Created
October 17, 2014 07:07
-
-
Save ryankurte/b210755cd0d5e082677a to your computer and use it in GitHub Desktop.
Node.js TOTP test server
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| var sys = require("sys"); | |
| var http = require('http'); | |
| var url = require('url'); | |
| var querystring = require('querystring'); | |
| var notp = require('notp'); | |
| var crypto = require('crypto'); | |
| var thirtyTwo = require('thirty-two'); | |
| var assert = require('assert'); | |
| //Generate a pseudo random TOTP secret for testing | |
| function genKeyPage(request, response) { | |
| var buf = crypto.pseudoRandomBytes(10); | |
| var encoded = thirtyTwo.encode(buf.toString()); | |
| response.writeHeader(200, {"Content-Type": "text/plain"}); | |
| response.write(encoded); | |
| response.end(); | |
| }; | |
| //Fetch a token for a TOTP | |
| function getTokenPage(request, response) { | |
| var query = querystring.parse(url.parse(request.url).query); | |
| if(query.key) { | |
| var token = notp.totp.gen(query.key); | |
| response.writeHeader(200, {"Content-Type": "text/plain"}); | |
| response.write(token); | |
| response.end(); | |
| } else { | |
| response.writeHeader(400, {"Content-Type": "text/plain"}); | |
| response.write("Error 400: Get token method requires a key"); | |
| response.end(); | |
| } | |
| }; | |
| //Check a TOTP token against a known secret | |
| function checkTokenPage(request, response) { | |
| var query = querystring.parse(url.parse(request.url).query); | |
| if((query.key) && (query.token)) { | |
| var res = notp.totp.verify(query.token, query.key); | |
| if(res) { | |
| response.writeHeader(200, {"Content-Type": "text/plain"}); | |
| response.write("OK"); | |
| response.end(); | |
| } else { | |
| response.writeHeader(401, {"Content-Type": "text/plain"}); | |
| response.write("Error 401: Invalid token"); | |
| response.end(); | |
| } | |
| } else { | |
| response.writeHeader(400, {"Content-Type": "text/plain"}); | |
| response.write("Error: Check token method requires a key and token"); | |
| response.end(); | |
| } | |
| }; | |
| //Check server functionality | |
| var buf = crypto.pseudoRandomBytes(10); | |
| var encoded = thirtyTwo.encode(buf.toString()); | |
| var token = notp.totp.gen(encoded); | |
| assert.ok(notp.totp.verify(token, encoded)); | |
| //Server function | |
| http.createServer( | |
| function(request,response){ | |
| var path = url.parse(request.url).pathname; | |
| //Call subpaths | |
| switch(path) { | |
| case '/new': | |
| genKeyPage(request, response); | |
| break; | |
| case '/check': | |
| checkTokenPage(request, response); | |
| break; | |
| case '/get': | |
| getTokenPage(request, response); | |
| break; | |
| default: | |
| //Default page response | |
| response.writeHeader(200, {"Content-Type": "text/plain"}); | |
| response.write("Request to: " + path); | |
| response.end(); | |
| break; | |
| } | |
| }).listen(8080); | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment