Error scanning QR code #1

flyinliamryan · 2024-01-05T17:07:29Z

Hi Jako,

I tested TwoFactorX out on a dev site. Scanning the QR code with both Google and Microsoft Authenticator generates errors. This occurs during the courtesy login process and also within the user profile section.

Google - "Error - Cannot interpret QR code"
Microsoft - "QR code is invalid."

Keying the secret manually works fine.

flyinliamryan · 2024-01-08T10:32:38Z

📍 File: GoogleAuthenticator.php

The method getUri incorrectly applies URL encoding to the entire URI for generating QR codes. This results in the Authenticator failing to interpret the QR code correctly, as the otpauth://totp/ part should not be URL-encoded.

Current Implementation:

public function getUri($accountname, $secret, $issuer)
{
    return urlencode('otpauth://totp/' . $accountname . '?secret=' . $secret . '&issuer=' . $issuer);
}

Issue:
The urlencode function should not be applied to the entire string. Instead, it should only encode the accountname and issuer parts to handle special characters.

Proposed Solution:

public function getUri($accountname, $secret, $issuer)
{
    $encodedAccountName = urlencode($accountname);
    $encodedIssuer = urlencode($issuer);
    return 'otpauth://totp/' . $encodedAccountName . '?secret=' . $secret . '&issuer=' . $encodedIssuer;
}

DESIGNfromWITHIN · 2024-02-16T09:34:20Z

I also get this issue, see a blank field where the QR code should be on setup.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Error scanning QR code #1

Error scanning QR code #1

flyinliamryan commented Jan 5, 2024

flyinliamryan commented Jan 8, 2024

DESIGNfromWITHIN commented Feb 16, 2024

Error scanning QR code #1

Error scanning QR code #1

Comments

flyinliamryan commented Jan 5, 2024

flyinliamryan commented Jan 8, 2024

DESIGNfromWITHIN commented Feb 16, 2024