import { KeyEncodings, SecretKey } from './utils'; import { TOTP, TOTPOptions } from './totp'; /** * RFC4648 / RFC3548 Base32 String. * * Other Base32 encoding methods like Crockford's Base32 * will not be compatible with Google Authenticator. */ export declare type Base32SecretKey = SecretKey; /** * Interface method for [[AuthenticatorOptions.keyEncoder]]. */ export interface KeyEncoder<T = Base32SecretKey> { (secret: SecretKey, encoding: KeyEncodings): T; } /** * Interface method for [[AuthenticatorOptions.keyDecoder]]. */ export interface KeyDecoder<T = SecretKey> { (encodedSecret: Base32SecretKey, encoding: KeyEncodings): T; } /** * Interface method for [[AuthenticatorOptions.createRandomBytes]]. */ export interface CreateRandomBytes<T = string> { (size: number, encoding: KeyEncodings): T; } /** * Interface for options used in Authenticator. * * Contains additional options in addition to * those within TOTP. */ export interface AuthenticatorOptions<T = string> extends TOTPOptions<T> { /** * Encodes a secret key into a Base32 string before it is * sent to the user (in QR Code etc). */ keyEncoder: KeyEncoder<T>; /** * Decodes the Base32 string given by the user into a secret. * */ keyDecoder: KeyDecoder<T>; /** * Creates a random string containing the defined number of * bytes to be used in generating a secret key. */ createRandomBytes: CreateRandomBytes<T>; } /** * Validates the given [[AuthenticatorOptions]]. */ export declare function authenticatorOptionValidator<T extends AuthenticatorOptions<unknown> = AuthenticatorOptions<unknown>>(options: Partial<T>): void; /** * Returns a set of default options for authenticator at the current epoch. */ export declare function authenticatorDefaultOptions<T extends AuthenticatorOptions<unknown> = AuthenticatorOptions<unknown>>(): Partial<T>; /** * Takes an Authenticator Option object and provides presets for * some of the missing required Authenticator option fields and validates * the resultant options. */ export declare function authenticatorOptions<T extends AuthenticatorOptions<unknown> = AuthenticatorOptions<unknown>>(opt: Partial<T>): Readonly<T>; /** * Encodes a given secret key into a Base32 secret * using a [[KeyEncoder]] method set in the options. * * @param secret - The [[SecretKey]] to encode into a [[Base32SecretKey]] * @param options - An [[AuthenticatorOptions]] object */ export declare function authenticatorEncoder<T extends AuthenticatorOptions<unknown> = AuthenticatorOptions<unknown>>(secret: SecretKey, options: Pick<T, 'keyEncoder' | 'encoding'>): ReturnType<T['keyEncoder']>; /** * Decodes a given Base32 secret to a secret key * using a [[KeyDecoder]] method set in the options. * * @param secret - The [[Base32SecretKey]] to decode * @param options - An [[AuthenticatorOptions]] object */ export declare function authenticatorDecoder<T extends AuthenticatorOptions<unknown> = AuthenticatorOptions<unknown>>(secret: Base32SecretKey, options: Pick<T, 'keyDecoder' | 'encoding'>): ReturnType<T['keyDecoder']>; /** * Generates a random Base32 Secret Key. * * @param numberOfBytes - Number of bytes per secret key * @param options.createRandomBytes * @param options.encoding * @param options.keyEncoder */ export declare function authenticatorGenerateSecret<T extends AuthenticatorOptions = AuthenticatorOptions>(numberOfBytes: number, options: Pick<T, 'keyEncoder' | 'encoding' | 'createRandomBytes'>): Base32SecretKey; /** * Generates the Authenticator based token. * * tl;dr: Authenticator = TOTP + Base32 Secret * * **References** * * - https://en.wikipedia.org/wiki/Google_Authenticator * * @param secret - [[Base32SecretKey]] * @param options - An [[AuthenticatorOptions]] object. */ export declare function authenticatorToken<T extends AuthenticatorOptions = AuthenticatorOptions>(secret: Base32SecretKey, options: Readonly<T>): string; /** * Decodes the encodedSecret and passes it to [[totpCheckWithWindow]] * * @param token - The token to check * @param secret - The [[Base32SecretKey]] * @param options - An [[AuthenticatorOptions]] object. */ export declare function authenticatorCheckWithWindow<T extends AuthenticatorOptions = AuthenticatorOptions>(token: string, secret: Base32SecretKey, options: Readonly<T>): number | null; /** * A class wrapper containing all Authenticator methods. */ export declare class Authenticator<T extends AuthenticatorOptions<string> = AuthenticatorOptions<string>> extends TOTP<T> { /** * Creates a new instance with all defaultOptions and options reset. */ create(defaultOptions?: Partial<T>): Authenticator<T>; /** * Returns a set of options at the current moment, * polyfilled with some of the missing required options. * * Refer to [[authenticatorOptions]] */ allOptions(): Readonly<T>; /** * Reference: [[authenticatorToken]] */ generate(secret: Base32SecretKey): string; /** * Reference: [[authenticatorCheckWithWindow]] */ checkDelta(token: string, secret: Base32SecretKey): number | null; /** * Reference: [[authenticatorEncoder]] */ encode(secret: SecretKey): Base32SecretKey; /** * Reference: [[authenticatorDecoder]] */ decode(secret: Base32SecretKey): SecretKey; /** * Reference: [[authenticatorGenerateSecret]] */ generateSecret(numberOfBytes?: number): Base32SecretKey; }