Well kill me now, the click listener refuses to fire :D

Good news: the tests have been verified with a separate app to be correct which means my Kotlin port of the Otp class works well
Bad news: I can't make this work in the app because my click listener never fires :|

Uhh this works now for some reason? @erayd @charvp @Helianthella here's a signed build to test the functionality and UX with: https://dl.msfjarvis.dev/share/aps_1.10.0-SNAPSHOT.apk

Thanks! I've logged into a few sites, seems to work without a hitch.

I think this covers our bases well. If someone has more otpauth:// URI samples they wanna share to be added to these tests I'd be very grateful.

@msfjarvis Initial testing with that APK seems to work well - I've tested a number of different entries, and the generated codes were all correct.

One comment - there is no option to view the generated OTP code; the only option is to copy it to the clipboard. For those who are logging in on a device that isn't their phone, that will cause problems. Displaying it in a similar manner to how the password and username are displayed would address that issue.

One comment - there is no option to view the generated OTP code; the only option is to copy it to the clipboard. For those who are logging in on a device that isn't their phone, that will cause problems. Displaying it in a similar manner to how the password and username are displayed would address that issue.

Yeah that makes sense, will get on it.

Thanks @FabianHenneke 🙂.

1. Assuming that lifecycleScope means "as long as everything else in the entry is viewable", that seems reasonable.

2. Seems reasonable, provided it's still visible when editing. Wanting to copy the OTP seed rather than the generated code is a very rare use-case.

2. Seems reasonable, provided it's still visible when editing. Wanting to copy the OTP seed rather than the generated code is a very rare use-case.

You can still manually copy it while editing so IMO our current setup is fine.

I've made the change to drop otpauth:// lines from the extra content, and changed the snackbar text to mention OTP codes since I added the string before anyway.

I've made the change to drop otpauth:// lines

Does that commit also drop totp: lines? That wasn't obvious from looking at the commit, unless I missed something.

I've made the change to drop otpauth:// lines

Does that commit also drop totp: lines? That wasn't obvious from looking at the commit, unless I missed something.

No, just otpauth://. I'll add in totp://.

Not totp:// - just totp:

It's not a URL scheme, but rather a key / value line, similar to how the username is encoded.

Not totp:// - just totp:

It's not a URL scheme, but rather a key / value line, similar to how the username is encoded.

Ah yeah, accidentally typed totp:// here. Pushed the fix.

If I understand Base32 padding correctly (don't let me down Wikipedia), this test covers that case as well which means this is good to go now.

I implemented parsing otpauth URLs in pyotp, so maybe the unit tests there may help too: https://github.com/pyauth/pyotp/blob/master/test.py#L342

See also pyauth/pyotp#84 for the feature itself and the checks to ensure the URL meets the standards

I implemented parsing otpauth URLs in pyotp, so maybe the unit tests there may help too: pyauth/pyotp:test.py@master#L342

Thanks a lot, this is helpful! This gave me a couple ideas that I'll implement right now.

@FabianHenneke reverted as per our discussion