RangeException Base32::doDecode() only expects characters in the correct base32 alphabet

Question

RangeException Base32::doDecode() only expects characters in the correct base32 alphabet

Closed this issue 3 years ago · 5 comments

JohnMerrick commented 3 years ago

I have started to get the error:

RangeException
Base32::doDecode() only expects characters in the correct base32 alphabet

after entering the 2FA code and clicking the confirm code button.

Has been working fine, so no idea why its suddenly stopped working

Answer 1 · 2021-07-22T06:08:15.000Z

How I can reproduce this?

Answer 2 · 2021-09-03T08:01:27.000Z

It's the introduction of the Base32 encoded storage that made the service break. You have to delete the 2FA records and recreate the secrets to be able to use the 2FA again.

Best thing would be to store the secrets in Base32 if they aren't in that format.

Answer 3 · 2021-09-04T06:03:19.000Z

If I find the bug, I will re-open this again.

Answer 4 · 2021-09-06T07:08:21.000Z

In a new installation it works, but if you have codes from before the change the service breaks.

In the old version the shared_secret was something like: "�Py�ˑN䀀", where it now expects: "DFIHSEGLSFHKJ"

For my installation, where there was only 1 account using 2fa it wasn't a real issue, but if you have a lot of accounts it could me more annoying.

At least for others who might encounter this issue, they now know what's the cause.

Answer 5 · 2021-09-06T13:19:21.000Z

That was because version 3.0 changed the column table definition from binary to string, thus breaking change. It was something I didn't document, but was evident from the migration.

I'll have more care when dealing with migrations between versions, like the upcoming 4.0 this Thursday.