AuthMe Reloaded

AuthMe Reloaded

3M Downloads

QR Code margin=0 prevents QR code scanning

user4302 opened this issue ยท 2 comments

commented

What behaviour is observed?

the QR code can not be scanned, unless the image background is somehow changed to white.

Expected behaviour

the QR code is susessfullty scanned

To Reproduce

  1. enable 2fa
  2. click on link
  3. link will open in browser to show a qr code with no margin/border and a black background
  4. the qr code can not be scanned

alternatively:

  • change the page background color, using dev tools, to white, then the code can be scanned.
  • or in the url change 'margin=0' to 'margin=10', and the code can now be scanned.

Plugin list

Plugins (1): AuthMe

Server Implementation

Standalone server (no proxy)

Database Implementation

SQLite

AuthMe Version

AuthMe-5.6.0-beta2

Error log (if applicable)

No response

Configuration

https://gist.github.com/user4302/e5adcc8ec69ac1a3cb0ffd0471a6e7e8

commented

i believe the error lies in one of these:

import com.warrenstrange.googleauth.GoogleAuthenticator;
import com.warrenstrange.googleauth.GoogleAuthenticatorKey;
import com.warrenstrange.googleauth.GoogleAuthenticatorQRGenerator;
import com.warrenstrange.googleauth.IGoogleAuthenticator;

specifically this:
GoogleAuthenticatorQRGenerator.getOtpAuthURL

the margin is hardcoded:
private static final String TOTP_URI_FORMAT =
"https://api.qrserver.com/v1/create-qr-code/?data=%s&size=200x200&ecc=M&margin=0";

in the following file:
https://github.com/wstrange/GoogleAuth/blob/master/src/main/java/com/warrenstrange/googleauth/GoogleAuthenticatorQRGenerator.java

commented

suggestion: if that repo (https://github.com/wstrange/GoogleAuth) is no longer maintained,
you could fork it and update the margin to 'margin=10' (easy)
or add a parameter to require a margin value when using the function, just like the server name.

or you could add this repo that i forked just now and added the small change to, (margin=0 => margin=10)
https://github.com/user4302/GoogleAuth