why is hotp not working with the token provided from google authenticator.
SiestaMadokaist opened this issue · comments
Describe the bug
A clear and concise description of what the bug is.
I tried to verify an hotp from my google auth, but it never success.
I generated my qrcode using this website: https://stefansundin.github.io/2fa-qr/
and my otp-uri is:
otpauth://hotp/admin?secret=ABCDEFGHIJKLMNOP&issuer=me&counter=2
;
the otp token I get from google auth is: 281014
but it doesn't get verified
const otpFromGoogleAuth = '281014'
const otplib = require('otplib');
const secret = 'ABCDEFGHIJKLMNOPQ';
const counter = 2;
const token = otplib.hotp.generate(secret, counter);
// >>> 083514
const verified = otplib.hotp.check(otpFromGoogleAuth, secret, counter);
// >>> false
To Reproduce
Steps to reproduce the behavior:
- use google authenticator
- create an hotp with the secret mentioned above
- compare it with the hotp generated from otplib
Expected behavior
token from google auth should be the same with token from otplib.
or at least otplib.verify should return true, given the token from google auth.
Screenshots
If applicable, add screenshots to help explain your problem.
Details (please provide any relevant information):
> otplib.hotp.allOptions()
{
algorithm: 'sha1',
createHmacKey: [Function: hotpCreateHmacKey],
createDigest: [Function: createDigest],
digits: 6,
encoding: 'ascii'
}
- otplib version: 12.0.1
- os: mac osx
- browser: -
- node / yarn: 12.8.0
- frameworks (if any): -
Additional context
Add any other context about the problem here.
did I used an incorrect config or something?
acknowledged.
Is there any specific times or by design the HOTP should not work with Google Authenticator?