feat: Allow for non-standard provisioning URI params, eg. image/icon #91
Conversation
|
Looks great, nice! Can we expect a gem release? |
|
Yeah, so the main branch has moved along a bit and this MR is not up to date. I'll try and get it out this week after bringing it back up to date. |
|
Awesome, looking forward to it! |
|
@TSMMark Can you give this a quick review and I'll publish it ASAP. Sorry for the delay on this. Thanks |
spec/lib/rotp/hotp_spec.rb
Outdated
| @@ -108,14 +110,29 @@ | |||
| end | |||
|
|
|||
| describe '#provisioning_uri' do | |||
| it 'accepts the account name' do | |||
| let(:hotp) { ROTP::HOTP.new('a' * 32, name: "m@mdp.im", issuer: "Example.com") } | |||
There was a problem hiding this comment.
intentional whitespace?
| let(:hotp) { ROTP::HOTP.new('a' * 32, name: "m@mdp.im", issuer: "Example.com") } | |
| let(:hotp) { ROTP::HOTP.new('a' * 32, name: "m@mdp.im", issuer: "Example.com") } |
|
During local testing I couldn't get any image to show up my the authenticator app, even though the image param was present in the Not sure if there's some specification for the image for it to show up in an authenticator app. I'm using this OTP Auth app: https://apps.apple.com/us/app/otp-auth/id659877384 |
|
i'm not very familiar with the protocol, is this the proper encoding of the url attributes?
|
|
That last one definitely looks odd. Here's what I'm getting from the rotp with the image param: ROTP::TOTP.new(TEST_SECRET, name: "m@mdp.im", issuer: "Example.com",
provisioning_params: { image: 'https://assets.stickpng.com/thumbs/580b57fcd9996e24bc43c53e.png' }
)
Which I encoded to: And here's what I get in FreeOTP:
From what I can tell, the image doesn't get used in Authy, and Google Authenticator doesn't do logo/images at all. |
|
Regarding the iOS OTP app - https://apps.apple.com/us/app/otp-auth/id659877384 - I'm guessing they've not implemented the image param feature. They also mention "OTP Auth does not connect to the internet and will not send your accounts to someone else!" which, if entirely true, would prevent fetching the image URI param. FreeOTP is the only one I've found that does it. |
|
I'm using OTP Auth app https://apps.apple.com/us/app/otp-auth/id659877384 and many of the accounts have images / logos. But maybe it's possible that there are some "presets" in the app, where they have some static images pre-defined based on well-known providers like 1password, binance, discord, github, google, amazon, etc |
|
Yeah, that would be my guess. The only references I can find to the image param are for FreeOTP, which I got to work with the image param. pyauth#96 |
mdp
changed the title
mdp
changed the title
No description provided.