Unable to generate same TOTP as NodeJS TOTP libraries

[pt-rick]

Using OTP 3.0.1

  // secret = 'HBRGMMJWMQ3GKOLFHE2DOZRTHA2TSNBRGI2TGZRVMQ2TCZRXG5TDQNTEGBRDSZJT'
  var topt = OTP.generateTOTPCodeString(secret, DateTime.now().millisecondsSinceEpoch, algorithm: Algorithm.SHA1);

 684917

The TOTP is generated and immediately posted to the NodeJS server which takes the same secret and issues a call to a TOTP library (I tried these two libraries). Their TOTP outputs differ from the one generated by dart-otp. I did a time check on both server and app and the timestamps are within the same 30 second time period. Also tried the different algorithms (SHA256, SHA512) and DateTime.now().millisecond

NodeJS

 // otplib 12.0.1 - defaults, SHA1, 30 sec interval
 // https://www.npmjs.com/package/otplib
 // secret = 'HBRGMMJWMQ3GKOLFHE2DOZRTHA2TSNBRGI2TGZRVMQ2TCZRXG5TDQNTEGBRDSZJT'
 otplib.totp.generate(secret);

 391142

 // notp 2.0.3 - default algorithm unspecified but believe it is SHA1, 30 sec interval
 // https://www.npmjs.com/package/notp
 // secret = 'HBRGMMJWMQ3GKOLFHE2DOZRTHA2TSNBRGI2TGZRVMQ2TCZRXG5TDQNTEGBRDSZJT'
 notp.totp.gen(secret));

 391142

Note: the secret is just an example. It's a randomly generated 20 byte string in hex, text encoded (RFC4648) and then base32 encoded

[daegalus]

Try setting IsGoogle to true. What Google does is not to RFC spec but many libraries default to it. That might fix it.

Edit: nvm, i tested it locally, still dont match. Ill do some digging and find out. I vaguely remember hitting and fixing a similar issue in the past, but need to figure out if its a regression or something new.

[daegalus]

Found the problem, thank you for spotting it! The fix should be available in 3.1.0, you should be able to use the original function you had an it should match notp and otplib. Please let me know if you still have issues.

[pt-rick]

Indeed it is now producing the correct TOTP. Thanks for chasing it down and so promptly!