Available in all subroutines.
Returns a time-based, one-time password. The password is a SHA-256 hash based
upon the current time. The
key parameter is a Base64-encoded key. The
interval parameter specifies the lifetime of the token and must be
offset parameter provides a means for mitigating clock skew.
Base64 decoding behaves as if by a call to
See that function for handling invalid characters and the behavior of padding.
digest.base64_decode, the decoded output is used directly
(rather than constructing a VCL STRING type), and so binary content
is permitted, including possible NUL bytes.
set req.http.X-OTP-CurBucket = digest.time_hmac_sha256(digest.base64("secret"), 60, 0);set req.http.X-OTP-PrevBucket = digest.time_hmac_sha256(digest.base64("secret"), 60, -1);set req.http.X-OTP-NextBucket = digest.time_hmac_sha256(digest.base64("secret"), 60, 1);
User contributed notes
We welcome comments that add use cases, ideas, tips, and caveats. All comments will be moderated before publication. To post support questions, visit our support center and we'll find you the help you need.