javascriptiosqr-codegoogle-authenticator

Scanning QR Code does not work with Google Autneticator on IOS


I am creating this QR-Code URL:

otpauth://totp/TEST:asfadsf?secret=CBPhavYImNauHrVP9KuoR5eE2fO-b_7s&issuer=TEST&algorithm=SHA-1&digits=6&period=30

If i am scanning this code with the google authenticator on ios, i am getting the message:

"The Code is not a valid authentication token"

Is there anything wrong in my QR code?


Solution

  • I had similar problems and fixed them like the following:

    1. Issuer:

    I don't send the issuer and user separated with a ":" I only add the user name. The issuer information is already provided with &issuer="..."

    2. Secret:

    The secret needs to be a base32 (RFC 3548/4648) string. This basically means generated out of the following chars: "ABCDEDFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz234567"

    Here's a function to generate a random secret as needed:

    generateRandomSecretTFA(length = 32) {
     let randomBytes = itf.generateRandomBytes(length); // function from node.js crypto module generating random bytes
     let rfc3548chars = 'ABCDEFGHIJKLMNOPQRSTUVWXTZabcdefghijklmnopqrstuvwxyz234567';
     let secret = '';
     for (let i = 0, l = randomBytes.length; i < l; i++) {
      secret += rfc3548chars[Math.floor(randomBytes[i] / 255.0 * (rfc3548chars.length - 1))];
     }
     return secret;
    },
    

    3. Algorithm:

    It worked on my side for some time sending it like you did &algorithm=SHA-1 . Then somehow it wont and I had to send it like &algorithm=SHA1. But anyway SHA-1/SHA1 is the default algorithm the Google Authenticator uses so I don't send it anyhow anymore.

    I now generate Google Authenticator readable otpauth's like this one:

    otpauth://totp/test?secret=QePxfLm3PViiJvE2HCRNIsGxmdOJD5KP&issuer=Test&digits=6&period=30
    

    I commented my suggestions to your example:

    otpauth://totp/TEST:asfadsf?secret=CBPhavYImNauHrVP9KuoR5eE2fO-b_7s&issuer=TEST&algorithm=SHA-1&digits=6&period=30
                   \__________/        \______________________________/             \_____________/
                        |                               |                                   +----------> 3.)
                        |                               +----------------------------------------------> 2.)
                        +------------------------------------------------------------------------------> 1.)