Update github.com/pquerna/otp from untagged to v1.2.0 (#11358)

6 files changed, 76 insertions, 18 deletions

diff --git a/vendor/github.com/pquerna/otp/.travis.yml b/vendor/github.com/pquerna/otp/.travis.yml
index 73d38b1926..5a9ed93afb 100644
--- a/vendor/github.com/pquerna/otp/.travis.yml
+++ b/vendor/github.com/pquerna/otp/.travis.yml
@@ -1,6 +1,7 @@
 language: go
 
+env:
+  - GO111MODULE=on
+
 go:
-  - 1.5
-  - 1.6
-  - tip
+  - "1.12"
diff --git a/vendor/github.com/pquerna/otp/go.mod b/vendor/github.com/pquerna/otp/go.mod
new file mode 100644
index 0000000000..77f2d6ccfa
--- /dev/null
+++ b/vendor/github.com/pquerna/otp/go.mod
@@ -0,0 +1,8 @@
+module github.com/pquerna/otp
+
+go 1.12
+
+require (
+	github.com/boombuler/barcode v1.0.1-0.20190219062509-6c824513bacc
+	github.com/stretchr/testify v1.3.0
+)
diff --git a/vendor/github.com/pquerna/otp/go.sum b/vendor/github.com/pquerna/otp/go.sum
new file mode 100644
index 0000000000..6848b56f62
--- /dev/null
+++ b/vendor/github.com/pquerna/otp/go.sum
@@ -0,0 +1,11 @@
+github.com/boombuler/barcode v1.0.0 h1:s1TvRnXwL2xJRaccrdcBQMZxq6X7DvsMogtmJeHDdrc=
+github.com/boombuler/barcode v1.0.0/go.mod h1:paBWMcWSl3LHKBqUq+rly7CNSldXjb2rDl3JlRe0mD8=
+github.com/boombuler/barcode v1.0.1-0.20190219062509-6c824513bacc h1:biVzkmvwrH8WK8raXaxBx6fRVTlJILwEwQGL1I/ByEI=
+github.com/boombuler/barcode v1.0.1-0.20190219062509-6c824513bacc/go.mod h1:paBWMcWSl3LHKBqUq+rly7CNSldXjb2rDl3JlRe0mD8=
+github.com/davecgh/go-spew v1.1.0 h1:ZDRjVQ15GmhC3fiQ8ni8+OwkZQO4DARzQgrnXU1Liz8=
+github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
+github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
+github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
+github.com/stretchr/testify v1.3.0 h1:TivCn/peBQ7UY8ooIcPgZFpTNSz0Q2U6UrFlUfqbe0Q=
+github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI=
diff --git a/vendor/github.com/pquerna/otp/hotp/hotp.go b/vendor/github.com/pquerna/otp/hotp/hotp.go
index 62cdc87f41..5e99e2218e 100644
--- a/vendor/github.com/pquerna/otp/hotp/hotp.go
+++ b/vendor/github.com/pquerna/otp/hotp/hotp.go
@@ -70,6 +70,17 @@ func GenerateCode(secret string, counter uint64) (string, error) {
 // GenerateCodeCustom uses a counter and secret value and options struct to
 // create a passcode.
 func GenerateCodeCustom(secret string, counter uint64, opts ValidateOpts) (passcode string, err error) {
+	// As noted in issue #10 and #17 this adds support for TOTP secrets that are
+	// missing their padding.
+	secret = strings.TrimSpace(secret)
+	if n := len(secret) % 8; n != 0 {
+		secret = secret + strings.Repeat("=", 8-n)
+	}
+
+	// As noted in issue #24 Google has started producing base32 in lower case,
+	// but the StdEncoding (and the RFC), expect a dictionary of only upper case letters.
+	secret = strings.ToUpper(secret)
+
 	secretBytes, err := base32.StdEncoding.DecodeString(secret)
 	if err != nil {
 		return "", otp.ErrValidateSecretInvalidBase32
@@ -135,12 +146,16 @@ type GenerateOpts struct {
 	AccountName string
 	// Size in size of the generated Secret. Defaults to 10 bytes.
 	SecretSize uint
+	// Secret to store. Defaults to a randomly generated secret of SecretSize.  You should generally leave this empty.
+	Secret []byte
 	// Digits to request. Defaults to 6.
 	Digits otp.Digits
 	// Algorithm to use for HMAC. Defaults to SHA1.
 	Algorithm otp.Algorithm
 }
 
+var b32NoPadding = base32.StdEncoding.WithPadding(base32.NoPadding)
+
 // Generate creates a new HOTP Key.
 func Generate(opts GenerateOpts) (*otp.Key, error) {
 	// url encode the Issuer/AccountName
@@ -156,16 +171,24 @@ func Generate(opts GenerateOpts) (*otp.Key, error) {
 		opts.SecretSize = 10
 	}
 
+	if opts.Digits == 0 {
+		opts.Digits = otp.DigitsSix
+	}
+
 	// otpauth://totp/Example:alice@google.com?secret=JBSWY3DPEHPK3PXP&issuer=Example
 
 	v := url.Values{}
-	secret := make([]byte, opts.SecretSize)
-	_, err := rand.Read(secret)
-	if err != nil {
-		return nil, err
+	if len(opts.Secret) != 0 {
+		v.Set("secret", b32NoPadding.EncodeToString(opts.Secret))
+	} else {
+		secret := make([]byte, opts.SecretSize)
+		_, err := rand.Read(secret)
+		if err != nil {
+			return nil, err
+		}
+		v.Set("secret", b32NoPadding.EncodeToString(secret))
 	}
 
-	v.Set("secret", base32.StdEncoding.EncodeToString(secret))
 	v.Set("issuer", opts.Issuer)
 	v.Set("algorithm", opts.Algorithm.String())
 	v.Set("digits", opts.Digits.String())
diff --git a/vendor/github.com/pquerna/otp/otp.go b/vendor/github.com/pquerna/otp/otp.go
index 1573ab0185..5db93029ce 100644
--- a/vendor/github.com/pquerna/otp/otp.go
+++ b/vendor/github.com/pquerna/otp/otp.go
@@ -54,17 +54,19 @@ type Key struct {
 // NewKeyFromURL creates a new Key from an TOTP or HOTP url.
 //
 // The URL format is documented here:
-//   https://code.google.com/p/google-authenticator/wiki/KeyUriFormat
+//   https://github.com/google/google-authenticator/wiki/Key-Uri-Format
 //
 func NewKeyFromURL(orig string) (*Key, error) {
-	u, err := url.Parse(orig)
+	s := strings.TrimSpace(orig)
+
+	u, err := url.Parse(s)
 
 	if err != nil {
 		return nil, err
 	}
 
 	return &Key{
-		orig: orig,
+		orig: s,
 		url:  u,
 	}, nil
 }
@@ -136,6 +138,11 @@ func (k *Key) Secret() string {
 	return q.Get("secret")
 }
 
+// URL returns the OTP URL as a string
+func (k *Key) URL() string {
+	return k.url.String()
+}
+
 // Algorithm represents the hashing function to use in the HMAC
 // operation needed for OTPs.
 type Algorithm int
diff --git a/vendor/github.com/pquerna/otp/totp/totp.go b/vendor/github.com/pquerna/otp/totp/totp.go
index af5ab82967..b46fa567e6 100644
--- a/vendor/github.com/pquerna/otp/totp/totp.go
+++ b/vendor/github.com/pquerna/otp/totp/totp.go
@@ -134,14 +134,18 @@ type GenerateOpts struct {
 	AccountName string
 	// Number of seconds a TOTP hash is valid for. Defaults to 30 seconds.
 	Period uint
-	// Size in size of the generated Secret. Defaults to 10 bytes.
+	// Size in size of the generated Secret. Defaults to 20 bytes.
 	SecretSize uint
+	// Secret to store. Defaults to a randomly generated secret of SecretSize.  You should generally leave this empty.
+	Secret []byte
 	// Digits to request. Defaults to 6.
 	Digits otp.Digits
 	// Algorithm to use for HMAC. Defaults to SHA1.
 	Algorithm otp.Algorithm
 }
 
+var b32NoPadding = base32.StdEncoding.WithPadding(base32.NoPadding)
+
 // Generate a new TOTP Key.
 func Generate(opts GenerateOpts) (*otp.Key, error) {
 	// url encode the Issuer/AccountName
@@ -158,7 +162,7 @@ func Generate(opts GenerateOpts) (*otp.Key, error) {
 	}
 
 	if opts.SecretSize == 0 {
-		opts.SecretSize = 10
+		opts.SecretSize = 20
 	}
 
 	if opts.Digits == 0 {
@@ -168,13 +172,17 @@ func Generate(opts GenerateOpts) (*otp.Key, error) {
 	// otpauth://totp/Example:alice@google.com?secret=JBSWY3DPEHPK3PXP&issuer=Example
 
 	v := url.Values{}
-	secret := make([]byte, opts.SecretSize)
-	_, err := rand.Read(secret)
-	if err != nil {
-		return nil, err
+	if len(opts.Secret) != 0 {
+		v.Set("secret", b32NoPadding.EncodeToString(opts.Secret))
+	} else {
+		secret := make([]byte, opts.SecretSize)
+		_, err := rand.Read(secret)
+		if err != nil {
+			return nil, err
+		}
+		v.Set("secret", b32NoPadding.EncodeToString(secret))
 	}
 
-	v.Set("secret", base32.StdEncoding.EncodeToString(secret))
 	v.Set("issuer", opts.Issuer)
 	v.Set("period", strconv.FormatUint(uint64(opts.Period), 10))
 	v.Set("algorithm", opts.Algorithm.String())