google2fa-laravel icon indicating copy to clipboard operation
google2fa-laravel copied to clipboard

Published 20 hours ago verified publisher icon antonioribeiro

hash_equals(): Expected user_string to be a string, int given

Open sakthivel-globalizeme opened this issue 4 years ago • 3 comments

Hi,

I am facing the issue, "hash_equals(): Expected user_string to be a string, int given" while verifying the authentication code API.

sakthivel-globalizeme avatar Oct 06 '20 11:10 sakthivel-globalizeme

Also facing this error right now after upgrading laravel to latest version. Did you manage to resolve this issue? @sakthivel-globalizeme

joppx25 avatar Nov 14 '20 15:11 joppx25

First, there's no hash_equals call in google2fa-laravel, it's part of https://github.com/antonioribeiro/google2fa actually.

user_string to be a string, int given

user_string is the 2nd argument to hash_equals, which means it's they $key (which in practice means it's the OTP).

OTPs usually look like "123456" and thus might be interpreted as integers somewhere.

You need to figure out where this happens.

mfn avatar Nov 14 '20 19:11 mfn

@mfn @joppx25 @sakthivel-globalizeme You can use the strval() function to convert a number to a string. So to verify you can do Google2FA::verifyKey($employee->google2fa_secret, strval($request->otp)); // true or false

bigdevlarry avatar Nov 27 '20 20:11 bigdevlarry