tadfisher / pass-otp

A pass extension for managing one-time-password (OTP) tokens
GNU General Public License v3.0
1.3k stars 86 forks source link

pass-otp doesn't support otp codes with "otpauth: " before them #196

Open ltecheroffical opened 8 months ago

ltecheroffical commented 8 months ago

Let's say i'm using passff, if I don't include "otpauth: " before an otp code then it doesn't notice that an otp code is there but if I do include it before an otp code, then it breaks.

0xphk commented 5 months ago

Unsure what you mean, as far as I know, a valid otpauth:// URI is required to use pass-otp to generate codes, a secret alone won't work.

The URI should look like this: otpauth://totp/user?period=xx&digits=xx&algorithm=xx&secret=xx&issuer=xx

This way OTP works with pass, with some modifications even for Steam

ltecheroffical commented 5 months ago

Talking about these kinds of codes:

otpauth: otpauth://totp/user?period=xx&digits=xx&algorithm=xx&secret=xx&issuer=xx

A few extensions require this format

0xphk commented 5 months ago

Ah ok, never seen it in this format, sorry I thought you were referring to plain keys.

0xphk commented 5 months ago

The extension is just bash, you could modify the otp_parse_uri() function in the /usr/lib/password-store/extensions/otp.bash library to get rid of the extra otpauth: at the start of the line. But that's just a quick idea.

The current pattern match is ^otpauth:\/\/(totp|hotp)[snip...] which expects an otpauth URI from the start of the line

If the few extensions are parsing this entry correctly, you could just add both lines.

With the valid URI and with the additional otpauth: at the start. Pass-OTP still matches the correct one, maybe the extension is able to do so as well.