`otp`#

Description#

This plugin can be used to generate OTP (One-Time Password) codes compatible with Google Authenticator and other 2FA (Two-Factor Authentication) applications.

Configuration#

otp:
  # [Optional]
  # Base32-encoded secret to be used for password generation.
  # secret:   # type=Optional[str]

  # [Optional]
  # If no secret is provided statically, then it will be read from this path
  # (default: ``~/.local/share/platypush/otp/secret``). If no secret is found then one will be
  # generated.
  # secret_path:   # type=Optional[str]

  # [Optional]
  # If you want to use the Google Authenticator, you can specify the default
  # email address to associate to your OTPs for the provisioning process here.
  # provisioning_name:   # type=Optional[str]

  # [Optional]
  # If you want to use the Google Authenticator, you can specify the default
  # issuer name to display on your OTPs here.
  # issuer:   # type=Optional[str]

Actions#

otp.generate_secret

otp.get_counter_otp

otp.get_time_otp

otp.provision_counter_otp

otp.provision_time_otp

otp.refresh_secret

otp.verify_counter_otp

otp.verify_time_otp

Module reference#

class platypush.plugins.otp.OtpPlugin(secret: str | None = None, secret_path: str | None = None, provisioning_name: str | None = None, issuer: str | None = None, **kwargs)[source]#

Bases: Plugin

This plugin can be used to generate OTP (One-Time Password) codes compatible with Google Authenticator and other 2FA (Two-Factor Authentication) applications.

__init__(secret: str | None = None, secret_path: str | None = None, provisioning_name: str | None = None, issuer: str | None = None, **kwargs)[source]#

Parameters:

secret – Base32-encoded secret to be used for password generation.
secret_path – If no secret is provided statically, then it will be read from this path (default: ~/.local/share/platypush/otp/secret). If no secret is found then one will be generated.
provisioning_name – If you want to use the Google Authenticator, you can specify the default email address to associate to your OTPs for the provisioning process here.
issuer – If you want to use the Google Authenticator, you can specify the default issuer name to display on your OTPs here.

generate_secret() → str[source]#

Generate a new secret token for key generation.

Returns:: The new secret token.

get_counter_otp(count: int, secret: str | None = None, secret_path: str | None = None) → str[source]#

Parameters:

count – Index for the counter-OTP.
secret – Secret token to be used (overrides configured secret).
secret_path – File containing the secret to be used (overrides configured secret_path).

Returns:

A count-based token, as a string.

get_time_otp(secret: str | None = None, secret_path: str | None = None) → str[source]#

Parameters:

secret – Secret token to be used (overrides configured secret).
secret_path – File containing the secret to be used (overrides configured secret_path).

Returns:

A time-based token, as a string.

provision_counter_otp(name: str | None = None, issuer: str | None = None, initial_count=0, secret: str | None = None, secret_path: str | None = None) → str[source]#

Generate a provisioning URI for a counter-OTP that can be imported in Google Authenticator.

Parameters:

name – Name or e-mail address associated to the account used by the Google Authenticator. If None is specified then the value will be read from the configured provisioning_name.
issuer – Name of the issuer of the OTP (default: default configured issuer or None).
initial_count – Initial value for the counter (default: 0).
secret – Secret token to be used (overrides configured secret).
secret_path – File containing the secret to be used (overrides configured secret_path).

Returns:

Generated provisioning URI.

provision_time_otp(name: str | None = None, issuer: str | None = None, secret: str | None = None, secret_path: str | None = None) → str[source]#

Generate a provisioning URI for a time-OTP that can be imported in Google Authenticator.

Parameters:

name – Name or e-mail address associated to the account used by the Google Authenticator. If None is specified then the value will be read from the configured provisioning_name.
issuer – Name of the issuer of the OTP (default: default configured issuer or None).
secret – Secret token to be used (overrides configured secret).
secret_path – File containing the secret to be used (overrides configured secret_path).

Returns:

Generated provisioning URI.

refresh_secret(secret_path: str | None = None) → str[source]#

Refresh the secret token for key generation given a secret path.

Parameters:: secret_path – Secret path to refresh (default: default configured path).

verify_counter_otp(otp: str, count: int, secret: str | None = None, secret_path: str | None = None) → bool[source]#

Verify a code against a stored counter-OTP.

Parameters:

otp – Code to be verified.
count – Index for the counter-OTP to be verified.
secret – Secret token to be used (overrides configured secret).
secret_path – File containing the secret to be used (overrides configured secret_path).

Returns:

True if the code is valid, False otherwise.

verify_time_otp(otp: str, secret: str | None = None, secret_path: str | None = None) → bool[source]#

Verify a code against a stored time-OTP.

Parameters:

otp – Code to be verified.
secret – Secret token to be used (overrides configured secret).
secret_path – File containing the secret to be used (overrides configured secret_path).

Returns:

True if the code is valid, False otherwise.

otp

Platypush documentation

otp#

Description#

Configuration#

Actions#

Module reference#

`otp`#