inz.fi

exporting-tokens-from-freeotp.md (1431B)

---

 # Exporting tokens from FreeOTP
 
 After using FreeOTP on a single device for a while, I came to the conclusion that it would be safer to store the tokens on multiple devices, in case one is out of battery or out-of-arms-reach.
 
 I didn't find any option from the UI to do it, so I checked the data over adb, and as the tokens were stored as JSON-in-XML, I whipped up a quick perl script to convert the data to a list of otpauth:// URIs.
 
 	#!/usr/bin/perl -w
 	
 	use XML::LibXML;
 	use JSON;
 	use MIME::Base32;
 	use URI::Encode qw/uri_encode/;
 	
 	my $p = XML::LibXML->new();
 	my $d = $p->load_xml(string => join '', <<>>);
 	my $j = JSON->new();
 	
 	for ($d->findnodes('/map/string')) {
 		my $l = $_->findvalue('@name');
 		next if $l eq 'tokenOrder';
 		my $d = $j->decode($_->findvalue('.'));
 		$d->{secret} = encode_base32(join('', map {
 			chr(($_ + 256) % 256)
 		} @{$d->{'secret'}}));
 		print "otpauth://" . lc($d->{'type'}) . "/" .
 			uri_encode($l) . "?" .
 			join("&", map { $_ . "=" . uri_encode($d->{$_}) } keys %$d) .
 			"\n";
 	}
 
 The output of which can be then be fed to qrencode or similar to get tokens added to another device.
 
 I used:
 <pre>adb shell su -c 'cat /data/data/org.fedorahosted.freeotp/shared_prefs/tokens.xml''./otp.pl'while read u; do qrencode -o - $u ' display -; done</pre>
 to view the codes one-by-one. (Note: this method needs rooted device, it may be possible to do it without, but didn't look for one).