Google authenticator invalid barcode on scan

Jetoox picture Jetoox · Jun 17, 2014 · Viewed 18.7k times · Source

here's my code in generating the qr code

public function getUrl($user, $hostname, $secret) {
      $encoder = "https://chart.googleapis.com/chart?chs=200x200&chld=M%70&cht=qr&chl=";
      $encoderURL = sprintf( "%sotpauth://totp/%s@%s",$encoder, $user, $hostname);
      $finalEncodorURL = $encoderURL . "%26secret=". urlencode($secret);
      return $finalEncodorURL;
}

supposedly this will generate a qr code, and it does. but when i scan this code using google authenticator app, it will generate an error

The barcode 'otpauth://totp/[email protected]&secret=UOPKN6QFW3J6PW74' is not a valid authentication barcode.

but when "manual entry" using the secret key, it'll work and i can login just fine using the generated key.

i found stuffs in the internet saying i should urlencode the data, i did, but still it wont work.

here's a sample url generated by the function above:

https://chart.googleapis.com/chart?chs=200x200&chld=M%70&cht=qr&chl=otpauth://totp/[email protected]%26secret=UOPKN6QFW3J6PW74

am i missing something or did something wrong?

Answer

Johann picture Johann · Jan 22, 2015

Just replace &secret= with ?secret= (don't forget to url-encode).

Also I don't know if this is the case here but the account name cannot have a space. It would work if you scan with Androids, but not with iPhones (go figure!)