TOTP Code always wrong, need help understanding about otp-java HOT 3 CLOSED

Without knowing anything about PBX, this could be an issue with the secret. I would suggest trying to create a code on your phone and on PBX with a secret manually set.

from otp-java.

//edit I might have found the issue i'll keep you posted if it is.
//edit2: Wasn't the solutions, the problem still persists.

Without knowing anything about PBX, this could be an issue with the secret. I would suggest trying to create a code on your phone and on PBX with a secret manually set.

Ok i tried doing everything Harcoded, except for the Code i've to provide from my phone:

@InputVar(label = "Code", description = "", type = VariableType.STRING)
	public String Code = "";
	
	StarfaceComponentProvider componentProvider = StarfaceComponentProvider.getInstance();
##########################################################################################

	// ################### Code Execution ############################
	@Override
	public void execute(IRuntimeEnvironment context) throws Exception
	{
		Logger log = context.getLog();

		String Secret = "AABBCCDD";
				
		TOTPGenerator TOTP = new TOTPGenerator.Builder(Secret.getBytes())
				.withHOTPGenerator(builder -> {
		            builder.withPasswordLength(6);
		            builder.withAlgorithm(HMACAlgorithm.SHA512);
		        })
		        .withPeriod(Duration.ofSeconds(30))
		        .build();
		
		log.debug(TOTP.now() +" <==> " + Code);
		log.debug(TOTP.verify(Code));
		
	}// END OF EXECUTION

And the OTP URI i used for my Phone:

otpauth://totp/Test?secret=AABBCCDD&issuer=Test&algorithm=SHA512&digits=6&period=30

And yet the Codes do not match.

[2023-12-11T11:53:22,121] [DEBUG] [] [] [TestTOTP] 756078 <==> 167543
[2023-12-11T11:53:22,122] [DEBUG] [] [] [TestTOTP] false

I'm pretty sure i still have some issues with the Time/TimeZone. but i don't really know how to debug it.

//edit 3:

The issue seems to be with my TOTP url. I did some testing with a my local machine with this code.
	public static void main(String[] args)
	{

		String Secret = "AABBCCDD";
		
		TOTPGenerator TOTP = new TOTPGenerator.Builder(Secret.getBytes())
				.withHOTPGenerator(builder -> {
		            builder.withPasswordLength(6);
		            builder.withAlgorithm(HMACAlgorithm.SHA512);
		        })
		        .withPeriod(Duration.ofSeconds(30))
		        .build();
		
		SimpleDateFormat SDF = new SimpleDateFormat("dd.MM.yyyy HH:mm:ss");
		while(true)
		{

			System.out.println(SDF.format(Date.from(TOTP.getClock().instant()))+" "+TOTP.now());
			try
			{
				Thread.sleep(1000);
			}
			catch (InterruptedException e)
			{
				// TODO Auto-generated catch block
				e.printStackTrace();
			}
		}

	}

And i compared them with the TOTP Code my PBX is generating so the issue is actually with the Phone.
It seems my TOTP Url is somewhat wrong, i tried it with both

otpauth://totp/Test?secret=AABBCCDD&issuer=Test&algorithm=SHA512&digits=6&period=30
and
otpauth://totp/Test?secret=AABBCCDD&issuer=Test&algorithm=HmacSHA512&digits=6&period=30

both are accepted by the Microsoft Authenticator, but both generate wrong codes.

I've about 3 Dozen other TOTP Authenticators in my Microsoft Authenticators which are all working fine.
Now i suspect, that i'm doing something wrong with my TOTP Url, but i've to do some more experiments.

from otp-java.

Ok in the end it was very simple.

Microsoft Authenticator doesn't Support SHA512, and will default to SHA1 if an incompatible SHA-Algorithm is presented, which i find is a very stupid way to deal with this...

The issue is resolved.

Sincerely
Fabian95qw

from otp-java.