68bd4dad00
Fix failing tests due to inconsistencies in French number formatting
2019-10-22 19:34:38 +02:00
e6a53b6f3b
Rebrand otpclient as Keysmith
2019-10-21 19:16:51 +02:00
f68df63d89
Fixup flatpak manifest: patch entries should not have SHA sums
2019-10-20 14:11:48 +02:00
4d7bf2f975
Add a rudimentary details page for accounts and wire up navigation to/from it.
...
The account details page has a kind of modality:
- hide mode: in which the user is shown the account info but sensitive information such as secret keys should not be displayed openly visible.
- show mode: the same, but in this case all details are openly visible. This will be useful for showing QR codes explicitly.
- edit mode: in which the user may edit account details (all except the name).
2019-10-20 14:09:39 +02:00
c64273355a
Refactor: extract the token details form UI to its own re-usable component.
2019-10-20 14:09:39 +02:00
ba4d370ee6
Refactor: prefer Q_ENUM for declaring C++ enums to the Qt meta type system
2019-10-20 14:09:39 +02:00
3734e908a9
Hide main 'Add' action if the add account form is already opened.
...
In this way we can avoid the confusing situation with multiple add account forms open by mistake.
2019-10-20 14:06:22 +02:00
042b51d183
Use the unsigned long long validator for the HOTP counter input field in the QML UI.
2019-10-02 21:56:58 +02:00
543766b819
Introduce a validator for the HOTP counter field.
2019-10-02 21:56:58 +02:00
d60cb92b21
Refactor: support injecting locales through test data
2019-10-02 21:34:33 +02:00
f0b5f8121f
Refactor: extract strip_spaces() utility function.
2019-10-02 21:34:33 +02:00
668e912dfe
Apply the name validator to the account name input field in the QML UI.
2019-09-30 20:25:56 +02:00
3bc3a14575
Introduce a validator for name input fields (account name).
2019-09-30 20:25:56 +02:00
bccf2565b8
Refactor: extract the common logic/boilerplate of a validator test to a helper utility (header)
...
With this change adding tests for new validators will be much less work.
2019-09-29 19:51:00 +02:00
73acbb68ae
Add the new base32 secret validator to the UI: attach it to the secret input field.
2019-09-29 12:57:07 +02:00
b791bbad45
Add QML bindings for custom validators
...
- Add convenience function to set up QML bindings under the Oath.Validators namespace
- Wire up the validator library in the otpclient application
2019-09-29 12:53:49 +02:00
eeeac7511c
Introduce a custom base32 secret validator to perform input validation.
...
- Add a new static library "validator_lib" covering the "validators" namespace in C++
- Introduce the Base32Validator to perform input field validation with fixup support
2019-09-29 12:48:25 +02:00
c37bf03b8e
Fix typo: OAth -> Oath (the name is oath or OATH).
2019-09-29 12:40:22 +02:00
8d40008201
Use a SpinBox for more appropriate UI/UX when entering token lengths
...
Due to our use of liboath for generating the actual tokens, we also support only a limited range of valid token lengths.
This means that it is more user friendly to express those limits directly in the UI through a SpinBox instead of allowing the user type in values we do not currently support.
2019-09-28 00:22:55 +02:00
29e9348097
Modernise AccountModel C++ code a bit
2019-09-25 15:38:25 +02:00
8b03fe5123
Modernise Account C++ code a bit
2019-09-25 14:40:53 +02:00
4cff5519ed
Automatically show the "add OTP" form when there are no OTP tokens yet on start up.
...
This is a small UX improvement to make it a little easier to get started with the app.
2019-09-25 11:17:48 +02:00
1292fc749b
Make flatpak build again by copying a patch from Arch
...
Previously the flatpak would fail to build against a recent glib.c because fseeko.c was broken. Now it should be fixed.
2019-09-13 15:47:41 +02:00
b4b8b2d25c
Download oath-toolkit over HTTPS
...
This is a bit more secure against supply chain attacks because MITM is no longer trivial
2019-09-13 15:46:47 +02:00
4fe0d069cd
Add a test to check the TOTP implementation can (at least) generate the values from the RFC test vector correctly.
2019-09-11 09:40:44 +02:00
3a4df16a1c
Make the 'clock' an injectable dependency via the Account constructor.
...
In this way we can fake the current date/time during tests, making it possible to reliably test TOTP and derivative type tokens.
2019-09-11 09:40:44 +02:00
2d147e2427
Add a test to check the HOTP implementation can (at least) generate the values from the RFC test vector correctly.
2019-09-11 09:40:44 +02:00
750025f05c
Fixup Account to make sure all HOTP/TOTP algorithm properties are properly initialised by the constructor.
2019-09-11 09:40:44 +02:00
960c96bb90
Minimal refactoring to move Account away from its previous base32 decoding implementation.
2019-09-11 09:40:44 +02:00
6d7c56f94b
Add autotests for validating the new base32 decoding utilities.
2019-09-11 09:40:44 +02:00
71180195e6
Add dedicated base32 helper utilities in its own namespace.
2019-09-11 09:40:44 +02:00
4f4d1c93f8
Fixup: add license information to oath_p.h
2019-09-11 09:40:27 +02:00
d372ba2a74
Create a 'private' header for interfacing with the oath library that does the C interop stuff.
2019-09-09 11:26:09 +02:00
4cb92b80df
Enable C++17, and use 'standard' CMake features for doing so.
2019-09-09 11:20:32 +02:00
03eff09a38
update readme file [skip ci]
2019-03-25 19:39:43 +05:30
24457c878a
Remove the leftover code to migrate config format
2019-03-25 19:31:48 +05:30
5a1d26e3b8
Add animation for showing and timeout
2019-03-25 19:30:45 +05:30
75e171a11a
Show refresh button only if type is the HOTP
2019-03-25 17:50:05 +05:30
2b013ac8c9
Use model.roleName instead of the roleName
...
This seems to workaround the issue with the Kirigami, and makes OTP
refresh correctly. Now it is actually usable :)
2019-03-25 17:19:34 +05:30
eeb56908ba
Add pipeline status badge in the readme
2019-03-25 03:34:58 +05:30
4167771636
Add license file [skip ci]
2019-03-25 03:32:29 +05:30
8212bdc1c9
Add gitlab ci configuration to build the flatpak package
2019-03-25 03:01:15 +05:30
8819d205f9
Initial code for OTP client
...
It uses the oath-toolkit[1] provided library liboath to generate the 2FA
codes, both TOTP and HOTP based. Currently it is largely untested. From
initial rough testing it seems that auto-refreshing of code is not
working. Also button to refresh token for HOTP is also dummy at moment.
Some todo items include,
- Verify the generated oath code is correct
- Make refreshing token work
- QR code scanning
- Backup and Restore of accounts
- Clipboard support to automatically copy code.
- Encrypted storage of the secret token
This code is largely based on the authenticator-ng[2] application by the
Rodney Dawes and Michael Zanetti for the Ubuntu Touch.
[1] https://www.nongnu.org/oath-toolkit/
[2] https://github.com/dobey/authenticator-ng
2019-03-25 02:58:56 +05:30
Johan Ouwerkerk
Bhushan Shah