View on GitHub
OathType
public enum OathType : String, CaseIterable, Codable, SendableEnum representing the different types of OATH credentials.
OATH (Open Authentication) supports two main types of one-time password algorithms:
- TOTP (Time-based One-Time Password): Generates codes based on the current time
- HOTP (HMAC-based One-Time Password): Generates codes based on a counter value
Standards Compliance
Both algorithms are standardized in RFC specifications and widely supported by authentication systems and mobile authenticator applications.
- TOTP: Implements RFC 6238 (TOTP: Time-Based One-Time Password Algorithm)
- HOTP: Implements RFC 4226 (HOTP: An HMAC-Based One-Time Password Algorithm)
-
Time-based One-Time Password algorithm (RFC 6238).
TOTP generates codes that are valid for a specific time window (typically 30 seconds). The algorithm combines the current time with a shared secret to produce a unique code.
Characteristics:
- Codes automatically expire after the time period
- No counter synchronization required
- Resistant to replay attacks
Requires
Requires accurate time synchronization between client and serverDeclaration
Swift
case totp = "totp" -
HMAC-based One-Time Password algorithm (RFC 4226).
HOTP generates codes based on a counter value that increments with each use. The algorithm combines the counter with a shared secret to produce a unique code.
Characteristics:
- Codes remain valid until used or explicitly invalidated
Requires
Requires counter synchronization between client and server- No time dependency
- Vulnerable to replay attacks if not properly managed
Declaration
Swift
case hotp = "hotp" -
Creates an OathType from a string representation.
Throws
OathError.invalidOathTypeif the string doesn’t match any known type.Declaration
Swift
public static func fromString(_ string: String) throws -> OathTypeParameters
stringThe string representation (case-insensitive).
Return Value
The corresponding OathType.