{"version":3,"sources":["../src/index.ts","../src/class.ts"],"sourcesContent":["/**\n * @otplib/hotp\n *\n * RFC 4226 HOTP (HMAC-Based One-Time Password) implementation.\n *\n * @see {@link https://tools.ietf.org/html/rfc4226 | RFC 4226}\n */\n\nimport {\n  counterToBytes,\n  createCryptoContext,\n  createGuardrails,\n  dynamicTruncate,\n  truncateDigits,\n  validateCounter,\n  validateSecret,\n  validateToken,\n  validateCounterTolerance,\n  normalizeSecret,\n  normalizeCounterTolerance,\n  requireSecret,\n  requireCryptoPlugin,\n} from \"@otplib/core\";\n\nimport type { HOTPGenerateOptions, HOTPVerifyOptions, VerifyResult } from \"./types.js\";\nimport type { CryptoContext } from \"@otplib/core\";\nimport type { Digits, HashAlgorithm, CryptoPlugin, OTPHooks } from \"@otplib/core\";\n\n/**\n * Normalized options for HOTP generation\n * @internal\n */\ntype HOTPGenerateOptionsInternal = {\n  ctx: CryptoContext;\n  algorithm: HashAlgorithm;\n  digits: Digits;\n  secretBytes: Uint8Array;\n  counterBytes: Uint8Array;\n  hooks?: OTPHooks;\n};\n\n/**\n * Prepare and validate HOTP generation options\n *\n * Extracts defaults, normalizes the secret, validates parameters,\n * and creates the crypto context.\n *\n * @param options - HOTP generation options\n * @returns Normalized options with crypto context and counter bytes\n * @internal\n */\nfunction getHOTPGenerateOptions(options: HOTPGenerateOptions): HOTPGenerateOptionsInternal {\n  const {\n    secret,\n    counter,\n    algorithm = \"sha1\",\n    digits = 6,\n    crypto,\n    base32,\n    guardrails,\n    hooks,\n  } = options;\n\n  requireSecret(secret);\n  requireCryptoPlugin(crypto);\n\n  const secretBytes = normalizeSecret(secret, base32);\n  validateSecret(secretBytes, guardrails);\n  validateCounter(counter, guardrails);\n\n  const ctx = createCryptoContext(crypto);\n  const counterBytes = counterToBytes(counter);\n\n  return { ctx, algorithm, digits, secretBytes, counterBytes, hooks };\n}\n\n/**\n * Generate an HMAC-based One-Time Password (HOTP)\n *\n * Implements the HOTP algorithm as specified in RFC 4226 Section 5.3:\n *\n * 1. Convert counter to 8-byte big-endian array (RFC 4226 Section 5.1)\n * 2. Compute HMAC-SHA-1 using the secret key and counter (RFC 4226 Section 5.2)\n * 3. Apply dynamic truncation to extract 4-byte code (RFC 4226 Section 5.3)\n * 4. Reduce modulo 10^digits to get final OTP (RFC 4226 Section 5.3)\n *\n * @see {@link https://tools.ietf.org/html/rfc4226#section-5.3 | RFC 4226 Section 5.3 - Generating an HOTP Value}\n *\n * @param options - HOTP generation options\n * @returns The HOTP code as a string\n *\n * @example\n * ```ts\n * import { generate } from '@otplib/hotp';\n * import { NodeCryptoPlugin } from '@otplib/plugin-crypto-node';\n *\n * const hotp = generate({\n *   secret: new Uint8Array([1, 2, 3, 4, 5]),\n *   counter: 0,\n *   digits: 6,\n *   crypto: new NodeCryptoPlugin(),\n * });\n * // Returns: '123456'\n * ```\n */\nexport async function generate(options: HOTPGenerateOptions): Promise<string> {\n  const { ctx, algorithm, digits, secretBytes, counterBytes, hooks } =\n    getHOTPGenerateOptions(options);\n  const hmac = await ctx.hmac(algorithm, secretBytes, counterBytes);\n  const dt = hooks?.truncateDigest ? hooks.truncateDigest(hmac) : dynamicTruncate(hmac);\n\n  return hooks?.encodeToken ? hooks.encodeToken(dt, digits) : truncateDigits(dt, digits);\n}\n\n/**\n * Generate an HMAC-based One-Time Password (HOTP) synchronously\n *\n * This is the synchronous version of {@link generate}. It requires a crypto\n * plugin that supports synchronous HMAC operations (e.g., NodeCryptoPlugin\n * or NobleCryptoPlugin). Using this with WebCryptoPlugin will throw an error.\n *\n * @see {@link generate} for the async version\n * @see {@link https://tools.ietf.org/html/rfc4226#section-5.3 | RFC 4226 Section 5.3}\n *\n * @param options - HOTP generation options\n * @returns The HOTP code as a string\n * @throws {HMACError} If the crypto plugin doesn't support sync operations\n *\n * @example\n * ```ts\n * import { generateSync } from '@otplib/hotp';\n * import { NodeCryptoPlugin } from '@otplib/plugin-crypto-node';\n *\n * const hotp = generateSync({\n *   secret: new Uint8Array([1, 2, 3, 4, 5]),\n *   counter: 0,\n *   digits: 6,\n *   crypto: new NodeCryptoPlugin(),\n * });\n * // Returns: '123456'\n * ```\n */\nexport function generateSync(options: HOTPGenerateOptions): string {\n  const { ctx, algorithm, digits, secretBytes, counterBytes, hooks } =\n    getHOTPGenerateOptions(options);\n  const hmac = ctx.hmacSync(algorithm, secretBytes, counterBytes);\n  const dt = hooks?.truncateDigest ? hooks.truncateDigest(hmac) : dynamicTruncate(hmac);\n\n  return hooks?.encodeToken ? hooks.encodeToken(dt, digits) : truncateDigits(dt, digits);\n}\n\n/**\n * Normalized options for HOTP verification\n * @internal\n */\ntype HOTPVerifyOptionsInternal = {\n  token: string;\n  counterNum: number;\n  past: number;\n  future: number;\n  totalChecks: number;\n  crypto: CryptoPlugin;\n\n  getGenerateOptions: (counter: number) => HOTPGenerateOptions;\n};\n\n/**\n * Prepare and validate HOTP verification options\n *\n * Extracts defaults, normalizes the secret, validates parameters,\n * and calculates the counter offsets based on tolerance.\n *\n * @param options - HOTP verification options\n * @returns Normalized options with calculated counter offsets\n * @internal\n */\nfunction getHOTPVerifyOptions(options: HOTPVerifyOptions): HOTPVerifyOptionsInternal {\n  const {\n    secret,\n    counter,\n    token,\n    algorithm = \"sha1\",\n    digits = 6,\n    crypto,\n    base32,\n    counterTolerance = 0,\n    guardrails = createGuardrails(),\n    hooks,\n  } = options;\n\n  requireSecret(secret);\n  requireCryptoPlugin(crypto);\n\n  const secretBytes = normalizeSecret(secret, base32);\n  validateSecret(secretBytes, guardrails);\n  validateCounter(counter, guardrails);\n\n  // Use custom validator if provided, otherwise default digit-only check\n  if (hooks?.validateToken) {\n    hooks.validateToken(token, digits);\n  } else {\n    validateToken(token, digits);\n  }\n\n  validateCounterTolerance(counterTolerance, guardrails);\n\n  const counterNum = typeof counter === \"bigint\" ? Number(counter) : counter;\n  const [past, future] = normalizeCounterTolerance(counterTolerance);\n  const totalChecks = past + future + 1;\n\n  return {\n    token,\n    counterNum,\n    past,\n    future,\n    totalChecks,\n    crypto,\n    getGenerateOptions: (cnt: number) => ({\n      secret: secretBytes,\n      counter: cnt,\n      algorithm,\n      digits,\n      crypto,\n      guardrails,\n      hooks,\n    }),\n  };\n}\n\n/**\n * Verify an HOTP code\n *\n * Compares the provided token against the expected HOTP value\n * using constant-time comparison to prevent timing attacks.\n *\n * @see {@link https://tools.ietf.org/html/rfc4226#section-7.2 | RFC 4226 Section 7.2 - Validation and Verification}\n * @see {@link https://tools.ietf.org/html/rfc4226#section-7.4 | RFC 4226 Section 7.4 - Resynchronization}\n *\n * ## Counter Resynchronization (RFC 4226 Section 7.4)\n *\n * When using a verification window, the `delta` value in the result indicates\n * how many counter steps ahead the token was found. After successful verification,\n * you should update the stored counter to prevent replay attacks:\n *\n * ```ts\n * const nextCounter = counter + result.delta + 1;\n * ```\n *\n * This ensures that the same token cannot be reused.\n *\n * @param options - HOTP verification options\n * @returns Verification result with validity and optional delta\n *\n * @example Basic verification\n * ```ts\n * import { verify } from '@otplib/hotp';\n * import { NodeCryptoPlugin } from '@otplib/plugin-crypto-node';\n *\n * const result = await verify({\n *   secret: new Uint8Array([1, 2, 3, 4, 5]),\n *   counter: 0,\n *   token: '123456',\n *   crypto: new NodeCryptoPlugin(),\n * });\n * // Returns: { valid: true, delta: 0 }\n * ```\n *\n * @example Counter resynchronization with counterTolerance\n * ```ts\n * // User's token was generated at counter 5, but server expects counter 3\n * const result = await verify({\n *   secret,\n *   counter: 3,      // Server's stored counter\n *   token: userToken,\n *   counterTolerance: 5,       // Allow up to 5 counters ahead\n *   crypto: new NodeCryptoPlugin(),\n * });\n *\n * if (result.valid) {\n *   // Token matched at counter 3 + delta\n *   // Update stored counter to prevent replay attacks\n *   const nextCounter = 3 + result.delta + 1; // = 6\n *   await saveCounter(userId, nextCounter);\n * }\n * ```\n */\nexport async function verify(options: HOTPVerifyOptions): Promise<VerifyResult> {\n  const { token, counterNum, past, totalChecks, crypto, getGenerateOptions } =\n    getHOTPVerifyOptions(options);\n\n  // Optimization: Skip iterations that would produce negative counters\n  // If counterNum=2 and past=5: startI = 3 (skip first 3 iterations)\n  // If counterNum=10 and past=5: startI = 0 (no skip needed)\n  const startI = Math.max(0, past - counterNum);\n\n  // Use positive loop index to avoid -0 edge cases and negative loop variables\n  // Map index [startI...totalChecks-1] to offset [startI-past...future]\n  for (let i = startI; i < totalChecks; i++) {\n    const offset = i - past;\n    const currentCounter = counterNum + offset;\n    // currentCounter is guaranteed >= 0 due to startI optimization\n\n    const expected = await generate(getGenerateOptions(currentCounter));\n    if (crypto.constantTimeEqual(expected, token)) {\n      return { valid: true, delta: offset | 0 }; // Bitwise OR converts -0 to +0\n    }\n  }\n\n  return { valid: false };\n}\n\n/**\n * Verify an HOTP code synchronously\n *\n * This is the synchronous version of {@link verify}. It requires a crypto\n * plugin that supports synchronous HMAC operations (e.g., NodeCryptoPlugin\n * or NobleCryptoPlugin). Using this with WebCryptoPlugin will throw an error.\n *\n * @see {@link verify} for the async version\n * @see {@link https://tools.ietf.org/html/rfc4226#section-7.2 | RFC 4226 Section 7.2}\n *\n * @param options - HOTP verification options\n * @returns Verification result with validity and optional delta\n * @throws {HMACError} If the crypto plugin doesn't support sync operations\n *\n * @example\n * ```ts\n * import { verifySync } from '@otplib/hotp';\n * import { NodeCryptoPlugin } from '@otplib/plugin-crypto-node';\n *\n * const result = verifySync({\n *   secret: new Uint8Array([1, 2, 3, 4, 5]),\n *   counter: 0,\n *   token: '123456',\n *   crypto: new NodeCryptoPlugin(),\n * });\n * // Returns: { valid: true, delta: 0 }\n * ```\n */\nexport function verifySync(options: HOTPVerifyOptions): VerifyResult {\n  const { token, counterNum, past, totalChecks, crypto, getGenerateOptions } =\n    getHOTPVerifyOptions(options);\n\n  // Optimization: Skip iterations that would produce negative counters\n  // If counterNum=2 and past=5: startI = 3 (skip first 3 iterations)\n  // If counterNum=10 and past=5: startI = 0 (no skip needed)\n  const startI = Math.max(0, past - counterNum);\n\n  // Use positive loop index to avoid -0 edge cases and negative loop variables\n  // Map index [startI...totalChecks-1] to offset [startI-past...future]\n  for (let i = startI; i < totalChecks; i++) {\n    const offset = i - past;\n    const currentCounter = counterNum + offset;\n    // currentCounter is guaranteed >= 0 due to startI optimization\n\n    const expected = generateSync(getGenerateOptions(currentCounter));\n    if (crypto.constantTimeEqual(expected, token)) {\n      return { valid: true, delta: offset | 0 }; // Bitwise OR converts -0 to +0\n    }\n  }\n\n  return { valid: false };\n}\n\nexport type { CryptoPlugin, Digits, HashAlgorithm, OTPResult } from \"@otplib/core\";\nexport type {\n  HOTPOptions,\n  HOTPGenerateOptions,\n  HOTPVerifyOptions,\n  VerifyResult,\n  VerifyResultValid,\n  VerifyResultInvalid,\n} from \"./types.js\";\n\nexport { HOTP } from \"./class.js\";\n\n// Result wrapping utilities for users who want safe variants\nexport { wrapResult, wrapResultAsync } from \"@otplib/core\";\n","/**\n * @otplib/hotp\n *\n * HOTP class wrapper for convenient API\n */\n\nimport {\n  generateSecret as generateSecretCore,\n  requireCryptoPlugin,\n  requireBase32Plugin,\n  requireSecret,\n  requireLabel,\n  requireIssuer,\n  requireBase32String,\n  createGuardrails,\n} from \"@otplib/core\";\nimport { generateHOTP as generateHOTPURI } from \"@otplib/uri\";\n\nimport { generate as generateCode, verify as verifyCode } from \"./index.js\";\n\nimport type { VerifyResult, HOTPOptions } from \"./types.js\";\nimport type { OTPGuardrails } from \"@otplib/core\";\n\n/**\n * HOTP class for HMAC-based one-time password generation\n *\n * @example\n * ```typescript\n * import { HOTP } from '@otplib/hotp';\n * import { NodeCryptoPlugin } from '@otplib/plugin-crypto-node';\n * import { ScureBase32Plugin } from '@otplib/plugin-base32-scure';\n *\n * const hotp = new HOTP({\n *   issuer: 'MyApp',\n *   label: 'user@example.com',\n *   counter: 0,\n *   crypto: new NodeCryptoPlugin(),\n *   base32: new ScureBase32Plugin(),\n * });\n *\n * const secret = hotp.generateSecret();\n * const token = await hotp.generate(0);\n * const isValid = await hotp.verify({ token, counter: 0 });\n * ```\n */\nexport class HOTP {\n  private readonly options: HOTPOptions;\n  private readonly guardrails: OTPGuardrails;\n\n  constructor(options: HOTPOptions = {}) {\n    this.options = options;\n    this.guardrails = createGuardrails(options.guardrails);\n  }\n\n  /**\n   * Generate a random Base32-encoded secret\n   *\n   * @returns Base32-encoded secret\n   */\n  generateSecret(): string {\n    const { crypto, base32 } = this.options;\n\n    requireCryptoPlugin(crypto);\n    requireBase32Plugin(base32);\n\n    return generateSecretCore({ crypto, base32 });\n  }\n\n  /**\n   * Generate an HOTP code for a specific counter\n   *\n   * @param counter - The counter value\n   * @param options - Optional overrides\n   * @returns The HOTP code\n   */\n  async generate(counter: number, options?: Partial<HOTPOptions>): Promise<string> {\n    const mergedOptions = { ...this.options, ...options };\n    const { secret, crypto, base32, algorithm = \"sha1\", digits = 6 } = mergedOptions;\n\n    requireSecret(secret);\n    requireCryptoPlugin(crypto);\n\n    // Use class guardrails, or override if provided in options\n    const guardrails = options?.guardrails ?? this.guardrails;\n\n    return generateCode({\n      secret,\n      counter,\n      algorithm,\n      digits,\n      crypto,\n      base32,\n      guardrails,\n      hooks: mergedOptions.hooks,\n    });\n  }\n\n  /**\n   * Verify an HOTP code\n   *\n   * @param params - Verification parameters\n   * @param options - Optional verification options\n   * @returns Verification result with validity and optional delta\n   */\n  async verify(\n    params: { token: string; counter: number },\n    options?: Partial<HOTPOptions & { counterTolerance?: number | [number, number] }>,\n  ): Promise<VerifyResult> {\n    const mergedOptions = { ...this.options, ...options };\n    const {\n      secret,\n      crypto,\n      base32,\n      algorithm = \"sha1\",\n      digits = 6,\n      counterTolerance = 0,\n    } = mergedOptions;\n\n    requireSecret(secret);\n    requireCryptoPlugin(crypto);\n\n    // Use class guardrails, or override if provided in options\n    const guardrails = options?.guardrails ?? this.guardrails;\n\n    return verifyCode({\n      secret,\n      token: params.token,\n      counter: params.counter,\n      algorithm,\n      digits,\n      counterTolerance,\n      crypto,\n      base32,\n      guardrails,\n      hooks: mergedOptions.hooks,\n    });\n  }\n\n  /**\n   * Generate an otpauth:// URI for QR codes\n   *\n   * @param counter - The counter value\n   * @returns The otpauth:// URI\n   */\n  toURI(counter: number = 0): string {\n    const { issuer, label, secret, algorithm = \"sha1\", digits = 6 } = this.options;\n\n    requireSecret(secret);\n    requireLabel(label);\n    requireIssuer(issuer);\n    requireBase32String(secret);\n\n    return generateHOTPURI({\n      issuer,\n      label,\n      secret,\n      algorithm,\n      digits,\n      counter,\n    });\n  }\n}\n"],"mappings":"yaAAA,IAAAA,EAAA,GAAAC,EAAAD,EAAA,UAAAE,EAAA,aAAAC,EAAA,iBAAAC,EAAA,WAAAC,EAAA,eAAAC,EAAA,mFAAAC,EAAAP,GAQA,IAAAQ,EAcO,wBChBP,IAAAC,EASO,wBACPC,EAAgD,uBA6BzC,IAAMC,EAAN,KAAW,CACC,QACA,WAEjB,YAAYC,EAAuB,CAAC,EAAG,CACrC,KAAK,QAAUA,EACf,KAAK,cAAa,oBAAiBA,EAAQ,UAAU,CACvD,CAOA,gBAAyB,CACvB,GAAM,CAAE,OAAAC,EAAQ,OAAAC,CAAO,EAAI,KAAK,QAEhC,gCAAoBD,CAAM,KAC1B,uBAAoBC,CAAM,KAEnB,EAAAC,gBAAmB,CAAE,OAAAF,EAAQ,OAAAC,CAAO,CAAC,CAC9C,CASA,MAAM,SAASE,EAAiBJ,EAAiD,CAC/E,IAAMK,EAAgB,CAAE,GAAG,KAAK,QAAS,GAAGL,CAAQ,EAC9C,CAAE,OAAAM,EAAQ,OAAAL,EAAQ,OAAAC,EAAQ,UAAAK,EAAY,OAAQ,OAAAC,EAAS,CAAE,EAAIH,KAEnE,iBAAcC,CAAM,KACpB,uBAAoBL,CAAM,EAG1B,IAAMQ,EAAaT,GAAS,YAAc,KAAK,WAE/C,OAAOU,EAAa,CAClB,OAAAJ,EACA,QAAAF,EACA,UAAAG,EACA,OAAAC,EACA,OAAAP,EACA,OAAAC,EACA,WAAAO,EACA,MAAOJ,EAAc,KACvB,CAAC,CACH,CASA,MAAM,OACJM,EACAX,EACuB,CACvB,IAAMK,EAAgB,CAAE,GAAG,KAAK,QAAS,GAAGL,CAAQ,EAC9C,CACJ,OAAAM,EACA,OAAAL,EACA,OAAAC,EACA,UAAAK,EAAY,OACZ,OAAAC,EAAS,EACT,iBAAAI,EAAmB,CACrB,EAAIP,KAEJ,iBAAcC,CAAM,KACpB,uBAAoBL,CAAM,EAG1B,IAAMQ,EAAaT,GAAS,YAAc,KAAK,WAE/C,OAAOa,EAAW,CAChB,OAAAP,EACA,MAAOK,EAAO,MACd,QAASA,EAAO,QAChB,UAAAJ,EACA,OAAAC,EACA,iBAAAI,EACA,OAAAX,EACA,OAAAC,EACA,WAAAO,EACA,MAAOJ,EAAc,KACvB,CAAC,CACH,CAQA,MAAMD,EAAkB,EAAW,CACjC,GAAM,CAAE,OAAAU,EAAQ,MAAAC,EAAO,OAAAT,EAAQ,UAAAC,EAAY,OAAQ,OAAAC,EAAS,CAAE,EAAI,KAAK,QAEvE,0BAAcF,CAAM,KACpB,gBAAaS,CAAK,KAClB,iBAAcD,CAAM,KACpB,uBAAoBR,CAAM,KAEnB,EAAAU,cAAgB,CACrB,OAAAF,EACA,MAAAC,EACA,OAAAT,EACA,UAAAC,EACA,OAAAC,EACA,QAAAJ,CACF,CAAC,CACH,CACF,EDwNA,IAAAa,EAA4C,wBAtU5C,SAASC,EAAuBC,EAA2D,CACzF,GAAM,CACJ,OAAAC,EACA,QAAAC,EACA,UAAAC,EAAY,OACZ,OAAAC,EAAS,EACT,OAAAC,EACA,OAAAC,EACA,WAAAC,EACA,MAAAC,CACF,EAAIR,KAEJ,iBAAcC,CAAM,KACpB,uBAAoBI,CAAM,EAE1B,IAAMI,KAAc,mBAAgBR,EAAQK,CAAM,KAClD,kBAAeG,EAAaF,CAAU,KACtC,mBAAgBL,EAASK,CAAU,EAEnC,IAAMG,KAAM,uBAAoBL,CAAM,EAChCM,KAAe,kBAAeT,CAAO,EAE3C,MAAO,CAAE,IAAAQ,EAAK,UAAAP,EAAW,OAAAC,EAAQ,YAAAK,EAAa,aAAAE,EAAc,MAAAH,CAAM,CACpE,CA+BA,eAAsBI,EAASZ,EAA+C,CAC5E,GAAM,CAAE,IAAAU,EAAK,UAAAP,EAAW,OAAAC,EAAQ,YAAAK,EAAa,aAAAE,EAAc,MAAAH,CAAM,EAC/DT,EAAuBC,CAAO,EAC1Ba,EAAO,MAAMH,EAAI,KAAKP,EAAWM,EAAaE,CAAY,EAC1DG,EAAKN,GAAO,eAAiBA,EAAM,eAAeK,CAAI,KAAI,mBAAgBA,CAAI,EAEpF,OAAOL,GAAO,YAAcA,EAAM,YAAYM,EAAIV,CAAM,KAAI,kBAAeU,EAAIV,CAAM,CACvF,CA8BO,SAASW,EAAaf,EAAsC,CACjE,GAAM,CAAE,IAAAU,EAAK,UAAAP,EAAW,OAAAC,EAAQ,YAAAK,EAAa,aAAAE,EAAc,MAAAH,CAAM,EAC/DT,EAAuBC,CAAO,EAC1Ba,EAAOH,EAAI,SAASP,EAAWM,EAAaE,CAAY,EACxDG,EAAKN,GAAO,eAAiBA,EAAM,eAAeK,CAAI,KAAI,mBAAgBA,CAAI,EAEpF,OAAOL,GAAO,YAAcA,EAAM,YAAYM,EAAIV,CAAM,KAAI,kBAAeU,EAAIV,CAAM,CACvF,CA2BA,SAASY,EAAqBhB,EAAuD,CACnF,GAAM,CACJ,OAAAC,EACA,QAAAC,EACA,MAAAe,EACA,UAAAd,EAAY,OACZ,OAAAC,EAAS,EACT,OAAAC,EACA,OAAAC,EACA,iBAAAY,EAAmB,EACnB,WAAAX,KAAa,oBAAiB,EAC9B,MAAAC,CACF,EAAIR,KAEJ,iBAAcC,CAAM,KACpB,uBAAoBI,CAAM,EAE1B,IAAMI,KAAc,mBAAgBR,EAAQK,CAAM,KAClD,kBAAeG,EAAaF,CAAU,KACtC,mBAAgBL,EAASK,CAAU,EAG/BC,GAAO,cACTA,EAAM,cAAcS,EAAOb,CAAM,KAEjC,iBAAca,EAAOb,CAAM,KAG7B,4BAAyBc,EAAkBX,CAAU,EAErD,IAAMY,EAAa,OAAOjB,GAAY,SAAW,OAAOA,CAAO,EAAIA,EAC7D,CAACkB,EAAMC,CAAM,KAAI,6BAA0BH,CAAgB,EAC3DI,EAAcF,EAAOC,EAAS,EAEpC,MAAO,CACL,MAAAJ,EACA,WAAAE,EACA,KAAAC,EACA,OAAAC,EACA,YAAAC,EACA,OAAAjB,EACA,mBAAqBkB,IAAiB,CACpC,OAAQd,EACR,QAASc,EACT,UAAApB,EACA,OAAAC,EACA,OAAAC,EACA,WAAAE,EACA,MAAAC,CACF,EACF,CACF,CA2DA,eAAsBgB,EAAOxB,EAAmD,CAC9E,GAAM,CAAE,MAAAiB,EAAO,WAAAE,EAAY,KAAAC,EAAM,YAAAE,EAAa,OAAAjB,EAAQ,mBAAAoB,CAAmB,EACvET,EAAqBhB,CAAO,EAKxB0B,EAAS,KAAK,IAAI,EAAGN,EAAOD,CAAU,EAI5C,QAASQ,EAAID,EAAQC,EAAIL,EAAaK,IAAK,CACzC,IAAMC,EAASD,EAAIP,EACbS,EAAiBV,EAAaS,EAG9BE,EAAW,MAAMlB,EAASa,EAAmBI,CAAc,CAAC,EAClE,GAAIxB,EAAO,kBAAkByB,EAAUb,CAAK,EAC1C,MAAO,CAAE,MAAO,GAAM,MAAOW,EAAS,CAAE,CAE5C,CAEA,MAAO,CAAE,MAAO,EAAM,CACxB,CA8BO,SAASG,EAAW/B,EAA0C,CACnE,GAAM,CAAE,MAAAiB,EAAO,WAAAE,EAAY,KAAAC,EAAM,YAAAE,EAAa,OAAAjB,EAAQ,mBAAAoB,CAAmB,EACvET,EAAqBhB,CAAO,EAKxB0B,EAAS,KAAK,IAAI,EAAGN,EAAOD,CAAU,EAI5C,QAASQ,EAAID,EAAQC,EAAIL,EAAaK,IAAK,CACzC,IAAMC,EAASD,EAAIP,EACbS,EAAiBV,EAAaS,EAG9BE,EAAWf,EAAaU,EAAmBI,CAAc,CAAC,EAChE,GAAIxB,EAAO,kBAAkByB,EAAUb,CAAK,EAC1C,MAAO,CAAE,MAAO,GAAM,MAAOW,EAAS,CAAE,CAE5C,CAEA,MAAO,CAAE,MAAO,EAAM,CACxB","names":["index_exports","__export","HOTP","generate","generateSync","verify","verifySync","__toCommonJS","import_core","import_core","import_uri","HOTP","options","crypto","base32","generateSecretCore","counter","mergedOptions","secret","algorithm","digits","guardrails","generate","params","counterTolerance","verify","issuer","label","generateHOTPURI","import_core","getHOTPGenerateOptions","options","secret","counter","algorithm","digits","crypto","base32","guardrails","hooks","secretBytes","ctx","counterBytes","generate","hmac","dt","generateSync","getHOTPVerifyOptions","token","counterTolerance","counterNum","past","future","totalChecks","cnt","verify","getGenerateOptions","startI","i","offset","currentCounter","expected","verifySync"]}