Closed davija closed 2 years ago
Hi,
The 15-minute timer does not start when you generate your first code. It is completely dependent on the time you generate a code to know how long it will be valid until the next code is generated.
For each generate method call, a counter is generated from the period with the following code:
System.currentTimeMillis() / period.toMillis();
So, this counter is the same for every 30 seconds (with a period of 30 seconds). This counter with the same secret will always generate the same token. After the 30 second time window is over, the counter will be 1 bigger than the previous. Because it depends on the system time, it is not always the case that when a token generated on 10:00:00 will be invalid after 10:00:30.
Java Version: OpenJDK 15 OS: Ubuntu Linux
For the application I am working with, I need to be able to generate the same code for a 15 minute interval. However, this library seems to only allow a max time of 5 minutes before it changes the code.
Here is the code I am using
The attached image shows the code in execution. Please note that this is the first time this method is executed, so it is not getting a "cached" secret.