QR code images are broken

[markdboyd]

QR code images are no longer rendering during the login flow:

It looks like the cause of the issue is that the google charts API being used to render the QR codes is deprecated: https://groups.google.com/g/google-visualization-api/c/J-V7alUJVVc

We are using this TOTP plugin for Shibboleth: https://github.com/cloud-gov/Shibboleth-IdP3-TOTP-Auth, which is a fork of unmaintained software: https://github.com/korteke/Shibboleth-IdP3-TOTP-Auth

The original integration of the TOTP plugin can be useful for reference: https://github.com/cloud-gov/shibboleth-boshrelease/pull/13/files

Research

It seems like Shibboleth might have a default TOTP plugin now: https://shibboleth.atlassian.net/wiki/spaces/IDPPLUGINS/pages/1376878877/TOTP

To do

• [x] Update https://github.com/cloud-gov/Shibboleth-IdP3-TOTP-Auth to use a newer plugin for generating QR code images
• [x] Deploy changes to dev and verify that TOTP registration works
• [x] Deploy to stage and re-test
• [x] Deploy to prod and re-test

[markdboyd]

TOTP registration of new devices is working and the images are displaying properly, but login for users with existing TOTP seems to be failing

[markdboyd]

This is deployed to production and login with existing and new TOTP devices is working