search

sec51 / twofactor

Golang two factor authentication library
ISC License
217 stars 66 forks source link

Keep getting "Tokens mismatch" error #23

Open IvRRimum opened 5 years ago

IvRRimum commented 5 years ago

So, yeah. Validate returns Tokens mismatch. I can't seem to understand why ://

package main

import (
    //  "crypto"
    b64 "encoding/base64"
    "fmt"
    "github.com/sec51/twofactor"
)

func main() {
    // otpauth://totp/Cryptoapl:somemeails@gmail.com?secret=JEAM3MSPDPI5TLWDM4DEE4OCYDRVPSXY&issuer=Cryptoapl:karlis
    issuer := "somesite"
    //  otp, err := twofactor.NewTOTP("i1nfo@somethingstuff.com", issuer, crypto.SHA1, 8)
    //  if err != nil {
    //      fmt.Println(err)
    //      return
    //  }
    //
    //  bytes, err := otp.ToBytes()
    //  if err != nil {
    //      fmt.Println(err)
    //      return
    //  }

    //  bytesToString := string(bytes)
    //  base64EncodedBytes := b64.StdEncoding.EncodeToString([]byte(bytesToString))
    //  fmt.Println(base64EncodedBytes)

    stringOfBytes, _ := b64.StdEncoding.DecodeString("oQAAAAAAAACcALyxTRxmg1YFxKYPcgR4s/e+K/mqlC6M92BekB51Wor/tdD1Q3/pj2RxUmpNzU79P65u2Oefj+lPgHBixKvWEWwLgH22nM/zo9SCf5umOn2txUrsfJPPzQSmG1SO3HFoSFkKvMMR7brDuHn53bDTS1l5+VeoR/QGrugglt8w8jcOOaDHGxahaZM9LmhBBlubT+P7cP5ndUA=")
    stringToBytes := []byte(stringOfBytes)

    otpTwo, err := twofactor.TOTPFromBytes(stringToBytes, issuer)
    if err != nil {
        fmt.Println(err)
        return
    }

    //  fmt.Println(otp.Secret())
    fmt.Println(otpTwo.Secret())

    authCode := "911849"
    err = otpTwo.Validate(authCode)
    if err != nil {
        fmt.Println(err)
        return
    }

    fmt.Println("Successful Authorisation!")
    return

}
chiptus commented 5 years ago

I have the same Tokens mismatch issue but your code doesn't seem right to me. Why is authCode hard coded? you should take it out of your authenticator app, not choose randomly

xiaoxiaff commented 5 years ago

I have the same Tokens mismatch issue when I choose crypto.SHA256. When I change back to crypto.SHA1 it works fine.

pilinux commented 2 years ago

FreeOTP supports crypto.SHA1, crypto.SHA256 and crypto.SHA512.

Authy, Google authenticator, Microsoft authenticator, Okta support only crypto.SHA1.

So, better to use only crypto.SHA1 for now...