Add qr code generator for third party apps.

README.md

@@ -1,8 +1,8 @@
 ## Duo One Time Password Generator
 
-This is a little script I put together after I reverse engineered the Duo 2FA 
-Mobile App and figured out how their auth flow works. This can be ported into 
-probably a useful desktop app or chrome extention and can probably be used to 
+This is a little script I put together after I reverse engineered the Duo 2FA
+Mobile App and figured out how their auth flow works. This can be ported into
+probably a useful desktop app or chrome extention and can probably be used to
 write bots for MIT Services that require auth.
 
 ### Usage
@@ -27,6 +27,12 @@ If everything worked you can then generate a code by running:
 ./duo_gen.py
 ```
 
-Warning: These are HOTP tokens and generate codes increments a counter.  If you 
+Warning: These are HOTP tokens and generate codes increments a counter.  If you
 get too far out of sync with the server it will stop accepting your codes.
 
+```
+./duo_export.py
+```
+
+Export the duo hotp secret as a QR code for inclusion in third-party hotp apps
+like freeotp.

duo_export.py

@@ -0,0 +1,24 @@
+#!/usr/bin/env python3
+
+import pyotp
+import pyqrcode
+import json
+import base64
+import sys
+
+file_json = "response.json"
+
+with open('response.json', "r") as f:
+  response = json.loads(f.read())['response']
+
+with open('duotoken.hotp', "r") as f:
+    counter = int(f.readlines()[1])
+
+label = response['customer_name']
+issuer = 'Duo'
+# base32 encoded hotp secret, with the padding ("=") stripped.
+secret = base64.b32encode(bytes(response['hotp_secret'], 'utf-8')).decode('utf-8').replace('=', '')
+qrdata = 'otpauth://hotp/{label}?secret={secret}&issuer={issuer}&counter={counter}'.format(label=label, secret=secret, issuer=issuer, counter=counter)
+qrcode = pyqrcode.create(qrdata)
+print(qrcode.terminal(quiet_zone=1))
+print(qrdata)

duo_gen.py

@@ -22,4 +22,3 @@ print("Code:", hotp.at(count))
 f.seek(offset)
 f.write(str(count + 1))
 f.close()
-