java-totp
java-totp copied to clipboard
samdjstevens
Improve documentation of generator regarding counter-parameter
Hi & Thanks for this lib. We use the generator & verifier to generate simple expiring OTPs (not looking at the full MFA usecase).
One difficulty we had, was the use of the generator, especially what to pass for the counter parameter. It is easy to figure out that it should be relying on the TimeProvider, but in order of our usecase to work, we need to pass
Math.floorDiv(timeProvider.getTime(), timePeriodInSeconds)
and i guess we're not alone there. This is hard to figure out until you read the code of the verifier.
I was wondering if documentation can be improved here, or (maybe even better) the API can be augmented to be more usable. For instance, why not have a
public String generate(String key, DefaultCodeVerifier counter) throws CodeGenerationException
so that OTPs can be generated according to the parameters of the verifier (which is weird, because we're not using the interface CodeVerifier here. Maybe extending this with the necessary parameters would help.
Another way to do this would be to have a
public String generate(String key, TimeProvider tprov, int timePeriod) throws CodeGenerationException
But as people look at the method with the min number of params first, some javadoc would really help nevertheless.
What do you think?
PS: i'd be open to create a PR if you want me to.
Luckily I decided to check the open issues before starting to debug this. I had the same issue, I just figured I had to pass the time obtained from the timeProvider in there. Doesn't help that the params are apparently called String s, long l.
