Stuck on an issue?
Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
Google Token does not match generated token (clock is accurate)
See original GitHub issueI am running meteor app on Windows 10 with speakasy installed. time.is reports:
Your time is exact!The difference from Time.is was -0.039 seconds (±0.013 seconds).
However the tokens do not match - at all.
This is my code:
verifyToken() {
var myToken = this.state.authCode.trim()
let currentValidToken = speakeasy.totp({ secret: this.secretBase32, encoding: 'base32' });
let verified = speakeasy.time.verify({
secret: this.secretBase32,
encoding: 'base32',
token: myToken
})
console.log(`mySecret = [${this.secretBase32}] CVT = [${currentValidToken}] MYTOKEN = ${myToken} VERIFIED= [${verified}]`);
if (!verified) {
return swal({
title: "Invalid Code",
text: "You have 2 more attempts.",
showConfirmButton: true,
type: "error"
});
} else {
return swal({
title: "Jackpot!",
text: "You da man.",
showConfirmButton: true,
type: "success"
});
}
}
Issue Analytics
- State:
- Created 6 years ago
- Comments:15
Top Results From Across the Web
Time Drift in TOTP Hardware Tokens Explained and Solved
Typically, the time discrepancy for a TOTP generator is about 2 minutes per year. Keep in mind that modern tokens have very good...
Read more >My Token Code Doesn't Work - Authy
Authenticator tokens: These tokens are added manually by scanning a QR code, or entering a token code using the Google Authenticator open source...
Read more >Using OAuth 2.0 for Server to Server Applications | Authorization
Try to use a Google-provided OAuth library to make sure the JWT is generated correctly. invalid_scope, Invalid OAuth scope or ID token audience...
Read more >Google Client Invalid JWT: Token must be a short-lived token
Your server's clock is not in sync with NTP. Solution: Check the server time. If it's incorrect, fix it. · The refresh token...
Read more >Google OAuth “invalid_grant” nightmare — and how to fix it
Right — so for literally any reason possible, our tokens are getting rejected by Google. Not too surprising, but there's no additional error ......
Read more >
Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free
Top Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Never mind, I got it working. It was simply an error in my code that I didn’t realize. That’s what happens when you stay up for over 12 hours and are coding at 3am.
Thanks for checking those. So the JS code is running on the client? The package doesn’t support (as in, it hasn’t been tested) usage on the client side - it’s exclusively for server side use. Do try to see if it works on the server and let me know what you find.