From e571dce79a7f839770884a3c32d24310ecf2480d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Patrick=20M=C3=BCller?= <p.mueller@pcsg.de>
Date: Tue, 31 Jan 2017 16:58:33 +0100
Subject: [PATCH] fix: trim() auf decrypted string

---
 src/QUI/Auth/Google2Fa/Auth.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/QUI/Auth/Google2Fa/Auth.php b/src/QUI/Auth/Google2Fa/Auth.php
index a25e648..21818e1 100644
--- a/src/QUI/Auth/Google2Fa/Auth.php
+++ b/src/QUI/Auth/Google2Fa/Auth.php
@@ -85,7 +85,7 @@ public function auth($authData)
         }
 
         foreach ($authSecrets as $k => $secretData) {
-            if ($this->Google2FA->verifyKey($secretData['key'], $authCode)) {
+            if ($this->Google2FA->verifyKey(trim($secretData['key']), $authCode)) {
                 return;
             }
 
@@ -93,7 +93,7 @@ public function auth($authData)
             foreach ($secretData['recoveryKeys'] as $k2 => $recoveryKey) {
                 $recoveryKey = trim(Security::decrypt($recoveryKey));
 
-                if (!$this->Google2FA->verifyKey($recoveryKey, $authCode)) {
+                if ($recoveryKey != $authCode) {
                     continue;
                 }
 
-- 
GitLab