ThomasHabets
commented
4 years ago I see you removed a lot of information in your edits.
REQUIRED: The secret parameter is an arbitrary key value encoded in Base32 according to RFC >> 3548.
But Google Authenticator works only if the secret is exactly 48 characters.
What exactly is the problem, here? GA implements SHA-1 only. Why would you expect, or want, a 5 character secret?
For ex. the key "ABCDR", is not accepted with manual insertion or scanning a QR code from inside the app, altough perfectly valid. It is accepted if calling the Key Uri from outside the app or opening the QR Code containing the otp:// link with the camera app or another QR code reader.