OneTimePassword
TOTP and HOTP one-time passwords for iOS
The OneTimePassword library is the core of Authenticator. It can generate both time-based and counter-based one-time passwords as standardized in RFC 4226 and RFC 6238. It can also read and generate the "otpauth://" URLs commonly used to set up OTP tokens, and can save and load tokens to and from the iOS secure keychain.
Installation
Carthage
Add the following line to your Cartfile:
github "mattrubin/OneTimePassword" ~> 2.0
Then run carthage update OneTimePassword to install the latest version of the framework.
Be sure to check the Carthage README file for the latest instructions on adding frameworks to an application.
CocoaPods
Add the following line to your Podfile:
pod 'OneTimePassword', '~> 2.0'OneTimePassword, like all pods written in Swift, can only be integrated as a framework. Make sure to add the line use_frameworks! to your Podfile or target to opt into frameworks instead of static libraries.
Then run pod install to install the latest version of the framework.
Usage
The latest version of the OneTimePassword library has been designed with a modern Swift API, and does not offer compatibility with Objective-C. To use OneTimePassword in an Objective-C based project, check out the
objcbranch and the 1.x releases.
Create a Token
The Generator struct contains the parameters necessary to generate a one-time password. The Token struct associates a generator with a name and an issuer string.
To initialize a token with an otpauth:// url:
if let token = Token(url: url) {
print("Password: \(token.currentPassword)")
} else {
print("Invalid token URL")
}To create a generator and a token from user input:
let name = "..."
let issuer = "..."
let secretString = "..."
guard let secretData = NSData(base32String: secretString)
where secretData.length > 0 else {
print("Invalid secret")
return nil
}
guard let generator = Generator(
factor: .Timer(period: 30),
secret: secretData,
algorithm: .SHA1,
digits: 6) else {
print("Invalid generator parameters")
return nil
}
let token = Token(name: name, issuer: issuer, generator: generator)
return tokenGenerate a One-Time Password
To generate the current password:
let password = token.currentPasswordTo generate the password at a specific point in time:
let time = someDate.timeIntervalSince1970
do {
let passwordAtTime = try token.generator.passwordAtTime(time)
print("Password at time: \(passwordAtTime)")
} catch {
print("Cannot generate password for invalid time \(time)")
}Persistence
Token persistence is managed by the Keychain class, which represents the iOS system keychain.
let keychain = Keychain.sharedInstanceThe PersistentToken struct represents a Token that has been saved to the keychain, and associates a token with a keychain-provided data identifier.
To save a token to the keychain:
do {
let persistentToken = try keychain.addToken(token)
print("Saved to keychain with identifier: \(persistentToken.identifier)")
} catch {
print("Keychain error: \(error)")
}To retrieve a token from the keychain:
do {
let persistentToken = try keychain.persistentTokenWithIdentifier(identifier)
print("Retrieved token: \(persistentToken.token)")
// Or...
let persistentTokens = try keychain.allPersistentTokens()
} catch {
print("Keychain error: \(error)")
}To update a saved token in the keychain:
do {
let updatedPersistentToken = try keychain.updatePersistentToken(persistentToken,
withToken: token)
print("Updated token: \(updatedPersistentToken)")
} catch {
print("Keychain error: \(error)")
}To delete a token from the keychain:
do {
try keychain.deletePersistentToken(persistentToken)
print("Deleted token.")
} catch {
print("Keychain error: \(error)")
}License
OneTimePassword was created by Matt Rubin and the OneTimePassword authors and is released under the MIT License.
React
Typescript
Django
Laravel
Facebook
Microsoft
Google
Alibaba
D3
Tencent