Giters

dlenski / python-vipaccess

A free software implementation of Symantec's VIP Access application and protocol

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

`vipaccess uri` output should be less verbose by default

evadeflow opened this issue · comments

commented

Just wanted to leave a quick note here suggesting that it might be somewhat better to 'dress down' the default output from vipaccess uri from this:

Token URI: 

    otpauth://totp/Symantec:SYMCXXXXXXXX?secret=YYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYY&digits=6&algorithm=SHA1&image=https%3A%2F%2Fraw.githubusercontent.com%2Fdlenski%2Fpython-vipaccess%2Fmaster%2Fvipaccess.png&period=30

to only this:

otpauth://totp/Symantec:SYMCXXXXXXXX?secret=YYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYY&digits=6&algorithm=SHA1&image=https%3A%2F%2Fraw.githubusercontent.com%2Fdlenski%2Fpython-vipaccess%2Fmaster%2Fvipaccess.png&period=30

The reason is that it's a slight POLA violation that the following doesn't Just Work™:

$ qrencode -t utf8 "$(vipaccess uri)"

The Token URI: preamble and extra spaces in the output cause the above command to fail. I can work around it this way:

$ qrencode -t utf8 $(vipaccess uri | grep otpauth)

but it feels a little unfortunate that this is necessary, and the spaces in the output cause it to fail unless the quotes are also removed, because failing to do so causes the spaces to be retained. In other words, this token URI would be used:

    otpauth://totp/Symantec:SYMCXXXXXXXX?secret=YYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYY&digits=6&algorithm=SHA1&image=https%3A%2F%2Fraw.githubusercontent.com%2Fdlenski%2Fpython-vipaccess%2Fmaster%2Fvipaccess.png&period=30
^^^^  <--- These extra spaces cause a bogus QR code to be generated

The error message I got when I attempted to scan the barcode generated using qrencode -t utf8 "$(vipaccess uri | grep otpauth)" (with the double quotes retained) caused me a bit of confusion:

error-msg

It only took me a minute to notice the extra spaces and figure out what happened, but others might not be so lucky, so... I'll submit a pull request when I have time that removes the 'extra' parts of the output from vipaccess uri—unless the user runs vipaccess uri -v. (That's my intention, anyway. I created this issue as a hedge against my getting busy and/or forgetting to do so, in which case... perhaps somebody else will take up the challenge! 😺)

commented

Awesome—thank you!