Unable to decode the secret. Is it correctly base32 encoded?

[FVSoftwareDeveloper]

Bundle version: ^5.13 Symfony version: ^5.4 PHP version: 7.4.6

Description

Any code that I send to the checkcode function returns the message shown below:

Unable to decode the secret. Is it correctly base32 encoded?

I'm attempting to validate code, sending it a wring code to receive invalid code, and handling the exception on my end.

Additional Context

See the configuration reference at https://symfony.com/bundles/SchebTwoFactorBundle/5.x/configuration.html

configurantion file scheb_2fa.yaml

scheb_two_factor: security_tokens:

• Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken

  If you're using guard-based authentication, you have to use this one:

  # - Symfony\Component\Security\Guard\Token\PostAuthenticationGuardToken
  # If you're using authenticator-based security (introduced in Symfony 5.1), you have to use this one:
  # - Symfony\Component\Security\Http\Authenticator\Token\PostAuthenticationToken

  totp: enabled: true window: 30 leeway: 1 email: enabled: true mailer: 'nti.mailer' sender_email: '%env(APP_EMAIL_NO_REPLY)%' sender_name: Unitex CRM # Optional digits: 6 leeway: 1

  If you want to exchange/extend the TwoFactorToken class, which is used by the bundle, you can have a factory

  service providing your own implementation.

  Must implement Scheb\TwoFactorBundle\Security\TwoFactor\AuthenticationContextFactoryInterface

  two_factor_token_factory: acme.custom_two_factor_token_factory

  Google Authenticator config

  google: enabled: true # If Google Authenticator should be enabled, default false server_name: Unitex CRM # Server name used in QR code issuer: NTIDEV # Issuer name used in QR code digits: 6 # Number of digits in authentication code window: 30 # Depends on the version of Spomky-Labs/otphp used: leeway: 1 # Until v10: How many codes before/after the current one would be accepted

  From v11: Acceptable time drift in seconds

Stack trace

RuntimeException: Unable to decode the secret. Is it correctly base32 encoded? in /var/www/html/vendor/spomky-labs/otphp/src/OTP.php:95\nStack trace:\n#0 /var/www/html/vendor/spomky-labs/otphp/src/OTP.php(45): OTPHP\OTP->getDecodedSecret()\n#1 /var/www/html/vendor/spomky-labs/otphp/src/TOTP.php(55): OTPHP\OTP->generateOTP(56865226)\n#2 /var/www/html/vendor/spomky-labs/otphp/src/TOTP.php(84): OTPHP\TOTP->at(1705956780)\n#3 /var/www/html/vendor/spomky-labs/otphp/src/TOTP.php(74): OTPHP\TOTP->verifyOtpWithWindow('461456', 1705956780, 30)\n#4 /var/www/html/vendor/scheb/2fa-google-authenticator/Security/TwoFactor/Provider/Google/GoogleAuthenticator.php(36): OTPHP\TOTP->verify('461456', 1705956780, 30)\n#5 /var/www/html/src/v2/Service/MFA/MFAAuthCodesService.php(153): Scheb\TwoFactorBundle\Security\TwoFactor\Provider\Google\GoogleAuthenticator->checkCode(Object(App\Entity\User\User), '461456')\n#6 /var/www/html/src/v2/Controller/MFA/MFAAuthCodesController.php(135): App\v2\Service\MFA\MFAAuthCodesService->getValidateCode('461456')\n#7 /var/www/html/vendor/symfony/http-kernel/HttpKernel.php(163): App\v2\Controller\MFA\MFAAuthCodesController->getCheckCode(Object(Symfony\Component\HttpFoundation\Request))\n#8 /var/www/html/vendor/symfony/http-kernel/HttpKernel.php(75): Symfony\Component\HttpKernel\HttpKernel->handleRaw(Object(Symfony\Component\HttpFoundation\Request), 1)\n#9 /var/www/html/vendor/symfony/http-kernel/Kernel.php(202): Symfony\Component\HttpKernel\HttpKernel->handle(Object(Symfony\Component\HttpFoundation\Request), 1, true)\n#10 /var/www/html/public/index.php(25): Symfony\Component\HttpKernel\Kernel->handle(Object(Symfony\Component\HttpFoundation\Request))\n#11 {main}"

[scheb]

The secret value that you provide through getGoogleAuthenticatorSecret has to be encoded base32.

The bundle comes with a helper method to create valid secret values: getGoogleAuthenticatorSecret