Remove Authen::OATH dependency

* We already check the validity of our TOTP alg in
  lemonldap-ng-common/t/37-Common-TOTP.pm
* Users can generate TOTPs with any password manager or with the
  oathtool comand, making totp-client.pl unnecessary

debian/control

@@ -8,7 +8,6 @@ Build-Depends: debhelper (>= 10),
 Build-Depends-Indep: fonts-urw-base35 <!nocheck> | gsfonts <!nocheck>,
                      libapache-session-perl <!nocheck>,
                      libauth-yubikey-webclient-perl <!nocheck>,
-                     libauthen-oath-perl <!nocheck>,
                      libauthen-radius-perl <!nocheck>,
                      libcache-cache-perl <!nocheck>,
                      libclass-xsaccessor-perl <!nocheck>,

lemonldap-ng-portal/t/35-REST-sessions-with-AuthBasic-handler-with-2FA.t

@@ -25,11 +25,6 @@ SKIP: {
     if ($@) {
         skip 'Convert::Base32 is missing', $maintests;
     }
-    eval { require Authen::OATH };
-    if ($@) {
-        skip 'Authen::OATH is missing', $maintests;
-    }
-
     ok( $p = issuer(), 'Issuer portal' );
 
     # BEGIN TESTS

lemonldap-ng-portal/t/38-No-persistent-session.t

@@ -11,10 +11,6 @@ SKIP: {
     if ($@) {
         skip 'Convert::Base32 is missing', $maintests;
     }
-    eval { require Authen::OATH };
-    if ($@) {
-        skip 'Authen::OATH is missing', $maintests;
-    }
     require Lemonldap::NG::Common::TOTP;
 
     my $client = LLNG::Manager::Test->new(

lemonldap-ng-portal/t/70-2F-TOTP-8-with-global-storage.t

@@ -4,17 +4,13 @@ use strict;
 use IO::String;
 
 require 't/test-lib.pm';
-my $maintests = 28;
+my $maintests = 26;
 
 SKIP: {
     eval { require Convert::Base32 };
     if ($@) {
         skip 'Convert::Base32 is missing', $maintests;
     }
-    eval { require Authen::OATH };
-    if ($@) {
-        skip 'Authen::OATH is missing', $maintests;
-    }
     require Lemonldap::NG::Common::TOTP;
 
     my $client = LLNG::Manager::Test->new(
@@ -132,16 +128,9 @@ SKIP: {
       expectForm( $res, undef, '/totp2fcheck', 'token' );
 
     # Generate TOTP with LLNG
-    my $totp;
+    ok( $code = Lemonldap::NG::Common::TOTP::_code( undef, $key, 0, 30, 8 ),
-    ok( $totp = Lemonldap::NG::Common::TOTP::_code( undef, $key, 0, 30, 8 ),
         'LLNG Code' );
 
-    # Generate TOTP with an external application to validate LLNG TOTP formula
-    my $oath = Authen::OATH->new( digits => 8 );
-    ok( $code = $oath->totp($key), 'Ext. App Code' );
-    ok( $code == $totp,            'Both TOTP match' )
-      or explain( [ $code, $totp ], 'LLNG and Ext. App TOTP mismatch' );
-
     $query =~ s/code=/code=$code/;
     ok(
         $res = $client->_post(
@@ -173,7 +162,7 @@ SKIP: {
       expectForm( $res, undef, '/totp2fcheck', 'token' );
 
     # Generate TOTP with LLNG
-    ok( $totp = Lemonldap::NG::Common::TOTP::_code( undef, $key, 0, 30, 8 ),
+    ok( $code = Lemonldap::NG::Common::TOTP::_code( undef, $key, 0, 30, 8 ),
         'LLNG Code' );
     $query =~ s/code=/code=$code/;
 

lemonldap-ng-portal/t/70-2F-TOTP-encryption.t

@@ -5,17 +5,13 @@ use IO::String;
 use JSON qw/from_json to_json/;
 
 require 't/test-lib.pm';
-my $maintests = 31;
+my $maintests = 29;
 
 SKIP: {
     eval { require Convert::Base32 };
     if ($@) {
         skip 'Convert::Base32 is missing', $maintests;
     }
-    eval { require Authen::OATH };
-    if ($@) {
-        skip 'Authen::OATH is missing', $maintests;
-    }
     require Lemonldap::NG::Common::TOTP;
 
     my $client = LLNG::Manager::Test->new(
@@ -133,16 +129,9 @@ SKIP: {
       expectForm( $res, undef, '/totp2fcheck', 'token' );
 
     # Generate TOTP with LLNG
-    my $totp;
+    ok( $code = Lemonldap::NG::Common::TOTP::_code( undef, $key, 0, 30, 6 ),
-    ok( $totp = Lemonldap::NG::Common::TOTP::_code( undef, $key, 0, 30, 6 ),
         'LLNG Code' );
 
-    # Generate TOTP with an external application to validate LLNG TOTP formula
-    my $oath = Authen::OATH->new( digits => 6 );
-    ok( $code = $oath->totp($key), 'Ext. App Code' );
-    ok( $code == $totp,            'Both TOTP match' )
-      or explain( [ $code, $totp ], 'LLNG and Ext. App TOTP mismatch' );
-
     $query =~ s/code=/code=$code/;
     ok(
         $res = $client->_post(
@@ -174,7 +163,7 @@ SKIP: {
       expectForm( $res, undef, '/totp2fcheck', 'token' );
 
     # Generate TOTP with LLNG
-    ok( $totp = Lemonldap::NG::Common::TOTP::_code( undef, $key, 0, 30, 6 ),
+    ok( $code = Lemonldap::NG::Common::TOTP::_code( undef, $key, 0, 30, 6 ),
         'LLNG Code' );
     $query =~ s/code=/code=$code/;
 

lemonldap-ng-portal/t/70-2F-TOTP-with-LDAP.t

@@ -13,10 +13,6 @@ SKIP: {
     if ($@) {
         skip 'Convert::Base32 is missing', $maintests;
     }
-    eval { require Authen::OATH };
-    if ($@) {
-        skip 'Authen::OATH is missing', $maintests;
-    }
     skip 'LLNGTESTLDAP is not set', $maintests unless ( $ENV{LLNGTESTLDAP} );
     require 't/test-ldap.pm';
 

lemonldap-ng-portal/t/70-2F-TOTP-with-Range.t

@@ -13,10 +13,6 @@ SKIP: {
     if ($@) {
         skip 'Convert::Base32 is missing', $maintests;
     }
-    eval { require Authen::OATH };
-    if ($@) {
-        skip 'Authen::OATH is missing', $maintests;
-    }
     require Lemonldap::NG::Common::TOTP;
 
     my $client = LLNG::Manager::Test->new(

scripts/README.md

@@ -14,7 +14,6 @@ LLNG team scripts
 ## Other tools
 * `testConfBackend.pl`: test a new configuration backend
 * `test-perf.pl`: little script to test Portal/Handler performance
-* `totp-client.pl`: TOTP app to replace FreeOTP for TOTP tests
 * `run-ldap`: Launch an LDAP server (port 19389) and stop it when a key is pressed. It uses Portal test LDAP server.
 
 ## Old unmaintained scripts

scripts/totp-client.pl

@@ -1,16 +0,0 @@
-#!/usr/bin/perl -w
-
-use Authen::OATH;
-use Convert::Base32 qw( decode_base32 );
-
-unless ( $ARGV[0] ) {
-    print STDERR "Usage $0 <totp-secret>\n";
-    exit 1;
-}
-
-my $oath = Authen::OATH->new();
-my $totp = $oath->totp( decode_base32( $ARGV[0] ) );
-
-print "$totp\n";
-
-1;