From 09617e98d361d8277ea056e9e0f657c6e38f1178 Mon Sep 17 00:00:00 2001
From: Jiangge Zhang <tonyseek@gmail.com>
Date: Mon, 25 May 2015 18:38:54 +0800
Subject: Add "generate_key_uri" utility for HOTP/TOTP.

---
 .../hazmat/primitives/twofactor/utils.py           | 50 ++++++++++++++++++++++
 1 file changed, 50 insertions(+)
 create mode 100644 src/cryptography/hazmat/primitives/twofactor/utils.py

(limited to 'src')

diff --git a/src/cryptography/hazmat/primitives/twofactor/utils.py b/src/cryptography/hazmat/primitives/twofactor/utils.py
new file mode 100644
index 00000000..43f50b30
--- /dev/null
+++ b/src/cryptography/hazmat/primitives/twofactor/utils.py
@@ -0,0 +1,50 @@
+from __future__ import unicode_literals
+
+import base64
+
+from six.moves.urllib.parse import quote, urlencode
+
+
+__all__ = ['get_provisioning_uri']
+
+
+def get_provisioning_uri(otp, account_name, issuer=None, counter=None):
+    """Generates a provisioning URI which can be recognized by Two-Factor
+    Authentication Apps. See also: http://git.io/vkvvY
+
+    :param otp: An instance of
+                :class:`cryptography.hazmat.primitives.twofactor.hotp.HOTP` or
+                :class:`cryptography.hazmat.primitives.twofactor.totp.TOTP`.
+    :param account_name: The display name of account, such as
+                         ``'Alice Smith'`` or ``'alice@example.com'``.
+    :param issuer: The display name of issuer.
+    :param counter: The current value of counter. It is required for HOTP.
+    :return: The URI string.
+    :raises RuntimeError: if counter is missing but otp type is HOTP
+    """
+    hotp = getattr(otp, '_hotp', otp)
+
+    parameters = [
+        ('digits', hotp._length),
+        ('secret', base64.b32encode(hotp._key)),
+        ('algorithm', hotp._algorithm.name.upper()),
+    ]
+
+    if issuer is not None:
+        parameters.append(('issuer', issuer))
+
+    if hotp is otp:
+        if counter is None:
+            raise RuntimeError('"counter" is required for HOTP')
+        parameters.append(('counter', int(counter)))
+
+    if hasattr(otp, '_time_step'):
+        parameters.append(('period', int(otp._time_step)))
+
+    uriparts = {
+        'type': otp.__class__.__name__.lower(),
+        'label': ('%s:%s' % (quote(issuer), quote(account_name)) if issuer
+                  else quote(account_name)),
+        'parameters': urlencode(parameters),
+    }
+    return 'otpauth://{type}/{label}?{parameters}'.format(**uriparts)
-- 
cgit v1.2.3


From a051184195b54c6ccae7c7172805f741b0c099bd Mon Sep 17 00:00:00 2001
From: Jiangge Zhang <tonyseek@gmail.com>
Date: Wed, 3 Jun 2015 02:04:58 +0800
Subject: Follow the review advice: turn URI generator into methods.

---
 .../hazmat/primitives/twofactor/hotp.py            |  6 +++++
 .../hazmat/primitives/twofactor/totp.py            |  6 +++++
 .../hazmat/primitives/twofactor/utils.py           | 30 +++-------------------
 3 files changed, 15 insertions(+), 27 deletions(-)

(limited to 'src')

diff --git a/src/cryptography/hazmat/primitives/twofactor/hotp.py b/src/cryptography/hazmat/primitives/twofactor/hotp.py
index ba228b40..f59f551c 100644
--- a/src/cryptography/hazmat/primitives/twofactor/hotp.py
+++ b/src/cryptography/hazmat/primitives/twofactor/hotp.py
@@ -15,6 +15,7 @@ from cryptography.hazmat.backends.interfaces import HMACBackend
 from cryptography.hazmat.primitives import constant_time, hmac
 from cryptography.hazmat.primitives.hashes import SHA1, SHA256, SHA512
 from cryptography.hazmat.primitives.twofactor import InvalidToken
+from cryptography.hazmat.primitives.twofactor.utils import generate_uri
 
 
 class HOTP(object):
@@ -59,3 +60,8 @@ class HOTP(object):
         offset = six.indexbytes(hmac_value, len(hmac_value) - 1) & 0b1111
         p = hmac_value[offset:offset + 4]
         return struct.unpack(">I", p)[0] & 0x7fffffff
+
+    def get_provisioning_uri(self, account_name, counter, issuer=None):
+        return generate_uri(self, 'hotp', account_name, issuer, [
+            ('counter', int(counter)),
+        ])
diff --git a/src/cryptography/hazmat/primitives/twofactor/totp.py b/src/cryptography/hazmat/primitives/twofactor/totp.py
index 03df9292..9c8eddad 100644
--- a/src/cryptography/hazmat/primitives/twofactor/totp.py
+++ b/src/cryptography/hazmat/primitives/twofactor/totp.py
@@ -11,6 +11,7 @@ from cryptography.hazmat.backends.interfaces import HMACBackend
 from cryptography.hazmat.primitives import constant_time
 from cryptography.hazmat.primitives.twofactor import InvalidToken
 from cryptography.hazmat.primitives.twofactor.hotp import HOTP
+from cryptography.hazmat.primitives.twofactor.utils import generate_uri
 
 
 class TOTP(object):
@@ -31,3 +32,8 @@ class TOTP(object):
     def verify(self, totp, time):
         if not constant_time.bytes_eq(self.generate(time), totp):
             raise InvalidToken("Supplied TOTP value does not match.")
+
+    def get_provisioning_uri(self, account_name, issuer=None):
+        return generate_uri(self._hotp, 'totp', account_name, issuer, [
+            ('period', int(self._time_step)),
+        ])
diff --git a/src/cryptography/hazmat/primitives/twofactor/utils.py b/src/cryptography/hazmat/primitives/twofactor/utils.py
index 43f50b30..89d38ff2 100644
--- a/src/cryptography/hazmat/primitives/twofactor/utils.py
+++ b/src/cryptography/hazmat/primitives/twofactor/utils.py
@@ -5,25 +5,7 @@ import base64
 from six.moves.urllib.parse import quote, urlencode
 
 
-__all__ = ['get_provisioning_uri']
-
-
-def get_provisioning_uri(otp, account_name, issuer=None, counter=None):
-    """Generates a provisioning URI which can be recognized by Two-Factor
-    Authentication Apps. See also: http://git.io/vkvvY
-
-    :param otp: An instance of
-                :class:`cryptography.hazmat.primitives.twofactor.hotp.HOTP` or
-                :class:`cryptography.hazmat.primitives.twofactor.totp.TOTP`.
-    :param account_name: The display name of account, such as
-                         ``'Alice Smith'`` or ``'alice@example.com'``.
-    :param issuer: The display name of issuer.
-    :param counter: The current value of counter. It is required for HOTP.
-    :return: The URI string.
-    :raises RuntimeError: if counter is missing but otp type is HOTP
-    """
-    hotp = getattr(otp, '_hotp', otp)
-
+def generate_uri(hotp, type_name, account_name, issuer, extra_parameters):
     parameters = [
         ('digits', hotp._length),
         ('secret', base64.b32encode(hotp._key)),
@@ -33,16 +15,10 @@ def get_provisioning_uri(otp, account_name, issuer=None, counter=None):
     if issuer is not None:
         parameters.append(('issuer', issuer))
 
-    if hotp is otp:
-        if counter is None:
-            raise RuntimeError('"counter" is required for HOTP')
-        parameters.append(('counter', int(counter)))
-
-    if hasattr(otp, '_time_step'):
-        parameters.append(('period', int(otp._time_step)))
+    parameters.extend(extra_parameters)
 
     uriparts = {
-        'type': otp.__class__.__name__.lower(),
+        'type': type_name,
         'label': ('%s:%s' % (quote(issuer), quote(account_name)) if issuer
                   else quote(account_name)),
         'parameters': urlencode(parameters),
-- 
cgit v1.2.3


From d4e0a839ef676a2ed05140f98ef3630deb0fdd61 Mon Sep 17 00:00:00 2001
From: Jiangge Zhang <tonyseek@gmail.com>
Date: Wed, 3 Jun 2015 17:30:11 +0800
Subject: Remove a default argument and rename a private function.

---
 src/cryptography/hazmat/primitives/twofactor/hotp.py  | 6 +++---
 src/cryptography/hazmat/primitives/twofactor/totp.py  | 6 +++---
 src/cryptography/hazmat/primitives/twofactor/utils.py | 4 ++--
 3 files changed, 8 insertions(+), 8 deletions(-)

(limited to 'src')

diff --git a/src/cryptography/hazmat/primitives/twofactor/hotp.py b/src/cryptography/hazmat/primitives/twofactor/hotp.py
index f59f551c..8c0cec14 100644
--- a/src/cryptography/hazmat/primitives/twofactor/hotp.py
+++ b/src/cryptography/hazmat/primitives/twofactor/hotp.py
@@ -15,7 +15,7 @@ from cryptography.hazmat.backends.interfaces import HMACBackend
 from cryptography.hazmat.primitives import constant_time, hmac
 from cryptography.hazmat.primitives.hashes import SHA1, SHA256, SHA512
 from cryptography.hazmat.primitives.twofactor import InvalidToken
-from cryptography.hazmat.primitives.twofactor.utils import generate_uri
+from cryptography.hazmat.primitives.twofactor.utils import _generate_uri
 
 
 class HOTP(object):
@@ -61,7 +61,7 @@ class HOTP(object):
         p = hmac_value[offset:offset + 4]
         return struct.unpack(">I", p)[0] & 0x7fffffff
 
-    def get_provisioning_uri(self, account_name, counter, issuer=None):
-        return generate_uri(self, 'hotp', account_name, issuer, [
+    def get_provisioning_uri(self, account_name, counter, issuer):
+        return _generate_uri(self, 'hotp', account_name, issuer, [
             ('counter', int(counter)),
         ])
diff --git a/src/cryptography/hazmat/primitives/twofactor/totp.py b/src/cryptography/hazmat/primitives/twofactor/totp.py
index 9c8eddad..98493b6d 100644
--- a/src/cryptography/hazmat/primitives/twofactor/totp.py
+++ b/src/cryptography/hazmat/primitives/twofactor/totp.py
@@ -11,7 +11,7 @@ from cryptography.hazmat.backends.interfaces import HMACBackend
 from cryptography.hazmat.primitives import constant_time
 from cryptography.hazmat.primitives.twofactor import InvalidToken
 from cryptography.hazmat.primitives.twofactor.hotp import HOTP
-from cryptography.hazmat.primitives.twofactor.utils import generate_uri
+from cryptography.hazmat.primitives.twofactor.utils import _generate_uri
 
 
 class TOTP(object):
@@ -33,7 +33,7 @@ class TOTP(object):
         if not constant_time.bytes_eq(self.generate(time), totp):
             raise InvalidToken("Supplied TOTP value does not match.")
 
-    def get_provisioning_uri(self, account_name, issuer=None):
-        return generate_uri(self._hotp, 'totp', account_name, issuer, [
+    def get_provisioning_uri(self, account_name, issuer):
+        return _generate_uri(self._hotp, 'totp', account_name, issuer, [
             ('period', int(self._time_step)),
         ])
diff --git a/src/cryptography/hazmat/primitives/twofactor/utils.py b/src/cryptography/hazmat/primitives/twofactor/utils.py
index 89d38ff2..ae32058b 100644
--- a/src/cryptography/hazmat/primitives/twofactor/utils.py
+++ b/src/cryptography/hazmat/primitives/twofactor/utils.py
@@ -1,11 +1,11 @@
-from __future__ import unicode_literals
+from __future__ import absolute_import, division, print_function
 
 import base64
 
 from six.moves.urllib.parse import quote, urlencode
 
 
-def generate_uri(hotp, type_name, account_name, issuer, extra_parameters):
+def _generate_uri(hotp, type_name, account_name, issuer, extra_parameters):
     parameters = [
         ('digits', hotp._length),
         ('secret', base64.b32encode(hotp._key)),
-- 
cgit v1.2.3


From 0d9dbbe40d95cc623df218ebf74ef66f3bc1c758 Mon Sep 17 00:00:00 2001
From: Jiangge Zhang <tonyseek@gmail.com>
Date: Wed, 3 Jun 2015 20:37:39 +0800
Subject: add license header and fix grammar errors.

---
 src/cryptography/hazmat/primitives/twofactor/utils.py | 4 ++++
 1 file changed, 4 insertions(+)

(limited to 'src')

diff --git a/src/cryptography/hazmat/primitives/twofactor/utils.py b/src/cryptography/hazmat/primitives/twofactor/utils.py
index ae32058b..91d2e148 100644
--- a/src/cryptography/hazmat/primitives/twofactor/utils.py
+++ b/src/cryptography/hazmat/primitives/twofactor/utils.py
@@ -1,3 +1,7 @@
+# This file is dual licensed under the terms of the Apache License, Version
+# 2.0, and the BSD License. See the LICENSE file in the root of this repository
+# for complete details.
+
 from __future__ import absolute_import, division, print_function
 
 import base64
-- 
cgit v1.2.3