Trailing chars (#116)

Spomky · web-flow · commit 4974ef2e200c · 2018-10-26T09:37:27.000+02:00
* Auto remove trailing "=" + test
* Doc
diff --git a/doc/Customize.md b/doc/Customize.md
@@ -24,6 +24,8 @@ $mySecret = trim(Base32::encodeUpper(random_bytes(128)), '='); // We generate ou
 $otp = TOTP::create($mySecret);
 ```
 
+*Please note that the trailing `=` are automatically removed by the library.*
+
 ## Period and Counter
 
 By default, the period for a TOTP is 30 seconds and the counter for a HOTP is 0.
diff --git a/src/ParameterTrait.php b/src/ParameterTrait.php
@@ -205,9 +205,9 @@ protected function getParameterMap(): array
             },
             'secret'    => function ($value) {
                 if (null === $value) {
-                    $value = trim(Base32::encodeUpper(random_bytes(64)), '=');
+                    $value = Base32::encodeUpper(random_bytes(64));
                 }
-                $value = strtoupper($value);
+                $value = trim(strtoupper($value), '=');
 
                 return $value;
             },
diff --git a/tests/FactoryTest.php b/tests/FactoryTest.php
@@ -140,4 +140,14 @@ public function testTOTPLoadWithoutIssuer()
         $this->assertFalse($result->isIssuerIncludedAsParameter());
         $this->assertEquals($otp, $result->getProvisioningUri());
     }
+
+    public function testTOTPLoadAndRemoveSecretTrailingCharacters()
+    {
+        $uri = 'otpauth://totp/My%20Test%20-%20Auth?secret=JDDK4U6G3BJLEQ%3D%3D';
+        $totp = Factory::loadFromProvisioningUri($uri);
+
+        $this->assertInstanceOf('\OTPHP\TOTP', $totp);
+        $this->assertEquals('JDDK4U6G3BJLEQ', $totp->getSecret());
+        $this->assertEquals('otpauth://totp/My%20Test%20-%20Auth?secret=JDDK4U6G3BJLEQ', $totp->getProvisioningUri());
+    }
 }
