pass-otp doesn't support otp codes with "otpauth: " before them

Question

pass-otp doesn't support otp codes with "otpauth: " before them

ltecheroffical opened this issue 8 months ago · 4 comments

Let's say i'm using passff, if I don't include "otpauth: " before an otp code then it doesn't notice that an otp code is there but if I do include it before an otp code, then it breaks.

Answer 1 · 2024-06-15T16:30:29.000Z

Unsure what you mean, as far as I know, a valid otpauth:// URI is required to use pass-otp to generate codes, a secret alone won't work.

The URI should look like this: otpauth://totp/user?period=xx&digits=xx&algorithm=xx&secret=xx&issuer=xx

This way OTP works with pass, with some modifications even for Steam

Answer 2 · 2024-06-15T18:30:20.000Z

Talking about these kinds of codes:

otpauth: otpauth://totp/user?period=xx&digits=xx&algorithm=xx&secret=xx&issuer=xx

A few extensions require this format

Answer 3 · 2024-06-17T17:06:53.000Z

Ah ok, never seen it in this format, sorry I thought you were referring to plain keys.

Answer 4 · 2024-06-17T17:18:58.000Z

The extension is just bash, you could modify the otp_parse_uri() function in the /usr/lib/password-store/extensions/otp.bash library to get rid of the extra otpauth: at the start of the line. But that's just a quick idea.

The current pattern match is ^otpauth:\/\/(totp|hotp)[snip...] which expects an otpauth URI from the start of the line

If the few extensions are parsing this entry correctly, you could just add both lines.

With the valid URI and with the additional otpauth: at the start. Pass-OTP still matches the correct one, maybe the extension is able to do so as well.