Bump christian-riesen/otp from 1.4.3 to 2.6.2

[dependabot]

Bumps christian-riesen/otp from 1.4.3 to 2.6.2.

Release notes

Sourced from christian-riesen/otp's releases.

Enable more algos

You can now also use more algorithms that are part of the RFC specs.

Thanks to @fkooman for the PR!

Make code 2038 safe

On a 64 bit PHP with a high enough PHP version this code is now 2038 safe.

Thanks to @fkooman for the contribution!

Urlencode labels

Labels are now urlencoded which should return a correct url for external use with QR codes (google authenticator etc)

Thank you @steffenweber for the contribution!

Constant time compare and dependencies upgrade

Thanks to @fkooman for widening the scope of which PHP unit versions this works with in development and for replacing the constant time compare with a more general solution (which also should perform better, if you don't need the polyfill).

Better random compatibility and constant time encoding

Thanks to @fkooman for the merge request!

Add time drift

For those who have issues with time drift, you can now set an offset on the Otp class to compensate, in case your hoster doesn't keep it's server time properly in check.

Thanks to @mithodin for the pull request.

Add image option to google authenticator

Thanks to @SamuelDauzon for the idea.

Added Resync helper for counter based hotp

The counter based otp now has a resync function that allows you to specify a "counterwindow", similar to what the drift does on timer based ones, except only forward. So if your otp is out of sync, you can match one with this function, which then returns the counter it matched on for you to save the new value (or returns false if it doesn't match).

Thanks to @therealssj for the pull request!

generateRecoveryCodes

Added generateRecoveryCodes for easy generation of recovery codes for your users to GoogleAuthenticator helper class.

Also added several cleanups and forcing PHP 5.4 from now on.

Thanks to @therealssj for the suggestion!

Commits

• 67d3351 Merge pull request #33 from fkooman/fix-hash-algos
• 7304237 Merge pull request #32 from fkooman/fix-random-compat-version
• b23bfe5 fix README
• ab7a8e4 fix sha256 and sha512
• 2efb8dc require >=1 of paragonie/random_compat
• f38926c Merge pull request #30 from fkooman/64b
• c5ae257 Merge pull request #31 from fkooman/travis-targets
• 19acbe5 add PHP 7.1 and 7.2 as TravisCI targets
• 96cb420 fix 2038 support on 64 bit PHP >= 5.6.3
• 9b31f02 Merge pull request #29 from steffenweber/patch-1
• Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

[dependabot]

Dependabot tried to add @fguillot as a reviewer to this PR, but received the following error from GitHub:

POST https://api.github.com/repos/rafacamargo123/kanboard/pulls/3/requested_reviewers: 422 - Reviews may only be requested from collaborators. One or more of the users or teams you specified is not a collaborator of the rafacamargo123/kanboard repository. // See: https://developer.github.com/v3/pulls/review_requests/#create-a-review-request

[dependabot]

A newer version of christian-riesen/otp exists, but since this PR has been edited by someone other than Dependabot I haven't updated it. You'll get a PR for the updated version as normal once this PR is merged.