adding support TOTP MFA

bhparijat · bhparijat · commit e69218e29cfc · 2022-08-18T14:20:20.000-07:00
diff --git a/packages/auth/src/mfa/assertions/totp.ts b/packages/auth/src/mfa/assertions/totp.ts
@@ -0,0 +1,53 @@
+
+import { TotpSecret } from "../../platform_browser/mfa/assertions/totp";
+import { TotpMultiFactorAssertion } from "../../model/public_types";
+import { MultiFactorSession } from "../../model/public_types";
+/**
+ * Provider for generating a {@link TotpMultiFactorAssertion}.
+ *
+ * @public
+ */
+
+ export class TotpMultiFactorGenerator {
+    /**
+     * Provides a {@link TotpMultiFactorAssertion} to confirm ownership of the totp(Time-based One Time Password) second factor.
+     * This assertion is used to complete enrollment in TOTP second factor.
+     * 
+     * @param secret {@link TotpSecret}.
+     * @param oneTimePassword One-time password from TOTP App.
+     * @returns A {@link TotpMultiFactorAssertion} which can be used with
+     * {@link MultiFactorUser.enroll}.
+     */
+  
+    static assertionForEnrollment(secret: TotpSecret, oneTimePassword: string): TotpMultiFactorAssertion {}
+  
+    /**
+     * Provides a {@link TotpMultiFactorAssertion} to confirm ownership of the totp second factor.
+     * This assertion is used to complete signIn with TOTP as the second factor.
+     * 
+     * @param enrollmentId identifies the enrolled TOTP second factor.
+     * @param otp One-time password from TOTP App.
+     * @returns A {@link TotpMultiFactorAssertion} which can be used with
+     * {@link MultiFactorResolver.resolveSignIn}.
+     */
+  
+    static assertionForSignIn(enrollmentId: string, otp: string): TotpMultiFactorAssertion {}
+  
+    /**
+     * Returns a promise to {@link TOTPSecret} which contains the TOTP shared secret key and other parameters.
+     * Creates a TOTP secret as part of enrolling a TOTP second factor.
+     * Used for generating a QRCode URL or inputting into a TOTP App.
+     * This method uses the auth instance corresponding to the user in the multiFactorSession.
+     *
+     * @param session A link to {@MultiFactorSession}.
+     * @returns A promise to {@link TotpSecret}.
+     */
+    async static generateSecret(session: MultiFactorSession): Promise<TotpSecret> {}
+  
+    /**
+     * The identifier of the phone second factor: `totp`.
+     */
+    static FACTOR_ID = FactorId.TOTP;
+  }
+  
+  
diff --git a/packages/auth/src/model/enum_maps.ts b/packages/auth/src/model/enum_maps.ts
@@ -22,7 +22,8 @@
  */
 export const FactorId = {
   /** Phone as second factor */
-  PHONE: 'phone'
+  PHONE: 'phone',
+  TOTP: 'totp'
 } as const;
 
 /**
diff --git a/packages/auth/src/model/public_types.ts b/packages/auth/src/model/public_types.ts
@@ -1227,3 +1227,12 @@ export interface Dependencies {
    */
   errorMap?: AuthErrorMap;
 }
+
+/**
+ * The class for asserting ownership of a totp second factor. Provided by
+ * {@link TotpMultiFactorGenerator.assertion}.
+ *
+ * @public
+ */
+
+export interface TotpMultiFactorAssertion extends MultiFactorAssertion {}
diff --git a/packages/auth/src/platform_browser/mfa/assertions/totp.ts b/packages/auth/src/platform_browser/mfa/assertions/totp.ts
@@ -0,0 +1,56 @@
+/**
+ * Stores the shared secret key and other parameters to generate time-based OTPs.
+ * Implements methods to retrieve the shared secret key, generate a QRCode URL.
+ */
+
+ export class TotpSecret {
+    /**
+     * Returns the shared secret key/seed used to generate time-based one-time passwords.
+     *
+     * @returns Shared secret key/seed used for enrolling in TOTP MFA and generating otps.
+     */
+    sharedSecretKey(): string {
+      return this.secretKey;
+    }
+  
+    /**
+     * Returns the hashing algorithm used to generate time-based one-time passwords.
+     *
+     * @returns Hashing algorithm used.
+     */
+    hashingAlgorithm(): string {
+      return this.hashingAlgorithm;
+    }
+  
+    /**
+     * Returns the length of the OTP codes to be generated.
+     *
+     * @returns Length of the one-time passwords to be generated.
+     */
+    codeLength(): number {
+      return this.codeLength;
+    }
+  
+    /**
+     * Returns the interval(in seconds) when the OTP codes should change.
+     *
+     * @returns The interval (in seconds) when the OTP codes should change.
+     */
+    codeIntervalSeconds(): number {
+      return this.codeIntervalSeconds;
+    }
+  
+    /**
+     * Returns a QRCode URL as described in
+     * https://github.com/google/google-authenticator/wiki/Key-Uri-Format
+     * This can be displayed to the user as a QRCode to be scanned into a TOTP App like Google Authenticator.
+     * If the optional parameters are unspecified, an accountName of "<firebaseAppName>:<userEmail> and issuer of <firebaseAppName> are used.
+     *
+     * @param accountName the name of the account/app along with a user identifier.
+     * @param issuer issuer of the TOTP(likely the app name).
+     * @returns A QRCode URL string. 
+     */
+  
+    generateQrCodeUrl(accountName?: string, issuer?: string): string {} 
+  }
+  
