File manager

File manager - Edit - /home/newsbmcs.com/public_html/static/img/logo/pyotp.tar

Back
otp.py��0000644��00000004256�15030210311�0005711 0��ustar�00��import base64 import hashlib import hmac from typing import Any, Optional class OTP(object): """ Base class for OTP handlers. """ def __init__( self, s: str, digits: int = 6, digest: Any = hashlib.sha1, name: Optional[str] = None, issuer: Optional[str] = None, ) -> None: self.digits = digits if digits > 10: raise ValueError("digits must be no greater than 10") self.digest = digest self.secret = s self.name = name or "Secret" self.issuer = issuer def generate_otp(self, input: int) -> str: """ :param input: the HMAC counter value to use as the OTP input. Usually either the counter, or the computed integer based on the Unix timestamp """ if input < 0: raise ValueError("input must be positive integer") hasher = hmac.new(self.byte_secret(), self.int_to_bytestring(input), self.digest) hmac_hash = bytearray(hasher.digest()) offset = hmac_hash[-1] & 0xF code = ( (hmac_hash[offset] & 0x7F) << 24 \| (hmac_hash[offset + 1] & 0xFF) << 16 \| (hmac_hash[offset + 2] & 0xFF) << 8 \| (hmac_hash[offset + 3] & 0xFF) ) str_code = str(10_000_000_000 + (code % 10*self.digits)) return str_code[-self.digits :] def byte_secret(self) -> bytes: secret = self.secret missing_padding = len(secret) % 8 if missing_padding != 0: secret += "=" (8 - missing_padding) return base64.b32decode(secret, casefold=True) @staticmethod def int_to_bytestring(i: int, padding: int = 8) -> bytes: """ Turns an integer to the OATH specified bytestring, which is fed to the HMAC along with the secret """ result = bytearray() while i != 0: result.append(i & 0xFF) i >>= 8 # It's necessary to convert the final result from bytearray to bytes # because the hmac functions in python 2.6 and 3.3 don't work with # bytearray return bytes(bytearray(reversed(result)).rjust(padding, b"\0")) ��__pycache__/totp.cpython-310.pyc��0000644��00000010300�15030210311�0012417 0��ustar�00��o ��h��@��s`��d�dl�Z�d�dlZd�dlZd�dlZd�dlmZmZmZ�ddlm Z �ddl mZ�G�dd��de�ZdS�)��N)�Any�Optional�Union��)�utils)�OTPc��s��e�Zd�ZdZ ddedededee�d ee�d eddf��fdd � Zd de ee j f�dedefdd�Zdefdd�Zd!dedee j �dede fdd�Z d"dee�dee�dee�defdd�Zde j defdd�Z��ZS�)#�TOTPz. Handler for time-based OTP counters. ��N��s�digits�digest�name�issuer�interval�returnc��s.��\|du�rt�j}\|\|�_t��j\|\|\|\|\|d��dS�)a�� :param s: secret in base32 format :param interval: the time interval in seconds for OTP. This defaults to 30. :param digits: number of integers in the OTP. Some apps expect this to be 6 digits, others support more. :param digest: digest function to use in the HMAC (expected to be SHA1) :param name: account name :param issuer: issuer N)r��r��r ��r��r��)�hashlib�sha1r��super�__init__)�selfr��r��r ��r��r��r�� __class__��=/usr/local/CyberCP/lib/python3.10/site-packages/pyotp/totp.pyr��s��z TOTP.__init__r��for_time�counter_offsetc��C��s0��t�\|tj�stj�t\|��}\|��\|��\|�\|��S�)a�� Accepts either a Unix timestamp integer or a datetime object. To get the time until the next timecode change (seconds until the current OTP expires), use this instead: .. code:: python totp = pyotp.TOTP(...) time_remaining = totp.interval - datetime.datetime.now().timestamp() % totp.interval :param for_time: the time to generate an OTP for :param counter_offset: the amount of ticks to add to the time counter :returns: OTP value )� isinstance�datetime� fromtimestamp�int�generate_otp�timecode)r��r��r��r��r��r��at'��s��zTOTP.atc��C��s��\|��\|��tj��S�)zL Generate the current time OTP :returns: OTP value )r!��r"��r��now)r��r��r��r��r$��:��s��zTOTP.now�otp�valid_windowc�� C��sl��\|du�r t�j��}\|r)t\|�\|d��D�]}t�t\|�t\|��\|\|��r&�dS�qdS�t�t\|�t\|��\|��S�)ah�� Verifies the OTP passed in against the current time OTP. :param otp: the OTP to check against :param for_time: Time to check OTP at (defaults to now) :param valid_window: extends the validity to this many counter ticks before and after the current one :returns: True if verification succeeded, False otherwise Nr��TF)r��r$��ranger�� strings_equal�strr#��)r��r%��r��r&��ir��r��r��verifyB��s�� zTOTP.verify�issuer_name�imagec�� C��s8��t�j\|�j\|r\|n\|�j\|r\|n\|�j\|��j\|�j\|�j\|d�S�)a�� Returns the provisioning URI for the OTP. This can then be encoded in a QR Code and used to provision an OTP app like Google Authenticator. See also: https://github.com/google/google-authenticator/wiki/Key-Uri-Format )r�� algorithmr��periodr-��)r�� build_uri�secretr��r��r ��r��r��)r��r��r,��r-��r��r��r��provisioning_uriV��s�� zTOTP.provisioning_uric��C��s6��\|j�rtt�\|��\|�j��S�tt�\|��\|�j��S�)z� Accepts either a timezone naive (`for_time.tzinfo is None`) or a timezone aware datetime as argument and returns the corresponding counter value (timecode). ) �tzinfor ��calendar�timegm�utctimetupler��time�mktime� timetuple)r��r��r��r��r��r"��m��s��z TOTP.timecode)r ��NNNr ��)r��)Nr��)NNN)�__name__� __module__�__qualname__�__doc__r)��r ��r��r��r��r��r��r#��r$��boolr+��r2��r"�� __classcell__r��r��r��r��r��sH��""�� r��) r4��r��r��r7��typingr��r��r��r��r%��r��r��r��r��r��r��<module>��s��__pycache__/compat.cpython-310.pyc��0000644��00000000421�15030210311�0012717 0��ustar�00��o ��h��@��s:��zd�dl�mZ�W�n�ey��d�dlmZ�Y�nw�e��ZdS�)��)�SystemRandomN)�secretsr��ImportError�random��r��r��?/usr/local/CyberCP/lib/python3.10/site-packages/pyotp/compat.py�<module>��s�� __pycache__/__init__.cpython-310.pyc��0000644��00000005462�15030210311�0013205 0��ustar�00��o ��h��@��s��d�dl�Z�d�dlmZ�d�dlmZmZmZ�d�dlmZm Z m Z �ddlmZ�ddl mZ�ddlmZ�dd lmZ�dd lmZ�ded�fd edee�defdd�Zded�fd edee�defdd�Zdedefdd�ZdS�)��N)�split)�Any�Dict�Sequence)� parse_qsl�unquote�urlparse��)�contrib)�random)�HOTP)�OTP)�TOTP� �� ABCDEFGHIJKLMNOPQRSTUVWXYZ234567�length�chars�returnc��s,��\|�dk�rt�d��d��fdd�t\|��D��S�)Nr��#Secrets should be at least 160 bits��c��3��s��\|�]}t��V��qd�S�)N)r��choice)�.0�_�r��A/usr/local/CyberCP/lib/python3.10/site-packages/pyotp/__init__.py� <genexpr>��s��z random_base32.<locals>.<genexpr>)� ValueError�join�range�r��r��r��r��r�� random_base32 ��s��r!��(��ABCDEF0123456789c��C��s��\|�dk�rt�d��t\|�\|d�S�)Nr"��r��r ��)r��r!��r ��r��r��r�� random_hex��s��r$��uric�� C��s��d}d}d}i�}t�t\|��}\|jdkrtd��td\|jdd��dd�}t\|�dkr0\|d�\|d<�n\|d�\|d <�\|d�\|d<�t\|j�D�]�\}}\|d krL\|}qA\|d krid \|v�rd\|d �durd\|d �\|krdtd��\|\|d <�qA\|dkr�\|d krwt j \|d<�qA\|dkr�t j\|d<�qA\|dkr�t j\|d<�qAtd��\|dkr�\|}qA\|dkr�t \|�}\|\|d<�qA\|dkr�t \|�\|d<�qA\|dkr�t \|�\|d<�qA\|dkr�td�\|��qA\|dkr�\|dur�\|dvr�td��\|s�td��\|dkr�tj\|fi�\|��S�\|jdkr�t\|fi�\|��S�\|jdk�rt\|fi�\|��S�td ��)!z� Parses the provisioning URI for the OTP; works for either TOTP or HOTP. See also: https://github.com/google/google-authenticator/wiki/Key-Uri-Format :param uri: the hotp/totp URI to parse :returns: OTP object N�otpauthzNot an otpauth URIz:\|%3Ar ��)�maxsplitr��name�issuer�secretzHIf issuer is specified in both label and parameters, it should be equal.� algorithm�SHA1�digest�SHA256�SHA512z;Invalid value for algorithm, must be SHA1, SHA256 or SHA512�encoder�digits�period�interval�counter� initial_count�imagez{} is not a valid parameter�steam)��zDigits may only be 6, 7, or 8zNo secret found in URI�totp�hotpzNot a supported OTP type)r��r��schemer��r��path�lenr��query�hashlib�sha1�sha256�sha512�int�formatr ��Steam�netlocr��r��) r%��r��r0��r1��otp_data� parsed_uri�accountinfo_parts�key�valuer��r��r�� parse_uri��sf�� rN��)rA��rer��typingr��r��r��urllib.parser��r��r��r��r ��compatr��r<��r��otpr ��r;��r��listrE��strr!��r$��rN��r��r��r��r��<module>��s��$$ ��__pycache__/utils.cpython-310.pyc��0000644��00000005412�15030210311�0012601 0��ustar�00��o ��h0��@��s��d�dl�Z�d�dlmZ�d�dlmZmZmZ�d�dlmZm Z m Z � ddededee�dee�d ee�d ee�dee�dee�d efdd�Z deded efdd�ZdS�)��N)�compare_digest)�Dict�Optional�Union)�quote� urlencode�urlparse�secret�name� initial_count�issuer� algorithm�digits�period�image�returnc��C��s��\|du}\|duo\|dk} \|duo\|dk} \|duo\|dk}\|r dnd}d} d\|�i}t�\|�}\|dur<t�\|�d �\|�}\|\|d <�\|rB\|\|d<�\| rJ\|��\|d<�\| rP\|\|d <�\|rV\|\|d<�\|rrt\|�}\|jdksg\|jrg\|jsntd�\|��\|\|d<�\| �\|\|t\|�� dd��}\|S�)a�� Returns the provisioning URI for the OTP; works for either TOTP or HOTP. This can then be encoded in a QR Code and used to provision the Google Authenticator app. For module-internal use. See also: https://github.com/google/google-authenticator/wiki/Key-Uri-Format :param secret: the hotp/totp secret used to generate the URI :param name: name of the account :param initial_count: starting counter value, defaults to None. If none, the OTP type will be assumed as TOTP. :param issuer: the name of the OTP issuer; this will be the organization title of the OTP entry in Authenticator :param algorithm: the algorithm used in the OTP generation. :param digits: the length of the OTP generated code. :param period: the number of seconds the OTP generator is set to expire every code. :param image: optional logo image url :returns: provisioning uri N�sha1��hotp�totpzotpauth://{0}/{1}?{2}r ��:r��counterr ��r��r��httpsz{} is not a valid urlr��+z%20) r��upperr��scheme�netloc�path� ValueError�formatr��replace)r ��r ��r��r��r ��r��r��r��is_initial_count_present�is_algorithm_set� is_digits_set� is_period_set�otp_type�base_uri�url_args�label� image_uri�uri��r,��>/usr/local/CyberCP/lib/python3.10/site-packages/pyotp/utils.py� build_uri��s4��#r.��s1�s2c��C��s.��t��d\|��}�t��d\|�}t\|��d�\|�d��S�)a�� Timing-attack resistant string comparison. Normal comparison using == will short-circuit on the first mismatching character. This avoids that by scanning the whole string, though we still reveal to a timing attack whether the strings are the same length. �NFKCzutf-8)�unicodedata� normalizer��encode)r/��r0��r,��r,��r-�� strings_equalM��s�� r5��)NNNNNN)r2��hmacr��typingr��r��r��urllib.parser��r��r��str�intr.��boolr5��r,��r,��r,��r-��<module>��s<�� F��__pycache__/hotp.cpython-310.pyc��0000644��00000005657�15030210311�0012426 0��ustar�00��o ��hp ��@��sD��d�dl�Z�d�dlmZmZ�ddlmZ�ddlmZ�G�dd��de�ZdS�)��N)�Any�Optional��)�utils)�OTPc��s��e�Zd�ZdZ ddedededee�d ee�d eddf��fdd � Zdedefdd�Z dedede fdd�Z ddee�d ee�dee�dee�def dd�Z��Z S�)�HOTPz. Handler for HMAC-based OTP counters. ��Nr��s�digits�digest�name�issuer� initial_count�returnc��s.��\|du�rt�j}\|\|�_t��j\|\|\|\|\|d��dS�)a}�� :param s: secret in base32 format :param initial_count: starting HMAC counter value, defaults to 0 :param digits: number of integers in the OTP. Some apps expect this to be 6 digits, others support more. :param digest: digest function to use in the HMAC (expected to be SHA1) :param name: account name :param issuer: issuer N)r ��r ��r��r��r ��)�hashlib�sha1r��super�__init__)�selfr ��r ��r��r��r ��r�� __class__��=/usr/local/CyberCP/lib/python3.10/site-packages/pyotp/hotp.pyr�� s��z HOTP.__init__�countc��C��s��\|��\|�j\|��S�)zz Generates the OTP for the given count. :param count: the OTP HMAC counter :returns: OTP )�generate_otpr��)r��r��r��r��r��at$��s��zHOTP.at�otp�counterc��C��s��t��t\|�t\|��\|��S�)z� Verifies the OTP passed in against the current counter OTP. :param otp: the OTP to check against :param counter: the OTP HMAC counter )r�� strings_equal�strr��)r��r��r��r��r��r��verify-��s��zHOTP.verify�issuer_name�imagec�� C��s@��t�j\|�j\|r\|n\|�j\|r\|n\|�j\|r\|n\|�j\|��j\|�j\|d�S�)a5�� Returns the provisioning URI for the OTP. This can then be encoded in a QR Code and used to provision an OTP app like Google Authenticator. See also: https://github.com/google/google-authenticator/wiki/Key-Uri-Format :param name: name of the user account :param initial_count: starting HMAC counter value, defaults to 0 :param issuer_name: the name of the OTP issuer; this will be the organization title of the OTP entry in Authenticator :returns: provisioning URI )r��r��r �� algorithmr ��r"��)r�� build_uri�secretr��r��r ��r��r ��)r��r��r��r!��r"��r��r��r��provisioning_uri6��s��zHOTP.provisioning_uri)r��NNNr��)NNNN)�__name__� __module__�__qualname__�__doc__r��intr��r��r��r��boolr ��r&�� __classcell__r��r��r��r��r��sN�� r��) r��typingr��r��r��r��r��r��r��r��r��r��<module>��s ��__pycache__/otp.cpython-310.pyc��0000644��00000004463�15030210311�0012250 0��ustar�00��o ��h��@��s<��d�dl�Z�d�dlZd�dlZd�dlmZmZ�G�dd��de�ZdS�)��N)�Any�Optionalc�� @��s��e�Zd�ZdZdejddfdededede e�de e�d dfd d�Z ded efd d�Zd efdd�Z eddeded efdd��ZdS�)�OTPz& Base class for OTP handlers. ��N�s�digits�digest�name�issuer�returnc��C��s6��\|\|�_�\|dkrtd��\|\|�_\|\|�_\|pd\|�_\|\|�_d�S�)N� ��z!digits must be no greater than 10�Secret)r�� ValueErrorr��secretr ��r ��)�selfr��r��r��r ��r ��r��</usr/local/CyberCP/lib/python3.10/site-packages/pyotp/otp.py�__init__��s�� zOTP.__init__�inputc��C��s��\|dk�rt�d��t�\|��\|��\|�\|�j�}t\|��}\|d�d@�}\|\|�d@�d>�\|\|d��d@�d >�B�\|\|d ��d@�d>�B�\|\|d��d@�B�}td \|d\|�j��}\|\|�j�d��S�)z� :param input: the HMAC counter value to use as the OTP input. Usually either the counter, or the computed integer based on the Unix timestamp r��zinput must be positive integer��l��d( �r��N) r��hmac�new�byte_secret�int_to_bytestringr�� bytearray�strr��)r��r��hasher� hmac_hash�offset�code�str_coder��r��r��generate_otp��s��zOTP.generate_otpc��C��s8��\|�j�}t\|�d�}\|dkr\|dd\|��7�}tj\|dd�S�)Nr��r��=T)�casefold)r��len�base64� b32decode)r��r��missing_paddingr��r��r��r!��/��s ��zOTP.byte_secretr��i�paddingc��C��sD��t��}\|�dkr\|�\|�d@��\|�dL�}�\|�dkstt�t\|��\|d��S�)z� Turns an integer to the OATH specified bytestring, which is fed to the HMAC along with the secret r��r��r��)r#��append�bytes�reversed�rjust)r1��r2��resultr��r��r��r"��6��s��zOTP.int_to_bytestring)r��)�__name__� __module__�__qualname__�__doc__�hashlib�sha1r$��intr��r��r��r��r5��r!��staticmethodr"��r��r��r��r��r��s.�� r��)r.��r=��r��typingr��r��objectr��r��r��r��r��<module>��s ��py.typed��0000644��00000000000�15030210311�0006213 0��ustar�00��totp.py��0000644��00000010000�15030210311�0006055 0��ustar�00��import calendar import datetime import hashlib import time from typing import Any, Optional, Union from . import utils from .otp import OTP class TOTP(OTP): """ Handler for time-based OTP counters. """ def __init__( self, s: str, digits: int = 6, digest: Any = None, name: Optional[str] = None, issuer: Optional[str] = None, interval: int = 30, ) -> None: """ :param s: secret in base32 format :param interval: the time interval in seconds for OTP. This defaults to 30. :param digits: number of integers in the OTP. Some apps expect this to be 6 digits, others support more. :param digest: digest function to use in the HMAC (expected to be SHA1) :param name: account name :param issuer: issuer """ if digest is None: digest = hashlib.sha1 self.interval = interval super().__init__(s=s, digits=digits, digest=digest, name=name, issuer=issuer) def at(self, for_time: Union[int, datetime.datetime], counter_offset: int = 0) -> str: """ Accepts either a Unix timestamp integer or a datetime object. To get the time until the next timecode change (seconds until the current OTP expires), use this instead: .. code:: python totp = pyotp.TOTP(...) time_remaining = totp.interval - datetime.datetime.now().timestamp() % totp.interval :param for_time: the time to generate an OTP for :param counter_offset: the amount of ticks to add to the time counter :returns: OTP value """ if not isinstance(for_time, datetime.datetime): for_time = datetime.datetime.fromtimestamp(int(for_time)) return self.generate_otp(self.timecode(for_time) + counter_offset) def now(self) -> str: """ Generate the current time OTP :returns: OTP value """ return self.generate_otp(self.timecode(datetime.datetime.now())) def verify(self, otp: str, for_time: Optional[datetime.datetime] = None, valid_window: int = 0) -> bool: """ Verifies the OTP passed in against the current time OTP. :param otp: the OTP to check against :param for_time: Time to check OTP at (defaults to now) :param valid_window: extends the validity to this many counter ticks before and after the current one :returns: True if verification succeeded, False otherwise """ if for_time is None: for_time = datetime.datetime.now() if valid_window: for i in range(-valid_window, valid_window + 1): if utils.strings_equal(str(otp), str(self.at(for_time, i))): return True return False return utils.strings_equal(str(otp), str(self.at(for_time))) def provisioning_uri( self, name: Optional[str] = None, issuer_name: Optional[str] = None, image: Optional[str] = None ) -> str: """ Returns the provisioning URI for the OTP. This can then be encoded in a QR Code and used to provision an OTP app like Google Authenticator. See also: https://github.com/google/google-authenticator/wiki/Key-Uri-Format """ return utils.build_uri( self.secret, name if name else self.name, issuer=issuer_name if issuer_name else self.issuer, algorithm=self.digest().name, digits=self.digits, period=self.interval, image=image, ) def timecode(self, for_time: datetime.datetime) -> int: """ Accepts either a timezone naive (`for_time.tzinfo is None`) or a timezone aware datetime as argument and returns the corresponding counter value (timecode). """ if for_time.tzinfo: return int(calendar.timegm(for_time.utctimetuple()) / self.interval) else: return int(time.mktime(for_time.timetuple()) / self.interval) hotp.py��0000644��00000005160�15030210311�0006054 0��ustar�00��import hashlib from typing import Any, Optional from . import utils from .otp import OTP class HOTP(OTP): """ Handler for HMAC-based OTP counters. """ def __init__( self, s: str, digits: int = 6, digest: Any = None, name: Optional[str] = None, issuer: Optional[str] = None, initial_count: int = 0, ) -> None: """ :param s: secret in base32 format :param initial_count: starting HMAC counter value, defaults to 0 :param digits: number of integers in the OTP. Some apps expect this to be 6 digits, others support more. :param digest: digest function to use in the HMAC (expected to be SHA1) :param name: account name :param issuer: issuer """ if digest is None: digest = hashlib.sha1 self.initial_count = initial_count super().__init__(s=s, digits=digits, digest=digest, name=name, issuer=issuer) def at(self, count: int) -> str: """ Generates the OTP for the given count. :param count: the OTP HMAC counter :returns: OTP """ return self.generate_otp(self.initial_count + count) def verify(self, otp: str, counter: int) -> bool: """ Verifies the OTP passed in against the current counter OTP. :param otp: the OTP to check against :param counter: the OTP HMAC counter """ return utils.strings_equal(str(otp), str(self.at(counter))) def provisioning_uri( self, name: Optional[str] = None, initial_count: Optional[int] = None, issuer_name: Optional[str] = None, image: Optional[str] = None, ) -> str: """ Returns the provisioning URI for the OTP. This can then be encoded in a QR Code and used to provision an OTP app like Google Authenticator. See also: https://github.com/google/google-authenticator/wiki/Key-Uri-Format :param name: name of the user account :param initial_count: starting HMAC counter value, defaults to 0 :param issuer_name: the name of the OTP issuer; this will be the organization title of the OTP entry in Authenticator :returns: provisioning URI """ return utils.build_uri( self.secret, name=name if name else self.name, initial_count=initial_count if initial_count else self.initial_count, issuer=issuer_name if issuer_name else self.issuer, algorithm=self.digest().name, digits=self.digits, image=image, ) ��contrib/__pycache__/__init__.cpython-310.pyc��0000644��00000000311�15030210311�0014631 0��ustar�00��o ��h&��@��s��d�dl�mZ�dS�)��)�SteamN)�steamr��r��r��I/usr/local/CyberCP/lib/python3.10/site-packages/pyotp/contrib/__init__.py�<module>��s��contrib/__pycache__/steam.cpython-310.pyc��0000644��00000003260�15030210311�0014211 0��ustar�00��o ��h��@��s<��d�dl�Z�d�dlmZ�ddlmZ�dZdZG�dd��de�ZdS�) ��N)�Optional��)�TOTP�23456789BCDFGHJKMNPQRTVWXY��c�� sb��e�Zd�ZdZ ddedee�dee�ded ed df��fdd� Zd ed ef��fdd�Z��Z S�)�Steamz= Steam's custom TOTP. Subclass of `pyotp.totp.TOTP`. N��r��s�name�issuer�interval�digits�returnc��s"��\|\|�_�t��j\|dtj\|\|d��dS�)z� :param s: secret in base32 format :param interval: the time interval in seconds for OTP. This defaults to 30. :param name: account name :param issuer: issuer � ��)r ��r ��digestr ��r��N)r��super�__init__�hashlib�sha1)�selfr ��r ��r��r��r �� __class__��F/usr/local/CyberCP/lib/python3.10/site-packages/pyotp/contrib/steam.pyr��s��zSteam.__init__�inputc�� sV��t��\|�}t\|�}d}tt�}tt�D�]}\|\|�}tt\|��}\|\|7�}\|\|�}q\|S�)z� :param input: the HMAC counter value to use as the OTP input. Usually either the counter, or the computed integer based on the Unix timestamp ��)r��generate_otp�int�len�STEAM_CHARS�range�STEAM_DEFAULT_DIGITS) r��r��str_code�int_code� steam_code�total_chars�_�pos�charr��r��r��r�� s�� zSteam.generate_otp)NNr��r��) �__name__� __module__�__qualname__�__doc__�strr��r��r��r�� __classcell__r��r��r��r��r�� s(��r��)r��typingr��totpr��r��r!��r��r��r��r��r��<module>��s��contrib/steam.py��0000644��00000002602�15030210311�0007651 0��ustar�00��import hashlib from typing import Optional from ..totp import TOTP STEAM_CHARS = "23456789BCDFGHJKMNPQRTVWXY" # steam's custom alphabet STEAM_DEFAULT_DIGITS = 5 # Steam TOTP code length class Steam(TOTP): """ Steam's custom TOTP. Subclass of `pyotp.totp.TOTP`. """ def __init__( self, s: str, name: Optional[str] = None, issuer: Optional[str] = None, interval: int = 30, digits: int = 5 ) -> None: """ :param s: secret in base32 format :param interval: the time interval in seconds for OTP. This defaults to 30. :param name: account name :param issuer: issuer """ self.interval = interval super().__init__(s=s, digits=10, digest=hashlib.sha1, name=name, issuer=issuer) def generate_otp(self, input: int) -> str: """ :param input: the HMAC counter value to use as the OTP input. Usually either the counter, or the computed integer based on the Unix timestamp """ str_code = super().generate_otp(input) int_code = int(str_code) steam_code = "" total_chars = len(STEAM_CHARS) for _ in range(STEAM_DEFAULT_DIGITS): pos = int_code % total_chars char = STEAM_CHARS[int(pos)] steam_code += char int_code //= total_chars return steam_code ��contrib/__init__.py��0000644��00000000046�15030210311�0010277 0��ustar�00��from .steam import Steam # noqa:F401 ��compat.py��0000644��00000000321�15030210311�0006357 0��ustar�00��# Use secrets module if available (Python version >= 3.6) per PEP 506 try: from secrets import SystemRandom # type: ignore except ImportError: from random import SystemRandom random = SystemRandom() ��__init__.py��0000644��00000007320�15030210311�0006641 0��ustar�00��import hashlib from re import split from typing import Any, Dict, Sequence from urllib.parse import parse_qsl, unquote, urlparse from . import contrib # noqa:F401 from .compat import random from .hotp import HOTP as HOTP from .otp import OTP as OTP from .totp import TOTP as TOTP def random_base32(length: int = 32, chars: Sequence[str] = list("ABCDEFGHIJKLMNOPQRSTUVWXYZ234567")) -> str: # Note: the otpauth scheme DOES NOT use base32 padding for secret lengths not divisible by 8. # Some third-party tools have bugs when dealing with such secrets. # We might consider warning the user when generating a secret of length not divisible by 8. if length < 32: raise ValueError("Secrets should be at least 160 bits") return "".join(random.choice(chars) for _ in range(length)) def random_hex(length: int = 40, chars: Sequence[str] = list("ABCDEF0123456789")) -> str: if length < 40: raise ValueError("Secrets should be at least 160 bits") return random_base32(length=length, chars=chars) def parse_uri(uri: str) -> OTP: """ Parses the provisioning URI for the OTP; works for either TOTP or HOTP. See also: https://github.com/google/google-authenticator/wiki/Key-Uri-Format :param uri: the hotp/totp URI to parse :returns: OTP object """ # Secret (to be filled in later) secret = None # Encoder (to be filled in later) encoder = None # Digits (to be filled in later) digits = None # Data we'll parse to the correct constructor otp_data: Dict[str, Any] = {} # Parse with URLlib parsed_uri = urlparse(unquote(uri)) if parsed_uri.scheme != "otpauth": raise ValueError("Not an otpauth URI") # Parse issuer/accountname info accountinfo_parts = split(":\|%3A", parsed_uri.path[1:], maxsplit=1) if len(accountinfo_parts) == 1: otp_data["name"] = accountinfo_parts[0] else: otp_data["issuer"] = accountinfo_parts[0] otp_data["name"] = accountinfo_parts[1] # Parse values for key, value in parse_qsl(parsed_uri.query): if key == "secret": secret = value elif key == "issuer": if "issuer" in otp_data and otp_data["issuer"] is not None and otp_data["issuer"] != value: raise ValueError("If issuer is specified in both label and parameters, it should be equal.") otp_data["issuer"] = value elif key == "algorithm": if value == "SHA1": otp_data["digest"] = hashlib.sha1 elif value == "SHA256": otp_data["digest"] = hashlib.sha256 elif value == "SHA512": otp_data["digest"] = hashlib.sha512 else: raise ValueError("Invalid value for algorithm, must be SHA1, SHA256 or SHA512") elif key == "encoder": encoder = value elif key == "digits": digits = int(value) otp_data["digits"] = digits elif key == "period": otp_data["interval"] = int(value) elif key == "counter": otp_data["initial_count"] = int(value) elif key != "image": raise ValueError("{} is not a valid parameter".format(key)) if encoder != "steam": if digits is not None and digits not in [6, 7, 8]: raise ValueError("Digits may only be 6, 7, or 8") if not secret: raise ValueError("No secret found in URI") # Create objects if encoder == "steam": return contrib.Steam(secret, otp_data) if parsed_uri.netloc == "totp": return TOTP(secret, otp_data) elif parsed_uri.netloc == "hotp": return HOTP(secret, **otp_data) raise ValueError("Not a supported OTP type") ��utils.py��0000644��00000006060�15030210311�0006242 0��ustar�00��import unicodedata from hmac import compare_digest from typing import Dict, Optional, Union from urllib.parse import quote, urlencode, urlparse def build_uri( secret: str, name: str, initial_count: Optional[int] = None, issuer: Optional[str] = None, algorithm: Optional[str] = None, digits: Optional[int] = None, period: Optional[int] = None, image: Optional[str] = None, ) -> str: """ Returns the provisioning URI for the OTP; works for either TOTP or HOTP. This can then be encoded in a QR Code and used to provision the Google Authenticator app. For module-internal use. See also: https://github.com/google/google-authenticator/wiki/Key-Uri-Format :param secret: the hotp/totp secret used to generate the URI :param name: name of the account :param initial_count: starting counter value, defaults to None. If none, the OTP type will be assumed as TOTP. :param issuer: the name of the OTP issuer; this will be the organization title of the OTP entry in Authenticator :param algorithm: the algorithm used in the OTP generation. :param digits: the length of the OTP generated code. :param period: the number of seconds the OTP generator is set to expire every code. :param image: optional logo image url :returns: provisioning uri """ # initial_count may be 0 as a valid param is_initial_count_present = initial_count is not None # Handling values different from defaults is_algorithm_set = algorithm is not None and algorithm != "sha1" is_digits_set = digits is not None and digits != 6 is_period_set = period is not None and period != 30 otp_type = "hotp" if is_initial_count_present else "totp" base_uri = "otpauth://{0}/{1}?{2}" url_args: Dict[str, Union[None, int, str]] = {"secret": secret} label = quote(name) if issuer is not None: label = quote(issuer) + ":" + label url_args["issuer"] = issuer if is_initial_count_present: url_args["counter"] = initial_count if is_algorithm_set: url_args["algorithm"] = algorithm.upper() # type: ignore if is_digits_set: url_args["digits"] = digits if is_period_set: url_args["period"] = period if image: image_uri = urlparse(image) if image_uri.scheme != "https" or not image_uri.netloc or not image_uri.path: raise ValueError("{} is not a valid url".format(image_uri)) url_args["image"] = image uri = base_uri.format(otp_type, label, urlencode(url_args).replace("+", "%20")) return uri def strings_equal(s1: str, s2: str) -> bool: """ Timing-attack resistant string comparison. Normal comparison using == will short-circuit on the first mismatching character. This avoids that by scanning the whole string, though we still reveal to a timing attack whether the strings are the same length. """ s1 = unicodedata.normalize("NFKC", s1) s2 = unicodedata.normalize("NFKC", s2) return compare_digest(s1.encode("utf-8"), s2.encode("utf-8")) ��

| ver. 1.4 | Github | . | PHP 8.2.28 | Generation time: 0.02 | proxy | phpinfo | Settings