{"id":21597479,"url":"https://github.com/cerus/faktor","last_synced_at":"2025-03-18T11:25:54.128Z","repository":{"id":151942045,"uuid":"625064610","full_name":"cerus/faktor","owner":"cerus","description":"🔐 Tiny \u0026 lightweight RFC 4226 \u0026 RFC 6238 compliant one-time password (HOTP/TOTP) generation \u0026 validation library for Java","archived":false,"fork":false,"pushed_at":"2023-04-08T01:54:50.000Z","size":27,"stargazers_count":3,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-01-24T17:44:49.577Z","etag":null,"topics":["2fa","2factor","authy","google-authenticator","hotp","one-time-password","otp","otp-generator","otp-verification","rfc-4226","rfc-6238","rfc4226","rfc6238","totp","totp-generator"],"latest_commit_sha":null,"homepage":"","language":"Java","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/cerus.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":".github/FUNDING.yml","license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null},"funding":{"github":"cerus"}},"created_at":"2023-04-08T01:06:09.000Z","updated_at":"2024-06-20T15:32:55.000Z","dependencies_parsed_at":"2023-06-09T22:15:09.684Z","dependency_job_id":null,"html_url":"https://github.com/cerus/faktor","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cerus%2Ffaktor","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cerus%2Ffaktor/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cerus%2Ffaktor/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cerus%2Ffaktor/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/cerus","download_url":"https://codeload.github.com/cerus/faktor/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":244209580,"owners_count":20416310,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["2fa","2factor","authy","google-authenticator","hotp","one-time-password","otp","otp-generator","otp-verification","rfc-4226","rfc-6238","rfc4226","rfc6238","totp","totp-generator"],"created_at":"2024-11-24T18:09:07.646Z","updated_at":"2025-03-18T11:25:54.116Z","avatar_url":"https://github.com/cerus.png","language":"Java","readme":"\u003cdiv align=\"center\"\u003e\n    \u003ch1\u003efaktor 🔐\u003c/h1\u003e\n    \u003cp\u003eTiny \u003ca href=\"https://www.rfc-editor.org/rfc/rfc4226\" target=\"_blank\"\u003eRFC 4226\u003c/a\u003e \u0026 \u003ca href=\"https://www.rfc-editor.org/rfc/rfc6238\" target=\"_blank\"\u003eRFC 6238\u003c/a\u003e compliant one-time password generation \u0026 validation library for Java\u003c/p\u003e \n    \u003cimg alt=\"GitHub\" src=\"https://img.shields.io/github/license/cerus/faktor\"\u003e \u003ca href=\"https://app.codacy.com/gh/cerus/faktor/dashboard?utm_source=gh\u0026utm_medium=referral\u0026utm_content=\u0026utm_campaign=Badge_grade\"\u003e\u003cimg src=\"https://app.codacy.com/project/badge/Grade/f22c4b117b0a406a82c15e68f736f75d\"/\u003e\u003c/a\u003e \u003cimg alt=\"GitHub Sponsors\" src=\"https://img.shields.io/github/sponsors/cerus\"\u003e\n\u003c/div\u003e\n\u003chr\u003e\n\nfaktor is a tiny otp library that supports otp generation and validation. faktor supports HOTP (HMAC-based one-time passwords) and TOTP (Time-based\none-time passwords).\n\nOne-time passwords provide an extra layer of security for your users. Instead of just logging in with your username and password an additional\none-time password is required, which is usually generated by the user's phone. Please see\nthe [Wikipedia page](https://en.wikipedia.org/wiki/One-time_password) for more information about OTPs.\n\n## Features\n\n- HOTP\n    - HMAC-SHA-1\n- TOTP\n    - HMAC-SHA-1, HMAC-SHA-256, HMAC-SHA-512\n- Generation \u0026 validation\n- Hex secrets\n- Base32 secrets\n- RFC 4226 \u0026 RFC 6238 compliant\n- Very lightweight, no runtime dependencies\n\n## Usage\n\n\u003cdetails\u003e\n\u003csummary\u003eMaven installation\u003c/summary\u003e\n\n```xml\n\n\u003cdependency\u003e\n    \u003cgroupId\u003edev.cerus\u003c/groupId\u003e\n    \u003cartifactId\u003efaktor\u003c/artifactId\u003e\n    \u003cversion\u003e1.0.0\u003c/version\u003e\n\u003c/dependency\u003e\n\n```\n\n\u003c/details\u003e\n\nMost of faktor's functionality revolves around these four classes: `HOTPGenerator`, `TOTPGenerator`, `TOTPService` and `OTPSecret`.\n\nTo generate a new secret use either `OTPSecret#generateBase32Secret(HMACAlgorithm, Random)` or `OTPSecret#generateHexSecret(HMACAlgorithm, Random)`.\n\nTo generate HOTPs use the `HOTPGenerator` class. To generate TOTPs use the `TOTPGenerator` class. To generate and validate TOTPs use the `TOTPService`\nclass. Check the examples section for more information.\n\n## Examples\n\n### HOTPGenerator\n\n```java\nimport dev.cerus.faktor.HMACAlgorithm;\nimport dev.cerus.faktor.generator.HOTPGenerator;\nimport dev.cerus.faktor.service.secret.OTPSecret;\nimport java.security.SecureRandom;\nimport java.util.Random;\n\nclass Example {\n\n    public static void main(String[] args) {\n        long counter = 123456789L;  // This is the counter value used for otp generation\n        int digits = 6;             // This is the amount of digits the otp will have (can be between 6 and 10)\n\n        Random rand = new SecureRandom();\n        OTPSecret secret = OTPSecret.generateBase32Secret(HMACAlgorithm.SHA1, rand);\n        HOTPGenerator gen = HOTPGenerator.newDefaultGenerator(); // Creates a new instance of DefaultHOTPGenerator\n        final int otp = gen.generateHOTP(secret.asBytes(), counter, digits);\n        System.out.print(\"Your HOTP is %d%n\", otp);\n    }\n\n}\n```\n\n### TOTPGenerator\n\n```java\nimport dev.cerus.faktor.HMACAlgorithm;\nimport dev.cerus.faktor.generator.TOTPGenerator;\nimport dev.cerus.faktor.service.secret.OTPSecret;\nimport java.security.SecureRandom;\nimport java.util.Random;\nimport java.util.concurrent.TimeUnit;\n\nclass Example {\n\n    public static void main(String[] args) {\n        long timestamp = System.currentTimeMillis();    // This is the timestamp the otp will be generated for\n        long timeStep = TimeUnit.SECONDS.toMillis(30);  // This is the lifetime of each otp\n        int digits = 6;                                 // This is the amount of digits the otp will have (can be between 6 and 10)\n        HMACAlgorithm algo = HMACAlgorithm.SHA1;        // This is the algorithm that's used for otp generation\n\n        Random rand = new SecureRandom();\n        OTPSecret secret = OTPSecret.generateBase32Secret(HMACAlgorithm.SHA1, rand);\n        TOTPGenerator gen = TOTPGenerator.newDefaultGenerator(); // Creates a new instance of DefaultTOTPGenerator\n        final int otp = gen.generateTOTP(secret.asBytes(), timestamp, timeStep, digits, algo);\n        System.out.print(\"Your TOTP is %d%n\", otp);\n    }\n\n}\n```\n\n### TOTPService\n\n```java\nimport dev.cerus.faktor.HMACAlgorithm;\nimport dev.cerus.faktor.service.TOTPService;\nimport java.util.concurrent.TimeUnit;\n\nclass Example {\n\n    public static void main(String[] args) {\n        Random rand = new SecureRandom();\n        OTPSecret secret = OTPSecret.generateBase32Secret(HMACAlgorithm.SHA1, rand);\n        TOTPService totpService = TOTPService.defaultServiceBuilder()\n                .withAlgorithm(HMACAlgorithm.SHA1)\n                .withSecret(secret)\n                .withTimeStep(30, TimeUnit.SECONDS)\n                .withDigits(6)\n                .withDefaultGenerator() // DefaultTOTPGenerator\n                .withBackwardsSteps(2) // This specifies how many time steps a secret can be old to still count as valid\n                .build();\n\n        final int totp = totpService.generateTOTP();\n        totpService.validateTOTP(totp); // -\u003e true\n    }\n\n}\n```\n\n## Contributing\n\nPlease see [CONTRIBUTING.md](/CONTRIBUTING.md) for more information.\n\n## License\n\nfaktor is licensed under the [MIT License](https://opensource.org/license/mit).","funding_links":["https://github.com/sponsors/cerus"],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcerus%2Ffaktor","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fcerus%2Ffaktor","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcerus%2Ffaktor/lists"}