From 09617e98d361d8277ea056e9e0f657c6e38f1178 Mon Sep 17 00:00:00 2001 From: Jiangge Zhang Date: Mon, 25 May 2015 18:38:54 +0800 Subject: Add "generate_key_uri" utility for HOTP/TOTP. --- .../hazmat/primitives/twofactor/utils.py | 50 ++++++++++++++++++++++ tests/hazmat/primitives/twofactor/test_hotp.py | 17 ++++++++ tests/hazmat/primitives/twofactor/test_totp.py | 14 ++++++ 3 files changed, 81 insertions(+) create mode 100644 src/cryptography/hazmat/primitives/twofactor/utils.py diff --git a/src/cryptography/hazmat/primitives/twofactor/utils.py b/src/cryptography/hazmat/primitives/twofactor/utils.py new file mode 100644 index 00000000..43f50b30 --- /dev/null +++ b/src/cryptography/hazmat/primitives/twofactor/utils.py @@ -0,0 +1,50 @@ +from __future__ import unicode_literals + +import base64 + +from six.moves.urllib.parse import quote, urlencode + + +__all__ = ['get_provisioning_uri'] + + +def get_provisioning_uri(otp, account_name, issuer=None, counter=None): + """Generates a provisioning URI which can be recognized by Two-Factor + Authentication Apps. See also: http://git.io/vkvvY + + :param otp: An instance of + :class:`cryptography.hazmat.primitives.twofactor.hotp.HOTP` or + :class:`cryptography.hazmat.primitives.twofactor.totp.TOTP`. + :param account_name: The display name of account, such as + ``'Alice Smith'`` or ``'alice@example.com'``. + :param issuer: The display name of issuer. + :param counter: The current value of counter. It is required for HOTP. + :return: The URI string. + :raises RuntimeError: if counter is missing but otp type is HOTP + """ + hotp = getattr(otp, '_hotp', otp) + + parameters = [ + ('digits', hotp._length), + ('secret', base64.b32encode(hotp._key)), + ('algorithm', hotp._algorithm.name.upper()), + ] + + if issuer is not None: + parameters.append(('issuer', issuer)) + + if hotp is otp: + if counter is None: + raise RuntimeError('"counter" is required for HOTP') + parameters.append(('counter', int(counter))) + + if hasattr(otp, '_time_step'): + parameters.append(('period', int(otp._time_step))) + + uriparts = { + 'type': otp.__class__.__name__.lower(), + 'label': ('%s:%s' % (quote(issuer), quote(account_name)) if issuer + else quote(account_name)), + 'parameters': urlencode(parameters), + } + return 'otpauth://{type}/{label}?{parameters}'.format(**uriparts) diff --git a/tests/hazmat/primitives/twofactor/test_hotp.py b/tests/hazmat/primitives/twofactor/test_hotp.py index a5d1c284..ba40488a 100644 --- a/tests/hazmat/primitives/twofactor/test_hotp.py +++ b/tests/hazmat/primitives/twofactor/test_hotp.py @@ -14,6 +14,7 @@ from cryptography.hazmat.primitives import hashes from cryptography.hazmat.primitives.hashes import MD5, SHA1 from cryptography.hazmat.primitives.twofactor import InvalidToken from cryptography.hazmat.primitives.twofactor.hotp import HOTP +from cryptography.hazmat.primitives.twofactor.utils import get_provisioning_uri from ....utils import ( load_nist_vectors, load_vectors_from_file, raises_unsupported_algorithm @@ -92,6 +93,22 @@ class TestHOTP(object): with pytest.raises(TypeError): HOTP(secret, b"foo", SHA1(), backend) + def test_get_provisioning_uri(self, backend): + secret = b"12345678901234567890" + hotp = HOTP(secret, 6, SHA1(), backend) + + assert get_provisioning_uri(hotp, "Alice Smith", counter=1) == ( + "otpauth://hotp/Alice%20Smith?digits=6&secret=GEZDGNBV" + "GY3TQOJQGEZDGNBVGY3TQOJQ&algorithm=SHA1&counter=1") + + assert get_provisioning_uri(hotp, "Alice Smith", 'Foo', counter=1) == ( + "otpauth://hotp/Foo:Alice%20Smith?digits=6&secret=GEZD" + "GNBVGY3TQOJQGEZDGNBVGY3TQOJQ&algorithm=SHA1&issuer=Foo" + "&counter=1") + + with pytest.raises(RuntimeError): + get_provisioning_uri(hotp, "Alice Smith", 'World') # counter lost + def test_invalid_backend(): secret = b"12345678901234567890" diff --git a/tests/hazmat/primitives/twofactor/test_totp.py b/tests/hazmat/primitives/twofactor/test_totp.py index 6039983e..94c696f9 100644 --- a/tests/hazmat/primitives/twofactor/test_totp.py +++ b/tests/hazmat/primitives/twofactor/test_totp.py @@ -11,6 +11,7 @@ from cryptography.hazmat.backends.interfaces import HMACBackend from cryptography.hazmat.primitives import hashes from cryptography.hazmat.primitives.twofactor import InvalidToken from cryptography.hazmat.primitives.twofactor.totp import TOTP +from cryptography.hazmat.primitives.twofactor.utils import get_provisioning_uri from ....utils import ( load_nist_vectors, load_vectors_from_file, raises_unsupported_algorithm @@ -126,6 +127,19 @@ class TestTOTP(object): assert totp.generate(time) == b"94287082" + def test_get_provisioning_uri(self, backend): + secret = b"12345678901234567890" + totp = TOTP(secret, 6, hashes.SHA1(), 30, backend=backend) + + assert get_provisioning_uri(totp, "Alice Smith") == ( + "otpauth://totp/Alice%20Smith?digits=6&secret=GEZDGNBVG" + "Y3TQOJQGEZDGNBVGY3TQOJQ&algorithm=SHA1&period=30") + + assert get_provisioning_uri(totp, "Alice Smith", 'World') == ( + "otpauth://totp/World:Alice%20Smith?digits=6&secret=GEZ" + "DGNBVGY3TQOJQGEZDGNBVGY3TQOJQ&algorithm=SHA1&issuer=World" + "&period=30") + def test_invalid_backend(): secret = b"12345678901234567890" -- cgit v1.2.3 From a051184195b54c6ccae7c7172805f741b0c099bd Mon Sep 17 00:00:00 2001 From: Jiangge Zhang Date: Wed, 3 Jun 2015 02:04:58 +0800 Subject: Follow the review advice: turn URI generator into methods. --- .../hazmat/primitives/twofactor/hotp.py | 6 +++++ .../hazmat/primitives/twofactor/totp.py | 6 +++++ .../hazmat/primitives/twofactor/utils.py | 30 +++------------------- tests/hazmat/primitives/twofactor/test_hotp.py | 8 ++---- tests/hazmat/primitives/twofactor/test_totp.py | 5 ++-- 5 files changed, 19 insertions(+), 36 deletions(-) diff --git a/src/cryptography/hazmat/primitives/twofactor/hotp.py b/src/cryptography/hazmat/primitives/twofactor/hotp.py index ba228b40..f59f551c 100644 --- a/src/cryptography/hazmat/primitives/twofactor/hotp.py +++ b/src/cryptography/hazmat/primitives/twofactor/hotp.py @@ -15,6 +15,7 @@ from cryptography.hazmat.backends.interfaces import HMACBackend from cryptography.hazmat.primitives import constant_time, hmac from cryptography.hazmat.primitives.hashes import SHA1, SHA256, SHA512 from cryptography.hazmat.primitives.twofactor import InvalidToken +from cryptography.hazmat.primitives.twofactor.utils import generate_uri class HOTP(object): @@ -59,3 +60,8 @@ class HOTP(object): offset = six.indexbytes(hmac_value, len(hmac_value) - 1) & 0b1111 p = hmac_value[offset:offset + 4] return struct.unpack(">I", p)[0] & 0x7fffffff + + def get_provisioning_uri(self, account_name, counter, issuer=None): + return generate_uri(self, 'hotp', account_name, issuer, [ + ('counter', int(counter)), + ]) diff --git a/src/cryptography/hazmat/primitives/twofactor/totp.py b/src/cryptography/hazmat/primitives/twofactor/totp.py index 03df9292..9c8eddad 100644 --- a/src/cryptography/hazmat/primitives/twofactor/totp.py +++ b/src/cryptography/hazmat/primitives/twofactor/totp.py @@ -11,6 +11,7 @@ from cryptography.hazmat.backends.interfaces import HMACBackend from cryptography.hazmat.primitives import constant_time from cryptography.hazmat.primitives.twofactor import InvalidToken from cryptography.hazmat.primitives.twofactor.hotp import HOTP +from cryptography.hazmat.primitives.twofactor.utils import generate_uri class TOTP(object): @@ -31,3 +32,8 @@ class TOTP(object): def verify(self, totp, time): if not constant_time.bytes_eq(self.generate(time), totp): raise InvalidToken("Supplied TOTP value does not match.") + + def get_provisioning_uri(self, account_name, issuer=None): + return generate_uri(self._hotp, 'totp', account_name, issuer, [ + ('period', int(self._time_step)), + ]) diff --git a/src/cryptography/hazmat/primitives/twofactor/utils.py b/src/cryptography/hazmat/primitives/twofactor/utils.py index 43f50b30..89d38ff2 100644 --- a/src/cryptography/hazmat/primitives/twofactor/utils.py +++ b/src/cryptography/hazmat/primitives/twofactor/utils.py @@ -5,25 +5,7 @@ import base64 from six.moves.urllib.parse import quote, urlencode -__all__ = ['get_provisioning_uri'] - - -def get_provisioning_uri(otp, account_name, issuer=None, counter=None): - """Generates a provisioning URI which can be recognized by Two-Factor - Authentication Apps. See also: http://git.io/vkvvY - - :param otp: An instance of - :class:`cryptography.hazmat.primitives.twofactor.hotp.HOTP` or - :class:`cryptography.hazmat.primitives.twofactor.totp.TOTP`. - :param account_name: The display name of account, such as - ``'Alice Smith'`` or ``'alice@example.com'``. - :param issuer: The display name of issuer. - :param counter: The current value of counter. It is required for HOTP. - :return: The URI string. - :raises RuntimeError: if counter is missing but otp type is HOTP - """ - hotp = getattr(otp, '_hotp', otp) - +def generate_uri(hotp, type_name, account_name, issuer, extra_parameters): parameters = [ ('digits', hotp._length), ('secret', base64.b32encode(hotp._key)), @@ -33,16 +15,10 @@ def get_provisioning_uri(otp, account_name, issuer=None, counter=None): if issuer is not None: parameters.append(('issuer', issuer)) - if hotp is otp: - if counter is None: - raise RuntimeError('"counter" is required for HOTP') - parameters.append(('counter', int(counter))) - - if hasattr(otp, '_time_step'): - parameters.append(('period', int(otp._time_step))) + parameters.extend(extra_parameters) uriparts = { - 'type': otp.__class__.__name__.lower(), + 'type': type_name, 'label': ('%s:%s' % (quote(issuer), quote(account_name)) if issuer else quote(account_name)), 'parameters': urlencode(parameters), diff --git a/tests/hazmat/primitives/twofactor/test_hotp.py b/tests/hazmat/primitives/twofactor/test_hotp.py index ba40488a..3359dac2 100644 --- a/tests/hazmat/primitives/twofactor/test_hotp.py +++ b/tests/hazmat/primitives/twofactor/test_hotp.py @@ -14,7 +14,6 @@ from cryptography.hazmat.primitives import hashes from cryptography.hazmat.primitives.hashes import MD5, SHA1 from cryptography.hazmat.primitives.twofactor import InvalidToken from cryptography.hazmat.primitives.twofactor.hotp import HOTP -from cryptography.hazmat.primitives.twofactor.utils import get_provisioning_uri from ....utils import ( load_nist_vectors, load_vectors_from_file, raises_unsupported_algorithm @@ -97,18 +96,15 @@ class TestHOTP(object): secret = b"12345678901234567890" hotp = HOTP(secret, 6, SHA1(), backend) - assert get_provisioning_uri(hotp, "Alice Smith", counter=1) == ( + assert hotp.get_provisioning_uri("Alice Smith", 1) == ( "otpauth://hotp/Alice%20Smith?digits=6&secret=GEZDGNBV" "GY3TQOJQGEZDGNBVGY3TQOJQ&algorithm=SHA1&counter=1") - assert get_provisioning_uri(hotp, "Alice Smith", 'Foo', counter=1) == ( + assert hotp.get_provisioning_uri("Alice Smith", 1, issuer='Foo') == ( "otpauth://hotp/Foo:Alice%20Smith?digits=6&secret=GEZD" "GNBVGY3TQOJQGEZDGNBVGY3TQOJQ&algorithm=SHA1&issuer=Foo" "&counter=1") - with pytest.raises(RuntimeError): - get_provisioning_uri(hotp, "Alice Smith", 'World') # counter lost - def test_invalid_backend(): secret = b"12345678901234567890" diff --git a/tests/hazmat/primitives/twofactor/test_totp.py b/tests/hazmat/primitives/twofactor/test_totp.py index 94c696f9..cd841ba6 100644 --- a/tests/hazmat/primitives/twofactor/test_totp.py +++ b/tests/hazmat/primitives/twofactor/test_totp.py @@ -11,7 +11,6 @@ from cryptography.hazmat.backends.interfaces import HMACBackend from cryptography.hazmat.primitives import hashes from cryptography.hazmat.primitives.twofactor import InvalidToken from cryptography.hazmat.primitives.twofactor.totp import TOTP -from cryptography.hazmat.primitives.twofactor.utils import get_provisioning_uri from ....utils import ( load_nist_vectors, load_vectors_from_file, raises_unsupported_algorithm @@ -131,11 +130,11 @@ class TestTOTP(object): secret = b"12345678901234567890" totp = TOTP(secret, 6, hashes.SHA1(), 30, backend=backend) - assert get_provisioning_uri(totp, "Alice Smith") == ( + assert totp.get_provisioning_uri("Alice Smith") == ( "otpauth://totp/Alice%20Smith?digits=6&secret=GEZDGNBVG" "Y3TQOJQGEZDGNBVGY3TQOJQ&algorithm=SHA1&period=30") - assert get_provisioning_uri(totp, "Alice Smith", 'World') == ( + assert totp.get_provisioning_uri("Alice Smith", 'World') == ( "otpauth://totp/World:Alice%20Smith?digits=6&secret=GEZ" "DGNBVGY3TQOJQGEZDGNBVGY3TQOJQ&algorithm=SHA1&issuer=World" "&period=30") -- cgit v1.2.3 From e9f8eb9af0c4f42dd4e68ae05580f77dc352aaf4 Mon Sep 17 00:00:00 2001 From: Jiangge Zhang Date: Wed, 3 Jun 2015 02:05:11 +0800 Subject: Describe provisioning URI in the document. --- docs/hazmat/primitives/twofactor.rst | 38 ++++++++++++++++++++++++++++++++++++ 1 file changed, 38 insertions(+) diff --git a/docs/hazmat/primitives/twofactor.rst b/docs/hazmat/primitives/twofactor.rst index dd3e0250..dace6f7d 100644 --- a/docs/hazmat/primitives/twofactor.rst +++ b/docs/hazmat/primitives/twofactor.rst @@ -74,6 +74,14 @@ codes (HMAC). :raises cryptography.hazmat.primitives.twofactor.InvalidToken: This is raised when the supplied HOTP does not match the expected HOTP. + .. method:: get_provisioning_uri(account_name, counter, issuer=None) + + :param str account_name: The display name of account, such as + ``'Alice Smith'`` or ``'alice@example.com'``. + :param str issuer: The optional display name of issuer. + :param int counter: The current value of counter. + :return str: An URI string. + Throttling ~~~~~~~~~~ @@ -171,3 +179,33 @@ similar to the following code. :param int time: The time value to validate against. :raises cryptography.hazmat.primitives.twofactor.InvalidToken: This is raised when the supplied TOTP does not match the expected TOTP. + + .. method:: get_provisioning_uri(account_name, issuer=None) + + :param str account_name: The display name of account, such as + ``'Alice Smith'`` or ``'alice@example.com'``. + :param str issuer: The optional display name of issuer. + :return str: An URI string. + +Provisioning URI +~~~~~~~~~~~~~~~~ + +The provisioning URI of HOTP and TOTP is not actual the part of RFC 4226 and +RFC 6238, but a `spec of Google Authenticator `_. It is +wide supported by web sites and mobile applications which using Two-Factor +authentication. + +For generating a provisioning URI, you could use the ``get_provisioning_uri`` +method of HOTP/TOTP instances. + +.. code-block:: python + + counter = 5 + account_name = 'alice@example.com' + issuer_name = 'Example Inc' + + hotp_uri = hotp.get_provisioning_uri(account_name, counter, issuer_name) + totp_uri = totp.get_provisioning_uri(account_name, issuer_name) + +A common usage is encoding the provisioning URI into QR code and guiding users +to scan it with Two-Factor authentication applications in their mobile devices. -- cgit v1.2.3 From d4e0a839ef676a2ed05140f98ef3630deb0fdd61 Mon Sep 17 00:00:00 2001 From: Jiangge Zhang Date: Wed, 3 Jun 2015 17:30:11 +0800 Subject: Remove a default argument and rename a private function. --- docs/hazmat/primitives/twofactor.rst | 10 ++++++---- src/cryptography/hazmat/primitives/twofactor/hotp.py | 6 +++--- src/cryptography/hazmat/primitives/twofactor/totp.py | 6 +++--- src/cryptography/hazmat/primitives/twofactor/utils.py | 4 ++-- tests/hazmat/primitives/twofactor/test_hotp.py | 4 ++-- tests/hazmat/primitives/twofactor/test_totp.py | 2 +- 6 files changed, 17 insertions(+), 15 deletions(-) diff --git a/docs/hazmat/primitives/twofactor.rst b/docs/hazmat/primitives/twofactor.rst index dace6f7d..016c30eb 100644 --- a/docs/hazmat/primitives/twofactor.rst +++ b/docs/hazmat/primitives/twofactor.rst @@ -74,11 +74,12 @@ codes (HMAC). :raises cryptography.hazmat.primitives.twofactor.InvalidToken: This is raised when the supplied HOTP does not match the expected HOTP. - .. method:: get_provisioning_uri(account_name, counter, issuer=None) + .. method:: get_provisioning_uri(account_name, counter, issuer) :param str account_name: The display name of account, such as ``'Alice Smith'`` or ``'alice@example.com'``. - :param str issuer: The optional display name of issuer. + :param issuer: The optional display name of issuer. + :type issuer: `string` or `None` :param int counter: The current value of counter. :return str: An URI string. @@ -180,11 +181,12 @@ similar to the following code. :raises cryptography.hazmat.primitives.twofactor.InvalidToken: This is raised when the supplied TOTP does not match the expected TOTP. - .. method:: get_provisioning_uri(account_name, issuer=None) + .. method:: get_provisioning_uri(account_name, issuer) :param str account_name: The display name of account, such as ``'Alice Smith'`` or ``'alice@example.com'``. - :param str issuer: The optional display name of issuer. + :param issuer: The optional display name of issuer. + :type issuer: `string` or `None` :return str: An URI string. Provisioning URI diff --git a/src/cryptography/hazmat/primitives/twofactor/hotp.py b/src/cryptography/hazmat/primitives/twofactor/hotp.py index f59f551c..8c0cec14 100644 --- a/src/cryptography/hazmat/primitives/twofactor/hotp.py +++ b/src/cryptography/hazmat/primitives/twofactor/hotp.py @@ -15,7 +15,7 @@ from cryptography.hazmat.backends.interfaces import HMACBackend from cryptography.hazmat.primitives import constant_time, hmac from cryptography.hazmat.primitives.hashes import SHA1, SHA256, SHA512 from cryptography.hazmat.primitives.twofactor import InvalidToken -from cryptography.hazmat.primitives.twofactor.utils import generate_uri +from cryptography.hazmat.primitives.twofactor.utils import _generate_uri class HOTP(object): @@ -61,7 +61,7 @@ class HOTP(object): p = hmac_value[offset:offset + 4] return struct.unpack(">I", p)[0] & 0x7fffffff - def get_provisioning_uri(self, account_name, counter, issuer=None): - return generate_uri(self, 'hotp', account_name, issuer, [ + def get_provisioning_uri(self, account_name, counter, issuer): + return _generate_uri(self, 'hotp', account_name, issuer, [ ('counter', int(counter)), ]) diff --git a/src/cryptography/hazmat/primitives/twofactor/totp.py b/src/cryptography/hazmat/primitives/twofactor/totp.py index 9c8eddad..98493b6d 100644 --- a/src/cryptography/hazmat/primitives/twofactor/totp.py +++ b/src/cryptography/hazmat/primitives/twofactor/totp.py @@ -11,7 +11,7 @@ from cryptography.hazmat.backends.interfaces import HMACBackend from cryptography.hazmat.primitives import constant_time from cryptography.hazmat.primitives.twofactor import InvalidToken from cryptography.hazmat.primitives.twofactor.hotp import HOTP -from cryptography.hazmat.primitives.twofactor.utils import generate_uri +from cryptography.hazmat.primitives.twofactor.utils import _generate_uri class TOTP(object): @@ -33,7 +33,7 @@ class TOTP(object): if not constant_time.bytes_eq(self.generate(time), totp): raise InvalidToken("Supplied TOTP value does not match.") - def get_provisioning_uri(self, account_name, issuer=None): - return generate_uri(self._hotp, 'totp', account_name, issuer, [ + def get_provisioning_uri(self, account_name, issuer): + return _generate_uri(self._hotp, 'totp', account_name, issuer, [ ('period', int(self._time_step)), ]) diff --git a/src/cryptography/hazmat/primitives/twofactor/utils.py b/src/cryptography/hazmat/primitives/twofactor/utils.py index 89d38ff2..ae32058b 100644 --- a/src/cryptography/hazmat/primitives/twofactor/utils.py +++ b/src/cryptography/hazmat/primitives/twofactor/utils.py @@ -1,11 +1,11 @@ -from __future__ import unicode_literals +from __future__ import absolute_import, division, print_function import base64 from six.moves.urllib.parse import quote, urlencode -def generate_uri(hotp, type_name, account_name, issuer, extra_parameters): +def _generate_uri(hotp, type_name, account_name, issuer, extra_parameters): parameters = [ ('digits', hotp._length), ('secret', base64.b32encode(hotp._key)), diff --git a/tests/hazmat/primitives/twofactor/test_hotp.py b/tests/hazmat/primitives/twofactor/test_hotp.py index 3359dac2..ab5f93c5 100644 --- a/tests/hazmat/primitives/twofactor/test_hotp.py +++ b/tests/hazmat/primitives/twofactor/test_hotp.py @@ -96,11 +96,11 @@ class TestHOTP(object): secret = b"12345678901234567890" hotp = HOTP(secret, 6, SHA1(), backend) - assert hotp.get_provisioning_uri("Alice Smith", 1) == ( + assert hotp.get_provisioning_uri("Alice Smith", 1, None) == ( "otpauth://hotp/Alice%20Smith?digits=6&secret=GEZDGNBV" "GY3TQOJQGEZDGNBVGY3TQOJQ&algorithm=SHA1&counter=1") - assert hotp.get_provisioning_uri("Alice Smith", 1, issuer='Foo') == ( + assert hotp.get_provisioning_uri("Alice Smith", 1, 'Foo') == ( "otpauth://hotp/Foo:Alice%20Smith?digits=6&secret=GEZD" "GNBVGY3TQOJQGEZDGNBVGY3TQOJQ&algorithm=SHA1&issuer=Foo" "&counter=1") diff --git a/tests/hazmat/primitives/twofactor/test_totp.py b/tests/hazmat/primitives/twofactor/test_totp.py index cd841ba6..95829713 100644 --- a/tests/hazmat/primitives/twofactor/test_totp.py +++ b/tests/hazmat/primitives/twofactor/test_totp.py @@ -130,7 +130,7 @@ class TestTOTP(object): secret = b"12345678901234567890" totp = TOTP(secret, 6, hashes.SHA1(), 30, backend=backend) - assert totp.get_provisioning_uri("Alice Smith") == ( + assert totp.get_provisioning_uri("Alice Smith", None) == ( "otpauth://totp/Alice%20Smith?digits=6&secret=GEZDGNBVG" "Y3TQOJQGEZDGNBVGY3TQOJQ&algorithm=SHA1&period=30") -- cgit v1.2.3 From 0d9dbbe40d95cc623df218ebf74ef66f3bc1c758 Mon Sep 17 00:00:00 2001 From: Jiangge Zhang Date: Wed, 3 Jun 2015 20:37:39 +0800 Subject: add license header and fix grammar errors. --- docs/hazmat/primitives/twofactor.rst | 4 ++-- src/cryptography/hazmat/primitives/twofactor/utils.py | 4 ++++ 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/docs/hazmat/primitives/twofactor.rst b/docs/hazmat/primitives/twofactor.rst index 016c30eb..e149da02 100644 --- a/docs/hazmat/primitives/twofactor.rst +++ b/docs/hazmat/primitives/twofactor.rst @@ -194,8 +194,8 @@ Provisioning URI The provisioning URI of HOTP and TOTP is not actual the part of RFC 4226 and RFC 6238, but a `spec of Google Authenticator `_. It is -wide supported by web sites and mobile applications which using Two-Factor -authentication. +widely supported by web sites and mobile applications which are using +Two-Factor authentication. For generating a provisioning URI, you could use the ``get_provisioning_uri`` method of HOTP/TOTP instances. diff --git a/src/cryptography/hazmat/primitives/twofactor/utils.py b/src/cryptography/hazmat/primitives/twofactor/utils.py index ae32058b..91d2e148 100644 --- a/src/cryptography/hazmat/primitives/twofactor/utils.py +++ b/src/cryptography/hazmat/primitives/twofactor/utils.py @@ -1,3 +1,7 @@ +# This file is dual licensed under the terms of the Apache License, Version +# 2.0, and the BSD License. See the LICENSE file in the root of this repository +# for complete details. + from __future__ import absolute_import, division, print_function import base64 -- cgit v1.2.3 From 840a99b253e11554c166ccd7de22b553db627ee3 Mon Sep 17 00:00:00 2001 From: Jiangge Zhang Date: Wed, 3 Jun 2015 23:58:10 +0800 Subject: Move the external link to page bottom. --- docs/hazmat/primitives/twofactor.rst | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/docs/hazmat/primitives/twofactor.rst b/docs/hazmat/primitives/twofactor.rst index e149da02..f49d02f9 100644 --- a/docs/hazmat/primitives/twofactor.rst +++ b/docs/hazmat/primitives/twofactor.rst @@ -193,9 +193,8 @@ Provisioning URI ~~~~~~~~~~~~~~~~ The provisioning URI of HOTP and TOTP is not actual the part of RFC 4226 and -RFC 6238, but a `spec of Google Authenticator `_. It is -widely supported by web sites and mobile applications which are using -Two-Factor authentication. +RFC 6238, but a `spec of Google Authenticator`_. It is widely supported by web +sites and mobile applications which are using Two-Factor authentication. For generating a provisioning URI, you could use the ``get_provisioning_uri`` method of HOTP/TOTP instances. @@ -211,3 +210,5 @@ method of HOTP/TOTP instances. A common usage is encoding the provisioning URI into QR code and guiding users to scan it with Two-Factor authentication applications in their mobile devices. + +.. _`spec of Google Authenticator`: https://github.com/google/google-authenticator/wiki/Key-Uri-Format -- cgit v1.2.3