Merge pull request #18 from pquerna/pq/trim_secret_whitespace

Be more careful with secret input. Fixes #17

Author: pquerna

Diff for: hotp/hotp.go

@@ -70,8 +70,9 @@ func GenerateCode(secret string, counter uint64) (string, error) {
 // GenerateCodeCustom uses a counter and secret value and options struct to
 // create a passcode.
 func GenerateCodeCustom(secret string, counter uint64, opts ValidateOpts) (passcode string, err error) {
-	// As noted in issue #10 this adds support for TOTP secrets that are
+	// As noted in issue #10 and #17 this adds support for TOTP secrets that are
 	// missing their padding.
+	secret = strings.TrimSpace(secret)
 	if n := len(secret) % 8; n != 0 {
 		secret = secret + strings.Repeat("=", 8-n)
 	}

Diff for: otp.go

@@ -57,14 +57,16 @@ type Key struct {
 //   https://github.com/google/google-authenticator/wiki/Key-Uri-Format
 //
 func NewKeyFromURL(orig string) (*Key, error) {
-	u, err := url.Parse(orig)
+	s := strings.TrimSpace(orig)
+
+	u, err := url.Parse(s)
 
 	if err != nil {
 		return nil, err
 	}
 
 	return &Key{
-		orig: orig,
+		orig: s,
 		url:  u,
 	}, nil
 }

Diff for: otp_test.go

@@ -45,3 +45,11 @@ func TestKeyNoIssuer(t *testing.T) {
 	require.Equal(t, "", k.Issuer(), "Extracting Issuer")
 	require.Equal(t, "[email protected]", k.AccountName(), "Extracting Account Name")
 }
+
+func TestKeyWithNewLine(t *testing.T) {
+	w, err := NewKeyFromURL(`otpauth://totp/Example:[email protected]?secret=JBSWY3DPEHPK3PXP
+`)
+	require.NoError(t, err)
+	sec := w.Secret()
+	require.Equal(t, "JBSWY3DPEHPK3PXP", sec)
+}