Authen::OATH - OATH One Time Passwords
my $oath = Authen::OATH->new();
my $totp = $oath->totp( 'MySecretPassword' );
my $hotp = $oath->hotp( 'MyOtherSecretPassword' );
Parameters may be overridden when creating the new object:
my $oath = Authen::OATH->new( digits => 8 );
The three parameters are "digits", "digest", and
"timestep." Timestep only applies to the totp()
While strictly speaking this is outside the specifications of HOTP and TOTP, you
can specify digests other than SHA1. For example:
my $oath = Authen::OATH->new(
digits => 10,
digest => 'Digest::MD6',
If you are using Google Authenticator, you'll want to decode your secret
*before* passing it to the "totp" method:
use Convert::Base32 qw( decode_base32 );
my $oath = Authen::OATH->new;
my $secret = 'mySecret';
my $otp = $oath->totp( decode_base32( $secret ) );
Implementation of the HOTP and TOTP One Time Password algorithms as defined by
All necessary parameters are set by default, though these can be overridden.
have passed all of the test vectors
defined in the RFC documents for TOTP and HOTP.
both default to returning 6 digits and using
SHA1. As such, both can be called by passing only the secret key and a valid
OTP will be returned.
my $otp = $oath->totp( $secret [, $manual_time ] );
Manual time is an optional parameter. If it is not passed, the current time is
used. This is useful for testing purposes.
my $opt = $oath->hotp( $secret, $counter );
Both parameters are required.
This is an internal routine and is never called directly.
Please see the SYNOPSIS for how interaction with Google Authenticator.
Kurt Kincaid <email@example.com>
This software is copyright (c) 2010-2017 by Kurt Kincaid.
This is free software; you can redistribute it and/or modify it under the same
terms as the Perl 5 programming language system itself.