Some authenticator apps say invalid URL

Question

Some authenticator apps say invalid URL

Closed this issue 7 years ago · 2 comments

Sometimes the QR code generated will not validate. 1Password One Time Password does read the QR code but will generate an invalid code every time. Google Authenticator will give an invalid url warning;

We tracked it down to the secret being a base32 hash and thus containing three = at the end of the string. The created otpauth:// will then be invalid for some authenticator apps in some situations.

The fix is to strip out the special characters, thereby generating a valid oauth url everytime.

peterjaap commented 7 years ago

See PR #7

Answer 1 · 2017-06-11T15:06:06.000Z

Thank you for your Merge Request, it fixed this issue.