10 use GD::Barcode::QRcode;
13 my %config = &Util::ReadConfigFile;
17 my $random_id = $query->param('id');
18 $random_id =~ /^((\d+)-([a-f0-9]+))$/;
22 if ($timestamp + 1800 < time()) {
23 &Util::HTMLError("Timestamp too old, please request a new seed");
26 my $filename = $config{totpticketdirectory} . "/" . $random_id;
27 open(my $fh, "<", $filename) or &Util::HTMLError("TOTP seed file not found or permission denied: $! ; $filename");
29 my $accountname = <$fh>;
30 my $seed = encode_base32(pack('H*', hex_seed));
34 my $totpurl = "otpauth://totp/Debian?secret=$seed&issuer=Debian";
35 my $totppng = "data:image/png;base64, " .
36 encode_base64(GD::Barcode::QRcode->new($totpurl,
37 { ModuleSize => 10 })->plot->png);
39 &Util::HTMLSendHeader;
40 open (F, "<", "fetch-totp-seed.html") || &Util::HTMLError($!);
42 s/~totppng~/$totppng/g;
48 # fill out HTML template with QR code (inline svg/png?)
49 # self-link with png link to avoid changing content-security-policy (change it back)