Master branch and v2.0.0 tag produce different totp tokens
conorgil opened this issue · 3 comments
conorgil commented
I have been banging my head on this for a while and need someone to either tell me what silly thing I'm doing wrong, or help me figure out why the master branch is broken:
package.json
{
"dependencies": {
"speakeasy_v200": "https://github.com/speakeasyjs/speakeasy#4e0aa91dee166306e07ea11e371d5a5df95f4391",
"speakeasy_master": "https://github.com/speakeasyjs/speakeasy#cb58351b7eb829719dbee2df2ede53d97721e"
}
}
main.js
let speakeasy_v200 = require('speakeasy_v200');
let speakeasy_master = require('speakeasy_master');
let secret = 'xhwb2ilzt5gqyxrz';
// The v2.0.0 branch produces a code which
// DOES match that produced by
// Google Authenticator, FreeOTP, etc
let token_v200 = speakeasy_v200.totp({
secret: secret,
encoding: 'base32'
});
console.log('v2.0.0 = %s', token_v200);
// The master branch produces a code which
// DOES NOT match anything...
let token_master = speakeasy_master.totp({
secret: secret,
encoding: 'base32'
});
console.log('master = %s', token_master);
if(token_v200 !== token_master) {
console.log('WAT?!?!?!?!');
}
Now, install and run:
$> yarn install
...
$> node main.js
v2.0.0 = 922665
master = 616379
WAT?!?!?!?!
Any thoughts, comments, hints, suggestions, second set of eyes, etc, etc are seriously appreciated. Thanks!
conorgil commented
Any thoughts/comments from the maintainers?
SimonSchick commented
There are a LOT of changes between master and 2.0.0 and there hasn't been a release in a while, the API probably changed.
tommilligan commented
The base32 secret shown in your example is not a multiple of 8 in length - therefore this bug may be cased by #135