fix issuer of OTP URI should be URI-encoded. (#6634)
* fix: Issuer of OTP URI should be URI-encoded. follow this link https://github.com/google/google-authenticator/wiki/Key-Uri-Format . * filter unsafe character ':' in issuer * Use Replace rather than ReplaceAll
This commit is contained in:
parent
2c412f517a
commit
cf3ffebfde
1 changed files with 3 additions and 1 deletions
|
@ -74,11 +74,13 @@ func twofaGenerateSecretAndQr(ctx *context.Context) bool {
|
||||||
if uri != nil {
|
if uri != nil {
|
||||||
otpKey, err = otp.NewKeyFromURL(uri.(string))
|
otpKey, err = otp.NewKeyFromURL(uri.(string))
|
||||||
}
|
}
|
||||||
|
// Filter unsafe character ':' in issuer
|
||||||
|
issuer := strings.Replace(setting.AppName+" ("+setting.Domain+")", ":", "", -1)
|
||||||
if otpKey == nil {
|
if otpKey == nil {
|
||||||
err = nil // clear the error, in case the URL was invalid
|
err = nil // clear the error, in case the URL was invalid
|
||||||
otpKey, err = totp.Generate(totp.GenerateOpts{
|
otpKey, err = totp.Generate(totp.GenerateOpts{
|
||||||
SecretSize: 40,
|
SecretSize: 40,
|
||||||
Issuer: setting.AppName + " (" + strings.TrimRight(setting.AppURL, "/") + ")",
|
Issuer: issuer,
|
||||||
AccountName: ctx.User.Name,
|
AccountName: ctx.User.Name,
|
||||||
})
|
})
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
|
Reference in a new issue