/**
* @covers \Firehed\Security\HOTP
*/
public function testInvalidKeyLength()
{
$this->expectException(\LengthException::class);
HOTP(new Secret('123456789012345'), 0x1234567890123456);
}
/**
* Time-based One-Time Password Algorithm
* @see RFC 6238
* @param $key shared secret, treated as binary (note: Google Authenticator's keys are base32-encoded, and must be decoded before being passed in)
* [@param $step = 30] Time step in seconds (section 4.1)
* [@param $offset = 0] Unix time to start counting steps (section 4.1) (note: positive and negative $t0 in $step increments may be used to check the next and previous codes respectively, which can help address clock drift)
* [@param $digits = 6] Length of the output code
* [@param $algorithm = 'sha1'] HMAC algorithm - sha1, sha256, and sha512 permitted
* @return string n-character numeric code
*/
function TOTP(Secret $key, array $options = []) : string
{
// Parse options
$step = 30;
$offset = 0;
$digits = 6;
$algorithm = 'sha1';
extract($options, \EXTR_IF_EXISTS);
$counter = (int) floor(($_SERVER['REQUEST_TIME'] - $offset) / $step);
return HOTP($key, $counter, $digits, $algorithm);
}
