Use better otp secret generator

sentryco · Mar 13, 2024 · a4a4ce1 · a4a4ce1
1 parent 43ed430
commit a4a4ce1
Showing 1 changed file with 2 additions and 2 deletions.
diff --git a/Sources/MockGen/MockGen+Const.swift b/Sources/MockGen/MockGen+Const.swift
@@ -61,10 +61,10 @@ extension MockGen {
    /**
     * - Remark: Secret has a format behind it.  Uppercase random string seems to work
     * - Fixme: ⚠️️⚠️️ We should also add other random elements to the OTP url later 👈
-    * - Fixme: ⚠️️ Maybe use TWOFA lib to gen the secret? we cant access seclib here so no
+    * - Fixme: ⚠️️ Maybe use TWOFA lib to gen the secret? we cant access seclib here so no, using SecRan.randomSecret should work better
     */
    public static var randomOTP: String? { // internal static let otps: [String] = ["otpauth://totp/test?secret=GEZDGNBV", "otpauth://hotp/test?secret=GEZDGNBV&algorithm=SHA512&digits=6&counter=1", "otpauth://totp/ACME%20Co:john.doe@email.com?secret=GEZDGNBV&algorithm=SHA512&digits=6&period=30.0&issuer=ACME%20Co&image=https://www.images.com/image.png"]
-      let secret: String = CodeGen.generatePassword(length: 8, useLowercase: false, useNumbers: false, useSpecialChars: false) //
+      let secret: String = SecRan.randomSecret(min:8, max: 16) ?? "GEZDGNBV" // CodeGen.generatePassword(length: 8, useLowercase: false, useNumbers: false, useSpecialChars: false) //
       let urlString: String = "otpauth://totp/ACME%20Co:john.doe@email.com?secret=\(secret)&algorithm=SHA512&digits=6&period=30.0&issuer=ACME%20Co&image=https://www.images.com/image.png"
       return urlString
       // "otpauth://totp/test?secret=\(secret)" // GEZDGNBV