[Freeipa-users] OTP - Google Authenticator - iPhone - Invalid barcode
Prashant Bapat
prashant at apigee.com
Wed Jun 17 17:15:11 UTC 2015
Hi Nathaniel,
I think your patch should work. Please give me a day to test and confirm.
However, I changed this section in otptoken.py:
StrEnum('ipatokenotpalgorithm?',
cli_name='algo',
label=_('Algorithm'),
doc=_('Token hash algorithm'),
default=u'sha1',
autofill=True,
flags=('no_update'),
values=(u'sha1', u'sha256', u'sha384', u'sha512'),
)
to
StrEnum('ipatokenotpalgorithm?',
cli_name='algo',
label=_('Algorithm'),
doc=_('Token hash algorithm'),
default=*u'SHA1',*
autofill=True,
flags=('no_update'),
values=*(u'SHA1', u'SHA256', u'SHA384', u'SHA512')*,
)
And the Google Authenticator installed on a iPhone was able to scan the QR
code and work as expected.
Thanks for looking into this.
Regards.
--Prashant
On 17 June 2015 at 20:00, Nathaniel McCallum <npmccallum at redhat.com> wrote:
> Prashant,
>
> I have proposed a patch for the issue:
> https://www.redhat.com/archives/freeipa-devel/2015-June/msg00505.html
>
> Please test it and let me know if it works for you.
>
> Nathaniel
>
> On Wed, 2015-06-17 at 12:35 +0530, Prashant Bapat wrote:
> > Simo is right! This issue is same as
> > https://fedorahosted.org/freeipa/ticket/5047
> >
> > If I change the algorithm in the otp url to uppercase it scans in
> > Google authenticator/iPhone.
> >
> > Further more I manually edited the /usr/lib/python2.7/site
> > -packages/ipalib/plugins/otptoken.py and uppercases the 'sha' to
> > 'SHA' in a test VM and it works as expected. I hate to do this in the
> > production server though.
> >
> >
> > On 12 June 2015 at 23:32, Prashant Bapat <prashant at apigee.com> wrote:
> > > Hi,
> > >
> > > Has anyone seen this ? When a user tries to scan the QR code he
> > > gets a message saying "invalid barcode". This happens only with
> > > iPhone + Google Authenticator.
> > >
> > > Thanks for your help.
> > >
> > > --Prashant
> > >
> > --
> > Manage your subscription for the Freeipa-users mailing list:
> > https://www.redhat.com/mailman/listinfo/freeipa-users
> > Go to http://freeipa.org for more info on the project
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20150617/50d1b5f0/attachment.htm>
More information about the Freeipa-users
mailing list