feat: add support for Time based OTP

[vigneshshanmugam]

• Part of https://github.com/elastic/synthetics-dev/issues/367
• Add first class MFA support with a prebundled TOTP library otpauth. Its actively maintained and works on all runtimes.
• Synthetics library exposes a mfa.totp function that can be used to generate a One time token during the journey run.

import { journey, step, mfa} from '@elastic/synthetics';

journey('2FA', ({ page }) => {
  step('Login using 2FA', async () => {
    // login using username and pass and go to 2FA in next page
    const token = mfa.totp(params.MFA_SECRET)
    await page.getByPlaceholder("token-input").fill(token)
  });
});

• Users can also configure it for Inline and other Project based journeys by specifying these MFA secrets from params which would allow for generating the token at runtime instead of generating from the UI which would cause authentication issues as journeys would run past the period the token is valid for.

     const token = mfa.totp(params.MFA_SECRET)

[shahzad31]

LGTM !!

Tested with https://otplib.yeojz.dev/

and it seems to work as expected !!

[shahzad31]

LGTM !!

[emilioalvap]

LGTM

[obltmachine]

🎉 This PR is included in version 1.14.0 🎉

The release is available on:

• v1.14.0
• GitHub release

Your semantic-release bot 📦🚀

[maggieghamry]

@vigneshshanmugam @shahzad31 can you please confirm if this release will only be available in 8.16 and if the TOTP support will include support for Speakeasy TOTP?

[kvesthy]

@vigneshshanmugam There is discrepancy about the script below mfa.token

const token = mfa.token(params.MFA_GH_SECRET)

It should be

const token = mfa.totp(params.MFA_GH_SECRET)

Can you please review?

[vigneshshanmugam]

@kvesthy Good catch, Sent out a fix to the docs. Thank you.