Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

TOTP window start

See original GitHub issue

We have Totp.RemainingSecods() which however does not indicate when the current time window started. There is no way to find out the steps that the Totp was created with (#45) so developers cannot even calculate it manually given an instance of Totp.

How about adding Totp.ElapsedSeconds()?

Issue Analytics

  • State:open
  • Created 5 months ago
  • Comments:6 (3 by maintainers)

github_iconTop GitHub Comments

miloushcommented, Jul 20, 2023

I did #49. I also looked into ElapsedSeconds() and since RemainingSeconds() returns integral value (as opposed to TimeSpan or double), I don’t find enough value in ElapsedSeconds() if #49 is merged since you will have acces to the Step property and can calculate that easily (RemainingSeconds() in practice already calculates Step - ElapsedSeconds()).

For people who are looking for actual elapsed or remaining time (e.g. to update the OTP displayed in UI), it would be more useful to have the window start as DateTime available.

damiarnoldcommented, Jul 20, 2023

Fair enough - I agree that convenience properties would help in many of these cases - especially if you are not the one creating the objects and do not have access to their initial constructor argument values.

Short of submitting a pull request, you could always (as a last resort) use reflection on the private members, but this may be a non-starter for your use case, and is certainly not my go-to solution unless there is no other reasonable choice.

@kspearrin any thoughts on merits of providing public property wrappers for private members such as the Totp members _step, _totpSize, _correctedTime as well as the Otp _hashMode member? There may be a couple in the Hotp class I haven’t peeked into yet, but if this seems reasonable, I could possibly work on a pull request in the next week or so for “convenience properties” for reasonable members that are currently private/protected, as the workarounds many of us use now do have some limitations.

Read more comments on GitHub >

github_iconTop Results From Across the Web

How big window is secure and practical with TOTP?
Since we currently don't allow any time window and code validity is just 30 seconds, we are constantly having issues with time ...
Read more >
Time-based one-time password
Time-based one-time password (TOTP) is a computer algorithm that generates a one-time password (OTP) that uses the current time as a source of...
Read more >
What Is TOTP (Time-Based One-Time Password)?
A Time-Based One-Time Password or TOTP is a passcode valid for 30 to 90 seconds that has been generated using the value of...
Read more >
Yes, but as per the standard TOTP codes are valid for a ...
Yes, but as per the standard TOTP codes are valid for a window of 1 minute. TOTP barely protects against phishing.
Read more >
Is it possible to require a TOTP on Windows Login using ...
I have always been looking for a way to require a Two-Factor Authentication (One Time) Passcode on my Windows Login. Using an algorithm...
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Post

No results found

github_iconTop Related Hashnode Post

No results found