necouchman commented on a change in pull request #495: GUACAMOLE-770: Support
for clearing TOTP data
URL: https://github.com/apache/guacamole-client/pull/495#discussion_r403413958
##########
File path:
extensions/guacamole-auth-totp/src/main/java/org/apache/guacamole/auth/totp/user/UserVerificationService.java
##########
@@ -108,7 +108,7 @@ private UserTOTPKey getKey(UserContext context,
// If no key is defined, attempt to generate a new key
String secret =
attributes.get(TOTPUser.TOTP_KEY_SECRET_ATTRIBUTE_NAME);
- if (secret == null) {
+ if (secret == null || secret.isEmpty()) {
Review comment:
I ran into a few situations testing out my changes where the DB value for
the secret attribute was an empty string, and it causes problems - basically
generates an invalid QR code that caused an error when you try to add it in to
something like Google Authenticator. I can leave it as just `null` if you
like, but it seemed like a reasonable check to have in there.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
With regards,
Apache Git Services
