java-otp 0.4.0 API

java-otp is a Java library for generating HOTP (RFC 4226) or TOTP (RFC 6238) one-time passwords.

Usage

To demonstrate generating one-time passwords, we'll focus on the TOTP algorithm. To create a TOTP generator with a default password length, time step, and HMAC algorithm:

final TimeBasedOneTimePasswordGenerator totp = new TimeBasedOneTimePasswordGenerator();

To actually generate time-based one-time passwords, you'll need a secret key and a timestamp. Secure key management is beyond the scope of this document; for the purposes of an example, though, we'll generate a random key:

final Key secretKey;
{
    final KeyGenerator keyGenerator = KeyGenerator.getInstance(totp.getAlgorithm());
    keyGenerator.init(160);

    secretKey = keyGenerator.generateKey();
}

Armed with a secret key, we can deterministically generate one-time passwords for any timestamp:

final Instant now = Instant.now();
final Instant later = now.plus(totp.getTimeStep());

System.out.println("Current password: " + totp.generateOneTimePasswordString(key, now));
System.out.println("Future password:  " + totp.generateOneTimePasswordString(key, later));

License and copyright

java-otp is copyright (c) 2016 Jon Chambers and available under the MIT License.

Packages

Package	Description
com.eatthepath.otp	Contains classes for generating one-time passwords using either the HOTP (RFC 4226) or TOTP (RFC 6328) algorithms.