From 85515c952869cca8bb43e7ad9ad7c2210a84f521 Mon Sep 17 00:00:00 2001
From: CPTN Cosmo <cptncosmo@gmail.com>
Date: Fri, 9 Jan 2026 22:54:55 +0100
Subject: [PATCH] Initial commit

---
 .gitignore                          |   1 +
 README.md                           |  37 +++++++++
 __pycache__/wrapper.cpython-313.pyc | Bin 0 -> 6012 bytes
 config.example.json                 |   4 +
 wrapper.py                          | 118 ++++++++++++++++++++++++++++
 5 files changed, 160 insertions(+)
 create mode 100644 .gitignore
 create mode 100644 README.md
 create mode 100644 __pycache__/wrapper.cpython-313.pyc
 create mode 100644 config.example.json
 create mode 100755 wrapper.py

diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..0cffcb3
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1 @@
+config.json
\ No newline at end of file
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..b09926e
--- /dev/null
+++ b/README.md
@@ -0,0 +1,37 @@
+# XIVLauncher OTP Wrapper
+
+This is a simple wrapper script for Linux that launches `xivlauncher-core` and automatically injects your One-Time Password (OTP) when the launcher requests it.
+
+## Setup
+
+1.  **Configure:**
+    Copy the example config and edit it with your details.
+    ```bash
+    cp config.example.json config.json
+    nano config.json
+    ```
+    *   `secret`: Enter your TOTP secret key (in Base32 format, usually provided when you set up your authenticator app).
+    *   `launcher_cmd`: The command to launch XIVLauncher (default: `xivlauncher-core`).
+
+2.  **Make Executable:**
+    Ensure the script is executable:
+    ```bash
+    chmod +x wrapper.py
+    ```
+
+3.  **XIVLauncher Settings:**
+    Ensure that "Enable XL Authenticator app/OTP macro support" is enabled in XIVLauncher settings.
+
+## Usage
+
+Simply run the wrapper instead of the launcher:
+
+```bash
+./wrapper.py
+```
+
+The script will:
+1.  Launch XIVLauncher.
+2.  Wait for the launcher to start its local HTTP server (port 4646).
+3.  Generate the current OTP code.
+4.  Send it to the launcher automatically.
diff --git a/__pycache__/wrapper.cpython-313.pyc b/__pycache__/wrapper.cpython-313.pyc
new file mode 100644
index 0000000000000000000000000000000000000000..c4a8e99ac36658eef2a28d7542a279fe04e5f477
GIT binary patch
literal 6012
zcmbVQT~Hg>6~3$8l~(@}2=kKwi;WGkL4-fY;Mk6h!C)uY(IWqZq?)y~fMT(dcbCLg
zGcA*uPQlF-oJ<CFCexB8(~y}y_@NJZY~!T)d6FV|plc@MPTbD;jmC7GNgmR3S6XRJ
zXfo{u-M>BeoO92;`<-+4zSC(#P=5OoAM0=<^d%nX#Z>Ive+@csAP#ZFDI^tILL#)W
zNiu0IDUn)BNtD*ol38ml#g>s6ZETgST5FSRT5Ff=TI-M;oT&~;PL71y#ZgeZpYw2Z
z|9OOX2BGKNJ5g^@Ar?&%lZ4-V506J9L~$B77Wk3yyU&95Z=ePgLP6tmOap}@I8$$N
ze?d&YrRb7Gf+IO<oYo(Qh~6SMj%qg})DG4w_JBq-jl*1_1VQJmWhXjc(GHV350M<#
ztdHq}j;+)P?L-_s4yRHm;~u>iEcNsmOsnh6ncMAU8Tu|oYP>?H4*K+7xdq*N#&_uB
zV2$1@x4lI>1s^HT={;SxNQY?7g3ZM-?O-X<Y}nzWI(4~)9a_(y4VgI`whM)HZ8^Kf
z!-08lPHbt7v&)T|Q4<<(&^cHT51NXW@g{wSbB8Q0)NRsj%%Vobc|^-m%cQ5!P7o95
z5ZQ<(2){SA=Y${%60Zm{%d=yr$Ih^kL{wlWq{K9<ObM(kL?l58s06Dbl{j<{pK8i<
z_?dfHg?p8_!UqIXBljriNcd94zWeUGpU0j&=0+;{*#2m$dQg%Q5<6KC6%!{lN&W1o
z->X_AAsOc*f=bUMlY*p@aY0ng7kOFO-=kVDc6UVutdVM#6=^1-s8o`VTvExH2wf#M
zEvVGgG#^n(QFuwUO!4wmJa$o~<SD*WHAiEUf~=_K8Btqg9lR0|l1eNgs&rBU4t@sM
zY8zA?g*F_C3%saWl6*7@daC3l;i^hb%abZGr4k915M*otwpdi#OA?RO4kWLtu1P@&
zD+whD)g?icT7VGSM*bI6vuJ~I(Y`y?^-Djy{<G!CN>{Eruv*=dt?tQH@1Jw5RaB*$
z-i$1_<r+F}G-VsQvvu7!E@x{GWGnjSEbA`cs;l91S3~;cY-4ZEwSSJ>G$VJ_!li4M
z(#`LX?;L-3<o6?QpSrO#+uW053l!@P&%*Gv;YIGvmwxy1Z(hzh+EyLiSx0xy(K|=1
zIh=DB=LZ*$&7Yhj)}56L&tH2!-LvdnerEadTikL@&bfD`GwW=>Vaq!E-=EAn24PJ_
z<>J6%b%v?^dfo23k4&_0opEM7Ei1&boN?{TGi~ec%5OJlc<_yk-=J3pS_k%_oBM3X
zo#f44*KvmYkfEXf5M*J<&>-s%8f0;VNQ@Uj1}?whB99jV3&5h(gSEv{1^|Ge((@mt
z44E_lBl`gw_!Wc<KxY7{5ZPLk5e1Mk=th-avPrrD{V@0i0hG3u5aB{062GpTnX~kn
zOh}|c)OJwFF`6T&eMr6)ujOprWLb{}fK2?S0|~ea&}{3R!9Lpn9e|R#%+WwwvTAuB
zWvf4AOQ3uj+p~O*jxxtdx(T(Rl1+hT!h~Upg}>3!0yF{0m0gLeEKl!k=K{(AKVAa(
z9ugoDZWrc1`f?fIi@-@6G_;54?*S(*(nsmhG^e!&;B=<?jw*^Uom6C2NdQWUQ4KCJ
zfWjCfXFL(%<Lvp7vrq9eVq{8?fJ%B1pd!^gr6|e%j*iZ*#{-YSUuS>M{+|6E6BAcr
zFUE_+9jVrHd`!VuIRVgVWCQ&92nI41qy++jSQ}U{RX@bX;sR)q&~aA4&tVK$6d1h+
zH0V7-wP4Il%qaIhfpN;og$4!&Ij&zLO;zEID42yoUQ?>}xNvc1vY#DDh@ud|_{j<w
z(EHg``xvl`vcQmq2x?n(u@XseCrKsXcS`jjR;t1khDU&ADUJafyujrdjMWyHNF=cf
zkQH8;kyTm~r81%5Q<@i1ca+r#3KKK35G~C6jPtUfXtNUbxhgHk1tIA-OW0|t42TG0
z2cz0Rh6I?6-3ST5tum4zClewZ)NY`Z@eM2>y|hPLiO)F<gi=2Yn=r|vVAol6$K5+S
zyiQp&ww^rI3(#D#W2yGF+SebMJ-KdkE%>kbf3+`d%i4A>b2(e<y6e&O*_^9+j{L%1
zvF`9@DmwFyt~E!+2Ia7J-}P26HC%64^|oZaEh`6B_TJ!b3}#yU|9muqr-nXhU8{U#
z>B#jX%aL5Af8AG`etKosN>wH>kf}SK_YL0h)jhDHiW5Y}JG55me?a2?W(~4B7i`yT
zi=D4JH~q-&en_cXw${xyMB6g9zFSoPgL=H=mUrmeO&bDj9M>JIp50l`?tIIk{1GnW
z9s}&RdjIb5th;M)xBD(^!q>jSuW+!JRYzCW(S_ZBwfh_S7+C2q4Lgrh=mXR=&`o~O
z#NhruT;J@r9VaX|50TLSkkD$%Kj<Mp?6BhcfNRiBeq^Vi9|10<QgRqm5G1{U#!C;j
z1N$Hjq_&hFS%G8dEoGe1Cv+IoTk*%_ZwLDjf9n7Z&Q52&ty>E^OOH#Paui+y(GCFH
zQl!k8uwyaCfQDxVXJLq_OR;fD2#&rD4i4NKer>f9BFYX1T$ZT}tJ}rRJ5i|Q#6_GX
z!Joc+7M&x57!$S>jw#uf3T;ne<!m|^h>a=T5<J|F5XIRwcL}ekVdn-H^uO%fz`?oI
zMSxXGv3QW(vI!W%-s#}3@6YS`LTQ)gaf~op3F=$XC!pPl#`o&O5Y<C)o<5Uk;k+SB
zyp*$qEJ3&hTZ=A<g<SBQIoP@NIb=%3DHi>hRYK+<2EHvt-vfjifQkRrvH!c|*h?A*
z>$b3hAvk6~cGm{0oAGVtEXFYB$22wG+(vYQ812z>9tbR&b*Uf=Z2gcd7d~Om{r}4v
z{f9wPmqF6ATO?JK?FQ$fAA-IBT73$i99VvvljABmUmu}`HeVRC!r*=bn_?ICT7@+L
zPJQ2hT9(xaffCrutnWf^{Z*qWdn6%F#3lnT$O$o32mTfY>;!}zte8+BPMLuyh*uyi
zIB^EjC|Q79GI<p$ZIN(=pH9XFZ7~ip47^w#76P9*8xz^9i5VO!X=$efR{_#aDdp0<
zIh*7q8HYqEcYqxcU*zMlD0`ASJsK!@c84B4g(K6^l*bTGwMP<?pjKZv9SVkz9pwhQ
zyTaVyKyYv@JUkd2Om%7O`%63_;+l@hny8k7DlJ$wgUW%Fy%5)dI<R3+k-<P>dKz!0
zCFN@|7zNgzIXX5R@S9XKgdC74suVQxSjuPPlteO#H>IbNfxtcNvn2e&`x{hKLdHq2
zGNoFgF-hbhR)H{uk84v*IE?Kd4y)7)i5Nsp!j+h;$Xb}ClJZqp3Ns*0i>WAla4Ho~
z@KM!`?RH$ttu@_M5^H6XXD&jp77=8Kyv}HgXgL`N4&EV<Gn!C_@F^EoSd}SIM9Y)S
zV_H{>iy-gjg=w5*YvGkj;mA<+o)WHJOz={4L{tPxnn^0E6*|)~5k5YsE*wWf6ghY$
z8Iy#lN?n56pxWTm!;B>2{2x+vn;em1NhJ(cP>VM)tQmorP|by-DO>{*P9IDL+fdyx
z@dXH36H>UK>qFUlA*iFK`IsmPVC*O1C)1F+%%Z#A%BAY-)k}@n8{esTxB9K>)uzsD
zQ|F&rb4>?x-X|cetMDzgTyI%wyWW;gtsKf#^v#~SYj-X@KL7Z_;rYYqeXI68S^FL>
zKi<1?aHT!tI*@1j@Yr=O&zxUp><i2_X3_hqeS@MQk#>3)_od~$bJz0a^{U#X3$I;B
zUw-|$xgm((T+JH}<nk>%JO6B&$vK;5ht_PKg}w887k`r3{dmrHV0Pf2cJJcZOyhxE
z)d5Y!u{<+i5OJ5X&Yen=i!&KpeV%IApe(d+lR=)kRd?g(?#5;EUF%!cx9vH1+Z?s&
zK-KK(jy<36*z?D!_b1-Jklk@&_VikP)9mRyRkub}u2QvGsy0tOvO!ttnmdeR!8&h!
z)xKGQXy%v0uME$PErjR8x2XCD&k&&dE$6Op@7mp~_QtHeQU7SL=t}=IJ-u=y<2smU
zo+xR$VAnn#e7o6<9Q8VF#=|aGF4LLaeHmAOo;g^e{<ThBqfwjb8g1{p^UR(#(8@LM
z$}=?^Cem872A@Jk=10=}+(^#Be!cFlU3Ir+-L3Z#QF^#=YVOnq3FB`z?7-?9IS$w1
zgI>pp8g!GWK4Bqm)-cfj2sIDapug_$j5yK97Tbv`%g0_4=0C2|>YBdcD)JK_f$N%%
z5gYlbmB6)g_sLH3({A@k%Jdo4e6pSXtd)S7&)NvwZ>ONI!pn^BVmR#gN+Td#dJ0#7
z+DJNst1+llS0Q5x6cZ*1e>YSe#YuRv5|V`dtAsz1N;s;MaE348FkDNyv{zKS?pPj%
zlW_PwbRQn0Vv_U3bRs$v7Y<9<00jKxr=bGV5X6_rb{pBXfA4MNxs9rBqe^Y)yp7=B
tbsJf~qCAA}tLA#*;8%yciH40A2t+yNQaQ5rZxr*3p$!sIb<!o^_#Z=;%xnMv

literal 0
HcmV?d00001

diff --git a/config.example.json b/config.example.json
new file mode 100644
index 0000000..7157883
--- /dev/null
+++ b/config.example.json
@@ -0,0 +1,4 @@
+{
+    "secret": "YOUR_BASE32_SECRET_HERE",
+    "launcher_cmd": "xivlauncher-core"
+}
\ No newline at end of file
diff --git a/wrapper.py b/wrapper.py
new file mode 100755
index 0000000..4087f20
--- /dev/null
+++ b/wrapper.py
@@ -0,0 +1,118 @@
+#!/usr/bin/env python3
+import sys
+import json
+import time
+import subprocess
+import threading
+import urllib.request
+import urllib.error
+import hmac
+import base64
+import struct
+import hashlib
+import os
+
+def get_totp_token(secret):
+    """Generates a TOTP code from the secret."""
+    try:
+        # Pad the secret if needed for base32 decoding
+        secret_clean = secret.replace(" ", "").upper()
+        padding = '=' * ((8 - len(secret_clean) % 8) % 8)
+        key = base64.b32decode(secret_clean + padding)
+        
+        # Time step is 30 seconds
+        msg = struct.pack(">Q", int(time.time() / 30))
+        h = hmac.new(key, msg, hashlib.sha1).digest()
+        o = h[19] & 15
+        h = (struct.unpack(">I", h[o:o+4])[0] & 0x7fffffff) % 1000000
+        return f"{h:06d}"
+    except Exception as e:
+        print(f"Error generating TOTP: {e}")
+        return None
+
+def send_otp(secret):
+    """Attempts to send the OTP to the local XIVLauncher server."""
+    url_base = "http://127.0.0.1:4646/ffxivlauncher/"
+    print("Waiting for XIVLauncher to accept OTP...")
+    
+    # Try for up to 5 minutes (300 seconds) - launcher might take time to load
+    start_time = time.time()
+    while time.time() - start_time < 300:
+        otp = get_totp_token(secret)
+        if not otp:
+            print("Failed to generate OTP token.")
+            return
+
+        try:
+            # Short timeout so we don't block
+            with urllib.request.urlopen(f"{url_base}{otp}", timeout=1) as response:
+                if response.status == 200:
+                    print(f"SUCCESS: OTP {otp} sent to XIVLauncher!")
+                    # We can stop trying once successful
+                    return
+        except (urllib.error.URLError, ConnectionRefusedError, ConnectionResetError):
+            # Server not up or not accepting connections yet
+            pass
+        except Exception as e:
+            # Some other error (e.g. malformed URL if secret is bad?)
+            print(f"Debug: Connection error: {e}")
+        
+        time.sleep(1)
+    
+    print("Timed out waiting for XIVLauncher OTP prompt.")
+
+def main():
+    # Determine config path (look in script directory)
+    script_dir = os.path.dirname(os.path.realpath(__file__))
+    config_path = os.path.join(script_dir, "config.json")
+    
+    if not os.path.exists(config_path):
+        print(f"Config file not found at: {config_path}")
+        print("Please copy config.example.json to config.json and fill in your secret.")
+        sys.exit(1)
+        
+    try:
+        with open(config_path, 'r') as f:
+            config = json.load(f)
+    except json.JSONDecodeError:
+        print(f"Error parsing {config_path}. Invalid JSON.")
+        sys.exit(1)
+        
+    secret = config.get("secret")
+    cmd = config.get("launcher_cmd", "xivlauncher-core")
+    
+    if not secret or secret == "YOUR_BASE32_SECRET_HERE":
+        print("Error: Invalid or missing 'secret' in config.json.")
+        sys.exit(1)
+
+    print(f"Launching: {cmd}")
+    
+    try:
+        # Launch the process
+        # If the user provided arguments to this script, we could pass them through?
+        # But for now, just launch the command from config
+        proc = subprocess.Popen(cmd.split())
+    except FileNotFoundError:
+        print(f"Error: Command '{cmd}' not found in PATH.")
+        sys.exit(1)
+
+    # Start the OTP injector in a background thread
+    injector_thread = threading.Thread(target=send_otp, args=(secret,))
+    injector_thread.daemon = True
+    injector_thread.start()
+    
+    try:
+        # Wait for the launcher to exit
+        proc.wait()
+    except KeyboardInterrupt:
+        print("\nStopping wrapper...")
+        proc.terminate()
+        try:
+            proc.wait(timeout=5)
+        except subprocess.TimeoutExpired:
+            proc.kill()
+            
+    sys.exit(proc.returncode)
+
+if __name__ == "__main__":
+    main()