Hi, Bjorn. Were you able to figure out how to configure it?

Hi, thanks for the reply. Unfortunately I have not been able to make it work. I always receive the "Invalid barcode" message. I have sort of ran out of ideas what to look for now. BR Bjørn

Ok, thanks, we may need to QA it internally for some time.

Hi Bjorn, Just gave a shot and it looks good to me with Gluu Server v3.0.1. One thing I changed only... the custom properties value of `otp_type` to `hotp`. Everything worked great after that. Here is log snippet from oxauth_script.log: - During enrollment: ``` 2017-07-11 12:45:00,212 INFO [qtp242131142-19] [org.xdi.service.PythonService$PythonLoggerOutputStream] (PythonService.java:219) - OTP. Prepare for step 1 2017-07-11 12:45:11,881 INFO [qtp242131142-18] [org.xdi.service.PythonService$PythonLoggerOutputStream] (PythonService.java:219) - OTP. Authenticate for step 1 2017-07-11 12:45:11,971 INFO [qtp242131142-18] [org.xdi.service.PythonService$PythonLoggerOutputStream] (PythonService.java:219) - OTP. Authenticate for step 1. There is no OTP enrollment for user 'mohib'. Changing otp_auth_method to 'enroll' 2017-07-11 12:45:11,974 INFO [qtp242131142-18] [org.xdi.service.PythonService$PythonLoggerOutputStream] (PythonService.java:219) - OTP. Authenticate for step 1. Setting count steps: '3' 2017-07-11 12:45:11,975 INFO [qtp242131142-18] [org.xdi.service.PythonService$PythonLoggerOutputStream] (PythonService.java:219) - OTP. Authenticate for step 1. otp_auth_method: 'enroll' 2017-07-11 12:45:11,983 INFO [qtp242131142-18] [org.xdi.service.PythonService$PythonLoggerOutputStream] (PythonService.java:219) - OTP. Gep page for step 2. otp_auth_method: 'enroll' 2017-07-11 12:45:13,080 INFO [qtp242131142-17] [org.xdi.service.PythonService$PythonLoggerOutputStream] (PythonService.java:219) - OTP. Prepare for step 2 2017-07-11 12:45:13,084 INFO [qtp242131142-17] [org.xdi.service.PythonService$PythonLoggerOutputStream] (PythonService.java:219) - OTP. Prepare for step 2. otp_auth_method: 'enroll' 2017-07-11 12:45:13,125 INFO [qtp242131142-17] [org.xdi.service.PythonService$PythonLoggerOutputStream] (PythonService.java:219) - OTP. Prepare for step 2. Prepared enrollment request for user: 'mohib' 2017-07-11 12:46:00,220 INFO [qtp242131142-16] [org.xdi.service.PythonService$PythonLoggerOutputStream] (PythonService.java:219) - OTP. Authenticate for step 2 2017-07-11 12:46:00,224 INFO [qtp242131142-16] [org.xdi.service.PythonService$PythonLoggerOutputStream] (PythonService.java:219) - OTP. Authenticate for step 2. Skipping this step during enrollment 2017-07-11 12:46:00,691 INFO [qtp242131142-19] [org.xdi.service.PythonService$PythonLoggerOutputStream] (PythonService.java:219) - OTP. Prepare for step 3 2017-07-11 12:46:00,700 INFO [qtp242131142-19] [org.xdi.service.PythonService$PythonLoggerOutputStream] (PythonService.java:219) - OTP. Prepare for step 3. otp_auth_method: 'enroll' 2017-07-11 12:46:12,882 INFO [qtp242131142-13] [org.xdi.service.PythonService$PythonLoggerOutputStream] (PythonService.java:219) - OTP. Authenticate for step 3 2017-07-11 12:46:12,892 INFO [qtp242131142-13] [org.xdi.service.PythonService$PythonLoggerOutputStream] (PythonService.java:219) - OTP. Process HOTP authentication during enrollment. otpCode is valid 2017-07-11 12:46:12,904 INFO [qtp242131142-13] [org.xdi.service.PythonService$PythonLoggerOutputStream] (PythonService.java:219) - OTP. Authenticate for step 3. OTP authentication result: 'True' ``` - User enrolled in previous stage, now just authentication: ``` 2017-07-11 12:46:45,137 INFO [qtp242131142-15] [org.xdi.service.PythonService$PythonLoggerOutputStream] (PythonService.java:219) - OTP. Prepare for step 1 2017-07-11 12:47:09,237 INFO [qtp242131142-10] [org.xdi.service.PythonService$PythonLoggerOutputStream] (PythonService.java:219) - OTP. Authenticate for step 1 2017-07-11 12:47:09,296 INFO [qtp242131142-10] [org.xdi.service.PythonService$PythonLoggerOutputStream] (PythonService.java:219) - OTP. Authenticate for step 1. otp_auth_method: 'authenticate' 2017-07-11 12:47:09,305 INFO [qtp242131142-10] [org.xdi.service.PythonService$PythonLoggerOutputStream] (PythonService.java:219) - OTP. Gep page for step 2. otp_auth_method: 'authenticate' 2017-07-11 12:47:09,763 INFO [qtp242131142-13] [org.xdi.service.PythonService$PythonLoggerOutputStream] (PythonService.java:219) - OTP. Prepare for step 2 2017-07-11 12:47:09,764 INFO [qtp242131142-13] [org.xdi.service.PythonService$PythonLoggerOutputStream] (PythonService.java:219) - OTP. Prepare for step 2. otp_auth_method: 'authenticate' 2017-07-11 12:47:33,562 INFO [qtp242131142-18] [org.xdi.service.PythonService$PythonLoggerOutputStream] (PythonService.java:219) - OTP. Authenticate for step 2 2017-07-11 12:47:33,568 INFO [qtp242131142-18] [org.xdi.service.PythonService$PythonLoggerOutputStream] (PythonService.java:219) - OTP. Process HOTP authentication during authentication. otpCode is valid 2017-07-11 12:47:33,574 INFO [qtp242131142-18] [org.xdi.service.PythonService$PythonLoggerOutputStream] (PythonService.java:219) - OTP. Authenticate for step 2. OTP authentication result: 'True' ```

Hi! Thanks a lot for your kind reply. By changing the otp_type to hotp as suggested, I can enroll (scan the bar code with the google authenticator app) and then log in. However, I would prefer totp to work as that would look more familiar to the users as the hotp needs to be manually refreshed after every use in google authenticator. Have you been able to test totp and verify that it doesn't work for you as well, or is it something local to my setup? Since the first post I have upgraded to gluu-3.0.2, btw. Still with the same issue for totp. BR Bjørn

Hi Bjorn, Sorry, haven't got chance to test that. I'll test and inform you.

There was some issue with 'totp' in 3.0.x series; it's fixed in 3.1.0