shello / 2fa_scripts

POSIX shell scripts to work with OATH 2FA tools
ISC License
7 stars 1 forks source link
2fa oathtool otpauth posix-sh shell wrapper-script

oathtool_from_otpauth_uri

Reads a otpauth:// URI on the first argument, or from the standard input, and invokes oathtool with the parameters from the URI set, allowing extra options to be passed to oathtool.

Examples

Passing a common OATH TOTP otpauth:// URI. The output will differ, as the time of execution is used for generating the verification token.

$ ./oathtool_from_otpauth_uri "otpauth://totp/ACME%20Co:john.doe@email.com?secret=HXDMVJECJJWSRB3HWIZR4IFUGFTMXBOZ&issuer=ACME%20Co"
610308

OATH HOTP is supported as well:

$ ./oathtool_from_otpauth_uri "otpauth://hotp/ACME%20Co:john.doe@email.com?secret=HXDMVJECJJWSRB3HWIZR4IFUGFTMXBOZ&issuer=ACME%20Co&counter=1618"
217735

It is possible to pass the URI to ./oathtool_from_otpauth_uri from the standard input using a pipe:

$ echo "otpauth://hotp/ACME%20Co:john.doe@email.com?secret=HXDMVJECJJWSRB3HWIZR4IFUGFTMXBOZ&issuer=ACME%20Co&counter=1618" | ./oathtool_from_otpauth_uri
217735

The algorithm, digits and period (for TOTP) parameters are also supported:

$ ./oathtool_from_otpauth_uri "otpauth://totp/ACME%20Co:john.doe@email.com?secret=HXDMVJECJJWSRB3HWIZR4IFUGFTMXBOZ&issuer=ACME%20Co&algorithm=SHA512&digits=8&period=60"
55435877

Extra options may also be passed to oathtool:

$ ./oathtool_from_otpauth_uri "otpauth://hotp/ACME%20Co:john.doe@email.com?secret=HXDMVJECJJWSRB3HWIZR4IFUGFTMXBOZ&issuer=ACME%20Co&counter=1618" -w4
217735
102957
102067
856315
674037
$ ./oathtool_from_otpauth_uri "otpauth://totp/ACME%20Co:john.doe@email.com?secret=HXDMVJECJJWSRB3HWIZR4IFUGFTMXBOZ&issuer=ACME%20Co" -N "2008-04-23 17:42:17 UTC"
258832