If you're using guard-based authentication, you have to use this one:
# - Symfony\Component\Security\Guard\Token\PostAuthenticationGuardToken
# If you're using authenticator-based security (introduced in Symfony 5.1), you have to use this one:
# - Symfony\Component\Security\Http\Authenticator\Token\PostAuthenticationToken
google:
enabled: true # If Google Authenticator should be enabled, default false
server_name: Unitex CRM # Server name used in QR code
issuer: NTIDEV # Issuer name used in QR code
digits: 6 # Number of digits in authentication code
window: 30 # Depends on the version of Spomky-Labs/otphp used:
leeway: 1 # Until v10: How many codes before/after the current one would be accepted
From v11: Acceptable time drift in seconds
Stack trace
RuntimeException: Unable to decode the secret. Is it correctly base32 encoded? in /var/www/html/vendor/spomky-labs/otphp/src/OTP.php:95\nStack trace:\n#0 /var/www/html/vendor/spomky-labs/otphp/src/OTP.php(45): OTPHP\OTP->getDecodedSecret()\n#1 /var/www/html/vendor/spomky-labs/otphp/src/TOTP.php(55): OTPHP\OTP->generateOTP(56865226)\n#2 /var/www/html/vendor/spomky-labs/otphp/src/TOTP.php(84): OTPHP\TOTP->at(1705956780)\n#3 /var/www/html/vendor/spomky-labs/otphp/src/TOTP.php(74): OTPHP\TOTP->verifyOtpWithWindow('461456', 1705956780, 30)\n#4 /var/www/html/vendor/scheb/2fa-google-authenticator/Security/TwoFactor/Provider/Google/GoogleAuthenticator.php(36): OTPHP\TOTP->verify('461456', 1705956780, 30)\n#5 /var/www/html/src/v2/Service/MFA/MFAAuthCodesService.php(153): Scheb\TwoFactorBundle\Security\TwoFactor\Provider\Google\GoogleAuthenticator->checkCode(Object(App\Entity\User\User), '461456')\n#6 /var/www/html/src/v2/Controller/MFA/MFAAuthCodesController.php(135): App\v2\Service\MFA\MFAAuthCodesService->getValidateCode('461456')\n#7 /var/www/html/vendor/symfony/http-kernel/HttpKernel.php(163): App\v2\Controller\MFA\MFAAuthCodesController->getCheckCode(Object(Symfony\Component\HttpFoundation\Request))\n#8 /var/www/html/vendor/symfony/http-kernel/HttpKernel.php(75): Symfony\Component\HttpKernel\HttpKernel->handleRaw(Object(Symfony\Component\HttpFoundation\Request), 1)\n#9 /var/www/html/vendor/symfony/http-kernel/Kernel.php(202): Symfony\Component\HttpKernel\HttpKernel->handle(Object(Symfony\Component\HttpFoundation\Request), 1, true)\n#10 /var/www/html/public/index.php(25): Symfony\Component\HttpKernel\Kernel->handle(Object(Symfony\Component\HttpFoundation\Request))\n#11 {main}"
Bundle version: ^5.13 Symfony version: ^5.4 PHP version: 7.4.6
Description
Any code that I send to the checkcode function returns the message shown below:
Unable to decode the secret. Is it correctly base32 encoded?
I'm attempting to validate code, sending it a wring code to receive invalid code, and handling the exception on my end.
Additional Context
See the configuration reference at https://symfony.com/bundles/SchebTwoFactorBundle/5.x/configuration.html
configurantion file scheb_2fa.yaml
scheb_two_factor: security_tokens:
Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken
If you're using guard-based authentication, you have to use this one:
totp: enabled: true window: 30 leeway: 1 email: enabled: true mailer: 'nti.mailer' sender_email: '%env(APP_EMAIL_NO_REPLY)%' sender_name: Unitex CRM # Optional digits: 6 leeway: 1
If you want to exchange/extend the TwoFactorToken class, which is used by the bundle, you can have a factory
service providing your own implementation.
Must implement Scheb\TwoFactorBundle\Security\TwoFactor\AuthenticationContextFactoryInterface
two_factor_token_factory: acme.custom_two_factor_token_factory
Google Authenticator config
google: enabled: true # If Google Authenticator should be enabled, default false server_name: Unitex CRM # Server name used in QR code issuer: NTIDEV # Issuer name used in QR code digits: 6 # Number of digits in authentication code window: 30 # Depends on the version of Spomky-Labs/otphp used: leeway: 1 # Until v10: How many codes before/after the current one would be accepted
From v11: Acceptable time drift in seconds
Stack trace
RuntimeException: Unable to decode the secret. Is it correctly base32 encoded? in /var/www/html/vendor/spomky-labs/otphp/src/OTP.php:95\nStack trace:\n#0 /var/www/html/vendor/spomky-labs/otphp/src/OTP.php(45): OTPHP\OTP->getDecodedSecret()\n#1 /var/www/html/vendor/spomky-labs/otphp/src/TOTP.php(55): OTPHP\OTP->generateOTP(56865226)\n#2 /var/www/html/vendor/spomky-labs/otphp/src/TOTP.php(84): OTPHP\TOTP->at(1705956780)\n#3 /var/www/html/vendor/spomky-labs/otphp/src/TOTP.php(74): OTPHP\TOTP->verifyOtpWithWindow('461456', 1705956780, 30)\n#4 /var/www/html/vendor/scheb/2fa-google-authenticator/Security/TwoFactor/Provider/Google/GoogleAuthenticator.php(36): OTPHP\TOTP->verify('461456', 1705956780, 30)\n#5 /var/www/html/src/v2/Service/MFA/MFAAuthCodesService.php(153): Scheb\TwoFactorBundle\Security\TwoFactor\Provider\Google\GoogleAuthenticator->checkCode(Object(App\Entity\User\User), '461456')\n#6 /var/www/html/src/v2/Controller/MFA/MFAAuthCodesController.php(135): App\v2\Service\MFA\MFAAuthCodesService->getValidateCode('461456')\n#7 /var/www/html/vendor/symfony/http-kernel/HttpKernel.php(163): App\v2\Controller\MFA\MFAAuthCodesController->getCheckCode(Object(Symfony\Component\HttpFoundation\Request))\n#8 /var/www/html/vendor/symfony/http-kernel/HttpKernel.php(75): Symfony\Component\HttpKernel\HttpKernel->handleRaw(Object(Symfony\Component\HttpFoundation\Request), 1)\n#9 /var/www/html/vendor/symfony/http-kernel/Kernel.php(202): Symfony\Component\HttpKernel\HttpKernel->handle(Object(Symfony\Component\HttpFoundation\Request), 1, true)\n#10 /var/www/html/public/index.php(25): Symfony\Component\HttpKernel\Kernel->handle(Object(Symfony\Component\HttpFoundation\Request))\n#11 {main}"