feat: add support for Time based OTP (#957)

* feat: add support for Time based OTP * reword and add test * rename API * expose mfa for inline tests
elastic · Sep 18, 2024 · 8c13a27 · 8c13a27
1 parent cce2844
commit 8c13a27
Show file tree

Hide file tree

Showing 7 changed files with 142 additions and 0 deletions.
diff --git a/__tests__/cli.test.ts b/__tests__/cli.test.ts
@@ -92,6 +92,19 @@ describe('CLI', () => {
       expect(await cli.exitCode).toBe(0);
     });
 
+    it('generate mfa totp token', async () => {
+      const cli = new CLIMock(true)
+        .stdin(
+          `step('gen mfa totp', async () => {
+          const token = mfa.totp('FLIIOLP3IR3W');
+          expect(token.length).toBe(6);
+        })`
+        )
+        .args(['--inline', '--params', JSON.stringify(serverParams)])
+        .run();
+      expect(await cli.exitCode).toBe(0);
+    });
+
     it('exit with 1 on syntax errors', async () => {
       const cli = new CLIMock()
         .stdin(`step('syntax error', async () => {}})`)

diff --git a/__tests__/core/mfa.test.ts b/__tests__/core/mfa.test.ts
@@ -0,0 +1,36 @@
+/**
+ * MIT License
+ *
+ * Copyright (c) 2020-present, Elastic NV
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ *
+ */
+
+import { totp } from '../../src/core/mfa';
+
+describe('MFA', () => {
+  it('generate TOTP', () => {
+    const token = totp("FLIIOLP3IR3W");
+    expect(token.length).toBe(6);
+  });
+});
+
+
+
diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -60,6 +60,7 @@
     "http-proxy": "^1.18.1",
     "kleur": "^4.1.5",
     "micromatch": "^4.0.7",
+    "otpauth": "^9.3.2",
     "pirates": "^4.0.5",
     "playwright": "=1.47.0",
     "playwright-chromium": "=1.47.0",

diff --git a/src/core/mfa.ts b/src/core/mfa.ts
@@ -0,0 +1,65 @@
+/**
+ * MIT License
+ *
+ * Copyright (c) 2020-present, Elastic NV
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ *
+ */
+
+import { TOTP } from "otpauth";
+
+type TOTPOptions = {
+  /**
+   * Provider or Service the secret is associated with
+   */
+  issuer?: string
+  /**
+   * Account Identifier.
+   * @default 'SyntheticsTOTP'
+   */
+  label?: string
+  /**
+   * Include issuer prefix in label.
+   */
+  issuerInLabel?: boolean
+  /**
+   * The encoded secret key used to generate the TOTP.
+   */
+  secret?: string
+  /**
+   * The algorithm used to generate the TOTP.
+   * @default 'SHA1'
+   */
+  algorithm?: string
+  /**
+   * Number of digits in the generated token.
+   * @default 6
+   */
+  digits?: number
+  /**
+   * Validity period in seconds for the token.
+   * @default 30
+   */
+  period?: number
+};
+
+export function totp(secret?: string, options: TOTPOptions = {}) {
+  return new TOTP({ label: "SyntheticsTOTP", secret, ...options }).generate();
+}
diff --git a/src/index.ts b/src/index.ts
@@ -43,6 +43,7 @@ export {
   after,
 } from './core';
 export { expect } from './core/expect';
+export * as mfa from './core/mfa';
 
 /**
  * Export all the driver related types to be consumed

diff --git a/src/loader.ts b/src/loader.ts
@@ -29,6 +29,7 @@ import { CliArgs } from './common_types';
 import { step, journey } from './core';
 import { log } from './core/logger';
 import { expect } from './core/expect';
+import * as mfa from "./core/mfa";
 import {
   isDepInstalled,
   isDirectory,
@@ -91,6 +92,7 @@ const loadInlineScript = source => {
     'params',
     'expect',
     'request',
+    'mfa',
     source
   );
   journey('inline', ({ page, context, browser, params, request }) => {
@@ -102,6 +104,7 @@ const loadInlineScript = source => {
       params,
       expect,
       request,
+      mfa,
     ]);
   });
 };