Java/Kotlin lightweight implementation of RFC-6238 and RFC-4226 to generate and validate time-based one-time passwords (TOTP).

Overview

1time

Atlassian license PRs Welcome

Java/Kotlin lightweight implementation of RFC-6238 and RFC-4226 to generate and validate time-based one-time passwords (TOTP).

Maven / gradle dependency

Check the latest package at https://github.com/atlassian-labs/1time/packages/

Quick start

This library is suitable for both prover and verifier.

Prover

As described in RFC-6238, the prover is the user trying to authenticate and submitting the generated TOTP to the verifier.

An example is: The user is trying to access an online service and is required to input the TOTP after authenticating with username and password. The user will need an application to generate such TOTP.

To generate the current TOTP for a given user's secret, do:

Assuming the user's enrollment has a base 32 encoded secret key: ZIQL3WHUAGCS5FQQDKP74HZCFT56TJHR

We can then generate the TOTP for the current time step:

val secret = TOTPSecret.fromBase32EncodedString("ZIQL3WHUAGCS5FQQDKP74HZCFT56TJHR")
val totpGenerator: TOTPGenerator = TOTPGenerator()
val totp = totpGenerator.generateCurrent(secret) //TOTP(value=123456)

You can now present the value of totp to the user.

Verifier

As described in RFC-6238, the verifier is the system validating the user's credentials, including multi-factor authentication. After the system validates the username/password, it then verifies the user's TOTP input.

But before being able to verify a user's TOTP, we need to enrol the user.

Upon an enrolment request, the system will

  • Generate a secret and store it for the user and other information the system deems necessary.
  • Generate a TOTP URI for further QR code generation that will allow the user to enrol with mobile apps such as Google Authenticator

This library generates secrets and TOTP URIs.

Generating a secret

val service = DefaultTOTPService()
val secret = service.generateTotpSecret()
secret.base32Encoded //NIQXUILREVGHIUKNORKHSJDHKMWS6UTY

Generating a TOTP URI

val totpUri = service.generateTOTPUrl(
    secret, ////NIQXUILREVGHIUKNORKHSJDHKMWS6UTY
    EmailAddress("[email protected]"),
    Issuer("Acme Co")
)
totpUri // otpauth://totp/Acme+Co:jsmith%40acme.com?secret=NIQXUILREVGHIUKNORKHSJDHKMWS6UTY&issuer=Acme+Co&algorithm=SHA1&digits=6&period=30

Once generated the totpUrl, the system can use any library of choice to generate the TOTP QR code. For example:

Verifying enrolled user

After the user has successfully enrolled, both the user and the system will share the secret.

When the user (prover) is trying to authenticate, the system (verifier) will validate the user's TOTP input.

In order to do so, do:

val userInput: TOTP = TOTP("123456") //TOTP from user input
val result = service.verify(
  userInput, 
  secret //NIQXUILREVGHIUKNORKHSJDHKMWS6UTY
)

The obtained result can be either

  • TOTPVerificationResult.InvalidOtp: The provided TOTP is invalid for the secret and default configuration
  • TOTPVerificationResult.Success: The provided TOTP is valid for the secret and default configuration. In addition, the index of the matching TOTP is provided in the Success data class.

Success - index of matching TOTP

When the verification is successful, the type of result will be TOTPVerificationResult.Success. This data class contains an index value:

data class Success(val index: Int) : TOTPVerificationResult()

The index value indicates the window on which the TOTP was found. More on windows here.

When the verifier allows, for instance, 1 past window, one present window (mandatory) and one future window, upon successful verification, the index value will be:

  • -1 when successful on past window or T - 1
  • 0 when successful on current window or T
  • 1 when successful on future window or T + 1

Where T is the time step. This is calculated by current epoch time in seconds divided by (floor) time step size (30 seconds by default).

This index is useful if your solution wants to implement resynchronization.

From RFC-6238:

Upon successful validation, the validation server can record the detected clock drift for the token in terms of the number of time steps. When a new OTP is received after this step, the validator can validate the OTP with the current timestamp adjusted with the recorded number of time-step clock drifts for the token.

By keeping track of the successful indexes per user device, the verifier could:

  • Adjust the allowed windows to cater for prover's clock drifts.
  • Notify the user that the device's clock is drifting and could end up in blocking access to the account, asking the user to re-enrol.

Tuning configuration

The previous instructions rely on a set of defaults.

Default values for TOTP Generator

TOTP Generator constructor takes the following parameters and corresponding default values:

val totpGenerator: TOTPGenerator = TOTPGenerator(
  clock = Clock.systemUTC(),
  startTime = 0,
  timeStepSeconds = 30,
  otpLength = OTPLength.SIX,
  digest = HMACDigest.SHA1
)
  • startTime: Epoch second from which the counter starts. By default is 0, which points to Thursday, January 1, 1970 0:00:00 GMT.
  • timeStepSeconds: The duration of a TOTP. By default, is 30 seconds.
  • otpLength: TOTP digit count. By default, is 6 digits.
  • digest: HMAC algorithm. By default, is SHA1.

⚠️ We recommend not to change these default values since apps such as Google Authenticator will ignore the custom values provided in the totp url and default to the agreed standards.

See Google Authenticator handling of these parameters: Key-Uri-Format

Default values TOTP service

These defaults apply for the verifier.

TOTP Service constructor takes the following parameters and corresponding default values:

val service = DefaultTOTPService(
  totpGenerator = TOTPGenerator(),
  totpConfiguration = TOTPConfiguration()
)
  • totpGenerator: The default generator as described before. You could create different instances of DefaultTOTPService with different configurations of totpGenerator. This may be useful if your solution stores detailed configuration such as TOTP length, time step size and hashing algorithm per enrolment instead of a global configuration. If enrolment will allow the user to choose these parameters, then make sure the prover app supports such configuration.
  • totpConfiguration: This configuration allows to tune how the verification behaves in terms of accepted windows and how to generate secret keys.
    • secretProvider: By default we provide AsciiRangeSecretProvider. This is a random key generator that generates 20 bytes in the ASCII range. This is useful for when you need the raw secret value to be composed of printable characters. You can provide your own Secret provider by extending SecretProvider functional interface.
    • allowedPastSteps: By default, this is 0. As specified by RFC-6238, the verifier should accept the TOTP from the previous time step to cater for possible network delays. If you want to accept past windows as valid, increase this number.
    • allowedFutureSteps: By default, this is 0. Same as allowedPastSteps but to cater for possible clock drifts in which the prover's clock is slightly in the future relative to the verifier's. If you want to accept future time windows as valid, increase this number. More on time windows on the next section.

Secret providers

We include two secret providers

  • AsciiRangeSecretProvider: Will generate 20 random bytes in the ASCII range. This enables the raw value to be printable and easier for transport / debugging.
  • RandomSecretProvider: Will generate 20 random bytes in the entire byte range.

If you want to use better random generators such as AWS KMS, you can implement your own SecretProvider and use such provider in the totpConfiguration of the DefaultTOTPService.

Prover clock delays and verifier allowed windows

When both the prover's and verifier's clocks are in sync, this is what it would look like when the verifier allows one past window and 1 future window:

img.png

The current TOTP for the prover is what the server sees in the middle of the window, since it now accepts TOTPs from 3 time windows; current window, the previous and the next.

But when the prover's clock is delayed relative to the verifiers, this is what it would look like:

img.png

When the verifier generates the list of 3 TOTPs for the user, the one the prover provided is already in the past.

This can also happen due to network delay. Say the prover submitted the TOTP close to the end of the time window of 30 seconds and given network delays, upon calculation on the verifier, that TOTP value is no longer the current, but the previous. In these cases it makes sense to deem that TOTP as valid to prevent the prover from having to resubmit the TOTP.

Similarly to the prover's clock being delayed, it can also happen that it is slightly in the future relative to verifier's clock. The opposite to the diagram above would happen and upon calculation on verifier's side, the TOTP provided will be the next to current. It also makes sense to deem that attempt as valid.

Contributions

Contributions to 1time are welcome! Please see CONTRIBUTING.md for details.

License

Copyright (c) 2022 Atlassian and others. Apache 2.0 licensed, see LICENSE file.


With �� from Atlassian

Comments
  • Bump com.jfrog.artifactory from 4.29.0 to 4.29.3

    Bump com.jfrog.artifactory from 4.29.0 to 4.29.3

    Bumps com.jfrog.artifactory from 4.29.0 to 4.29.3.

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies java 
    opened by dependabot[bot] 1
  • Bump kotest-property-jvm from 5.4.2 to 5.5.3

    Bump kotest-property-jvm from 5.4.2 to 5.5.3

    Bumps kotest-property-jvm from 5.4.2 to 5.5.3.

    Release notes

    Sourced from kotest-property-jvm's releases.

    5.5.3

    Updated JUnit version from 5.7.2 to 5.8.2

    Kotest now requires the runtime version of JUnit to be at least 5.8

    Note: If your build somehow manages to put both JUnit 5.7 and 5.8 onto the classpath and they load in the wrong order, you might see problems related to ClassOrderer not being found. Please make sure that only JUnit 5.8+ is loaded

    v5.5.2

    Gradle test filter fixes, by @​myuwono kotest/kotest#3257 Tag inheritance configuration is now available on AbstractProjectConfig

    5.5.1

    Fixed an issue where tests where being skipped when filtered out by the full spec name

    v5.5.0

    No release notes provided.

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies java 
    opened by dependabot[bot] 1
  • Bump com.jfrog.artifactory from 4.29.0 to 4.29.2

    Bump com.jfrog.artifactory from 4.29.0 to 4.29.2

    Bumps com.jfrog.artifactory from 4.29.0 to 4.29.2.

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies java 
    opened by dependabot[bot] 1
  • Bump kotest-assertions-core-jvm from 5.4.2 to 5.5.3

    Bump kotest-assertions-core-jvm from 5.4.2 to 5.5.3

    Bumps kotest-assertions-core-jvm from 5.4.2 to 5.5.3.

    Release notes

    Sourced from kotest-assertions-core-jvm's releases.

    5.5.3

    Updated JUnit version from 5.7.2 to 5.8.2

    Kotest now requires the runtime version of JUnit to be at least 5.8

    Note: If your build somehow manages to put both JUnit 5.7 and 5.8 onto the classpath and they load in the wrong order, you might see problems related to ClassOrderer not being found. Please make sure that only JUnit 5.8+ is loaded

    v5.5.2

    Gradle test filter fixes, by @​myuwono kotest/kotest#3257 Tag inheritance configuration is now available on AbstractProjectConfig

    5.5.1

    Fixed an issue where tests where being skipped when filtered out by the full spec name

    v5.5.0

    No release notes provided.

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies java 
    opened by dependabot[bot] 1
  • Bump jvm from 1.7.10 to 1.7.20

    Bump jvm from 1.7.10 to 1.7.20

    Bumps jvm from 1.7.10 to 1.7.20.

    Release notes

    Sourced from jvm's releases.

    Kotlin 1.7.20

    1.7.20

    Analysis API

    • KT-52667 FIR IDE: fun interfaces (SAM interfaces) are not properly resolved
    • KT-52136 FIR: Implicit type declaration from the other module cannot be used for overloading

    Analysis API. FE1.0

    • KT-51962 Analysis API: Finish Analysis API for FE1.0

    Analysis API. FIR

    • KT-52779 FIR IDE: Import Optimizer cannot handle generic type qualifiers
    • KT-50236 Fix OOB modification trackers for non-Kotlin code
    • KT-51240 Analysis API: KtAnalysisSession for a specific module cannot create a symbol for PSI that cannot be seen from that module.
    • KT-50868 Analysis API: decompiled type aliases are not resolved

    Compiler

    • KT-53739 Builder inference, extension hides members
    • KT-53733 Kotlin/Native: update source documentation for the new default memory manager
    • KT-53667 Compiler crashes on attempt to alloc a string on the stack in new MM
    • KT-53480 Internal error in file lowering: java.lang.ClassNotFoundException: com.android.systemui.R$string
    • KT-52843 Compose: NPE at Parameters.getParameterByDeclarationSlot if inline function with default arguments takes a lambda which captures value class represented by Long
    • KT-51868 JVM / IR: Inconsistent behaviour between lambda expression and SAM interface conversion for the same interface
    • KT-53475 Kotlin/Native for iOS: "IllegalArgumentException: Sequence has more than one element"

    New Features

    • KT-52495 Support until operator in back-ends
    • KT-52420 Implement resolve of until operator
    • KT-52419 Implement until operator in the parser
      • KT-33755 Kotlin/Native: Provide a way to customize a bundle Identifier of a generated framework
    • KT-51665 FIR: implement label resolve for "typed this" case
    • KT-52361 Report warning on potentially empty intersection types

    Performance Improvements

    • KT-47816 Disable script discovery for non-script environments
    • KT-48635 JVM IR: Double/Float values are boxed when comparing for equality in equals method of data/value classes
    • KT-23397 Optimize out field for property delegate when it's safe (JVM)

    Fixes

    • KT-53272 Backend Internal error: Exception during IR lowering / No such value argument slot: 2
    • KT-53124 Receiver type mismatch when combining extension properties, type projections, Java sources, and F-bounded type-variables
    • KT-51868 JVM / IR: Inconsistent behaviour between lambda expression and SAM interface conversion for the same interface
    • KT-36770 Prohibit unsafe calls with expected @NotNull T and given Kotlin generic parameter with nullable bound
    • KT-52974 "IllegalStateException: Symbol with IrSimpleFunctionSymbolImpl is unbound" compiling native targets of MPP project

    ... (truncated)

    Changelog

    Sourced from jvm's changelog.

    1.7.20

    Compiler

    New Features

    • KT-52495 Support until operator in back-ends
    • KT-52420 Implement resolve of until operator
    • KT-52419 Implement until operator in the parser

    Fixes

    • KT-53947 IllegalStateException: No mapping for symbol: VALUE_PARAMETER INSTANCE_RECEIVER
    • KT-51234 Context receivers can be duplicated in function declaration
    • KT-51576 Context receivers: "AssertionError: Callers must check that current token is IDENTIFIER followed with '@'" with at character
    • KT-49479 JVM / IR: "IllegalStateException: IrErrorType" during IR lowering with non-trivial recursion calls
    • KT-52270 NullPointerException caused by braces on if-else returning a method reference inside lambda
    • KT-47621 False negative INVISIBLE_MEMBER on call to inaccessible protected synthetic property setter
    • KT-37796 NI: "ISE: Error type encountered" when inferring type of a property that delegates to itself
    • KT-45430 PSI2IR: "org.jetbrains.kotlin.psi2ir.generators.ErrorExpressionException: null: KtCallExpression: toString()" with recursive function call in "also" block in nontrivial context
    • KT-52691 K2: Expected FirResolvedTypeRef with ConeKotlinType but was FirImplicitTypeRefImpl with intertwined functional interfaces
    • KT-52822 Fix contract for KtElement.getReference()
    • KT-50223 IndexOutOfBoundsException from ClassicTypeSystemContext$DefaultImpls.getParameter during call resolution
    • KT-51963 Change Maven version to 1.7.255
    • KT-47664 Incorrect type checking in the case of generic types
    • KT-48765 NI: Inferred type does not respect the bound of type variable
    • KT-51243 False positive error "No required context receiver" inside contextual lambda
    • KT-43541 TYPE_MISMATCH for member function which is not occur for top level function during unsafe cast
    • KT-51016 [FIR] False positive OVERLOAD_RESOLUTION_AMBIGUITY between two extensions on different supertypes
    • KT-50155 FIR: support contextual receivers
    • KT-38637 Catch NoSuchFieldException in optimized when expression over enum

    Docs & Examples

    • KT-49896 Kotlin/JS: improve -Xir-property-lazy-initialization description due to making it true by default

    IDE

    • KTIJ-22286 Kotlin JPS project created via wizard does not contain Kotlin libraries in case of not-released version
    • KTIJ-22065 IDE notification motivating Kotlin users to use EAP
    • KTIJ-22209 Configure Kotlin on 221 idea adds 1.6.10 Kotlin (despite the fact that IDE plugin is 1.7.10)
    • KTIJ-22171 Fix test BuiltInDecompilerConsistencyTest
    • KTIJ-22016 Empty .kt file and build.gradle.kts can trigger an error while searching for a facade light class

    IDE. Code Style, Formatting

    • KTIJ-21346 Incorrect formatting for functions with context receivers and visibility modifiers

    IDE. Completion

    ... (truncated)

    Commits
    • 7159702 Add changelog for 1.7.20
    • 9ca25ce Native: add more tests for Swift Set and Dictionary used in Kotlin
    • 1244679 Native: improve thread state switches for NSSet/NSDictionary adapters
    • 1abfeb9 [Gradle][MPP] MPP/AGP compatibility: Bump maxSupportedVersion to 7.3
    • b489e93 Fix lowering of receiver access in IR scripting
    • 8a8853c K1. Fix error message for BUILDER_INFERENCE_MULTI_LAMBDA_RESTRICTION
    • 608d45c Add changelog for 1.7.20-RC
    • 3a340d2 Fix kind of NoBuilderInferenceWithoutAnnotationRestriction
    • a17fc51 Fix receiver inconsistency when builder inference restriction disabled
    • f0fd2cf Put back the line with language feature to 1.7 block
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies java 
    opened by dependabot[bot] 1
  • Bump com.jfrog.artifactory from 4.29.0 to 4.29.1

    Bump com.jfrog.artifactory from 4.29.0 to 4.29.1

    Bumps com.jfrog.artifactory from 4.29.0 to 4.29.1.

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies java 
    opened by dependabot[bot] 1
  • Bump kotest-assertions-core-jvm from 5.2.2 to 5.3.2

    Bump kotest-assertions-core-jvm from 5.2.2 to 5.3.2

    Bumps kotest-assertions-core-jvm from 5.2.2 to 5.3.2.

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies java 
    opened by dependabot[bot] 1
  • Bump kotest-property-jvm from 5.2.2 to 5.3.2

    Bump kotest-property-jvm from 5.2.2 to 5.3.2

    Bumps kotest-property-jvm from 5.2.2 to 5.3.2.

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies java 
    opened by dependabot[bot] 1
  • move build to gradle.kts

    move build to gradle.kts

    Kotlin ecosystem is best supported with gradle. - It would be preferable if we do the move to gradle. This will make it possible to move towards multiplatform if we decide to do so in the future

    opened by myuwono 1
  • Bump kotest-assertions-arrow-jvm from 1.2.5 to 1.3.0

    Bump kotest-assertions-arrow-jvm from 1.2.5 to 1.3.0

    Bumps kotest-assertions-arrow-jvm from 1.2.5 to 1.3.0.

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies java 
    opened by dependabot[bot] 0
  • Bump jvm from 1.7.22 to 1.8.0

    Bump jvm from 1.7.22 to 1.8.0

    Bumps jvm from 1.7.22 to 1.8.0.

    Release notes

    Sourced from jvm's releases.

    Kotlin 1.8.0

    Changelog

    Analysis API

    • KT-50255 Analysis API: Implement standalone mode for the Analysis API

    Analysis API. FIR

    • KT-54292 Symbol Light classes: implement PsiVariable.computeConstantValue for light field
    • KT-54293 Analysis API: fix constructor symbol creation when its accessed via type alias

    Android

    • KT-53342 TCS: New AndroidSourceSet layout for multiplatform
    • KT-53013 Increase AGP compile version in KGP to 4.1.3
    • KT-54013 Report error when using deprecated Kotlin Android Extensions compiler plugin
    • KT-53709 MPP, Android SSL2: Conflicting warnings for androidTest/kotlin source set folder

    Backend. Native. Debug

    • KT-53561 Invalid LLVM module: "inlinable function call in a function with debug info must have a !dbg location"

    Compiler

    New Features

    • KT-52817 Add @JvmSerializableLambda annotation to keep old behavior of non-invokedynamic lambdas
    • KT-54460 Implementation of non-local break and continue
    • KT-53916 Support Xcode 14 and new Objective-C frameworks in Kotlin/Native compiler
    • KT-32208 Generate method annotations into bytecode for suspend lambdas (on invokeSuspend)
    • KT-53438 Introduce a way to get SourceDebugExtension attribute value via JVMTI for profiler and coverage

    Performance Improvements

    • KT-53347 Get rid of excess allocations in parser
    • KT-53689 JVM: Optimize equality on class literals
    • KT-53119 Improve String Concatenation Lowering

    Fixes

    • KT-53465 Unnecessary checkcast to array of reified type is not optimized since Kotlin 1.6.20
    • KT-49658 NI: False negative TYPE_MISMATCH on nullable type with when
    • KT-48162 NON_VARARG_SPREAD isn't reported on *toTypedArray() call
    • KT-43493 NI: False negative: no compilation error "Operator '==' cannot be applied to 'Long' and 'Int'" is reported in builder inference lambdas
    • KT-54393 Change in behavior from 1.7.10 to 1.7.20 for java field override.
    • KT-55357 IllegalStateException when reading a class that delegates to a Java class with a definitely-not-null type with a flexible upper bound
    • KT-55068 Kotlin Gradle DSL: No mapping for symbol: VALUE_PARAMETER SCRIPT_IMPLICIT_RECEIVER on JVM IR backend
    • KT-51284 SAM conversion doesn't work if method has context receivers
    • KT-48532 Remove old JVM backend

    ... (truncated)

    Changelog

    Sourced from jvm's changelog.

    1.8.0

    Analysis API

    • KT-50255 Analysis API: Implement standalone mode for the Analysis API

    Analysis API. FIR

    • KT-54292 Symbol Light classes: implement PsiVariable.computeConstantValue for light field
    • KT-54293 Analysis API: fix constructor symbol creation when its accessed via type alias

    Android

    • KT-53342 TCS: New AndroidSourceSet layout for multiplatform
    • KT-53013 Increase AGP compile version in KGP to 4.1.3
    • KT-54013 Report error when using deprecated Kotlin Android Extensions compiler plugin
    • KT-53709 MPP, Android SSL2: Conflicting warnings for androidTest/kotlin source set folder

    Backend. Native. Debug

    • KT-53561 Invalid LLVM module: "inlinable function call in a function with debug info must have a !dbg location"

    Compiler

    New Features

    • KT-52817 Add @JvmSerializableLambda annotation to keep old behavior of non-invokedynamic lambdas
    • KT-54460 Implementation of non-local break and continue
    • KT-53916 Support Xcode 14 and new Objective-C frameworks in Kotlin/Native compiler
    • KT-32208 Generate method annotations into bytecode for suspend lambdas (on invokeSuspend)
    • KT-53438 Introduce a way to get SourceDebugExtension attribute value via JVMTI for profiler and coverage

    Performance Improvements

    • KT-53347 Get rid of excess allocations in parser
    • KT-53689 JVM: Optimize equality on class literals
    • KT-53119 Improve String Concatenation Lowering

    Fixes

    • KT-53465 Unnecessary checkcast to array of reified type is not optimized since Kotlin 1.6.20
    • KT-49658 NI: False negative TYPE_MISMATCH on nullable type with when
    • KT-48162 NON_VARARG_SPREAD isn't reported on *toTypedArray() call
    • KT-43493 NI: False negative: no compilation error "Operator '==' cannot be applied to 'Long' and 'Int'" is reported in builder inference lambdas
    • KT-54393 Change in behavior from 1.7.10 to 1.7.20 for java field override.
    • KT-55357 IllegalStateException when reading a class that delegates to a Java class with a definitely-not-null type with a flexible upper bound
    • KT-55068 Kotlin Gradle DSL: No mapping for symbol: VALUE_PARAMETER SCRIPT_IMPLICIT_RECEIVER on JVM IR backend
    • KT-51284 SAM conversion doesn't work if method has context receivers
    • KT-48532 Remove old JVM backend
    • KT-55065 Kotlin Gradle DSL: Reflection cannot find class data for lambda, produced by JVM IR backend

    ... (truncated)

    Commits
    • da1a843 Add ChangeLog for 1.8.0-RC2
    • d325cf8 Call additional publishToMavenLocal in maven build scripts and enable info
    • 0403d70 Don't leave Gradle daemons after build scripts
    • 52b225d Fix task module-name is not propagated to compiler arguments
    • d40ebc3 Specify versions-maven-plugin version explicitly
    • 2e829ed Fix version parsing crash on Gradle rich version string
    • f603c0e Scripting, IR: fix capturing of implicit receiver
    • 06cbf8f Scripting, tests: enable custom script tests with IR
    • d61cef0 Fix deserialization exception for DNN types from Java
    • ea33e72 JVM IR: script is a valid container for local delegated properties
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies java 
    opened by dependabot[bot] 0
Releases(v1.0.0)
Owner
Atlassian Labs
Atlassian Labs
You can store all your password, bank details, card details in one place and remember only one master PIN. The application works totally offline.

Keep Password An application where you can store all your password, bank details, card details in one place and remember only one master PIN. The appl

rıdvan 4 Apr 18, 2022
All news in one place - one application

nuntiumNewsApp Nuntium | Daily News App Nuntuim news app is a personalised news aggregator that organises and highlights what’s happening in the world

Ro'ziboyev Ismoil 1 Dec 3, 2021
Google one tap sign in - Flutter Google One Tap Sign In (Android)

Google One Tap Sign In Google One Tap Sign In (Android) A Flutter Plugin for Google One Tap Sign In Getting Started To access Google Sign-In, you'll n

null 6 Nov 23, 2022
Latihan One Time, Repeating, dan Membatalkan AlarmManager

Latihan-Background-Process-dan-Networking-6 Latihan One Time AlarmManager Kali ini kita akan membuat sebuah proyek sederhana dengan skenario seperti b

Ubean 0 Nov 23, 2021
Android-basics-kotlin-tip-time-app - Tip Time app from Android Basics in Kotlin

Tip Time Tip Time app from Android Basics in Kotlin at developers.google.com. It

Ramon Lima e Meira 0 Jan 2, 2022
Android application that allows users to take or import photo of chessboard, recognizes the pieces and generate the Forsyth-Edwards Notation.

♛ ChessBoard Importer Frontend ♛ Repository for the frontend part of project "Chessboard Importer". The project is realized by the team of 4 students

null 8 Feb 26, 2022
Auto-pipeline: a source code generator, it will generate your component's pipeline

auto-pipeline ?? auto-pipeline is a source code generator, it will generate your

Zava 106 Dec 20, 2022
DNS-based Host Blocker (and lightweight ad blocker) for Android

DNS-Based Host Blocking for Android This is a DNS-based host blocker for Android. In the default configuration, several widely-respected host files ar

Julian Andres Klode 1.9k Jan 8, 2023
ArchGuard Scanner for scan Git change history, scan source code by Chapi for Java, TypeScript, Kotlin, Go..、Java bytecode use for JVM languages, scan Jacoco test coverage.

Arch Scanner Requirements: JDK 12 Scanner: scan_git - Git commit history scan scan_jacoco - Jacoco scan scan_bytecode - for JVM languages known issues

ArchGuard 27 Jul 28, 2022
A lightweight tracking framework based on the tracking idea of Buzzvideo.(基于西瓜视频的责任链埋点思路实现的轻量级埋点框架)

Tracker English | 中文 Tracker is a lightweight tracking framework based on the tracking idea of Buzzvideo. Tracking idea Why use chain of responsibilit

DylanCai 76 Dec 22, 2022
Wandroid project based on Kotlin + JetPack + concurrent implementation of MVVM architecture for playing Android App

Wandroid project based on Kotlin + JetPack + concurrent implementation of MVVM architecture for playing Android App

null 32 Feb 13, 2022
Episodie is a TV show time tracker app with unusual design written in kotlin and clean architecture approach. Get to know how much time you spent watching tv shows.

Episodie Episodie is a TV show time tracker app with unusual design. Get to know how much time you spent watching tv shows. Track easily overall progr

Przemek 126 Dec 7, 2022
A modular and portable open source XMPP client library written in Java for Android and Java (SE) VMs

Smack About Smack is an open-source, highly modular, easy to use, XMPP client library written in Java for Java SE compatible JVMs and Android. Being a

Ignite Realtime 2.3k Dec 28, 2022
A modular and portable open source XMPP client library written in Java for Android and Java (SE) VMs

Smack About Smack is an open-source, highly modular, easy to use, XMPP client library written in Java for Java SE compatible JVMs and Android. Being a

Ignite Realtime 2.3k Dec 21, 2021
Implementation of Instagram with Material Design (originally based on Emmanuel Pacamalan's concept)

InstaMaterial Updated Current source code contains UI elements from Design Support Library. If you still want to see how custom implementations of e.g

Mirosław Stanek 5k Dec 27, 2022
🚧 A fully open-source project for creating and maintaining a Kotlin-based Minecraft: Java Edition server.

Hexalite: Java Edition ⚠️ WARNING: The Hexalite Network is a work in progress. It is not yet ready for production. You may encounter bugs and other is

Hexalite Studios 38 Nov 28, 2022
🚧 A fully open-source project for creating and maintaining a Kotlin-based Minecraft: Java Edition server.

Hexalite: Java Edition ⚠️ WARNING: The Hexalite Network is a work in progress. It is not yet ready for production. You may encounter bugs and other is

Hexalite Network 38 Nov 28, 2022
⌨️ A tool that gives you a massive head start when building Compose based apps. It saves you from time-consuming setup and configuration

⌨️ A tool that gives you a massive head start when building Compose based apps. It saves you from time-consuming setup and configuration

theapache64 467 Dec 23, 2022
Real time gps location based alarming system tracking the road accident and providing medical assitance plus concern from near by police station.

Real time gps location based alarming system tracking the road accident and providing medical assitance plus concern from near by police station.

Sandeep Verma 1 Mar 12, 2022