From 60a7c08fb1d27024c0b0c9d3d09cbe0df35c78bd Mon Sep 17 00:00:00 2001 From: Eugene Pankov Date: Sun, 26 Jun 2022 21:28:49 +0200 Subject: [PATCH] bumped totp-rs --- Cargo.lock | 12 ++++++++++-- warpgate-common/Cargo.toml | 2 +- warpgate-common/src/helpers/otp.rs | 18 +++++++++++++----- warpgate/Cargo.toml | 2 +- 4 files changed, 25 insertions(+), 9 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 3e1c137..9545026 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -3801,15 +3801,17 @@ dependencies = [ [[package]] name = "totp-rs" -version = "1.4.0" +version = "2.0.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "665c8ac1c4280d5e2deb982cf2ee8b90df0e86cf5234acaaef5b785cb1150040" +checksum = "b9254defd2c9202c8e5a03e4120faa0c1e0cb8ed365fb5d7305a33d0b4cf571c" dependencies = [ "base32", "constant_time_eq", "hmac 0.12.1", "sha-1", "sha2 0.10.2", + "url", + "urlencoding", ] [[package]] @@ -4046,6 +4048,12 @@ dependencies = [ "percent-encoding", ] +[[package]] +name = "urlencoding" +version = "2.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "68b90931029ab9b034b300b797048cf23723400aa757e8a2bfb9d748102f9821" + [[package]] name = "utf-8" version = "0.7.6" diff --git a/warpgate-common/Cargo.toml b/warpgate-common/Cargo.toml index b168c7a..c16f789 100644 --- a/warpgate-common/Cargo.toml +++ b/warpgate-common/Cargo.toml @@ -25,7 +25,7 @@ serde = "1.0" serde_json = "1.0" thiserror = "1.0" tokio = {version = "1.19", features = ["tracing"]} -totp-rs = "1.4" +totp-rs = {version = "2.0", features = ["otpauth"]} tracing = "0.1" tracing-core = "0.1" tracing-subscriber = "0.3" diff --git a/warpgate-common/src/helpers/otp.rs b/warpgate-common/src/helpers/otp.rs index 57f3749..9f9ab50 100644 --- a/warpgate-common/src/helpers/otp.rs +++ b/warpgate-common/src/helpers/otp.rs @@ -14,12 +14,20 @@ pub fn generate_key() -> OtpSecretKey { } pub fn generate_setup_url(key: &OtpSecretKey, label: &str) -> Secret { - let totp = get_totp(key); - Secret::new(totp.get_url(label, "Warpgate")) + let totp = get_totp(key, Some(label)); + Secret::new(totp.get_url()) } -fn get_totp(key: &OtpSecretKey) -> TOTP { - TOTP::new(Algorithm::SHA1, 6, 1, 30, key.expose_secret().clone()) +fn get_totp(key: &OtpSecretKey, label: Option<&str>) -> TOTP { + TOTP { + algorithm: Algorithm::SHA1, + digits: 6, + skew: 1, + step: 30, + secret: key.expose_secret().clone(), + issuer: Some("Warpgate".to_string()), + account_name: label.unwrap_or("").to_string(), + } } pub fn verify_totp(code: &str, key: &OtpSecretKey) -> bool { @@ -27,5 +35,5 @@ pub fn verify_totp(code: &str, key: &OtpSecretKey) -> bool { .duration_since(SystemTime::UNIX_EPOCH) .unwrap() .as_secs(); - get_totp(key).check(code, time) + get_totp(key, None).check(code, time) } diff --git a/warpgate/Cargo.toml b/warpgate/Cargo.toml index 978df6b..3e8d2cd 100644 --- a/warpgate/Cargo.toml +++ b/warpgate/Cargo.toml @@ -24,7 +24,7 @@ qrcode = "0.12" rcgen = {version = "0.9", features = ["zeroize"]} serde_yaml = "0.8.23" time = "0.3" -tokio = {version = "1.19", features = ["tracing", "signal"]} +tokio = {version = "1.19", features = ["tracing", "signal", "macros"]} tracing = "0.1" tracing-subscriber = {version = "0.3", features = ["env-filter", "local-time"]} warpgate-admin = {version = "*", path = "../warpgate-admin"}