Why is label required for the constructor? about otphp HOT 6 CLOSED

Hi @lukos,

You are right: the label is only needed when the provisioning URI is computed.
Depending on the schemen (TOTP/HOTP), you just need the secret, the digest, the digits and additional parameters required by the scheme (counter, interval).

I will not add a static method, from my POV it should be easier to modify the setLabel method by allowing a null label and verify that label in the generateURI one.

WDYT?

from otphp.

Tagged v8.3.0

from otphp.

That is OK but it isn't much better than just passing an empty string to the constructor. The ideal (of course!) is that the constructor should not require the label since it is not conceptually required for a "TOTP" object to be complete but that is obviously not a quick easy fix.

You could also change it so the constructor takes an array of options so you can fill in whatever you want but that is also a breaking change. Thanks anyway.

from otphp.

I agree with you but if I change the constructor it will creates a BC break.
So for the moment and to fix it quickly I found that solution.

In the next major release, I think the constructor will be private and object will be created through static methods only.

from otphp.

I have just created a new branch that implements the static methods I mentioned above.

Example:

<?php

use OTPHP\TOTP;

$totp = TOTP::createTOTP(); //Creates a TOTP object with a random secret and digest='sha1', period=30 and digits=6
$totp = TOTP::createTOTP('JDDK4U6G3BJLEZ7Y', 20, 'sha512', 8); // Creates a TOTP object with selected parameters

WDYT?

from otphp.

mmmmmmm Factory methods. Nice

from otphp.