This is the class responsible for creating and validating time-based one-time passwords (TOTPs).
Be aware that the most popular authenticator, Google Authenticator, does not respect most changes to the default properties. Google Authenticator will still read a provisioning uri with non-default values, but will not generate matching codes. For this reason, it is recommended that all properties be left at their default values.
Secret As Xojo.Core.MemoryBlock
The unencoded secret shared between the server and the user.
Function GenerateCode () As UInteger
Generate a password for the current time.
Function GenerateCode (AtTime As Xojo.Core.Date) As UInteger
Generate a password for the time provided by
Function ProvisioningURI (Label As Text, Issuer As Text = "") As Text
Create a provisioning uri that can be consumed by an authenticator. This is commonly encoded into a QR code that can be read by a device's camera.
Label is usually the account name to be associated with the profile.
Issuer is the website or company issuing the profile. Although the
Issuer is not required, it is strongly recommended.
Function Secret () As Xojo.Core.MemoryBlock
The unencoded secret key used to generate unique codes.
Function VerifyCode (Code As UInteger) As Boolean
Code is valid for the current time. Also checks both the previous code and next code to help alleviate clock synchronization and other user timing issues.
Digest As Xojo.Crypto.HashAlgorithms
The hash algorithm that should be used. Valid values are SHA-1, SHA-256, and SHA-512. Other values will trigger a Xojo.Core.InvalidArgumentException. Default is SHA-1. Google Authenticator ignores this value and uses SHA-1 instead.
Digits As UInteger
The number of digits of the generated passwords. Valid values are 6 and 8. Other values will trigger a Xojo.Core.InvalidArgumentException. Default is 6. Google Authenticator ignores this value and uses 6 instead.
Period As Xojo.Core.DateInterval
The number of seconds each password should be valid for. Default is 30. Google Authenticator ignores this value and uses 30 instead.