堆栈内存溢出
  简体   繁体   English

phpqrcode 和 google 身份验证器 - 不确定事物的格式以及如何使其正确验证

[英]phpqrcode and google authenticator - not sure of the format of things and how to get it to validate correctly

 原文  2020-08-30 03:11:01       php/ qr-code/ two-factor-authentication/ google-2fa

问题描述

I am using phpqrcode to create a qrcode for use with two-factor authentication.我正在使用phpqrcode创建一个用于双因素身份验证的 qrcode。 I have always used the Google Authenticator app for all my 2FA needs.我一直使用 Google Authenticator 应用程序来满足我所有的 2FA 需求。 While I can create the qrcode I am not sure of the exact format so it validates correctly.虽然我可以创建二维码,但我不确定确切的格式,因此它可以正确验证。 As of now when I try to scan it I get 'invalid barcode' back from the app.截至目前,当我尝试扫描它时,我从应用程序中收到“无效条形码”。

Do I use the secret, the url, or combination of both when generating the qrcode?生成二维码时,我是使用密码、网址还是两者的组合? I'm missing something stupid and I'm sure it's because I don't understand where and how to use the params and otpauth:// url.我错过了一些愚蠢的东西,我确定这是因为我不明白在哪里以及如何使用 params 和 otpauth:// url。

require $_SERVER['DOCUMENT_ROOT'].'/assets/phpqrcode/phpqrcode.php';

//get params
$secret = create2FASecret();
$name = 'somename';
$issuer = 'example.com';

//url encode, but not sure where or how I use this
$urlencoded = urlencode('otpauth://totp/'.$name.'?secret='.$secret.'&issuer='.$issuer.'');

//create the qrcode, base64 it, output it
ob_start();
QRCode::png($urlencoded, null, QR_ECLEVEL_L, 3, 4);
$newpng = base64_encode( ob_get_contents() );
ob_end_clean();

$src = 'data: image/png; base64,'.$newpng;


//show secret created and the qrcode
echo 'This is the secret that was generated : '.$secret,'<br>';
echo '<img src="' . $src . '" />';

//create a secret
function create2FASecret($secretLength = 16)
{
    $validChars = array(
        'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', //  7
        'I', 'J', 'K', 'L', 'M', 'N', 'O', 'P', // 15
        'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X', // 23
        'Y', 'Z', '2', '3', '4', '5', '6', '7', // 31
        '='  // padding char
    );
    
    unset($validChars[32]);

    $secret = '';
    for ($i = 0; $i < $secretLength; $i++) {
        $secret .= $validChars[array_rand($validChars)];
    }
    return $secret;
}

1 个解决方案

解决方案1
 1  2020-08-30 04:24:28

As it turns out - only the $name and $issuer should be urlencoded and it works as it should.事实证明 - 只有 $name 和 $issuer 应该被 urlencoded 并且它应该可以正常工作。 I also changed the format of the url according to https://github.com/google/google-authenticator/wiki/Key-Uri-Format我还根据https://github.com/google/google-authenticator/wiki/Key-Uri-Format更改了 url 的格式

$name = urlencode($name);
$issuer = urlencode($issuer);

//%3A is encoded colon
$url = 'otpauth://totp/'.$issuer.'%3A'.$name.'?secret='.$secret.'&issuer='.$issuer.'&algorithm=SHA1&digits=6&period=30';


//create the qrcode, base64 it, output it
ob_start();
QRCode::png($url, null, QR_ECLEVEL_L, 3, 4);
$newpng = base64_encode( ob_get_contents() );
ob_end_clean();

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 如何在PHP中为Google Authenticator生成备份代码 - How to generate backup codes for google authenticator in php 不确定如何使mod_rewrite写入特定格式 - Not sure how to get mod_rewrite to write to a certain format Laravel -5:我如何获取表单输入以进行验证(以及其他功能)? - Laravel -5: How do I get my form inputs to validate (among other things..)? 如何验证字符串格式? - How to validate the format of a string? 使用PHP的Google身份验证器 - Google Authenticator using PHP 如何在 PHP 中使用 Google Authenticator 生成唯一的二维码? - How to generate unique QR codes with Google Authenticator in PHP? 如何从SonataAdmin身份验证器连接到其他身份验证器? - How to connect from SonataAdmin authenticator to other authenticator? 谷歌身份验证器扫描时条码无效 - Google authenticator invalid barcode on scan 用PHP测试。 如何确保正确运行? - Testing with PHP. How can I ensure things to be running correctly? 如何获取echo $ things到HTML的实际结果 - How to get actual result of echo $things to HTML
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM