From 238e6e9757ca6a76b9cf3c672bb48e099b32a0c2 Mon Sep 17 00:00:00 2001
From: Brady McDonough <me@bradymcd.ca>
Date: Thu, 15 Feb 2024 17:23:10 -0700
Subject: [PATCH] Correcting misbehaviour

---
 src/URI/Otpauth.php             | 4 +++-
 src/Workflow/UserManagement.php | 6 +++---
 2 files changed, 6 insertions(+), 4 deletions(-)

diff --git a/src/URI/Otpauth.php b/src/URI/Otpauth.php
index 9633434..9e7f139 100644
--- a/src/URI/Otpauth.php
+++ b/src/URI/Otpauth.php
@@ -14,7 +14,9 @@ class Otpauth
         public readonly int $digits,
         public readonly int $period,
     )
-    {}
+    {
+        $this->secret = \rtrim($secret, "=");
+    }
 
     public static function fromString(string $uri): self
     {
diff --git a/src/Workflow/UserManagement.php b/src/Workflow/UserManagement.php
index 838bd52..939178c 100644
--- a/src/Workflow/UserManagement.php
+++ b/src/Workflow/UserManagement.php
@@ -38,17 +38,17 @@ class UserManagement implements WorkflowInterface
         $html  = "<div id=\"enroll\"><form %frm>";
         $html .= $this->csrf->emitStr();
         $html .= "<p>To add an authenticator to your account, scan the QR code</p>";
-        $html .= "<img src=%qr alt=\"qr-code\" />";
+        $html .= "<img src=%qr alt=\"qr-code\" height=256px width=256px/>";
         $html .= "<label for=\"totp_challenge\">Enter the authentication code:</label>";
         $html .= "<input name=\"totp_challenge\" id=\"totp_challenge\" type=\"text\" >";
         $html .= "<input type=\"submit\" value=\"Submit\" />";
         $html .= "</form></div>";
 
         $provisioningUri = (new Otpauth(
-            "taatp",
             $this->db->userString($this->userIndex),
+            "taatp",
             $this->hash->keygen(),
-            "SHA1",
+            $this->hash->hashType(),
             30,
             6
         ))->emitStr();