Missing ability to generate 1 code, for automation purposes

[ibexa-yuna]

Hi,

I want to automate aws-mfa login using authenticate as OTP provider. For that, I need the ability to generate only 1 code that is immediately passed to the upstream command.

That would probably be a bash oneliner, like: $ authenticator generate -n 1 aws <<< $(echo password) | aws-mfa

From what I can see, this feature is missing.

Thank you.

[sshh12]

Not very clean or secure but this'll work and can be aliased. Just change PASSWORD_HERE.

$ python -c "import authenticator as a, os; (lambda cd: print(a.hotp.HOTP().generate_code_from_time(cd.shared_secret(), code_length=cd.password_length(), period=cd.period())[0]))(a.data.ClientFile('PASSWORD_HERE').load(os.path.expanduser('~/.authenticator/authenticator.data'))[0])"
012345

[dirkjanfaber]

Not very clean or secure but this'll work and can be aliased. Just change PASSWORD_HERE.

$ python -c "import authenticator as a, os; (lambda cd: print(a.hotp.HOTP().generate_code_from_time(cd.shared_secret(), code_length=cd.password_length(), period=cd.period())[0]))(a.data.ClientFile('PASSWORD_HERE').load(os.path.expanduser('~/.authenticator/authenticator.data'))[0])"
012345

It was not directly clear on how to use this. The above code gave a SyntaxError: invalid syntax on my system. The cause turned out to be that python still defaulted to python 2. Replacing the python with python3 fixed that. I suggest using os.environ['AUTHENTICATOR_PASSWORD'] instead of the hardcoded password to make it a bit more secure. I've also put a gist on https://gist.github.com/dirkjanfaber/b5dd8082dda2baced94e9bb752dec9d8 in order to make the code a bit more readable and easier to use in a script for automation.