Comments (3)
Without knowing anything about PBX, this could be an issue with the secret. I would suggest trying to create a code on your phone and on PBX with a secret manually set.
from otp-java.
//edit I might have found the issue i'll keep you posted if it is.
//edit2: Wasn't the solutions, the problem still persists.
Without knowing anything about PBX, this could be an issue with the secret. I would suggest trying to create a code on your phone and on PBX with a secret manually set.
Ok i tried doing everything Harcoded, except for the Code i've to provide from my phone:
@InputVar(label = "Code", description = "", type = VariableType.STRING)
public String Code = "";
StarfaceComponentProvider componentProvider = StarfaceComponentProvider.getInstance();
##########################################################################################
// ################### Code Execution ############################
@Override
public void execute(IRuntimeEnvironment context) throws Exception
{
Logger log = context.getLog();
String Secret = "AABBCCDD";
TOTPGenerator TOTP = new TOTPGenerator.Builder(Secret.getBytes())
.withHOTPGenerator(builder -> {
builder.withPasswordLength(6);
builder.withAlgorithm(HMACAlgorithm.SHA512);
})
.withPeriod(Duration.ofSeconds(30))
.build();
log.debug(TOTP.now() +" <==> " + Code);
log.debug(TOTP.verify(Code));
}// END OF EXECUTION
And the OTP URI i used for my Phone:
otpauth://totp/Test?secret=AABBCCDD&issuer=Test&algorithm=SHA512&digits=6&period=30
And yet the Codes do not match.
[2023-12-11T11:53:22,121] [DEBUG] [] [] [TestTOTP] 756078 <==> 167543
[2023-12-11T11:53:22,122] [DEBUG] [] [] [TestTOTP] false
I'm pretty sure i still have some issues with the Time/TimeZone. but i don't really know how to debug it.
//edit 3:
The issue seems to be with my TOTP url. I did some testing with a my local machine with this code.
public static void main(String[] args)
{
String Secret = "AABBCCDD";
TOTPGenerator TOTP = new TOTPGenerator.Builder(Secret.getBytes())
.withHOTPGenerator(builder -> {
builder.withPasswordLength(6);
builder.withAlgorithm(HMACAlgorithm.SHA512);
})
.withPeriod(Duration.ofSeconds(30))
.build();
SimpleDateFormat SDF = new SimpleDateFormat("dd.MM.yyyy HH:mm:ss");
while(true)
{
System.out.println(SDF.format(Date.from(TOTP.getClock().instant()))+" "+TOTP.now());
try
{
Thread.sleep(1000);
}
catch (InterruptedException e)
{
// TODO Auto-generated catch block
e.printStackTrace();
}
}
}
And i compared them with the TOTP Code my PBX is generating so the issue is actually with the Phone.
It seems my TOTP Url is somewhat wrong, i tried it with both
otpauth://totp/Test?secret=AABBCCDD&issuer=Test&algorithm=SHA512&digits=6&period=30
and
otpauth://totp/Test?secret=AABBCCDD&issuer=Test&algorithm=HmacSHA512&digits=6&period=30
both are accepted by the Microsoft Authenticator, but both generate wrong codes.
I've about 3 Dozen other TOTP Authenticators in my Microsoft Authenticators which are all working fine.
Now i suspect, that i'm doing something wrong with my TOTP Url, but i've to do some more experiments.
from otp-java.
Ok in the end it was very simple.
Microsoft Authenticator doesn't Support SHA512, and will default to SHA1 if an incompatible SHA-Algorithm is presented, which i find is a very stupid way to deal with this...
The issue is resolved.
Sincerely
Fabian95qw
from otp-java.
Related Issues (20)
- TOTPGenerator with ".withPeriod()" using less than a second parameter? HOT 9
- TOTPGenerator .withPeriod() question
- TOTPGenerator.verify return false with valid generated otp HOT 1
- Validation not works properly if timestep was given in hours or days HOT 9
- Android or Desktop? HOT 1
- Can TOPGenerator generate an alphanumeric OTP code? HOT 1
- With the same secret Generates the same OTP code, as long as it does not expire. HOT 4
- Fix 'xstream' dependency vulnerability
- Remaining Seconds? HOT 2
- Does not generate same OTP for same secret and time duration HOT 1
- Difference between Authy and generated code. HOT 1
- How to ensure TOTP is one-time in a distributed system. HOT 5
- Codes not being generated correctly HOT 1
- Issuer is not properly escaped in path segment of URI HOT 2
- Flexability when validating TOTP code. HOT 2
- Documentation Regarding Delay Window for Verification of ToTP HOT 4
- Move Base32 to static field instead create new instance every time to generate code HOT 1
- HMAC SHA 256 for TOTP verification HOT 2
- totp expire time HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from otp-java.