I am trying to replicate the functionality of Authy/Google Authenticator for a private application. What algorithm should I use to get the 6 or 8 digit 2fa-code from a known secret? Is there an open-source package for this?
These are generated using the Time-Based One-Time Password (TOTP) Algorithm. RFC at https://datatracker.ietf.org/doc/html/rfc6238. There are many packages available for this depending on your preferred programming language. (You can search for TOTP <your language> on google to find packages that do this)
Once you have the key, the OTP can be generated based on the current time.