watch, type Ref } from 'vue'; import { ref, watch, isRef } from 'vue';
export function useQRCode({ export function useQRCode({
text, text,
@@ -7,24 +8,24 @@ export function useQRCode({
errorCorrectionLevel, errorCorrectionLevel,
options, options,
}: { }: {
text: Ref<string>; text: MaybeRef<string>;
color: { foreground: Ref<string>; background: Ref<string> }; color: { foreground: MaybeRef<string>; background: MaybeRef<string> };
errorCorrectionLevel: Ref<QRCodeErrorCorrectionLevel>; errorCorrectionLevel?: MaybeRef<QRCodeErrorCorrectionLevel>;
options?: QRCodeToDataURLOptions; options?: QRCodeToDataURLOptions;
}) { }) {
const qrcode = ref(''); const qrcode = ref('');
watch( watch(
[text, background, foreground, errorCorrectionLevel], [text, background, foreground, errorCorrectionLevel].filter(isRef),
async () => { async () => {
if (text.value) if (get(text))
qrcode.value = await QRCode.toDataURL(text.value, { qrcode.value = await QRCode.toDataURL(get(text), {
color: { color: {
dark: foreground.value, dark: get(foreground),
light: background.value, light: get(background),
...options?.color, ...options?.color,
}, },
errorCorrectionLevel: errorCorrectionLevel.value, errorCorrectionLevel: get(errorCorrectionLevel) ?? 'M',
...options, ...options,
}); });
}, },

View File

@@ -6,19 +6,23 @@ export function createToken({
withNumbers = true, withNumbers = true,
withSymbols = false, withSymbols = false,
length = 64, length = 64,
alphabet,
}: { }: {
withUppercase?: boolean; withUppercase?: boolean;
withLowercase?: boolean; withLowercase?: boolean;
withNumbers?: boolean; withNumbers?: boolean;
withSymbols?: boolean; withSymbols?: boolean;
length?: number; length?: number;
alphabet?: string;
}) { }) {
const alphabet = [ const allAlphabet =
alphabet ??
[
...(withUppercase ? 'ABCDEFGHIJKLMOPQRSTUVWXYZ' : ''), ...(withUppercase ? 'ABCDEFGHIJKLMOPQRSTUVWXYZ' : ''),
...(withLowercase ? 'abcdefghijklmopqrstuvwxyz' : ''), ...(withLowercase ? 'abcdefghijklmopqrstuvwxyz' : ''),
...(withNumbers ? '0123456789' : ''), ...(withNumbers ? '0123456789' : ''),
...(withSymbols ? '.,;:!?./-"\'#{([-|\\@)]=}*+' : ''), ...(withSymbols ? '.,;:!?./-"\'#{([-|\\@)]=}*+' : ''),
].join(''); ].join('');
return shuffleString(alphabet.repeat(length)).substring(0, length); return shuffleString(allAlphabet.repeat(length)).substring(0, length);
} }