From 9ea5a8268dd53c3439ed5ad520916d436ad7ed2c Mon Sep 17 00:00:00 2001 From: Marcel de Rooy Date: Mon, 17 Jan 2022 12:53:46 +0000 Subject: [PATCH] Bug 28786: (QA follow-up) Do not call generate_secret32 Signed-off-by: Marcel de Rooy Signed-off-by: Fridolin Somers --- Koha/Auth/TwoFactorAuth.pm | 6 ++---- members/two_factor_auth.pl | 5 ++--- 2 files changed, 4 insertions(+), 7 deletions(-) diff --git a/Koha/Auth/TwoFactorAuth.pm b/Koha/Auth/TwoFactorAuth.pm index 8932006763..81ddf06a3d 100644 --- a/Koha/Auth/TwoFactorAuth.pm +++ b/Koha/Auth/TwoFactorAuth.pm @@ -29,10 +29,8 @@ Koha::Auth::TwoFactorAuth- Koha class deal with Two factor authentication use Koha::Auth::TwoFactorAuth; my $secret = Koha::AuthUtils::generate_salt( 'weak', 16 ); -my $auth = Koha::Auth::TwoFactorAuth->new( - { patron => $patron, secret => $secret } ); -my $secret32 = $auth->generate_secret32; -my $ok = $auth->verify($pin_code, 1, $secret32); +my $auth = Koha::Auth::TwoFactorAuth->new({ patron => $patron, secret => $secret }); +my $ok = $auth->verify( $pin_code, 1 ); It's based on Auth::GoogleAuth diff --git a/members/two_factor_auth.pl b/members/two_factor_auth.pl index 2a5a996c56..3d763d23f3 100755 --- a/members/two_factor_auth.pl +++ b/members/two_factor_auth.pl @@ -78,14 +78,13 @@ if ( $op eq 'enable-2FA' ) { my $auth = Koha::Auth::TwoFactorAuth->new( { patron => $logged_in_user, secret => $secret } ); - my $secret32 = $auth->generate_secret32; my $qr_code_url = - $auth->qr_code( $secret32, $auth->key_id, $auth->issuer, ); + $auth->qr_code( undef, $auth->key_id, $auth->issuer ); # no need to pass secret32 $template->param( issuer => $auth->issuer, key_id => $auth->key_id, - secret32 => $secret32, + secret32 => $auth->secret32, qr_code_url => $qr_code_url, ); $auth->clear; -- 2.39.5